[Bug-gnu-radius] Why GNU Radius does not follow RFC in client/server exc

bug-gnu-radius

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Bug-gnu-radius] Why GNU Radius does not follow RFC in client/server exc

From:	Yuri Kulaghin
Subject:	[Bug-gnu-radius] Why GNU Radius does not follow RFC in client/server exchange?
Date:	Tue, 5 Mar 2002 12:40:16 +0300 (MSK)

Hello!
As I see in the sources GNU Radius makes Authenticator field in packet
header as random bytes set, i.e. without any using of the shared secret!
Moreover, Authenticators of all packets during one second are equal
because srand(time(NULL)) is called at each Authenticator making!
What can it say about GNU Radius secure after that?
Correct me if I am mistaken.
-- 
Yuri.

[Prev in Thread]

Current Thread

[Next in Thread]

[Bug-gnu-radius] Why GNU Radius does not follow RFC in client/server exchange?, Yuri Kulaghin <=
- Re: [Bug-gnu-radius] Why GNU Radius does not follow RFC in client/server exchange?, Sergey Poznyakoff, 2002/03/05
  - Re: [Bug-gnu-radius] Why GNU Radius does not follow RFC in client/server exchange?, Yuri Kulaghin, 2002/03/05

Next by Date: Re: [Bug-gnu-radius] Why GNU Radius does not follow RFC in client/server exchange?
Next by thread: Re: [Bug-gnu-radius] Why GNU Radius does not follow RFC in client/server exchange?
Index(es):
- Date
- Thread