Merge pull request #9 from runleveldev/blastradius

libpam-radius-auth: T7285: add and verify Message-Authenticator
author: Daniil Baturin <daniil@vyos.io> 2025-06-18 11:23:37 +0100
committer: GitHub <noreply@github.com> 2025-06-18 11:23:37 +0100
commit: 46d6c0f88460fee556e38dbfba83c9029b1c78c6 (patch)
tree: abcc54510ccf8da3ee678c81290ba6fbd3ef7e73 /USAGE
parent: 061f717becc0c8bdf213316e32e031f5fb8f7d3b (diff)
parent: 15b5a25b3ce48cc9cf6aec7e9fbd736df833450a (diff)
download: libpam-radius-auth-46d6c0f88460fee556e38dbfba83c9029b1c78c6.tar.gz
libpam-radius-auth-46d6c0f88460fee556e38dbfba83c9029b1c78c6.zip
1 files changed, 8 insertions, 0 deletions
diff --git a/USAGE b/USAGE
index 0fce66b..fdd1e70 100644
--- a/USAGE
+++ b/USAGE
@@ -104,5 +104,13 @@ max_challenge=# - configure maximum number of challenges that a server
                   may request. This is a workaround for broken servers
                   and disabled by default.
 
+prompt_attribute - Enable honoring of Prompt attribute sent from server for 
+                   challenge-response to enable/disable of echoing of user 
+                   input. Without this option all user input during 
+                   challenge-response will be echoed. See RFC2869 Section 5.10
+
+require_message_authenticator - Discard Access-Accept, Access-Challenge, and
+		Access-Reject packets which do not contain Message-Authenticator.
+
 ---------------------------------------------------------------------------
author	Daniil Baturin <daniil@vyos.io>	2025-06-18 11:23:37 +0100
committer	GitHub <noreply@github.com>	2025-06-18 11:23:37 +0100
commit	46d6c0f88460fee556e38dbfba83c9029b1c78c6 (patch)
tree	abcc54510ccf8da3ee678c81290ba6fbd3ef7e73 /USAGE
parent	061f717becc0c8bdf213316e32e031f5fb8f7d3b (diff)
parent	15b5a25b3ce48cc9cf6aec7e9fbd736df833450a (diff)
download	libpam-radius-auth-46d6c0f88460fee556e38dbfba83c9029b1c78c6.tar.gz libpam-radius-auth-46d6c0f88460fee556e38dbfba83c9029b1c78c6.zip