RE: Any experience with Symbol APs?

Tue, 28 Jan 2003 20:06:47 -0800 

I currently have a call into Symbol at the moment about the corrupted
State attribute. But, after much trying I got the Symbol 4131AP
"working" (to a point) with FreeRADIUS 0.8.1. To get around the State
attribute problem I made the following changes below (but will not be
keeping the changes for production). This allowed the authentication to
proceed but now XP (with SP1) is sending TLS access denied messages when
accessing the client certificate.

$ diff eap.c eap_orig.c
834,835c834
<       unsigned char   *id = NULL;
<       int                             max_state_len = 16;
---
>       unsigned char   *id = NULL;
857,860c856
<       }
<
<       if (state->length < max_state_len)
<               max_state_len = state->length;
---
>       }
862c858
<       id = (unsigned char *)malloc(1/*Length*/ + 1/*Id*/ +
max_state_len + nas->length);
---
>       id = (unsigned char *)malloc(1/*Length*/ + 1/*Id*/ +
state->length + nas->length);
872c868
<       id[0] = (1 + 1 + max_state_len + nas->length) & 0xFF;
---
>       id[0] = (1 + 1 + state->length + nas->length) & 0xFF;
874,875c870,871
<       memcpy(id+2, state->strvalue, max_state_len);
<       memcpy(id+2+max_state_len, nas->strvalue, nas->length);
---
>       memcpy(id+2, state->strvalue, state->length);
>       memcpy(id+2+state->length, nas->strvalue, nas->length);
888,889c884
<       unsigned char   *id = NULL;
<       int                             max_state_len = 16;
---
>       unsigned char   *id = NULL;
909,925c904,917
<       if (state->length < max_state_len)
<               max_state_len = state->length;
<
<       id = (unsigned char *)malloc(1/*Length*/ + 1/*Id*/ +
max_state_len + nas->length);
<       if (id == NULL) {
<               radlog(L_ERR, "rlm_eap: out of memory");
<               return NULL;
<       }
<
<       /*
<        * Generate unique-id to check for the reply
<        * id = Length + ID + State + (NAS-IP-Address | NAS-Identifier)
<        */
<       id[0] = (1 + 1 + max_state_len + nas->length) & 0xFF;
<       memcpy(id+1, &response_id, sizeof(unsigned char));
<       memcpy(id+2, state->strvalue, max_state_len);
<       memcpy(id+2+max_state_len, nas->strvalue, nas->length);
---
>       id = (unsigned char *)malloc(1/*Length*/ + 1/*Id*/ +
state->length + nas->length);
>       if (id == NULL) {
>               radlog(L_ERR, "rlm_eap: out of memory");
>               return NULL;
>       }
>
>       /*
>        * Generate unique-id to check for the reply
>        * id = Length + ID + State + (NAS-IP-Address | NAS-Identifier)
>        */
>       id[0] = (1 + 1 + state->length + nas->length) & 0xFF;
>       memcpy(id+1, &response_id, sizeof(unsigned char));
>       memcpy(id+2, state->strvalue, state->length);
>       memcpy(id+2+state->length, nas->strvalue, nas->length);

$ diff state.c state_orig.c
199,200d198
<       return 0;
<

Philip Blow
Senior Technical Manager
Simply Wireless
[EMAIL PROTECTED]
 

-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Reply via email to