Hi,
2- In example.pl a small sintaxe to UPPER case the Calling-Station-Id like
this,
$RAD_REQUEST{'Calling-Station-Id'} =
uc($RAD_REQUEST{'Calling-Station-Id'}); in the sub authorize and sub
preacct.
3- I commented the line 30 of example.pl, i.e., #use Data::Dumper; no
more problems
Hi,
Alan DeKok, 2009-09-09 14:54:
We have released version 1.1.8 to fix an issue with the handling of
Tunnel-Password. This is the same issue that was found in version
This sounds harmless for most people, I guess, or at least for us, as we
don't use Tunnel-Password. But reading
Jakob Hirsch wrote:
This sounds harmless for most people, I guess, or at least for us, as we
don't use Tunnel-Password. But reading CVE-2009-3111 and looking at the
patch, it seems that this can crash any server just by sending an empty
attribute. That would mean that every 1.1.7 installation
Hi,
This sounds harmless for most people, I guess, or at least for us, as we
don't use Tunnel-Password. But reading CVE-2009-3111 and looking at the
patch, it seems that this can crash any server just by sending an empty
attribute. That would mean that every 1.1.7 installation should upgrade
On 09/21/2009 06:51 AM, Alan Buxey wrote:
Hi,
This sounds harmless for most people, I guess, or at least for us, as we
don't use Tunnel-Password. But reading CVE-2009-3111 and looking at the
patch, it seems that this can crash any server just by sending an empty
attribute. That would mean that
Source code patched.
Thanks..
The redundant sections work just fine
for normal queries to radcheck radreply. If you're doing %{...},
then the redundant sections don't apply.
Ah, now I understand. I abandoned redundant and used if/elsif instead in my
dynamic_client virtual server:
if
I've been running 2.1.6 in Production with the patch from Bug 17, for a month,
and everything has been working fine. As a reminder, this patch corrects a bug
in MS-CHAP with the calculation of the MS-CHAPv1 challenge passed to ntlm_auth.
It causes inappropriate Logon Failure errors, in
Alan DeKok wrote:
Right now, yes. In 2.1.7, you probably won't have to.
You can give the realms any name you want.
Alan DeKok.
Would that be this freeradius internal attribute?
Home-Server-Pool
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
I have the same problem: installed freeradius on Suse Linux 11.2 and got the
dialupadmin partially working, but the web-interface only shows the
dialup-admin Page with no main menu on the left side - only white. I get no
errors in the logs, but I also had to remove the two lines
#
Dear All,
I got this error in my radius server. I could not understand about this
error. Please help me to get this problem fixed.
Error:
Mon Sep 21 21:11:58 2009 : Error: rlm_sql: Failed to create the pair:
Unknown attribute h323-class
--
Best Regards,
YOUK Sokvantha
Tell: (855) 89896589
Alan thank you very much for your explanation.
Just to confirm that the following scenario cannot cause the same problem:
Client sends Access-Request and the server responds with Access-Challenge
but the response never reaches the client. The client retransmits exact same
packet again and the
Hi,
has a look at this but it's only of interest for classic MS-CHAP
activity rather than MSCHAPv2 in PEAP or TTLS - correct?
(in this case we wouldnt use this function or be able to test
this at our site...but logically it all looks sane)
a few changes though (?) - its 'delimiter', not
Joe Maimon wrote:
Would that be this freeradius internal attribute?
Home-Server-Pool
It's used to proxy requests to a home server pool, without involving
realms.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Alan Buxey wrote:
Hi,
has a look at this but it's only of interest for classic MS-CHAP
activity rather than MSCHAPv2 in PEAP or TTLS - correct?
(in this case we wouldnt use this function or be able to test
this at our site...but logically it all looks sane)
a few changes though (?) - its
Alan, Thank you for taking the time to review the patch and for your feedback.
has a look at this but it's only of interest for classic MS-CHAP
activity rather than MSCHAPv2 in PEAP or TTLS - correct?
(in this case we wouldnt use this function or be able to test
this at our site...but
Hi,
a few changes though (?) - its 'delimiter', not 'delimeter' ;-)
and...some RDEBUG2 starts with a white space and others print tight to
the line - reason for such differences?
http://www.googlefight.com/index.php?lang=en_GBword1=delimiterword2=delimeter
your point is? (I win the
Hi,
Actually, the problem definitely impacts PEAP/MSCHAPv2 (and I believe
TTLS/MSCHAPv2 also because it's an error in MS-CHAP, but we don't use TTLS so
I can't test that). (I haven't thought about it enough to know whether it
affects v1, but it definitely occurs with v2 as that's where I
hmm, okay - I'll only be able to introduce core systrems
with this patch in place after 2nd October - we currently
have a change freeze on main systems until then
That's fabulous. Thanks for your time and willingness to test.
-
List info/subscribe/unsubscribe? See
google search for 'define:delimeter'
Did you mean: define:delimiter Top 2 results shown :-)
You are clearly correct given the root of the word delimiter is delimit
(not delimet) :-)
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Alan Buxey wrote:
Hi,
a few changes though (?) - its 'delimiter', not 'delimeter' ;-)
and...some RDEBUG2 starts with a white space and others print tight to
the line - reason for such differences?
http://www.googlefight.com/index.php?lang=en_GBword1=delimiterword2=delimeter
your point
Hi,
http://www.googlefight.com/index.php?lang=en_GBword1=delimiterword2=delimeter
your point is? (I win the fight ;-) )
Oops
I (like an idiot) read you comment the wrong way around!
8-) thats okay - I've got a useful URL to settle arguments with now - thanks!
:-)
alan
-
List
21 matches
Mail list logo
