Hi,
when using RADIUS, the NT domains should not be stripped from the
username. When a base object is instantiated based on an auth object,
the "strip_nt_domain" variable is always enforced to zero in case of
using RADIUS. The auth object itself though has it set to one by
default.
Now on configuration reload in npppd_auth_reload(), the value is copied
from the corresponding auth object to the base object.
base->strip_nt_domain = auth->strip_nt_domain;
Unfortunately in the case of RADIUS, this means that the RADIUS base
object gets overridden. So in that case reset it to zero like it's
done in npppd_auth_create().
ok?
Patrick
diff --git a/usr.sbin/npppd/npppd/npppd_auth.c
b/usr.sbin/npppd/npppd/npppd_auth.c
index 101f8cc9a7f..4db88f05e25 100644
--- a/usr.sbin/npppd/npppd/npppd_auth.c
+++ b/usr.sbin/npppd/npppd/npppd_auth.c
@@ -212,6 +212,7 @@ npppd_auth_reload(npppd_auth_base *base)
switch (base->type) {
#ifdef USE_NPPPD_RADIUS
case NPPPD_AUTH_TYPE_RADIUS:
+ base->strip_nt_domain = 0;
if (npppd_auth_radius_reload(base, auth) != 0)
goto fail;
break;
