VSA with Vendor 0 Attribute 0 - Have you ever seen this?

classic Classic list List threaded Threaded
4 messages Options
| Threaded
Open this post in threaded view
|

VSA with Vendor 0 Attribute 0 - Have you ever seen this?

Stefan Paetow-3
Hi all,

Just a quick question... has anyone ever seen a RADIUS request/response containing a vendor-specific attribute with vendor 0, attribute 0? That's not an IANA packet, is it? I mean... IANA would just be non-VSA.

Is this a possible misconfiguration somewhere?

With Kind Regards

Stefan Paetow
Federated Roaming Technical Specialist

t: +44 (0)1235 822 125
gpg: 0x3FCE5142
xmpp: [hidden email]
skype: stefan.paetow.janet

jisc.ac.uk

Jisc is a registered charity (number 1149740) and a company limited by guarantee which is registered in England under Company No. 5747339, VAT No. GB 197 0632 86. Jisc’s registered office is: One Castlepark, Tower Hill, Bristol, BS2 0JA. T 0203 697 5800.




-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
| Threaded
Open this post in threaded view
|

Re: VSA with Vendor 0 Attribute 0 - Have you ever seen this?

Alex Perez-Mendez
Hi Stefan,

who's generating that attribute? If it's FreeRADIUS, then it must be
misconfiguration.
If the attribute comes from an AP or another RADIUS server, it's
difficult to tell whether that's due to misconfiguration or a bug.

Cheers,

El 12/2/20 a las 13:19, Stefan Paetow escribió:

> Hi all,
>
> Just a quick question... has anyone ever seen a RADIUS request/response containing a vendor-specific attribute with vendor 0, attribute 0? That's not an IANA packet, is it? I mean... IANA would just be non-VSA.
>
> Is this a possible misconfiguration somewhere?
>
> With Kind Regards
>
> Stefan Paetow
> Federated Roaming Technical Specialist
>
> t: +44 (0)1235 822 125
> gpg: 0x3FCE5142
> xmpp: [hidden email]
> skype: stefan.paetow.janet
>
> jisc.ac.uk
>
> Jisc is a registered charity (number 1149740) and a company limited by guarantee which is registered in England under Company No. 5747339, VAT No. GB 197 0632 86. Jisc’s registered office is: One Castlepark, Tower Hill, Bristol, BS2 0JA. T 0203 697 5800.
>
>
>
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

--
Alejandro Perez-Mendez
Technical Specialist (AAA), Trust & Identity
Skype alejandro_perez_mendez
jisc.ac.uk


-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
| Threaded
Open this post in threaded view
|

Re: VSA with Vendor 0 Attribute 0 - Have you ever seen this?

Alan DeKok-2
In reply to this post by Stefan Paetow-3
On Feb 12, 2020, at 7:19 AM, Stefan Paetow <[hidden email]> wrote:
>
> Just a quick question... has anyone ever seen a RADIUS request/response containing a vendor-specific attribute with vendor 0, attribute 0? That's not an IANA packet, is it? I mean... IANA would just be non-VSA.

  Nope.  I haven't seen it, and it's not in any standard.

> Is this a possible misconfiguration somewhere?

  Only if you go out of your way to create a vendor dictionary with vendor ID 0, and then an attribute 0, and then manually add it to the configuration.

  If that attribute is coming from a NAS, then the NAS is broken.

  FreeRADIUS may make mistakes internally, it doesn't create bad RADIUS packets.

  Alan DeKok.


-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
| Threaded
Open this post in threaded view
|

Re: VSA with Vendor 0 Attribute 0 - Have you ever seen this?

Stefan Paetow-3
Thanks Alan,

That's what I thought. I'll trace this back to our original source and have them check what's going on.

Thanks for the confirmation :-)

Stefan Paetow
Federated Roaming Technical Specialist

t: +44 (0)1235 822 125
gpg: 0x3FCE5142
xmpp: [hidden email]
skype: stefan.paetow.janet

jisc.ac.uk

Jisc is a registered charity (number 1149740) and a company limited by guarantee which is registered in England under Company No. 5747339, VAT No. GB 197 0632 86. Jisc’s registered office is: One Castlepark, Tower Hill, Bristol, BS2 0JA. T 0203 697 5800.
 

On 12/02/2020, 13:39, "Freeradius-Users on behalf of Alan DeKok" <freeradius-users-bounces+stefan.paetow=[hidden email] on behalf of [hidden email]> wrote:

    On Feb 12, 2020, at 7:19 AM, Stefan Paetow <[hidden email]> wrote:
    >
    > Just a quick question... has anyone ever seen a RADIUS request/response containing a vendor-specific attribute with vendor 0, attribute 0? That's not an IANA packet, is it? I mean... IANA would just be non-VSA.
   
      Nope.  I haven't seen it, and it's not in any standard.
   
    > Is this a possible misconfiguration somewhere?
   
      Only if you go out of your way to create a vendor dictionary with vendor ID 0, and then an attribute 0, and then manually add it to the configuration.
   
      If that attribute is coming from a NAS, then the NAS is broken.
   
      FreeRADIUS may make mistakes internally, it doesn't create bad RADIUS packets.
   
      Alan DeKok.
   
   
    -
    List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html


-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html