Re: Radius password encryption (fwd)

Dale E. Reed Jr. (daler@iea.com)
Fri, 06 Dec 1996 18:06:24 -0800

MegaZone wrote:
>
> Once upon a time Helio Coelho Jr. shaped the electrons to say...
> > Anyone knows if it's possible to (or uses) encryption in the Radius users
> >file passwords ? Any clue about a patch to do that ?
>
> No, we do not support that at this time.
>
> Don't know about a patch.

Its about six lines of Code. RadiusNT -E will do it.

At the very botttom of AuthPapPwd:

else if(encrypt_pass & 1 )
{
if(check_encrypt_pass(string, authInfo->chkPwd->strvalue) == 1)
result = 0;
}

else ifstrcmp(authInfo->chkPwd->strvalue, string) == 0) &&
(compare_sens==1)
result = 0;

return result;

I can't remember whethere check_encrypt_pass is in the code. here is
is, though:

/*************************************************************************
*
* Function: check_encrypt_pass
*
* Purpose: Check the users password against the encrypted password from
* the user list.
*

*************************************************************************/

int check_encrypt_pass(char *passwd, char *epasswd)
{
char *crypt(char *, char *);

char *encpw;

/* Run encryption algorythm */
encpw = crypt((char *)passwd, (char *)epasswd);

if(debug_flag & DEBUG_USER)
printf("(UNIX) User Password: %s File Password: %s Encrypted
Password: %s\n", passwd, epasswd, encpw);

/* Check it */
if(strcmp(encpw, epasswd)==0)
return 1;
else
return UNIX_BAD_PASSWORD;

return UNIX_GETPWNAME_ERR;
}

-- 
Dale E. Reed Jr.  (daler@iea.com)
_____________________________________________________________________
 Internet Engineering Associates   |  RadiusNT, Emerald, and NT FAQs
  Internet Solutions for Today     |    http://www.emerald.iea.com