Request Authenticator value made available to a Perl module

[Alan DeKok]

On Nov 21, 2023, at 1:45 PM, Brandon Miller <webasdf at gmail.com> wrote:
> Thank you again for all your hard work on the FreeRADIUS project, the
> related RFCs, and taking the time to help on the mailing list.  It is
> much appreciated.

  You're welcome.

> I see you updated the VSA in the source on github already.  I
> personally agree with you that the attributes should have the Aruba
> prefix.  I'm not sure what it would take to make that happen?

  Edit the dictionary files.

>  I
> honestly don't recall where exactly I found that dictionary file.
> Looking at the github code, I do see the ALIAS directive at the
> bottom.  Does this alias directive force the prefix "Aruba"?

  No.

  You likely copied the dictionary file from the git "master" branch (v4), and then tried to use it in v3.  That's not a good idea.

  v3 comes with an aruba dictionary.  You can just edit it there.  There's no need to use a new dictionary file.

>  I was
> having issues with the older version of FreeRADIUS not accepting the
> VSA because of conflicting attributes, and the older version didn't
> accept the ALIAS directive in the dictionary files.  This is likely
> why I manually changed several of the attributes...just to get it
> "working".

 Or, use the dictionary.aruba file that comes with v3?  It's text, you can edit it.

> I chose octets for the Aruba-MPSK-Lookup-Info datatype with a length
> of 178 for 2 reasons.  1) The Aruba-MPSK-Lookup-Info attribute is
> encoded WPA2 EAPOL request data as part of the WPA2 handshake. The
> returned data is a binary structure that makes more sense when reading
> as a string of hex values.  2) When doing a packet capture, wireshark
> indicated a length of 178 bytes for that attribute.

  That's the encoded size.  It's rounded up to a multiple of 16, because of the encryption.

  Anyways, I've updated the dictionary.aruba file.  It should be fine.

  Alan DeKok.