On Tue, Sep 08, 2009 at 01:59:05PM +0200, Alan DeKok wrote: > Szymon Roczniak wrote: > > authorize_check_query = "SELECT 1,'notused','Auth-Type','Accept',':' FROM > > That's the issue. The operator is wrong. Use ":=", not ":"
That's an error, the production configuration has ':=' in the operator field. It's odd, but it looks like it doesn't matter what operator is used in this place. In fact it still works even without one (I've just tested it with some random 'operators' and with the operator field set to ""). The output at the end of auth group is: Found Auth-Type = Accept Auth-Type = Accept, accepting the user > I'm not sure why it leaks, either. All of the code paths *appear* to I'll see if I can provide more debugging information to track it down. > clean up after themselves. But the rlm_sql code is rather too There are some code paths (in rlm_sql.c/rlm_sql_authorize()) where only one of the temporary pair lists (check_tmp) is freed before returning from the function and in other cases both check_tmp and reply_tmp are cleaned with pairfree(). I'm not sure it's a problem at all. And it's certainly not relevant in this case, as the execution goes past these checks and gets to the point where both temp lists are released. -- szymon roczniak si...@dischaos.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html