\000 in "octets" attribute?

Erik Bolsø erik at linpro.no
Thu Jun 15 10:37:16 CEST 2006


On 2006-06-15 07:50, Stefan Winter <stefan.winter at restena.lu> wrote:
> Hi,
> > I'm having a curious problem with a vendor-specific single-byte
> > "octets"-attribute and attr_rewrite.
> >
> > Essentially, I'm trying to rewrite an ascii "0" to a single-byte
> > 0x00
> > value. But after this rewrite rule, a zero-byte value is returned
> > instead. Any way to get around this?
> >
> > With \001, \002, etc, all's well.
> >
> > (incidentally, this is freeradius version 1.0.1 in RHEL4)
> 
> the RADIUS RFC forbids attributes with a terminating \000. The server
> knows
> that, and will shorten the octet attribute by cutting off the \000 -
> leaving
> an empty string behind. If your NAS really requires a trailing \000:
> fix the
> NAS. It is not RFC-compliant then.

Essentially, the vendor-specific attribute value is a 1-byte unsigned
integer, not a string. Haven't done a live test yet, so I do not know
how it handles the empty value. Perhaps all goes well. I'll let you
know.

My rfc-reading seems to contradict you a little bit, though?

RFC2869 section 5:
      Note that none of the types in RADIUS terminate with a NUL (hex
      00).  In particular, types "text" and "string" in RADIUS do not
      terminate with a NUL (hex 00).  The Attribute has a length field
      and does not use a terminator.  Text contains UTF-8 encoded 10646
      [8] characters and String contains 8-bit binary data.  Servers and
      servers and clients MUST be able to deal with embedded nulls.
      RADIUS implementers using C are cautioned not to use strcpy() when
      handling strings.

--
Erik Bolsø
Linpro AS







More information about the Freeradius-Users mailing list