Freeraius vs NPS
Martin, Jeremy
jmartin at emcc.edu
Fri May 5 18:11:13 CEST 2017
Alan
These are avaya ip phones. Not see what you are referring to, I was looking at packet 1943, the first on the free radius capture byte 0040 looks like the user-name is encoded correctly but not really sure where you are looking.
Jeremy
-----Original Message-----
From: Freeradius-Users [mailto:freeradius-users-bounces+jmartin=emcc.edu at lists.freeradius.org] On Behalf Of Alan DeKok
Sent: Friday, May 5, 2017 11:54 AM
To: FreeRadius users mailing list <freeradius-users at lists.freeradius.org>
Subject: Re: Freeraius vs NPS
> On May 5, 2017, at 11:46 AM, Martin, Jeremy <jmartin at emcc.edu> wrote:
>
> I am attaching them to this email.
Wow... the phone is just broken. It's sending an EAP-Identity of:
0xa009ed031e00
i.e. the MAC address of the phone... in binary form, NOT text, and finishing off with a trailing zero byte.
What phone is this? That behavior is completely broken, and violates RFC 3748:
https://tools.ietf.org/html/rfc3748#section-5.1
This field MAY contain a displayable message in the Request,
containing UTF-8 encoded ISO 10646 characters [RFC2279]. Where
the Request contains a null, only the portion of the field prior
to the null is displayed. If the Identity is unknown, the
Identity Response field should be zero bytes in length. The
Identity Response field MUST NOT be null terminated.
In any case, the suggestion I made in my last message should work. Though it will be made more complicated by the phone sending binary crap as the EAP-Identitiy, instead of a UTF-8 text string.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list