2.2.1. Authenticate-Request

Description

The Authenticate-Request packet is used to begin the Password Authentication Protocol. The link peer MUST transmit a PAP packet with the Code field set to 1 (Authenticate-Request) during the Authentication phase. The Authenticate-Request packet MUST be repeated until a valid reply packet is received, or an optional retry counter expires.

The authenticator SHOULD expect the peer to send an Authenticate- Request packet. Upon reception of an Authenticate-Request packet, some type of Authenticate reply (described below) MUST be returned.

Implementation Note: Because the Authenticate-Ack might be lost, the authenticator MUST allow repeated Authenticate- Request packets after completing the Authentication phase. Protocol phase MUST return the same reply Code returned when the Authentication phase completed (the message portion MAY be different). Any Authenticate-Request packets received during any other phase MUST be silently discarded. When the Authenticate-Nak is lost, and the authenticator terminates the link, the LCP Terminate-Request and Terminate- Ack provide an alternative indication that authentication failed.

A summary of the Authenticate-Request packet format is shown below. The fields are transmitted from left to right.

    0                   1                   2                   3
    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |     Code      |  Identifier   |            Length             |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   | Peer-ID Length|  Peer-Id ...
   +-+-+-+-+-+-+-+-+-+-+-+-+
   | Passwd-Length |  Password  ...
   +-+-+-+-+-+-+-+-+-+-+-+-+-+

Code

1 for Authenticate-Request.

Identifier

The Identifier field is one octet and aids in matching requests and replies. The Identifier field MUST be changed each time an Authenticate-Request packet is issued.

Peer-ID-Length

The Peer-ID-Length field is one octet and indicates the length of the Peer-ID field.

Peer-ID

The Peer-ID field is zero or more octets and indicates the name of the peer to be authenticated.

Passwd-Length

The Passwd-Length field is one octet and indicates the length of the Password field.

Password

The Password field is zero or more octets and indicates the password to be used for authentication.