VSA in radiusrequest

Question

I tend to use the freeradius radiusclient library, but it's mostly the same code as what was previously developed for the radiusclient-ng library, but the dictionary file format is the same, and doesn't support the BEGIN-VENDOR ... END-VENDOR syntax, so you have to use a slightly different format.

The general format of vendor specific attributes is stated in the RFC as:

0                   1                   2                   3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|     Type      |  Length       |            Vendor-Id
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
     Vendor-Id (cont)           | Vendor type   | Vendor length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|    Attribute-Specific...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-

Which means it only supports vendor types from 0 - 255. The use of large numbers (> 255) is intended for internal server use and would not be an acceptable value to use for the attribute id number (i.e. 7777 and 7778 are way too big to be expected vendor types).

You've defined your vendor using the line:

VENDOR EC 20000

And now you need to specify the VSAs using the following format:

ATTRIBUTE abc1 7 string vendor=EC
ATTRIBUTE abc2 8 string vendor=EC

This specifies them with a Vendor type of 7 and 8 respectively.

If you're referencing the proper dictionary file, then the attributes become available to be used and can be passed in:

./radiusclient -f /etc/radiusclient-ng/radiusclient.conf User-Name=aaa abc1=aaaaaa abc2=bbbbb