diff --git a/include/freeradius-client.h b/include/freeradius-client.h
index 797cdfaa..43b6a00f 100644
--- a/include/freeradius-client.h
+++ b/include/freeradius-client.h
@@ -56,6 +56,8 @@
 
 #define MAX_SECRET_LENGTH	(3 * 16) /* MUST be multiple of 16 */
 
+#define MAX_STRING_LEN		254 /* RFC2138: string 0-253 octets */
+
 #define VENDOR(x)		(((x) >> 16) & 0xffff)
 #define ATTRID(x)		((x) & 0xffff)
 
diff --git a/lib/sendserver.c b/lib/sendserver.c
index 1fdcff2c..64b3aceb 100644
--- a/lib/sendserver.c
+++ b/lib/sendserver.c
@@ -43,6 +43,7 @@ static int rc_pack_list (VALUE_PAIR *vp, char *secret, AUTH_HDR *auth)
 	unsigned char   passbuf[MAX(AUTH_PASS_LEN, CHAP_VALUE_LENGTH)];
 	unsigned char   md5buf[256];
 	unsigned char   *buf, *vector, *vsa_length_ptr;
+	VALUE_PAIR	*first_vp = vp;
 
 	buf = auth->data;
 
@@ -105,37 +106,32 @@ static int rc_pack_list (VALUE_PAIR *vp, char *secret, AUTH_HDR *auth)
 		  total_length += padded_length + 2;
 
 		  break;
-#if 0
 		 case PW_CHAP_PASSWORD:
 
-		  *buf++ = CHAP_VALUE_LENGTH + 2;
-		  if (vsa_length_ptr != NULL) *vsa_length_ptr += CHAP_VALUE_LENGTH + 2;
-
-		  /* Encrypt the Password */
-		  length = vp->lvalue;
-		  if (length > CHAP_VALUE_LENGTH)
 		  {
-			length = CHAP_VALUE_LENGTH;
+				int chap_attr_len = CHAP_VALUE_LENGTH + 3;
+				*buf++ = chap_attr_len;
+				char string[MAX_STRING_LEN * 2 + 1];
+				char *ptr = string;
+				int i = 0;
+				*ptr++ = auth->id;
+
+				i++;
+				memcpy(ptr, vp->strvalue, vp->lvalue);
+				ptr += vp->lvalue;
+				i += vp->lvalue;
+
+				/* TODO: use Chap-Challenge if available */
+				/*                      rc_avpair_get(); */
+				memcpy(ptr, auth->vector, AUTH_VECTOR_LEN);
+				i += AUTH_VECTOR_LEN;
+				*buf = auth->id;
+				rc_md5_calc((u_char *)buf + 1, (u_char *)string, i);
+				buf += chap_attr_len - 2;
+				total_length += chap_attr_len;
 		  }
-		  memset ((char *) passbuf, '\0', CHAP_VALUE_LENGTH);
-		  memcpy ((char *) passbuf, vp->strvalue, (size_t) length);
-
-		  /* Calculate the MD5 Digest */
-		  secretlen = strlen (secret);
-		  strcpy ((char *) md5buf, secret);
-		  memcpy ((char *) md5buf + secretlen, (char *) auth->vector,
-		  	  AUTH_VECTOR_LEN);
-		  rc_md5_calc (buf, md5buf, secretlen + AUTH_VECTOR_LEN);
-
-		  /* Xor the password into the MD5 digest */
-		  for (i = 0; i < CHAP_VALUE_LENGTH; i++)
-		  {
-			*buf++ ^= passbuf[i];
-		  }
-		  total_length += CHAP_VALUE_LENGTH + 2;
 
 		  break;
-#endif
 		 default:
 		  switch (vp->type)
 		  {