16 Apr
2005
16 Apr
'05
12:49 p.m.
See inline.
You need to support the HTTP Digest mechanism, read the RFC.
Well, not really, but freeradius has an implementation of it that you could
probably look at. You need to check out the licenses though.
> 3) I know
my radius supports CHAP-MD5. Isn't it enough ?
Nope. Digest as another algorithm than CHAP that
can use MD5 too
So you say I need to support Digest with MD5, or just Digest alone ? > The thing
is I've using this radius for some time now, and have
> modified it to help my needs. I know it's a bit old already (2002).
> Its ic-radius and, according to its web page it does
> support digest.
Well, it must both support digest and the bit
special way the
*-digest-attritbutes are wrapped into the Digest-Attributes
attribute. I don't know ic-radius. We have implemented
digest for our own (commercial)
RADIUS server.
freeRADIUS is your best bet, or the support forum for ic-radius.
I think I'll have to implement Digest in my own radius. Any help ? I do not understand how " ... the bit special way
the
*-digest-attritbutes are wrapped into the Digest-Attributes attribute...
" is implemented. Any hint here ?
Well, if you are to implement this, you need to understand RADIUS (another
RFC...). All the digest attributes are wrapped with length markers into one
single attribute (Digest-Attributes). You need to read that attribute and
decode it before you can use the digest attribute/value pairs for
implementing Digest.
g-)