Unsubscribe
Ciprian ARSENIE
ciprian at rovoice.com
Sun Aug 31 20:35:11 CEST 2014
Uns
Sent from my iPhone
> On 31 Aug 2014, at 13:00, freeradius-users-request at lists.freeradius.org wrote:
>
> Send Freeradius-Users mailing list submissions to
> freeradius-users at lists.freeradius.org
>
> To subscribe or unsubscribe via the World Wide Web, visit
> http://lists.freeradius.org/mailman/listinfo/freeradius-users
> or, via email, send a message with subject or body 'help' to
> freeradius-users-request at lists.freeradius.org
>
> You can reach the person managing the list at
> freeradius-users-owner at lists.freeradius.org
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of Freeradius-Users digest..."
>
>
> Today's Topics:
>
> 1. Re: Not able to receive inner identity in Access-Accept in
> EAP-TTLS. (Axel Luttgens)
> 2. EAP-MD5: Access-Accept packet in debug log messages
> (Axel Luttgens)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Sun, 31 Aug 2014 11:23:03 +0200
> From: Axel Luttgens <axel.luttgens at skynet.be>
> To: FreeRadius users mailing list
> <freeradius-users at lists.freeradius.org>
> Subject: Re: Not able to receive inner identity in Access-Accept in
> EAP-TTLS.
> Message-ID: <049C2F78-6B5A-46FC-BFC5-8C1E8295B251 at skynet.be>
> Content-Type: text/plain; charset=iso-8859-1
>
> Le 30 ao?t 2014 ? 18:28, Axel Luttgens a ?crit :
>
>> Le 30 ao?t 2014 ? 16:38, Alan DeKok a ?crit :
>>
>>> Alan DeKok wrote:
>>>> Unfortunately, that is how it works. If you read the debug output,
>>>
>>> I've updated the example inner-tunnel example,
>>
>> Yes, I noticed that this morning. :-)
>
> More exactly, I only had seen the next to last change while writing the above.
> But the current comment appears to be exactly the one I would have dreamed to write myself. ;-)
>
> Perhaps could it be worth to enhance the description of use_tunneled_reply as well?
> With the current comment, use_tunneled_reply could be understood as a way to convey the inner User-Name only; but, unless I'm wrong, any attribute, even a private one, is liable to be brought to the outer session.
> Moreover, the mechanism activated by that setting probably deserves a better emphasis; in particular, I'm thinking at its protocol-awareness you have described in a previous message.
>
> Regards,
> Axel
>
>
>
> ------------------------------
>
> Message: 2
> Date: Sun, 31 Aug 2014 11:56:28 +0200
> From: Axel Luttgens <axel.luttgens at skynet.be>
> To: FreeRadius users mailing list
> <freeradius-users at lists.freeradius.org>
> Subject: EAP-MD5: Access-Accept packet in debug log messages
> Message-ID: <97A82F0C-B772-4AD0-AF0C-286603F962D2 at skynet.be>
> Content-Type: text/plain; charset=us-ascii
>
> Hello,
>
> While confronting my config attempts with various scenarios, I noticed that the Message-Authenticator seems to always be displayed as a sequence of null bytes:
>
> (1) Sending Access-Accept packet to host 127.0.0.1 port 60546, id=174, length=0
> (1) EAP-Message = 0x03ad0004
> (1) Message-Authenticator = 0x00000000000000000000000000000000
> (1) User-Name = 'bob'
> Sending Access-Accept Id 174 from 127.0.0.1:1812 to 127.0.0.1:60546
> EAP-Message = 0x03ad0004
> Message-Authenticator = 0x00000000000000000000000000000000
> User-Name = 'bob'
>
> BTW, out of curiosity, attribute User-Name appears to be unconditionally added to the Acces-Accept packet; is this common practice?
>
> Axel
>
> ------------------------------
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
> End of Freeradius-Users Digest, Vol 112, Issue 84
> *************************************************
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2328 bytes
Desc: not available
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140831/198a2108/attachment-0001.bin>
More information about the Freeradius-Users
mailing list