Here are detailed explanations describing why I would
like to implement such a mechanism:
Take the following scenario:
Peer Attacker Authenticator
<-(1)|
|--(2)---X |(2')>
< ?? --(1)-- ?? -|
An arrow
Hi,
I'm implementing an EAP method, named EAP-PSK, under
FreeRADIUS (See
http://perso.rd.francetelecom.fr/bersani/EAP_PSK/EAP-PSK.htm
for more details about this new EAP method).
I would like to implement EAP request reemission when
a bad response has been received in order to reduce
simple DoS a
Hi Alan,
> Your patch is nice, but it still doesn't let us
> use EAP-Type of 255,
> unless you add more code supporting it.
>
> Until there's code to use the experimental
> EAP-Type, there isn't any
> reason to add this patch.
>
> Alan DeKok.
>
I just forgot to precise that this patch sh
07","108","109",
"110","111","112","113","114",
"115","116","117","118","119",
"120","121","122","123","12
07","108","109",
"110","111","112","113","114",
"115","116","117","118","119",
"120","121","122","123","124&q
Sending this e-mail in behalf of Florent Bersani:
Hi Alan,
Aurelien forwarded me your remark on the identity
attribute format. Many
thanks for taking the time to read it and giving some
feedback.
The main difference between EAP-SIM (as well as
EAP-PSK) and EAP-TTLS
attribute format (as pointe
Hi Alan,
Many thanks for your remark, I have transfered it to
the EAP-PSK design team and they should come back to
you by tomorrow after having studied the TTLS design
you suggest.
However, when you say "If you want to convince people
to use your system, re-using existing code & design is
excelle
really that ?
>
> Yes.
>
> Why do you need it different?
After reading the Packet modification attacks
paragraph in the RFC 2284bis ("It is RECOMMENDED that
methods providing integrity protection of EAP packets
include coverage of all the EAP header fields,
including the Code, I
Hi,
I'm writing an EAP method for FreeRADIUS and I tested
some error cases last week in order to understand the
FreeRADIUS behavior. I'm asking oneself some questions
about it:
1) When the client doesn't respond, the AP will
dissassociate it 30 seconds after and end the
authentication procedure.
Hi,
I also wrote a C++ module under FreeRadius. Look at
this page :
http://lists.cistron.nl/archives/freeradius-devel/2004/04/msg1.html
Aurélien Magniez
Yahoo! Mail : votre e-mail personnel et gratuit qui vous suit partout !
Créez votre Yahoo! Mail s
Hi,
In short, this mail is about EAP methods
accessing/using the EAP identifier field.
In details, after reading the Packet modification
attacks paragraph in the RFC 2284bis ("It is
RECOMMENDED that methods providing integrity
protection of EAP packets include coverage of all the
EAP header field
Hi,
I'm working on a new module which is written in C++. I
found a old thread about writing module in c++ and
freeradius :
http://lists.cistron.nl/pipermail/freeradius-devel/2002-July/003181.html
It seems that freeradius allows c++ modules now ? So,
I tried to compile it using g++. It appears for
Sorry to bother you with this problem :-(
I'll delete this round trip in the EAP method.
Aurelien Magniez
Yahoo! Mail : votre e-mail personnel et gratuit qui vous suit partout !
Créez votre Yahoo! Mail sur http://fr.benefits.yahoo.com/
Dialoguez en d
Perhaps, Is it possible to use the function that the
server calls in order to check if a user is valid ?
Thanks in advance
Aurelien Magniez
--- Alan DeKok <[EMAIL PROTECTED]> a écrit : >
=?iso-8859-1?q?Aurelien=20Magniez?=
> <[EMAIL PROTECTED]> wrote:
> > -> Is th
So, there is no framework in freeradius in order to
manage user accounts ??
Thanks in advance
--- Alan DeKok <[EMAIL PROTECTED]> a écrit : >
=?iso-8859-1?q?Aurelien=20Magniez?=
> <[EMAIL PROTECTED]> wrote:
> > -> Is there a function which allows to check if a
> user
> > is valid or not and retr
retrieve personal data (user
attributes) ?
-> And is there a function which add/modify a user ?
Or Have I to do that by using a sql script for example
?
Many thanks in advance,
Aurelien Magniez
Yahoo! Mail : votre e-mail personnel et gratuit qui vous su
Hi,
I'm working on an EAP method. This method includes a
round trip for the identity of the peer (I).
This identity (I) may be different from the identity
given in the EAP Identity request.
So, I would like to check in the users file (or in my
sql table) if the identity (I) is valid for this
auth
I have installed the latest snapshot. I added
rlm_eap_tst in the Makefile.in in the /src/main
directory and re-install radius.
when i launch radius : i have the following message
:
(i added tst{} in radiusd.conf)
Module: Loaded eap
eap: default_eap_type = "md5"
eap: timer_expire = 60
18 matches
Mail list logo
