Unlang clarification

Arran Cudbard-Bell a.cudbardb at freeradius.org
Mon May 20 15:58:48 CEST 2013


On 20 May 2013, at 09:34, "David Peterson" <davidp at wirelessconnections.net> wrote:

> I am fighting a buggy NAS and was told to add to the /sites-enabled/default file in the post-auth section this code:
>  
>                       EAP-Message = "0x04040004"
>                          User-Name !* 0x00
>                          Message-Authenticator = "%{Message-Authenticator}"
>  
> Can someone clarify what this would actually do to the EAP response?

You mean:

update reply {
	EAP-Message = "0x04040004"
        ...
}

You'd be forcing the server to send an EAP-Failure message, with a static and probably incorrect ID. Removing any instances of User-Name from the reply, and setting an invalid value for the message authenticator which would be overwritten anyway.

-Arran

Arran Cudbard-Bell <a.cudbardb at freeradius.org>
FreeRADIUS Development Team



More information about the Freeradius-Users mailing list