Hello Tarko - You can try a PreClientHook in more recent versions of Radiator to access the request before it is unpacked.
regards Hugh On 17 Aug 2010, at 15:51, Tarko Tikan wrote: > hey, > >> The problem here is due to "00" being used in an ASCII string. > > That is what I was thinking aswell. But the strange thing is that if I change > 00 0a into 00 0b everything works: > Tue Aug 17 05:45:31 2010: WARNING: pre strip: 00 04 05 dc 00 0b > Tue Aug 17 05:45:31 2010: WARNING: post strip: 00 04 05 dc 00 0b > > And 01 0a ofc works aswell: > Tue Aug 17 05:46:20 2010: WARNING: pre strip: 00 04 05 dc 01 0a > Tue Aug 17 05:46:20 2010: WARNING: post strip: 00 04 05 dc 01 0a > > Also, the string itself is not ending with \0 and should not match \0+$ > >> RFC4679 (http://www.ietf.org/rfc/rfc4679.txt) indicates that this attribute >> should be a printable string - hence our definition as "string". >> If you want to get at the binary data you should change the dictionary >> definition to "binary". > > Thats probably the right way, or patch our installation :) > >> Although a better solution would be to get the attribute sent in the fashion >> indicated by the RFC. > > Someone should tell this to Cisco :) Actually the setup is bit more > complicated, cisco is only doing dhcp snooping and inserting agent/circuit-id > with binary data, another vendors box is picking it up on the wire and doing > radius authentication. But not much can be done in the second box as the > binary data is already there and no reasonable way to turn it to printable. > > -- > tarko > _______________________________________________ > radiator mailing list > [email protected] > http://www.open.com.au/mailman/listinfo/radiator NB: Have you read the reference manual ("doc/ref.html")? Have you searched the mailing list archive (www.open.com.au/archives/radiator)? Have you had a quick look on Google (www.google.com)? Have you included a copy of your configuration file (no secrets), together with a trace 4 debug showing what is happening? -- Radiator: the most portable, flexible and configurable RADIUS server anywhere. Available on *NIX, *BSD, Windows, MacOS X. Includes support for reliable RADIUS transport (RadSec), and DIAMETER translation agent. - Nets: internetwork inventory and management - graphical, extensible, flexible with hardware, software, platform and database independence. - CATool: Private Certificate Authority for Unix and Unix-like systems. _______________________________________________ radiator mailing list [email protected] http://www.open.com.au/mailman/listinfo/radiator
