From: Alan T. DeKok <aland@freeradius.org>
Date: Wed, 7 Aug 2024 23:11:08 +0000 (-0400)
Subject: warn on short shared secrets
X-Git-Tag: release_3_2_6~12
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=b7d023c25e512cd008fa8b972fe1dc01e73b333f;p=thirdparty%2Ffreeradius-server.git

warn on short shared secrets
---

diff --git a/src/main/client.c b/src/main/client.c
index 6e89fafc16a..6e1a684da6a 100644
--- a/src/main/client.c
+++ b/src/main/client.c
@@ -1216,6 +1216,14 @@ done_coa:
 		}
 	}
 
+	/*
+	 *	Be annoying to people, but it's about security.
+	 */
+	if (strlen(c->secret) < 12) {
+		WARN("Shared secret for client %s is short, and likely can be broken by an attacker.",
+		     c->shortname);
+	}
+
 	return c;
 }