SoH patch (was Re: Microsoft SoH Support)

James J J Hooper jjj.hooper at bristol.ac.uk
Thu Jan 6 17:48:30 CET 2011


On 11/10/2010 22:14, James J J Hooper wrote:
> On 11/10/2010 12:37, Phil Mayers wrote:
>> On 09/10/10 15:01, Garber, Neal wrote:
>>>> Thanks to a lot of work by Phil Mayers, the server now has support for
>>>> Microsoft SoH in PEAP, normal RADIUS (MS VPN gateway), and in DHCP.
>>>
>>> Wow! That *must* have been a lot of work! Thank you Phil.
>>>
>>> Does this mean FreeRADIUS can now act as a Health Policy Server?
>>
>> Yes, though it's not 100%. Specifically the code can challenge clients for
>> an SoH, and the client will submit it and FreeRadius decode it. There is
>> not (yet) support for FreeRadius generating and emitting an SoHR, because
>> I don't have a working example of such, and decoding the MS-SOH spec is
>> REALLY REALLY hard without at least some working data to compare to the
>> awful spec language!
>
>
> Hi Phil, Alan,
>
> http://msdn.microsoft.com/en-us/library/cc251376%28v=PROT.10%29.aspx
>
> -> Independent of the above states, the last bit of the third byte of the
> AU ClientStatusCode can take the value of 1 if the AU settings on the
> client are controlled by policy.
>

Hi Guys,
   I've re-written the patch I originally forwarded to account for the 
third byte-first bit flag MS stuck in the middle of AU ClientStatusCode.

As attached - still not pretty~~

-James



-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: soh-patch-20110106.txt
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20110106/7eca4150/attachment.txt>


More information about the Freeradius-Users mailing list