Hi,
I have installed version 2.1.4 of FreeRadius server and I am trying to
configure digest authentication for HTTP (not SIP) as per RFC 5090. In
searching through the archives/wiki, I found one message from Alan stating that
dictionary.rfc5090 is disabled by default because it's not supported by the
server, and another message saying that "there are patches but they are not
included in the main stream yet". Are the patches available for download
anywhere? I haven't been able to find them (I don't mind if they are alpha
quality).
Another thing is that I can't even get FreeRadius to decode the digest
attributes. If I $INCLUDE dictionary.rfc5090 in the master dictionary file, I
get the following error at startup:
'including dictionary file /usr/local/etc/raddb/dictionary
Errors reading dictionary: dict_init:
/usr/local/share/freeradius/dictionary.freeradius.internal[93]: dict_init:
/usr/local/share/freeradius/dictionary.freeradius.internal[93]:'
I understand that the attributes are not supported yet, but I'm not sure why
just including the dictionary file causes a fatal error while loading the
configuration.
BTW, I noticed that the list of custom attributes in the dictionary.fortinet
file is out of date. Here is an updated list:
ATTRIBUTE Fortinet-Group-Name 1 string
ATTRIBUTE Fortinet-Client-IP-Address 2 ipaddr
ATTRIBUTE Fortinet-Vdom-Name 3 string
ATTRIBUTE Fortinet-Client-IPv6-Address 4 octets
ATTRIBUTE Fortinet-Interface-Name 5 string
ATTRIBUTE Fortinet-Access-Profile 6 string
Andrew
_________________________________________________________________
Internet Explorer 8 helps keep your personal info safe.
http://go.microsoft.com/?linkid=9655581
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html