https://bugs.exim.org/show_bug.cgi?id=1850
Bug ID: 1850
Summary: "auths/call_radius.c": in switch statement "case
REJECT_RC" missing
Product: Exim
Version: 4.87
Hardware: All
OS: All
Status: NEW
Severity: bug
Priority: medium
Component: SMTP Authentication
Assignee: pdp@???
Reporter: lk@???
CC: exim-dev@???
Created attachment 896
-->
https://bugs.exim.org/attachment.cgi?id=896&action=edit
auths/call_radius.c: case REJECT_RC missing
Until now we used Exim 4.85 with own RADIUS-client (adapted from the
Merit-Software) with _own_ "auths/call_radius.c".
The "auths/call_radius.c" from the Exim distribution was not used.
All works fine (Solaris 8 and 9 ;-) ).
With the changeover to Solaris10/11 and RADIUSCLIENTNEW with
"radiusclient-ng-0.5.6" now the exim-own "auths/call_radius.c" is used.
But with the exim-own "auths/call_radius.c" a error occours:
+ positive authentication: all is OK, no problem.
+ negative authentication:
- not the correct information
535 Incorrect authentication data ........ # Code 5xx
- instead of this
435 Unable to authenticate at present (set_id=xxxxx):
RADIUS: unexpected response (2)
is reported.
Here is the reason:
The source code of "auths/call_radius.c" is wrong.
Original code:
--------------
[.......]
#ifdef RADIUS_LIB_RADIUSCLIENT
result = rc_auth(0, send, &received, msg);
#else
result = rc_auth(h, 0, send, &received, msg);
#endif
DEBUG(D_auth) debug_printf("RADIUS code returned %d\n", result);
switch (result)
{
case OK_RC:
return OK;
case ERROR_RC:
return FAIL;
case TIMEOUT_RC:
*errptr = US"RADIUS: timed out";
return ERROR;
default:
case BADRESP_RC:
*errptr = string_sprintf("RADIUS: unexpected response (%d)", result);
return ERROR;
}
[.......]
>>> In the switch statement is missing the examination of the return
>>> code REJECT_RC.
Here the corrected code:
........................
[.......]
switch (result)
{
case OK_RC:
return OK;
case REJECT_RC: // added 20.06.2016
return FAIL; // LK
case ERROR_RC:
return FAIL;
case TIMEOUT_RC:
*errptr = US"RADIUS: timed out";
return ERROR;
default:
case BADRESP_RC:
*errptr = string_sprintf("RADIUS: unexpected response (%d)", result);
return ERROR;
}
[.......]
Now all works fine.
------------------
Also the freeradius-client software (Exim 4.87 ff.) use the same modul
"call_radius.c".
And also in Exim 4.87 is missing the REJECT_RC code, so also there
the error is occoured.
>>> ALL Exim 4.xx versions has this error, incl the new 4.87.
Please correct all Exim versions.
Remark: The used RADIUS Server is Freeradius2.
Regards,
leonhard
--
You are receiving this mail because:
You are on the CC list for the bug.
