Adding a binary null to a value using attr_rewrite
Tore Anderson
tore at linpro.no
Mon Jul 18 08:45:43 CEST 2005
* Tore Anderson
> If I add a verbatim null-byte in radiusd.conf
* Alan DeKok
> Huh? You don't configure reply attributes in radiusd.conf
Sure I do. Relevant parts of my radiusd.conf:
modules {
attr_rewrite add_class {
attribute = Class
searchfor = ignored
searchin = reply
replacewith = "SBR-CL DN=\"%{Calling-Station-Id}\" AT=\"0\""
new_attribute = yes
}
}
post-auth {
add_class
}
This works exactly as I want it to, but the stupid Siemens NAS seems
to require a null-byte at the end of the value - at least that's the
only difference I've found in the reply packet when I inspect dumps
from when it's communicating with the old RADIUS server (which works)
and the new FreeRADIUS-based one (which doesn't).
Adding that null-byte to the replacewith string doesn't seem to work,
unfortunately. At least not in any way I've tried - but the RFC
mandate that a server implementation should handle null-bytes, so I
would think there has to be /some/ way of doing it?
Thanks
--
Tore Anderson
More information about the Freeradius-Users
mailing list