* The 'value_size' is the size of the response,
* which is supposed to be the response (48
* bytes) plus 1 byte of flags at the end.
+ *
+ * NOTE: When using Cisco NEAT with EAP-MSCHAPv2, the
+ * switch supplicant will send MSCHAPv2 data (EAP type = 26)
+ * but will always set a value_size of 16 and NULL out the
+ * peer challenge.
+ *
*/
- if (eap_ds->response->type.data[4] != 49) {
+ if ((eap_ds->response->type.data[4] != 49) &&
+ (eap_ds->response->type.data[4] != 16)) {
REDEBUG("Response is of incorrect length %d", eap_ds->response->type.data[4]);
return 0;
}