[Serusers] ser 0.8.12 & freeradius
Jan Janak
jan at iptel.org
Tue Dec 2 16:58:56 CET 2003
On 02-12 17:02, Rudakov Evgeniy wrote:
> very big thanks
> problem is solved %)
> if (NONCE_LEN != _nonce->len) {
> return 1; /* Lengths must be equal */
> }
> after i disable Len Check for nonce.
> because dlink gateway send 32b nonce key.
That's absolutely wrong and dangerous. Nonce is generated by ser and
the gateway is not supposed to touch it, it must return the nonce as
it is, otherwise ser will not authenticate it.
Jan.
More information about the sr-users
mailing list