Re: [Exim] radius auth problem

Pàgina inicial
Aquest missatge és part del següent fil:
Ml'arbre de fils complet ordenat per data
MRoman Dilken en <-
 
Delete this message
Reply to this message
Autor: John Jetmore
Data:  
A: Roman Dilken
CC: exim-users
Assumpte: Re: [Exim] radius auth problem
On Thu, 24 Jul 2003, Roman Dilken wrote:

> radius_auth_plain:
> driver = plaintext
> public_name = PLAIN
> server_prompts = :
> server_condition = ${if radius{$1:$2}{yes}{no}}
> server_set_id = $1

Well, the tcpdump below looks very odd - it looks like it's passing in the
entire auth string in $1, which makes me wonder if you are actually
encoding null characters in your auth string or literally using the two
characters '\' and '0' to delimit your fields. You should confirm that
you are passing things in the right way.

Once you get that done, in the PLAIN authenticator, use $2 where you were
using $1 and use $3 where you were using $2 (but don't so this in the
LOGIN authenticator). The reason for doing this is well documented.

The third observation is I'm not sure if you need that server_prompts
entry above. I went and looked at my working radius authenticator and it
did not have that option. I'm not sure having it there breaks anything,
but it worked for me without, so you might try that too.

--John

> radius_auth_login:
> driver = plaintext
> public_name = LOGIN
> server_prompts = Username:: : Password::
> server_condition = ${if radius{$1:$2}{yes}{no}}
> server_set_id = $1
>
> And here the tcpdump that I get about exim talking to radius:
> (mechanism auth plain)
>
> 17:14:26.851306 zoidberg.futurama.student.uni-augsburg.de.1108 >
> dill.rz.uni-augsburg.de.datametrics: rad-access-req 63 [id 213] Attr[
> User{\0user\0password} Pass Service_type{Authenticate Only} [|radius] (DF)
> 17:14:36.847697 zoidberg.futurama.student.uni-augsburg.de.1108 >
> dill.rz.uni-augsburg.de.datametrics: rad-access-req 63 [id 213] Attr[
> User{\0user\0password} Pass Service_type{Authenticate Only} [|radius] (DF)
> 17:14:46.847693 zoidberg.futurama.student.uni-augsburg.de.1108 >
> dill.rz.uni-augsburg.de.datametrics: rad-access-req 63 [id 213] Attr[
> User{\0user\0password} Pass Service_type{Authenticate Only} [|radius] (DF)
>
> As you see the hole string is expanded into the User-field and there is no
> reply from the radius-server because of the wrong username.
> It seems for me that exim should pass the password to the Pass-Field...
>
> Please give me some help.
>
> Thank you,
>
> Roman Dilken, University Augsburg, Germany
>
> --
>
> ## List details at http://www.exim.org/mailman/listinfo/exim-users Exim details at http://www.exim.org/ ##
>
>
>



Aquest missatge es va enviar a les següents llistes de correu:
Exim-users
Informació sobre la llista de correu | Missatges propers		<-Re: [Exim] address_data lost if deferredRe: [Exim] bydns_mx (again!) and mbx format questions->
Tahini and Hummus and Cumin Development Archives administrat per cumin AdminsLurker (versió 2.3)