Package: libpam-radius-auth Version: 1.3.16-2 Severity: important
I'm trying to set up Radius authentication on a stock Debian Sarge installation. The PAM Radius module sends out the loopback IP address as the 'NAS IP Address' Radius Attribute. The RFC has the following to say about this attribute: This Attribute indicates the identifying IP Address of the NAS which is requesting authentication of the user, and SHOULD be unique to the NAS within the scope of the RADIUS server. So our Radius server (a vasco) responds with 'cannot lookup client details' since that 127.0.0.1 address doesn't make sense. I've tried an entire day to resolve this, passing it all sorts of parameters, but I couldn't get it to work. I was so sure that the problem was caused by sending out the loopback interface that I downloaded the src package, and hacked the pam_radius_auth.c file with the following line below line 733: ipaddr = 0x0a6401df; Yep, that's right, I just hardcoded 10.100.1.223 since that's my ip address and that's what I want the module to sent out. (I was really losing it at this time). If I had any skills at all, I'd try to be less of a brute, but I'm no developer. After this, I build the .deb package, installed it, and radius authentication works flawlessly (as long as I don't change my IP address) ; ) So, this feels like a bug to me. It shouldn't sent out the loopback address, but the correct address. Unless I'm running my Radius server on the same host, this keeps me from using radius authentication. -- System Information: Debian Release: 3.1 APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.4.27-1-386 Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1) Versions of packages libpam-radius-auth depends on: ii debconf 1.4.30.10 Debian configuration management sy ii libc6 2.3.2.ds1-18 GNU C Library: Shared libraries an ii libpam0g 0.76-22 Pluggable Authentication Modules l -- debconf information: libpam-radius-auth/fixperms: true libpam-radius-auth/permnote: false -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
