At 06:00 PM 11/13/2001 +0300, Fabrice LABORIE wrote:
>Hi Chris,
>
>Thanks for your answer ...
>
>I looked further up the link,
>and I noticed that in the log of my radius proxy the 1st caracters were
>present ....
>
>So something is happenning to those caracters either in the proxy or in
>the freeradius server...
>
>since it WAS working with freeradius-0.3 and NOT-ANYMORE in
>yesterday's snapshop I suspect that it could be in freeradius.
>Are you 200% sure that it is not the case, nothing else has changed !
I *did* change in the latest snapshot to conform to the RFC. Per the RFC
the first character becomes a TAG value.
IE, the actual string value is prepended by one character when it is sent
out on the wire. FreeRADIUS dutifully strips the first character and
recreates the TAG value when it receives the packet.
Whatever is sending the packet to FreeRADIUS is *NOT* following the RFC and
it not sending the TAG value properly. This is technically in violation of
the RFC, but you can prevent FreeRADIUS from stripping the first character
of the received attributes by removing the 'has_tag' portion of the
dictionary.tunnel that defines the tunnel attributes.
Note that the current default behaviour ( to strip the tags ) works very
well with cisco and Lucent gear that does suppport the RFC, so if you
change the dictionary file to violate the RFC, you're on your own. I
would complain bloody murder to whomever you are receiving the non-RFC
standard tunnel packets from to fix their broken radius implementation.
-Chris
--
\\\|||/// \ Chris Parker - Manager, Development Engineering
\ ~ ~ / \ WX *is* Wireless! \ [EMAIL PROTECTED]
| @ @ | \ http://www.starnetwx.net \ (847) 963-0116
oOo---(_)---oOo--\------------------------------------------------------
\ Without C we would have 'obol', 'basi', and 'pasal'
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
