(RADIATOR) 8 character password maximum

[David Napier]

Hi all,

Firstly, no, this isn't the usual crypt question ( I think:)

We're using Radiator 2.18.4 authenticating users against LDAP entries.
Usernames and passwords in LDAP have a length between 3 and 63
characters, these limitations are due to policy. In this case we use
PAP.

I've noticed a peculiar problem. I've written a radius monitor in Perl,
which uses Radius.pm to connect to Radiator as a client, and attempt to
authenticate a user. The username I try to attempt has a 16 character
username and 8 character password, and when I use the correct details,
all is well :) When I try to authenticate the user without the last
character on the password, it fails. If I add an extra character on the
password (ie append a "1" on the end) it still authenticates
sucessfully.

I thought this may only be my script, but after testing with various
dialers (including Windows DUN) I get the same results. RFC 1334 has a
maximum password length of 256 characters, so its not PAP, LDAP or NAS.
That leaves Radiator.

Any ideas?

Thanx :)

David



===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.