Altering the RADIUS dictionary files...
Peter Nixon
listuser at peternixon.net
Wed Jun 27 14:15:14 CEST 2007
On Wed 27 Jun 2007, liran tal wrote:
> Hey everyone,
>
> I attempted at first to post this issue in openser's mailing list but have
> failed
> to get a reply and thus I am trying in freeradius's as I hope there are
> people here with similar experience.
Hi Liran
Basically the way both SER and openSER do RADIUS is broken. We are aware of
the patches to FreeRADIUS and will not be applying them. We are working with
the openSER people to clean up their RADIUS module.
To that end we have forked radiusclient-ng and called in freeradius-client.
The latest version of openSER works with freeradius-client as a drop-in
replacement for radiusclient-ng (I wrote the patch to do so, and a slightly
modified version was applied to openSER cvs). The currently released version
of freeradius-client however is basically a slightly patched version of
radiusclient-ng (it works on 64bit etc)
We will be releasing a new version of freeradius-client in the next few
days/weeks which has significant code cleanups and features an embedded mode
which means you no longer need a separate config file for the radius client.
The openSER radius module should to be updated to use this new embedded mode.
openSER has also recently registered an Enterprise Number and it needs to be
updated to use this number to send VSAs instead of non-RFC compliant RADIUS
attributes.
Once this work is done by openSER, it should work perfectly with FreeRADIUS
Server (or any other RFC compliant RADIUS Server) without patches...
Cheers
--
Peter Nixon
http://www.peternixon.net/
PGP Key: http://www.peternixon.net/public.asc
More information about the Freeradius-Users
mailing list