thanks a lot! nice thing... worked fine for me so far :).
There�s tool called ntradpad(winnt), you can change the request type to send EAP messages with, but i didn�t tried it out now. I couldn�t really follow suit when it came to the point that RADIUS changes state attribute, cause i don�t know exactly what the RADIUS state attributes are and what they do, I can only imagine... but anyways thanks a lot!
I�ll try to get some more information about these state attributes.
regards, cl
Dave Mason schrieb:
Hi,
Here's how I do it. I dont know of a test client that can easily build a RADIUS Access-Request with an EAP-Message - if anybody does please let us know. The radclient program supplied with Freeradius can add an EAP-Message attribute but you have to code it yourself in hex. Here's how I send an EAP/Response/Identity:
$ radclient -f eapRspId.txt -r 1 localhost auth testing
The eapRspId.txt file looks like this:
-------------------
[EMAIL PROTECTED], Message-Authenticator=xxx, EAP-Message="0x020100210131393230353332323830303230333130407472616e7361742e636f6d"
# EAP-Resp/id=1/type=Identity/[EMAIL PROTECTED] ------------------
I put the comment last because radclient stops as soon as it sees a comment. Another thing to keep in mind. Freeradius will set the RADIUS State attribute in all challenge messages to some random value, but you'll need to use the same value in the State attribute of the response. If youre using hard coded message files like this, adding a different State value every time would be a pain, so I use a test patch in rlm_eap/state.c that sets State to some known value like "state1", "state2", etc., throughout the challenge sequence, and another in my rlm_eap_<type> to restart back to "state1" when EAP-Success or Failure is sent. You can keep the state number in a global variable. This lets you hard code the State value in the eapRspXxx.txt message file. I now turn the patch on at compile time with a flag, but someday I'd like to make it configurable in radiusd.conf.
Dave
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
