3gpp2 parameter starts with '\0'

2009-01-12 Thread lamersons
(debug listed below) Freeradius 2.x with Postgre database I need to store ESN value to my database, but it comes in format[3GPP2-ESN = \000\000\000\000\000\000\0BBF636]. Freeradius counts '\0' as the end of the line and puts blank instead of actual parameter value. Not only ESN comes in that

Re: 3gpp2 parameter starts with '\0'

2009-01-12 Thread A . L . M . Buxey
Hi, I need to store ESN value to my database, but it comes in format[3GPP2-ESN = \000\000\000\000\000\000\0BBF636]. Freeradius counts '\0' as the end of the line and puts blank instead of actual parameter value. Not only ESN comes in that format but [Acct-Session-Id = 000\000] does

Re: 3gpp2 parameter starts with '\0'

2009-01-12 Thread Alan DeKok
lamersons wrote: I need to store ESN value to my database, but it comes in format[3GPP2-ESN = \000\000\000\000\000\000\0BBF636]. Change the dictionary to make it type octets. That's likely the simplest fix. Freeradius counts '\0' as the end of the line and puts blank instead of actual

Re: Freeradius-Users Digest, Vol 45, Issue 31

2009-01-12 Thread Alan DeKok
Hanno Schupp wrote: thanks for your response. Unfortunately your response cut over with my response to a previous mail list contributor. I had made some progress with unlang and described my progress in there. I have run against a wall though, when I discovered that I cannot perform any unlang

Re: Authentication Problem with PEAP and openldap

2009-01-12 Thread Michael Poser
Hello Alan, thank you for your reply. The mapping of the NT-Password describe exactly our problem. We cannot find the right passage in the radius config to do this. Maybe you can give as a little hint, this would be very kindly. Best Regards, Michael native wired xp 802.1X client with PEAP

Re: Problem whith upgrade

2009-01-12 Thread Marcelo Henique Cabral Ariza
Thank you very much Kalik, it wors perfectly. you are a good guy.. hehehe =) t...@kalik.net escreveu: These attributes in reply come from attrs file, the missing is ERX-Egress-Police-Name. In radreply it entry is: ID Username Attribute op

Re: Disconnect packet

2009-01-12 Thread Johan Meiring
Johan Meiring wrote: Alan DeKok wrote: Johan Meiring wrote: Any idea when? There is no defined time frame. What is generating the CoA packets? It will also be freeradius (on a different machine), the actual radius server. In the short term, alternatives are things like shell

Re: 3gpp2 parameter starts with '\0'

2009-01-12 Thread lamersons
Thank you very much, changing it to octets gave me nice ascii look of esn. Vendor is Huawei. to official letter to huawei i got this answer listed below. -- Good day, I would like to inform that our BSC sends ESN according the 3GPP2 “Interoperability Specification (IOS) for

Re: 3gpp2 parameter starts with '\0'

2009-01-12 Thread Alan DeKok
lamersons wrote: Thank you very much, changing it to octets gave me nice ascii look of esn. Vendor is Huawei. OK. to official letter to huawei i got this answer listed below. -- Good day, I would like to inform that our BSC sends ESN according the 3GPP2

Re: Disconnect packet

2009-01-12 Thread Johan Meiring
Alan DeKok wrote: Johan Meiring wrote: Ok no replies I'm sure it so ugly that nobody's even interested. Or busy. Final question. Instead of hacking auth.c to return DISCONNECT_NAK/_ACK instead of ACCESS_ACK/_REJECT. Is there any way to force the return packet type (i.e. value that

Re: 3gpp2 parameter starts with ''

2009-01-12 Thread tnt
Hm, I dug up this: http://www.3gpp2.org/public_html/specs/A.S0017-0_v1.0.pdf and I can't find that statement in there. I would assume that zero fill an ASCII string would mean fill with ASCII zeros, not nulls (ASCII code zero). Ivan Kalik Kalik Informatika ISP Dana 12/1/2009, Alan DeKok

Re: 3gpp2 parameter starts with '\0'

2009-01-12 Thread Bjørn Mork
Alan DeKok al...@deployingradius.com writes: lamersons wrote: Thank you very much, changing it to octets gave me nice ascii look of esn. Vendor is Huawei. OK. to official letter to huawei i got this answer listed below. -- Good day, I would like to inform that our

Re: Authentication Problem with PEAP and openldap

2009-01-12 Thread tnt
You can also change the way passwords are stored in ldap. userPassword should have cleartext password. If you are going to store encrypted passwords you should use password header ({nt} in this case). If you store your passwords that way you just need to enable auto headers in pap module. pap

Re: 3gpp2 parameter starts with ''

2009-01-12 Thread Alan DeKok
t...@kalik.net wrote: Hm, I dug up this: http://www.3gpp2.org/public_html/specs/A.S0017-0_v1.0.pdf and I can't find that statement in there. I would assume that zero fill an ASCII string would mean fill with ASCII zeros, not nulls (ASCII code zero). Looking at the spec, I agree. It

Re: 3gpp2 parameter starts with '\0'

2009-01-12 Thread Alan DeKok
Bjørn Mork wrote: Yes, it would be. However, the document Huawei refers to does not state this. Ok. So I *won't* change the dictionaries. I don't think footnote d leaves any doubt wrt the format of this attribute. The \0 prepending seems to be a Huawei invention. Yes. I think

No EAP-TLS with XP SP3 ?

2009-01-12 Thread Alexandros Gougousoudis
Hi, I have a lot of problems doing an EAP-TLS authentification with Freeradius 2.1.3. We're doing a machine-based authentification with certs, using EAP-TLS with 802.1x capable Linksys switches (cable based). We had NO problems at all with Freeradius 1.1.0 and Windows 2000 SP4 and XP SP2

Re: No EAP-TLS with XP SP3 ?

2009-01-12 Thread A . L . M . Buxey
Hi, With XP SP3 the auth failed, I googled that FR 1.1.0 is not capable to do this, because SP3 is realizing the same 802.1x engine as Vista does. So I upgraded to 2.1.3 and compiled it on OpenSuse 10.1 without errors and the software runs without problems. But the auth still doesn't

Re: No EAP-TLS with XP SP3 ?

2009-01-12 Thread tnt
Can you post the debug of the *same* client certificate being accepted from the SP2 machine and rejected from SP3. Ivan Kalik Kalik Informatika ISP Dana 12/1/2009, Alexandros Gougousoudis gougousoudis-l...@servicecenter-khs.de piše: Hi, I have a lot of problems doing an EAP-TLS

freeradius proxying to Juniper Steel-Belted - returning trailing \000 in attributes

2009-01-12 Thread Jørn Kostøl
I'm running freeradius v2.1.1 that proxies to a Juniper Steel-Belted Radius. (NAS-freeradius-Juniper). The authentication works and the reply is sent to my NAS, but the Juniper sends back trailing \000 in the return attributes which my NAS obviously is not too fond of. The debug shows: rad_recv:

Re: freeradius proxying to Juniper Steel-Belted - returning trailing \000 in attributes

2009-01-12 Thread Alan DeKok
Jørn Kostøl wrote: I'm running freeradius v2.1.1 that proxies to a Juniper Steel-Belted Radius. (NAS-freeradius-Juniper). The authentication works and the reply is sent to my NAS, but the Juniper sends back trailing \000 in the return attributes which my NAS obviously is not too fond of.

Re: Error in test Freeradius

2009-01-12 Thread Paulo César Naves Mota
Hello guys, I made others test Freeradius, but not works. I made other BD and reinstall my freeradius, I used user= paulo and password= user01 for test. My clients.conf has the below configuration: client 127.0.0.1 { secret=

Re: Error in test Freeradius

2009-01-12 Thread Luciano Afranllie
On Mon, Jan 12, 2009 at 3:08 PM, Paulo César Naves Mota paulo.m...@cetelem.com.br wrote: Hello guys, I made others test Freeradius, but not works. I made other BD and reinstall my freeradius, I used user= paulo and password= user01 for test. My clients.conf has the below

Re: Error in test Freeradius

2009-01-12 Thread Paulo César Naves Mota
Hello Luciano, In below the result of command: I have a user in BD: mysql use radius; mysql show tables; +--+ | Tables_in_radius | +--+ | radacct | | radcheck | | radgroupcheck| | radgroupreply| | radpostauth | | radreply

Re: Error in test Freeradius

2009-01-12 Thread A . L . M . Buxey
Hi, Can someone help me? I'm sure someone can - please send output of 'radiusd -X' to this list as per the FAQ, the docs in the server and the many many such requests to this list alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Error in test Freeradius

2009-01-12 Thread A . L . M . Buxey
Hi, Hello Luciano, In below the result of command: I have a user in BD: do you read documents? is so, which document did you read to set this up? it should be ++--+-+++ | id | username | attribute | op | value |

RE: eap/tls freeradius openssl

2009-01-12 Thread Brian Ertel
Ok, I think I've installed everything correctly (according to the faq) but obviously not. starting radius in debug I still get: Ignoring EAP-Type/tls because we do not have OpenSSL support. Ignoring EAP-Type/ttls because we do not have OpenSSL support. Ignoring EAP-Type/peap because we do not

Re: Error in test Freeradius

2009-01-12 Thread tnt
In below the result of command: That's the debug of the startup. You haven't sent the request to be processed. You should post the debug of request processing. mysql select * from radcheck; ++--+---+++ | id | username | attribute | op | value |

Re: eap/tls freeradius openssl

2009-01-12 Thread John Dennis
Brian Ertel wrote: Ok, I think I've installed everything correctly (according to the faq) but obviously not. starting radius in debug I still get: Perhaps you built and installed things correctly, it's hard to tell, but you might have more than one version installed and you might be

Proxying: Multiple accounting hosts?

2009-01-12 Thread Adam Bultman
I have Freeradius 2.1 built, and somehow, radrelay didn't get built. I was poking around on google, and it looks like proxy.conf might help me replace radrelay. Can you have multiple accthosts inside of proxy.conf realms? Like this: realm mydomain.com { type = radius authhost =

Re: eap/tls freeradius openssl

2009-01-12 Thread A . L . M . Buxey
hi, did you follow the fedora/redhat quid as posted to this list - or did you just install openssl-devel and try the daemon again? if so, that wont work. you will need to rerun the ./configure and make steps again for the system to learn your got the SSL support installed..and thus compile in

Re: eap/tls freeradius openssl

2009-01-12 Thread Brian Ertel
I installed the openssl and openssl-devel rpms and the freeradius SRPM with all dependency rpms... Brian On 1/12/09 3:39 PM, a.l.m.bu...@lboro.ac.uk a.l.m.bu...@lboro.ac.uk wrote: hi, did you follow the fedora/redhat quid as posted to this list - or did you just install openssl-devel and

Re: Proxying: Multiple accounting hosts?

2009-01-12 Thread Alan DeKok
Adam Bultman wrote: I have Freeradius 2.1 built, and somehow, radrelay didn't get built. $ man radrelay This is documented. I was poking around on google, and it looks like proxy.conf might help me replace radrelay. Can you have multiple accthosts inside of proxy.conf realms? No.

Re: eap/tls freeradius openssl

2009-01-12 Thread John Dennis
Brian Ertel wrote: I installed the openssl and openssl-devel rpms and the freeradius SRPM with all dependency rpms... You didn't follow the instructions in the FAQ. You must build the SRPM and install the resulting RPM's. Please folow the instuctions in the FAQ. A SRPM contains the source

Re: eap/tls freeradius openssl

2009-01-12 Thread A . L . M . Buxey
Hi, I installed the openssl and openssl-devel rpms and the freeradius SRPM with all dependency rpms... ..but before you ran your own version up? if so, you're still running your own version which radiusd will probably say /usr/local/sbin/radiusd you need to run the version the SRPMS would

RE: eap/tls freeradius openssl

2009-01-12 Thread Brian Ertel
I obeyed the faq's every command and get caught up on this: [r...@freeradius redhat]# rpmbuild -ba rpmbuild /usr/src/redhat/SPECS/freeradius.spec error: failed to stat /usr/src/redhat/rpmbuild: No such file or directory ??? Brian -Original Message- From:

Re: eap/tls freeradius openssl

2009-01-12 Thread John Dennis
Brian Ertel wrote: I obeyed the faq's every command and get caught up on this: [r...@freeradius redhat]# rpmbuild -ba rpmbuild /usr/src/redhat/SPECS/freeradius.spec error: failed to stat /usr/src/redhat/rpmbuild: No such file or directory My apologies, there was a typo in the FAQ, the

Multiple output pairs in rlm_exec - How to format the response pai string?

2009-01-12 Thread Hanno Schupp
I try to determine some data externally through an PHP programme with the 'exec' module. Everything is fine as long as I do only return one value from PHP, the return attribute is duly accepted and processed. As soon as I return more than one the exec module gets confused, as everything

RE: eap/tls freeradius openssl

2009-01-12 Thread Brian Ertel
Ahhh, ok. Tomorrow's another day Thanks John, Brian From: freeradius-users-bounces+bsertel=amherst@lists.freeradius.org on behalf of John Dennis Sent: Mon 1/12/2009 6:14 PM To: FreeRadius users mailing list Subject: Re: eap/tls freeradius openssl

unsubscribe

2009-01-12 Thread freeradius-users
unsubscribe CompuLab - Consult Robert Schuster Am Karmelkloster 16 53229 Bonn mailto: robert.schus...@compulab-consult.de Tel. +49 228 97604-0 Fax. +49 228 97604-25 mobil +49 175 1606254 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html