Adding a binary null to a value using attr_rewrite

Tore Anderson tore at linpro.no
Mon Jul 18 08:45:43 CEST 2005


* Tore Anderson

> If I add a verbatim null-byte in radiusd.conf

* Alan DeKok

>   Huh?  You don't configure reply attributes in radiusd.conf

  Sure I do.  Relevant parts of my radiusd.conf:

  modules {
    attr_rewrite add_class {
      attribute = Class
      searchfor = ignored
      searchin = reply
      replacewith = "SBR-CL DN=\"%{Calling-Station-Id}\" AT=\"0\""
      new_attribute = yes
    }
  }
  post-auth {
    add_class
  }

  This works exactly as I want it to, but the stupid Siemens NAS seems
 to require a null-byte at the end of the value - at least that's the
 only difference I've found in the reply packet when I inspect dumps
 from when it's communicating with the old RADIUS server (which works)
 and the new FreeRADIUS-based one (which doesn't).

  Adding that null-byte to the replacewith string doesn't seem to work,
 unfortunately.  At least not in any way I've tried - but the RFC
 mandate that a server implementation should handle null-bytes, so I
 would think there has to be /some/ way of doing it?

Thanks
-- 
Tore Anderson




More information about the Freeradius-Users mailing list