[strongSwan] xauth_radius plugin with Challenge/Response support
Martin Willi
martin at strongswan.org
Mon Jul 29 11:54:57 CEST 2013
Hi Gerald,
> I have implement a xauth_radius plugin which is able to do xauth
> authentication against a radiusserver, without using eap.
Thanks for the patches.
Today I've merged a first version of the xauth-radius backend to the
master branch. I've used a slightly different approach by integrating
the xauth-radius backend directly into the eap-radius plugin. This
avoids duplicating a lot of code, and allows us to reuse all the RADIUS
goodies we already have, such as Accounting or assignment of virtual IPs
and other attributes.
Support for Access-Challenges is still missing. There are some other
changes in the pipeline though, such as multiple XAuth rounds [1], for
example to authenticate with Password and HOTP/TOTP. These won't make it
into 5.1.0, I'd like to avoid larger changes as the release is coming
soon.
Best Regards
Martin
[1]http://git.strongswan.org/?p=strongswan.git;a=shortlog;h=refs/heads/xauth-radius-multi
More information about the Users
mailing list