[prev in list] [next in list] [prev in thread] [next in thread]
List: freeradius-users
Subject: Re: rlm_realm - prefix auth error
From: Chris Parker <cparker () starnetusa ! net>
Date: 2003-01-31 23:08:10
[Download RAW message or body]
At 04:47 PM 1/31/2003 -0600, Chris Parker wrote:
>At 02:37 PM 1/31/2003 -0800, Nathan Miller wrote:
>>At 03:54 PM 1/28/2003 -0600, you wrote:
>>>
>>>Hmm, if there is no realm found, it should match NULL but should not
>>>match DEFAULT.
>>>
>>>Let me take a look at that now.
>>>
>>>-Chris
>>
>>
>>Chris, I am curious if you found a problem in the source or were able to
>>duplicate this issue I am having?
>
>Have duplicated it in the latest cvs. I've got a local test box that
>checks for a 'prefix' first then a 'suffix'.
>
>modcall: entering group authorize
>rlm_fastusers: checking defaults
>rlm_fastusers: user not found
> modcall[authorize]: module "banned" returns notfound
> rlm_realm: No '/' in User-Name = "cparker@foo", looking up realm NULL
> rlm_realm: Found realm DEFAULT
>
>I haven't coded a fix for it yet. I'll try and get that done and into the
>current CVS version today.
Okay, here is a patch, will put it in CVS if this works for you ( it worked
for me on my tests ):
modcall: entering group authorize
rlm_fastusers: checking defaults
rlm_fastusers: user not found
modcall[authorize]: module "banned" returns notfound
rlm_realm: No '/' in User-Name = "cparker@foo", looking up realm NULL
rlm_realm: No such realm NULL
modcall[authorize]: module "realmslash" returns noop
rlm_realm: Looking up realm foo for User-Name = "cparker@foo"
rlm_realm: Found realm DEFAULT
rlm_realm: Proxying request from user cparker to realm DEFAULT
rlm_realm: Adding Realm = "DEFAULT"
rlm_realm: Authentication realm is LOCAL.
And the patch:
Index: files.c
===================================================================
RCS file: /source/radiusd/src/main/files.c,v
retrieving revision 1.74
diff -p -r1.74 files.c
*** files.c 4 Dec 2002 15:44:40 -0000 1.74
--- files.c 31 Jan 2003 23:08:41 -0000
*************** REALM *realm_find(const char *realm, int
*** 611,616 ****
--- 611,623 ----
return NULL;
}
+ /* If we didn't find the realm 'NULL' don't return the
+ * DEFAULT entry.
+ */
+ if ((strcmp(realm, "NULL")) == 0) {
+ return NULL;
+ }
+
/*
* Didn't find anything that matched exactly, return the
* DEFAULT realm. We also return the DEFAULT realm if
--
\\\|||/// \ StarNet Inc. \ Chris Parker
\ ~ ~ / \ WX *is* Wireless! \ Director, Engineering
| @ @ | \ http://www.starnetwx.net \ (847) 963-0116
oOo---(_)---oOo--\------------------------------------------------------
\ Wholesale Internet Services - http://www.megapop.net
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic