We have a set of users who are currently authenticating from a system, in
which the password is encrypted twice. So, copying the encrypted values
and inserting them into a normal password file, won't work for us. We've
set up a proxy in front of this auth server with Radiator, so that we can
watch the cleartext passwords go by as the users authenticate, and compile
a list of uids and passwords. We are doing this now by uncommenting the
lines in Radius.pm to watch the decoded passwords and dumping them into a
seperate log:
# Uncomment this if you really want to see whats really
# in the password. Useful for finding obscure bugs
my $pwdump = Radius::AttrVal::pclean($pwdout);
&main::log($main::LOG_DEBUG, "Decoded password is $pwdump");
open(PWFILE, ">> /raddb/pwlog");
print PWFILE "$userid:$pwdump\n";
close(PWFILE);
This works fine, except we need to intercept just the ones that pass.
I have walked through some of the code and I think that the only time that
our proxy calls the decode function is from AuthRADIUS.pm, in order to
reencode it with the new secret.
What I'd like to do is this:
my pwtest = $p->decode_password($p->{Client}->{Secret}
open(PWFILE, ">> /raddb/pwlog1");
print PWFILE "$result:$user:$pwtest\n";
close(PWFILE);
But, where would the best place to do this be? My guess would be in the
function
handle_request in AuthRADIUS.pm, but I kind of lose track around:
$self->forwardToNextHost($fp, $p, $rp, $port);
Where does the result come back?
Any ideas or explanations are welcome.
Thanks,
Kevin Haldeman
Systems Administrator
Midwest Internet
A OneMain.com Company, Your Hometown Internet
===
Archive at http://www.thesite.com.au/~radiator/
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
