Lewis Adam-VNQM87 wrote:
I'm in the process of developing an embedded client based on the 1.1.6 client code. We have a requirement for issuing a Status-Server request and I can see, as it stands, the code doesn't work. The freeRADIUS server I am working with expects a PW_MESSAGE_AUTHENTICATOR attribute. The function rc_check() in lib\buildreq.c currently does not add the PW_MESSAGE_AUTHENTICATOR attribute.
Yes. That needs to be added.
So, my questions are: 1. If the Status-Server request is experimental, is it known whether (many) other commercial RADIUS server products are supporting it?
Yes. Others support it. There should be an RFC published this year describing it.
2. Are there requirements and if so guidelines for creating meaningful authenticator values rather than all zeroes as above?
RFC 3579 Section 3.2. See also src/lib/radius.c, which calculates the correct value, and validates it on reception.
3. Are there any plans to update the client code with support for the PW_MESSAGE_AUTHENTICATOR attribute?
Not at this time. However, patches are welcome. It should be less than 100 lines of code. Alan DeKok.