Freeradius-attributes

Arnnei Speiser arnnei at megaas.co.nz
Tue Apr 3 13:31:35 CEST 2007


 
Hi all,

I'm trying to configure the Radius to recognize some personal attributes for
the Authentication request and receiving them back to the client.

Any idea how I can do that.

Thanks,

Arnnei

-----Original Message-----
From: freeradius-devel-bounces+arnnei=megaas.co.nz at lists.freeradius.org
[mailto:freeradius-devel-bounces+arnnei=megaas.co.nz at lists.freeradius.org]
On Behalf Of freeradius-devel-request at lists.freeradius.org
Sent: Tuesday, April 03, 2007 1:00 PM
To: freeradius-devel at lists.freeradius.org
Subject: Freeradius-Devel Digest, Vol 24, Issue 2

Send Freeradius-Devel mailing list submissions to
	freeradius-devel at lists.freeradius.org

To subscribe or unsubscribe via the World Wide Web, visit
	http://lists.freeradius.org/mailman/listinfo/freeradius-devel
or, via email, send a message with subject or body 'help' to
	freeradius-devel-request at lists.freeradius.org

You can reach the person managing the list at
	freeradius-devel-owner at lists.freeradius.org

When replying, please edit your Subject line so it is more specific than
"Re: Contents of Freeradius-Devel digest..."


Today's Topics:

   1. Re: EAP-AKA patch for Freeradius 1.1.2 (Alan DeKok)
   2. Automatic report from sources (radiusd) between 02.04.2007 -
      03.04.2007 GMT (Automatic cvs log generator)
   3. users file (ashola ashola)


----------------------------------------------------------------------

Message: 1
Date: Mon, 02 Apr 2007 18:14:22 +0200
From: Alan DeKok <aland at deployingradius.com>
Subject: Re: EAP-AKA patch for Freeradius 1.1.2
To: FreeRadius developers mailing list
	<freeradius-devel at lists.freeradius.org>
Message-ID: <46112BDE.8050100 at deployingradius.com>
Content-Type: text/plain; charset=ISO-8859-1

awaneesh kumar wrote:
> Hi All,
>  
> I have downloaded patch from
http://bugs.freeradius.org/show_bug.cgi?id=386.
> I have succesfully applied patch to Freeradius1.1.2. Few questions i
have..
>  
> a) Does patch supports optional identity privacy support, optional 
> result indications, and an optional fast re-authentication procedure.

  No idea.

> b)   After receiving EAP-Request/AKA-Challenge from server, client
> should calculate AT_MAC and compares with the received one. If it 
> matches it should send back the EAP-Response/AKA-Challenge with AT_RES 
> and new AT_MAC.
> As per section 10.8 of RFC 4187, AT_RES should be encoded as follows. 
> // 
> /        The value field of this attribute begins with the
> 2-byte                             RES Length,which identifies the exact
> length of the RES in bits.  The RES length is followed by the AKA RES 
> parameter.  According to [TS33.105 
> <http://tools.ietf.org/html/rfc4187#ref-TS33.105>], the length of the 
> AKA RES can vary between 32 and 128 bits.  Because the length of the
> AT_RES         attribute must be a multiple of 4 bytes, the sender pads
> the RES with zero bits        where necessary/
>            
> Trace below is packet from client to server:-
>  
> 0x0242003017010000*03050000d0d0d0d0d0d0d0d0d0d0d0d0d0d0d0d0*0b0500

> 000d6eb3a8082c9d2c0a031505b7a0fac0

  Looks to be wrong.

  As always, patches are welcome.

> c)   As per section 3 (Figure 2) from RFC 4187, if server is unable to
> authenticate client if AT_MAC or AT_RES is incorrect, it should back 
> the EAP-Request/AKA-Notification to client and client should respond 
> back with EAP-Response/AKA-Notification. Then only server should send 
> back EAP result as Failure. But Freeradius1.1.2 sends back the EAP Result
> (FAILURE) with Access-Reject.         How ever success scenarion works
> perfectly.

  As always, patches are welcome.

> d) After receiving AKA-Challenge from Radius server, does patch 
> supports the checking of Sequence No from AUTN parameter?

  No idea.  Check the source code.

> Do we have any latest patch to support EAP-AKA?

  Yes.

  If you have issues with it, you can always send an updated patch with bugs
fixed.

  Alan DeKok.
--
  http://deployingradius.com       - The web site of the book
  http://deployingradius.com/blog/ - The blog


------------------------------

Message: 2
Date: Tue,  3 Apr 2007 03:06:02 -0500 (CDT)
From: "Automatic cvs log generator" <cparker at starnetusa.net>
Subject: Automatic report from sources (radiusd) between 02.04.2007 -
	03.04.2007 GMT
To: freeradius-devel at lists.freeradius.org
Message-ID: <20070403080602.DEC43774F5 at webhost1.starnetusa.net>

CVS log entries from 02.04.2007 (Mon) 08:00:00 - 03.04.2007 (Tue) 08:00:02
GMT =====================================================
Summary by authors
=====================================================
Author: nbk
	File: radiusd/src/modules/rlm_sqlhpwippool/rlm_sqlhpwippool.c;
Revisions: 1.4
	File: radiusd/src/modules/rlm_protocol_filter/rlm_protocol_filter.c;
Revisions: 1.11
	File: radiusd/src/modules/rlm_smb/smbencrypt.c; Revisions: 1.7

=====================================================
Log entries
=====================================================
Description:
	The variable "rcsid" is defined twice.
Modified files:
	File: radiusd/src/modules/rlm_protocol_filter/rlm_protocol_filter.c;
Revision: 1.11;
	Date: 2007/04/02 14:43:36; Author: nbk; Lines:  (+2 -4)
-------------------------------
Description:
	Don't include the same header multiple times.
Modified files:
	File: radiusd/src/modules/rlm_smb/smbencrypt.c; Revision: 1.7;
	Date: 2007/04/02 14:48:35; Author: nbk; Lines:  (+4 -8)
-------------------------------
Description:
	Fix compilation errors.
Modified files:
	File: radiusd/src/modules/rlm_sqlhpwippool/rlm_sqlhpwippool.c;
Revision: 1.4;
	Date: 2007/04/02 14:51:53; Author: nbk; Lines:  (+17 -18)
=====================================================
Summary of modified files
=====================================================
File: radiusd/src/modules/rlm_protocol_filter/rlm_protocol_filter.c
Revisions: 1.11
Authors: nbk (+2 -4)
-------------------------------
File: radiusd/src/modules/rlm_smb/smbencrypt.c
Revisions: 1.7
Authors: nbk (+4 -8)
-------------------------------
File: radiusd/src/modules/rlm_sqlhpwippool/rlm_sqlhpwippool.c
Revisions: 1.4
Authors: nbk (+17 -18)
--
Automatic cron job from /web/pages/us.freeradius.org/bin/new_makelog.pl


------------------------------

Message: 3
Date: Tue, 3 Apr 2007 01:45:24 -0700 (PDT)
From: ashola ashola <ashola2007 at yahoo.com>
Subject: users file
To: freeradius-devel at lists.freeradius.org
Message-ID: <299677.89969.qm at web63005.mail.re1.yahoo.com>
Content-Type: text/plain; charset="iso-8859-1"

Hi,

Would u tell me how to get the password of the user defined in users file 

 
---------------------------------
Never miss an email again!
Yahoo! Toolbar alerts you the instant new Mail arrives. Check it out.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
https://lists.freeradius.org/pipermail/freeradius-devel/attachments/20070403
/35754457/attachment-0001.html 

------------------------------

- 
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/devel.html


End of Freeradius-Devel Digest, Vol 24, Issue 2
***********************************************

-- 
No virus found in this incoming message.
Checked by AVG Free Edition.
Version: 7.5.446 / Virus Database: 268.18.25/744 - Release Date: 03/04/07
05:32
 




More information about the Freeradius-Devel mailing list