Problems with hints file when i use freeradius-1.0.1
Hello, I want to upgrade from freeradius-0.8.1 to freeradius-1.0.1. Begining of my hints file: sergk Strip-User-Name = No Hint := "admin" It matches only username "sergk" with freeradius-0.8.1. But it matches any username with freeradius-1.0.1. Is it bug or feature ? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Problems with hints file when i use freeradius-1.0.1
Hello,
i want to upgrade from freeradius-0.8.1 to freeradius-1.0.1.
My hints file:
DEFAULT Prefix == "t", Strip-User-Name = No
Hint = "TUM"
It works with freeradius-0.8.1, the username leaves unstripped.
With freeradius-1.0.1 the username is always be stripped, why?
Maybe i made a Syntax-Error?
i got a "nightly CVS snapshot" and this works how i supposed
(with the syntax above). But now i has problems with eap.
So i made a dirty source-patch for 1.0.1.
Delete the function presufcmp in .../src/main/valuepair.c and
copy this one in (from freeradius-snapshot-20050111/src/modules/
rlm_expr/paircmp.c):
static int presufcmp(void *instance,
REQUEST *req UNUSED,
VALUE_PAIR *request, VALUE_PAIR *check,
VALUE_PAIR *check_pairs, VALUE_PAIR **reply_pairs)
{
VALUE_PAIR *vp;
char *name = (char *)request->strvalue;
char rest[MAX_STRING_LEN];
int len, namelen;
int ret = -1;
instance = instance;
reply_pairs = reply_pairs; /* shut the compiler up */
#if 0 /* DEBUG */
printf("Comparing %s and %s, check->attr is %d\n",
name, check->strvalue, check->attribute);
#endif
len = strlen((char *)check->strvalue);
switch (check->attribute) {
case PW_PREFIX:
ret = strncmp(name, (char *)check->strvalue, len);
if (ret == 0 && rest)
strcpy(rest, name + len);
break;
case PW_SUFFIX:
namelen = strlen(name);
if (namelen < len)
break;
ret = strcmp(name + namelen - len,
(char *)check->strvalue);
if (ret == 0 && rest) {
strNcpy(rest, name, namelen - len + 1);
}
break;
}
if (ret != 0)
return ret;
/*
* If Strip-User-Name == No, then don't do any more.
*/
vp = pairfind(check_pairs, PW_STRIP_USER_NAME);
if (vp && !vp->lvalue) return ret;
/*
* See where to put the stripped user name.
*/
vp = pairfind(check_pairs, PW_STRIPPED_USER_NAME);
if (!vp) {
vp = paircreate(PW_STRIPPED_USER_NAME, PW_TYPE_STRING);
if (!vp) return ret; /* no memory, do anything? */
pairadd(&request, vp);
}
strcpy((char *)vp->strvalue, rest);
vp->length = strlen(rest);
return ret;
}
regards
Helmut Troebs
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Problems with hints file when i use freeradius-1.0.1
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Perhaps this helps: http://lists.cistron.nl/pipermail/freeradius-users/2004-February/027993.html perhaps the whole thread. - -- Dr. Michael Schwartzkopff MultiNET Services GmbH Bretonischer Ring 7 85630 Grasbrunn Tel: (+49 89) 456 911 - 0 Fax: (+49 89) 456 911 - 21 mob: (+49 174) 343 28 75 PGP Fingerprint: F919 3919 FF12 ED5A 2801 DEA6 AA77 57A4 EDD8 979B -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQFB27/hqndXpO3Yl5sRAhrFAJwNmMfgm4mNXtuDhrwwNjOrXkiFfwCdGk4Z NIQ3i8lWGm60UOUVcvro5xQ= =PWb8 -END PGP SIGNATURE- - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Problems with hints file when i use freeradius-1.0.1
Am Dienstag, 4. Januar 2005 08:56 schrieb Helmut Tröbs: Hello, i want to upgrade from freeradius-0.8.1 to freeradius-1.0.1. My hints file: DEFAULT Prefix == "t", Strip-User-Name = No Hint = "TUM" DEFAULT Prefix = "t", Strip-User-Name = No Hint = "TUM" nur mit einem "=" nach "Prefix"? Thank you for the answer, but Prefix == "t" is correct, when i try only one "=" i get the message Invalid operator for item Prefix: reverting to '==' in debug output. When i try to use N instead of No: DEFAULT Prefix == "t", Strip-User-Name = N Hint = "TUM" The Debug output looks better, but the proxied user-name is still wrong. rad_recv: Access-Request packet from host x.x.x.x:32770, id=171, length=56 User-Name = "test" User-Password = "x" NAS-IP-Address = 255.255.255.255 NAS-Port = 1 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 0 hints: Matched DEFAULT at 48 modcall[authorize]: module "preprocess" returns ok for request 0 modcall[authorize]: module "chap" returns noop for request 0 modcall[authorize]: module "mschap" returns noop for request 0 rlm_realm: No '@' in User-Name = "test", looking up realm NULL rlm_realm: Found realm "NULL" rlm_realm: Adding Stripped-User-Name = "test" rlm_realm: Proxying request from user test to realm NULL rlm_realm: Adding Realm = "NULL" rlm_realm: Preparing to proxy authentication request to realm "NULL" modcall[authorize]: module "suffix" returns updated for request 0 rlm_eap: No EAP-Message, not doing EAP modcall[authorize]: module "eap" returns noop for request 0 users: Matched DEFAULT at 178 users: Matched DEFAULT at 385 modcall[authorize]: module "files" returns ok for request 0 modcall: group authorize returns updated for request 0 Sending Access-Request of id 0 to 10.156.10.42:1812 User-Name = "est" User-Password = "x" NAS-IP-Address = 255.255.255.255 NAS-Port = 1 Proxy-State = 0x313731 Any idea? regards Helmut Troebs - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Problems with hints file when i use freeradius-1.0.1
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Am Dienstag, 4. Januar 2005 08:56 schrieb Helmut Tröbs: > Hello, > > i want to upgrade from freeradius-0.8.1 to freeradius-1.0.1. > My hints file: > > DEFAULT Prefix == "t", Strip-User-Name = No > Hint = "TUM" DEFAULT Prefix = "t", Strip-User-Name = No Hint = "TUM" nur mit einem "=" nach "Prefix"? MfG, - -- Dr. Michael Schwartzkopff MultiNET Services GmbH Bretonischer Ring 7 85630 Grasbrunn Tel: (+49 89) 456 911 - 0 Fax: (+49 89) 456 911 - 21 mob: (+49 174) 343 28 75 PGP Fingerprint: F919 3919 FF12 ED5A 2801 DEA6 AA77 57A4 EDD8 979B -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQFB2uwSqndXpO3Yl5sRAtgPAJ9ac+7vtkWGIl5kI4G3E1zGeXGPHwCdED9O NJMHUU9ovtH32uLh2IP2UmE= =SzqN -END PGP SIGNATURE- - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Problems with hints file when i use freeradius-1.0.1
Hello, i want to upgrade from freeradius-0.8.1 to freeradius-1.0.1. My hints file: DEFAULT Prefix == "t", Strip-User-Name = No Hint = "TUM" It works with freeradius-0.8.1, the username leaves unstripped. With freeradius-1.0.1 the username is always be stripped, why? Maybe i made a Syntax-Error? A little bit Debug: SunOS wsc41 5.8 Generic_117000-01 sun4u sparc SUNW,Ultra-5_10 rad_recv: Access-Request packet from host x.x.x.x:32771, id=128, length=56 User-Name = "test" User-Password = "" NAS-IP-Address = 255.255.255.255 NAS-Port = 1 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 0 hints: Matched DEFAULT at 36 modcall[authorize]: module "preprocess" returns ok for request 0 modcall[authorize]: module "chap" returns noop for request 0 modcall[authorize]: module "mschap" returns noop for request 0 rlm_realm: No '@' in User-Name = "est", looking up realm NULL rlm_realm: Found realm "NULL" rlm_realm: Adding Stripped-User-Name = "est" rlm_realm: Proxying request from user est to realm NULL rlm_realm: Adding Realm = "NULL" rlm_realm: Preparing to proxy authentication request to realm "NULL" modcall[authorize]: module "suffix" returns updated for request 0 rlm_eap: No EAP-Message, not doing EAP modcall[authorize]: module "eap" returns noop for request 0 users: Matched DEFAULT at 178 users: Matched DEFAULT at 385 modcall[authorize]: module "files" returns ok for request 0 modcall: group authorize returns updated for request 0 Sending Access-Request of id 0 to 10.156.10.42:1812 User-Name = "est" User-Password = "" NAS-IP-Address = 255.255.255.255 NAS-Port = 1 Proxy-State = 0x313238 regards Helmut Troebs -- --- Helmut Troebs Leibniz-Rechenzentrum der Bayerischen Akademie der Wissenschaften Abteilung Kommunikationsnetze Barer Str. 21 80333 Muenchen E-Mail:[EMAIL PROTECTED] --- - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
