Hi,
got cvs tree today.
The read_groups configuration check is not included in rlm_sql.c for
some reason.
Adding:
{read_groups, PW_TYPE_BOOLEAN,
offsetof(SQL_CONFIG,read_groups), NULL, yes},
into
static const CONF_PARSER module_config[] = {
..
} helped a lot.
Now my config
Gurus,
may be i'm pulling some common mistake with my configuration being
tested against cvs snapshot, but no idea which one.
I've an sql profile telling:
some.dotted.user Cleartext-Password = cisco
NAS-IP-Address =~ xxx.xxx.97.(85|86)
authentication request:
Alexander Serkin wrote:
Gurus,
may be i'm pulling some common mistake with my configuration being
tested against cvs snapshot, but no idea which one.
I've an sql profile telling:
some.dotted.user Cleartext-Password = cisco
NAS-IP-Address =~ xxx.xxx.97.(85|86)
Hmm I don't
Arran Cudbard-Bell wrote:
Alexander Serkin wrote:
Gurus,
may be i'm pulling some common mistake with my configuration being
tested against cvs snapshot, but no idea which one.
I've an sql profile telling:
some.dotted.user Cleartext-Password = cisco
NAS-IP-Address =~
Arran Cudbard-Bell wrote:
Hmm I don't know how Cleartext-Password is mapped, always thought it was
a legacy attribute.
No. It's new in 1.1.4 following. See man rlm_pap.
Try User-Password ? Also it's == not = for check items .
No. Use Cleartext-Password, and :=.
Also check that
Hi Alexander,
On Thu, Apr 12, 2007 at 02:52:49PM +0400, Alexander Serkin wrote:
Doesn't matter, Arran. Tried User-Password and '==' with the same
result: module sqlauth returns ok but then:
rad_check_password: Found Auth-Type Local
auth: type Local
auth: No password configured for the
Alan DeKok wrote:
Arran Cudbard-Bell wrote:
Hmm I don't know how Cleartext-Password is mapped, always thought it was
a legacy attribute.
No. It's new in 1.1.4 following. See man rlm_pap.
Try User-Password ? Also it's == not = for check items .
No. Use Cleartext-Password, and
Milan Holub wrote:
Hi Alexander,
On Thu, Apr 12, 2007 at 02:52:49PM +0400, Alexander Serkin wrote:
Doesn't matter, Arran. Tried User-Password and '==' with the same
result: module sqlauth returns ok but then:
rad_check_password: Found Auth-Type Local
auth: type Local
auth: No
Arran Cudbard-Bell wrote:
What was Cleartext-Password introduced for ?
Because putting User-Password in the users file was wrong.
User-Password is an attribute that goes in an Access-Request.
Cleartext-Password does not go in any packet. Instead, is an internal
server configuration, that
Alexander Serkin wrote:
yes i did. In users file:
users: Matched entry DEFAULT at line 106:
DEFAULTHuntgroup-Name == MSK, Realm == NULL, Auth-Type
:= Local
Don't set Auth-Type. It's wrong, and it's breaking the server.
DO tell the server what the users known
Alexander Serkin wrote:
Gurus,
may be i'm pulling some common mistake with my configuration being
tested against cvs snapshot, but no idea which one.
I've an sql profile telling:
some.dotted.user Cleartext-Password = cisco
NAS-IP-Address =~ xxx.xxx.97.(85|86)
The problem
Alexander Serkin wrote:
The problem is that regular expression check of
NAS-IP-Address =~ xxx.xxx.97.(85|86)
does not work.
In the CVS head?
What has changed since 1.1.5?
The CVS head is massively re-written.
Alan DeKok.
--
http://deployingradius.com - The web site of the
Alan DeKok wrote:
Alexander Serkin wrote:
The problem is that regular expression check of
NAS-IP-Address =~ xxx.xxx.97.(85|86)
does not work.
In the CVS head?
Yes i played with CVS head today.
Checked huge amount of regexp variants - none worked.
--
Sincerely Yours,
Alexander
-
List
Alexander Serkin wrote:
Alan DeKok wrote:
Alexander Serkin wrote:
The problem is that regular expression check of
NAS-IP-Address =~ xxx.xxx.97.(85|86)
does not work.
In the CVS head?
Yes i played with CVS head today.
Checked huge amount of regexp variants - none worked.
Yep can
Arran Cudbard-Bell wrote:
Seems only to be broken for ipaddr attributes.
Still works with string attributes
OK, that helps.
I did some profiling a while ago, and noticed that the server was
printing IP addresses to strings all the time... even when they weren't
used. The result was
15 matches
Mail list logo
