welterde/l2tpns
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Add MessageAuthenticator support

Browse source 
To address RadiusBLAST vulnerability.

Fixes #16
This commit is contained in:
Samuel Thibault 2024-10-19 22:31:59 +02:00
parent 42ef80e0b4
commit cc012e18fa
8 changed files with 149 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

10
docs/html/manual.html
View file

@ -183,6 +183,16 @@ sending of RADIUS interim accounting records (in seconds).</p>
<p>This secret will be used in all RADIUS queries. If this is not set
then RADIUS queries will fail.</p>
</dd>
<dt><code>radius_require_message_authenticator</code> (string)</dt>
<dd>
<p>If set to true, RADIUS answers to AccessRequests will have to contain
a valid MessageAuthenticator. If set to auto (default), if the first
RADIUS answer to AccessRequests contains a valid MessageAuthenticator,
subsequent answers will have to contain one. If set to no (not
recommended), RADIUS answers to AccessRequests do not have to contain a
valid MessageAuthenticator. It is advised to set this to true after
checking that your RADIUS server does send MessageAuthenticator.</p>
</dd>
<dt><code>radius_authtypes</code> (string)</dt>
<dd>
<p>A comma separated list of supported RADIUS authentication methods