json encoding (Freeradius 3.0.13)

Alan DeKok aland at deployingradius.com
Tue Nov 22 21:59:28 CET 2016


On Nov 22, 2016, at 3:39 PM, Fabrice Durand <fdurand at inverse.ca> wrote:
> i am trying to implement cisco Device sensor
> (http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3750/software/release/15-0_1_se/device_sensor/guide/sensor_guide.html)
> that allow to have endpoint data like DHCP, LLDP in the radius
> accounting packet.
> 
> I am able to receive these specific attributes but when i want to send
> them to my api (PacketFence) through rlm_rest module , it looks that
> these attributes are not well encoded.

  The issue is that Cisco is stupid.

  The Cisco-AVPair attribute is *supposed* to be a printable string.  Being a large corporation, Cisco decided to also put binary data in there.  Which is a stupid idea.

> You can see in the raddebug trace this attribute Cisco-AVPair =
> "dhcp-option=\0007\000\r\001\017\003\006,./\037!y\371\374+" received
> from the cisco switch which is encoded to that
> "dhcp-option=\u00007\u0000\r\u0001\u000F\u0003\u0006,.\/\u001F!y\uFFFFFFF9\uFFFFFFFC+"
> and i am not able to decode it.

  Hmm... jscon_encode_xlat() in rlm_rest.

> On my side i did some test with a perl json encoding code and the
> encoding string is suppose to be
> \\0007\\000\\r\\001\\017\\003\\006,.\/\\037!y\\371\\374+

  Probably...

> Do i miss something in the Freeradius configuration in order to make it
> work ?

  Nope.  It should just work.  Maybe Arran knows what's up...

  Alan DeKok.




More information about the Freeradius-Users mailing list