Freeradius-attributes
Arnnei Speiser
arnnei at megaas.co.nz
Tue Apr 3 13:31:35 CEST 2007
Hi all,
I'm trying to configure the Radius to recognize some personal attributes for
the Authentication request and receiving them back to the client.
Any idea how I can do that.
Thanks,
Arnnei
-----Original Message-----
From: freeradius-devel-bounces+arnnei=megaas.co.nz at lists.freeradius.org
[mailto:freeradius-devel-bounces+arnnei=megaas.co.nz at lists.freeradius.org]
On Behalf Of freeradius-devel-request at lists.freeradius.org
Sent: Tuesday, April 03, 2007 1:00 PM
To: freeradius-devel at lists.freeradius.org
Subject: Freeradius-Devel Digest, Vol 24, Issue 2
Send Freeradius-Devel mailing list submissions to
freeradius-devel at lists.freeradius.org
To subscribe or unsubscribe via the World Wide Web, visit
http://lists.freeradius.org/mailman/listinfo/freeradius-devel
or, via email, send a message with subject or body 'help' to
freeradius-devel-request at lists.freeradius.org
You can reach the person managing the list at
freeradius-devel-owner at lists.freeradius.org
When replying, please edit your Subject line so it is more specific than
"Re: Contents of Freeradius-Devel digest..."
Today's Topics:
1. Re: EAP-AKA patch for Freeradius 1.1.2 (Alan DeKok)
2. Automatic report from sources (radiusd) between 02.04.2007 -
03.04.2007 GMT (Automatic cvs log generator)
3. users file (ashola ashola)
----------------------------------------------------------------------
Message: 1
Date: Mon, 02 Apr 2007 18:14:22 +0200
From: Alan DeKok <aland at deployingradius.com>
Subject: Re: EAP-AKA patch for Freeradius 1.1.2
To: FreeRadius developers mailing list
<freeradius-devel at lists.freeradius.org>
Message-ID: <46112BDE.8050100 at deployingradius.com>
Content-Type: text/plain; charset=ISO-8859-1
awaneesh kumar wrote:
> Hi All,
>
> I have downloaded patch from
http://bugs.freeradius.org/show_bug.cgi?id=386.
> I have succesfully applied patch to Freeradius1.1.2. Few questions i
have..
>
> a) Does patch supports optional identity privacy support, optional
> result indications, and an optional fast re-authentication procedure.
No idea.
> b) After receiving EAP-Request/AKA-Challenge from server, client
> should calculate AT_MAC and compares with the received one. If it
> matches it should send back the EAP-Response/AKA-Challenge with AT_RES
> and new AT_MAC.
> As per section 10.8 of RFC 4187, AT_RES should be encoded as follows.
> //
> / The value field of this attribute begins with the
> 2-byte RES Length,which identifies the exact
> length of the RES in bits. The RES length is followed by the AKA RES
> parameter. According to [TS33.105
> <http://tools.ietf.org/html/rfc4187#ref-TS33.105>], the length of the
> AKA RES can vary between 32 and 128 bits. Because the length of the
> AT_RES attribute must be a multiple of 4 bytes, the sender pads
> the RES with zero bits where necessary/
>
> Trace below is packet from client to server:-
>
> 0x0242003017010000*03050000d0d0d0d0d0d0d0d0d0d0d0d0d0d0d0d0*0b0500
> 000d6eb3a8082c9d2c0a031505b7a0fac0
Looks to be wrong.
As always, patches are welcome.
> c) As per section 3 (Figure 2) from RFC 4187, if server is unable to
> authenticate client if AT_MAC or AT_RES is incorrect, it should back
> the EAP-Request/AKA-Notification to client and client should respond
> back with EAP-Response/AKA-Notification. Then only server should send
> back EAP result as Failure. But Freeradius1.1.2 sends back the EAP Result
> (FAILURE) with Access-Reject. How ever success scenarion works
> perfectly.
As always, patches are welcome.
> d) After receiving AKA-Challenge from Radius server, does patch
> supports the checking of Sequence No from AUTN parameter?
No idea. Check the source code.
> Do we have any latest patch to support EAP-AKA?
Yes.
If you have issues with it, you can always send an updated patch with bugs
fixed.
Alan DeKok.
--
http://deployingradius.com - The web site of the book
http://deployingradius.com/blog/ - The blog
------------------------------
Message: 2
Date: Tue, 3 Apr 2007 03:06:02 -0500 (CDT)
From: "Automatic cvs log generator" <cparker at starnetusa.net>
Subject: Automatic report from sources (radiusd) between 02.04.2007 -
03.04.2007 GMT
To: freeradius-devel at lists.freeradius.org
Message-ID: <20070403080602.DEC43774F5 at webhost1.starnetusa.net>
CVS log entries from 02.04.2007 (Mon) 08:00:00 - 03.04.2007 (Tue) 08:00:02
GMT =====================================================
Summary by authors
=====================================================
Author: nbk
File: radiusd/src/modules/rlm_sqlhpwippool/rlm_sqlhpwippool.c;
Revisions: 1.4
File: radiusd/src/modules/rlm_protocol_filter/rlm_protocol_filter.c;
Revisions: 1.11
File: radiusd/src/modules/rlm_smb/smbencrypt.c; Revisions: 1.7
=====================================================
Log entries
=====================================================
Description:
The variable "rcsid" is defined twice.
Modified files:
File: radiusd/src/modules/rlm_protocol_filter/rlm_protocol_filter.c;
Revision: 1.11;
Date: 2007/04/02 14:43:36; Author: nbk; Lines: (+2 -4)
-------------------------------
Description:
Don't include the same header multiple times.
Modified files:
File: radiusd/src/modules/rlm_smb/smbencrypt.c; Revision: 1.7;
Date: 2007/04/02 14:48:35; Author: nbk; Lines: (+4 -8)
-------------------------------
Description:
Fix compilation errors.
Modified files:
File: radiusd/src/modules/rlm_sqlhpwippool/rlm_sqlhpwippool.c;
Revision: 1.4;
Date: 2007/04/02 14:51:53; Author: nbk; Lines: (+17 -18)
=====================================================
Summary of modified files
=====================================================
File: radiusd/src/modules/rlm_protocol_filter/rlm_protocol_filter.c
Revisions: 1.11
Authors: nbk (+2 -4)
-------------------------------
File: radiusd/src/modules/rlm_smb/smbencrypt.c
Revisions: 1.7
Authors: nbk (+4 -8)
-------------------------------
File: radiusd/src/modules/rlm_sqlhpwippool/rlm_sqlhpwippool.c
Revisions: 1.4
Authors: nbk (+17 -18)
--
Automatic cron job from /web/pages/us.freeradius.org/bin/new_makelog.pl
------------------------------
Message: 3
Date: Tue, 3 Apr 2007 01:45:24 -0700 (PDT)
From: ashola ashola <ashola2007 at yahoo.com>
Subject: users file
To: freeradius-devel at lists.freeradius.org
Message-ID: <299677.89969.qm at web63005.mail.re1.yahoo.com>
Content-Type: text/plain; charset="iso-8859-1"
Hi,
Would u tell me how to get the password of the user defined in users file
---------------------------------
Never miss an email again!
Yahoo! Toolbar alerts you the instant new Mail arrives. Check it out.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
https://lists.freeradius.org/pipermail/freeradius-devel/attachments/20070403
/35754457/attachment-0001.html
------------------------------
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/devel.html
End of Freeradius-Devel Digest, Vol 24, Issue 2
***********************************************
--
No virus found in this incoming message.
Checked by AVG Free Edition.
Version: 7.5.446 / Virus Database: 268.18.25/744 - Release Date: 03/04/07
05:32
More information about the Freeradius-Devel
mailing list