Join GitHub today
GitHub is home to over 31 million developers working together to host and review code, manage projects, and build software together.Sign up
EAP-GTC does not include User-Password in any of the VP lists, hence python modules can't do anything with it #2268
However, User-Password attribute is not put in any of the VPS lists (request, reply, config, proxy...). Hence, modules written in languages such as Python or Perl cannot access to it.
How to reproduce the issue
What happens is that
I guess it could be added also to request->config or request->packet. What do you think? If you agree I can easily create a PR with the functionality.
Yes, right. Although I still could not modify it. What I want to achieve is to implement a 2-factor authentication using TOTP. I want to do something similar to what rlm_yubikey does (using the password to transport PWD+OTP_CODE, validating the code, and rewriting the PWD to restore it to the original value, so the authentication process works as it should). But maybe I MUST write a C module rather than a python one if for making it work I need to patch FR and that patch is not going to be useful to anyone but me.