Garbled class attribute?
Geoff Silver
geoff+freeradius at uslinux.net
Thu Aug 17 23:39:24 CEST 2006
Ah ok. So it appears the network guys are doing something non-compliant with
the RFCs around here. I hate that, but I'm not going to be able to change it
either, so I'll just maintain a small patch for our environment. Thanks for
clearing that up.
Alan DeKok wrote:
> Geoff Silver <geoff+freeradius at uslinux.net> wrote:
>> As a side note, I had to change the Class attribute in dictionary.rfc2865 to
>> be a string, *not* octets. I changed:
> ....
>> to make it work (and be readable), though I can't tell if that's just an
>> oddity of the Cisco VPN 3000 and the way it was previously implemented here or
>> what. According to the RFC:
>
> The dictionaries are solely for internal server purposes. The
> reason Class is "octets" in the FreeRADIUS dictionaries is that it can
> contain binary data.
>
>> String
>>
>> The String field is one or more octets. The actual format of the
>> information is site or application specific, and a robust
>> implementation SHOULD support the field as undistinguished octets.
>
> The original RFC's had "string" type for both printable & binary
> data. FreeRADIUS moved to "string" and "octets", and the RFC's moved
> to "text" and "string".
>
> Alan DeKok.
> --
> http://deployingradius.com - The web site of the book
> http://deployingradius.com/blog/ - The blog
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list