Proxying EAP-TTLS requests via 2.1.0 to 1.1.7
Alan DeKok
aland at deployingradius.com
Fri Sep 26 15:52:35 CEST 2008
Peter Eriksson wrote:
>> Yes. But it's *not* being printed as MS-MPPE-Recv-Key, which means
>> you've broken the dictionaries somehow.
>
> Hmm.. Strange. Since I haven't touched the dictionaries at all.
Well, the only way that the MS attributes are printed as
"Vendor-Specific" is if the MS dictionary isn't being used.
> I've been investigating this issue a bit more and it gets really strange.
Well, yes. Suddenly it's printing the MS attributes with their full
name, and not as Vendor-Specific. And the TCP dump output shows:
> Vendor Specific Attribute (26), length: 59, Value: Vendor:
> Microsoft (311)
> Vendor Attribute: 16, Length: 51, Value:
> ..."D...1.RX...dt..F..x4..&}...<F...I..j..L..%O!..'
> 0x0000: 0000 0137 1035 009d be22 4487 0b90 31ab
The '1035 00' is odd. The extra '00' doesn't belong.
> Dunno if it's relevant, but I notice the 51 vs 50 'Length' value
> difference in the 'Vendor Attribute'. An off-by-one error
> somewhere?
No. It's fine on my system. And your previous post (with
Vendor-Specific) had:
>>> Vendor-Specific =
>>>
0x0000013710348b855687f3a4ef1194289232229fe0be952c98689fb606c1e9d6ceae6a388baee98eeb292
i.e. '1034 8b'. So the length is correct there.
I don't know what's going on with your system, but it looks like
either the software is completely broken, or the dictionaries are
broken. Either way, it's system-specific, and I can't reproduce it here.
Alan DeKok.
More information about the Freeradius-Users
mailing list