Re: X-auth attribute formats?

[Ari Huttunen <Ari.Huttunen@xxxxxxxxxxxx>]

Vamsi Krishna wrote:
> 
> At 22:02 30.12.00 , Ari Huttunen wrote:
> >Is it the understanding that XAUTH-USER-NAME, XAUTH-USER-PASSWORD, etc.
> >attributes MUST be null-terminated? XAUTH-CHALLENGE would *NOT* be
> >NULL terminated?
> >
> >Similarly, MUST User-Name and User-Password be NULL terminated when
> >sent to/from a RADIUS server?
> A summary of the Attribute format in RADIUS is shown below.  The fields are
> transmitted from left to right.
> 
>     0                   1                   2
>     0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0
>    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-
>    |     Type      |    Length     |  Value ...
>    +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-
> 
> For   User name Attribute
>           Type ....................   User Name Attrib Type  (as per
> defined in
> Radius Rfc)
>           Length...................  1(Type)+1(Length)+variable string(value)
>           value.......................  User name
>  So UserName and  User-Password  lengths can be determined from  the field '
> Length 'so there is no
> need of null termination while sending to /receiving from  the Radius
> server.

It's trivially clear that both xauth and radius attribute definitions can 
handle not having a NULL. It also seems to work with a NULL, at least with 
the radius server I tried. I also thought that we'd been sending NULLs in
xauth attributes, but actually we don't so I'm not sure if xauth too can
handle having NULLs; I mean actual implementations.

In any case the draft could clarify what is meant by "Variable ASCII string"
in each case.

Ari

-- 
Ari Huttunen                   phone: +358 9 2520 0700
Senior Software Engineer       fax  : +358 9 2520 5001

F-Secure Corporation       http://www.F-Secure.com 

F-Secure products: Integrated Solutions for Enterprise Security