Re: [Help-gnu-radius] Setup/config problem

help-gnu-radius

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Help-gnu-radius] Setup/config problem - CLID unknown]

From:	Catherine Button
Subject:	Re: [Help-gnu-radius] Setup/config problem - CLID unknown]
Date:	Tue, 12 Nov 2002 15:19:50 -0500
User-agent:	Mozilla/5.0 (X11; U; SunOS sun4u; en-US; rv:1.0.1) Gecko/20020920 Netscape/7.0

WOOHOO!

Thanks, that worked! The patch looked obvious so I didn't take the time
to build the gnu version of patch to patch the source file (my lazy)...
but now I get a good test:

 ># /usr/local/sbin/radauth -v -spav22:pavcal:1812 test01 guessme
server 150.169.164.22:1812
send code 1 (RT_AUTHENTICATION_REQUEST)
       send: User-Name = test01
       send: Password = guessme
       send: NAS-Port-Id = 0
recv code 2 (RT_AUTHENTICATION_ACK)
       recv: Service-Type = Authenticate-Only
expect 2
got    2
PASS


Thanks Sergey.
cathy

Sergey Poznyakoff wrote:
>>Nov 08 11:24:04: Auth.notice: Login rejected: [test01]: Authenticate
>>only user: CLID unknown (from nas pav22)
>>
>>Its a cinch that the documentation is not making any sense to me.
>
>
> Its my fault, I should have mentioned it :^) Historically, GNU radius
> handles Authenticate-Only service type in a bit differrent way than
> other implementations do. Namely, in order for such user to be
> authenticated radiusd requires that the incoming request contain
> Service-Type=Authenticate-Only pair. This is a leftover from the early
> versions and it should disappear in the next release. In the
> meanwhile, the attached patch disables this feature.
>
> Regards,
> Sergey
>
>
>
> ------------------------------------------------------------------------
>
> Index: radiusd/auth.c

> diff -pur orig/gnu-radius-0.96.4/radiusd/auth.cgnu-radius-0.96.4/radiusd/auth.c

> --- orig/gnu-radius-0.96.4/radiusd/auth.c  Tue Sep 24 22:26:25 2002
> +++ gnu-radius-0.96.4/radiusd/auth.c       Tue Nov 12 11:45:51 2002
> @@ -1049,12 +1049,7 @@ void
>  sfn_service_type(m)
>    AUTH_MACH *m;
>  {
> -  if (m->check_pair->lvalue == DV_SERVICE_TYPE_AUTHENTICATE_ONLY) {
> -          auth_log(m, _("Login rejected"), NULL,
> -                   _("Authenticate only user"), NULL);
> -          auth_format_msg(m, MSG_ACCESS_DENIED);
> -          newstate(as_reject);
> -  }
> +  /* nothing */
>  }
>
>  void


--
#-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-#
My words are mine, and don't reflect the views of my employer.
Catherine Button    Network Administrator    address@hidden
          Phone: 609-518-3700 x4444          Fax: 609-518-3720

 "When I drop in my tracks, I want the body to skid for a week."
  address@hidden           http://www.gixxergirl.org/
#-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-#

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [Help-gnu-radius] Setup/config problem - CLID unknown], Catherine Button <=

Prev by Date: Re: [Help-gnu-radius] Acct-Session-Time
Next by Date: [Help-gnu-radius] file "users" configure
Previous by thread: [Help-gnu-radius] Acct-Session-Time
Next by thread: [Help-gnu-radius] file "users" configure
Index(es):
- Date
- Thread