EAP-MSCHAPv2 is indeed mutual, but is prone to MITM dictionary attacks
authorMartin Willi <martin@strongswan.org>
Thu, 7 Jan 2010 14:56:11 +0000 (15:56 +0100)
committerMartin Willi <martin@strongswan.org>
Thu, 7 Jan 2010 14:56:11 +0000 (15:56 +0100)
src/charon/plugins/eap_mschapv2/eap_mschapv2.c

index 71e313a..f022284 100644 (file)
@@ -1152,7 +1152,7 @@ static status_t get_msk(private_eap_mschapv2_t *this, chunk_t *msk)
  */
 static bool is_mutual(private_eap_mschapv2_t *this)
 {
-       return TRUE;
+       return FALSE;
 }
 
 /**