listuser at peternixon.net
Tue Nov 14 09:04:45 CET 2006
On Tue 14 Nov 2006 03:25, Alan DeKok wrote:
> Peter Nixon <listuser at peternixon.net> wrote:
> > Is there any reason why "dictionary.digest" exists but is not included
> > (It should actually be called dictionary.rfc4590) and the attributes are
> > instead declared in "dictionary.freeradius.internal"?
> dictionary.digest is a hack (defines sub-attributes). It shouldn't
> > I have changed dictionary.digest to dictionary.rfc4590 in the 1.1.x
> > branch but
> Uh, oh. That's not good. The dictionary.digest file is *not* the
> same as what's in RFC 4590.
OK. It is NOT included yet...
> > have not included it yet. Can we clean this stuff up? I am trying to get
> > FreeRADIUS to the point where it works with SIP servers (SER etc) out of
> > the box.
> No one has implemented RFC 4590 yet. Plus, the RFC is wrong, as the
> attribute numbers are incorrect, and the final table of what's allowed
> where is incorrect. It will be re-issued in a month or two.
Ahh.. That I didn't know.
> Please don't do *anything* with RFC 4590. It's existence is a
> figment of your imagination. Once the updated RFC comes out, we'll
> use that.
> The hardest part about the digest RFC is that the attribute numbers
> it has will conflict with stupid Ascend pseudo-VSA's. We've got to
> support both, so there's some magic required in src/lib/radius.c
> Again, RFC 4590 doesn't exist. Wait a few months for a fixed
> version. Don't implement ANYTHING based on RFC 4590.
PGP Key: http://www.peternixon.net/public.asc
More information about the Freeradius-Devel