Full_Name: Jetasik Anantakunupakorn Version: 2.4.32 OS: FreeBSD 9.0-RELEASE amd64 URL: http://www.openldap.org/lists/openldap-technical/201208/msg00172.html Submission from: (NULL) (58.11.65.20) Pass-through radius authentication in contrib's passwd module(radius.c) does not include either a NAS-IP or a NAS-Identifier, according to radius RFC 2865 one of these attributes is mandatory in the access request. The thing is that the previous version of Radius RFC standard(RFC 2138) specified that the access request "SHOULD" contain either a NAS-IP or a NAS-Identifier but the current version use "MUST" instead.
jet@transniaga.co.th wrote: > Full_Name: Jetasik Anantakunupakorn > Version: 2.4.32 > OS: FreeBSD 9.0-RELEASE amd64 > URL: http://www.openldap.org/lists/openldap-technical/201208/msg00172.html > Submission from: (NULL) (58.11.65.20) > > > Pass-through radius authentication in contrib's passwd module(radius.c) does not > include either a NAS-IP or a NAS-Identifier, according to radius RFC 2865 one of > these attributes is mandatory in the access request. > > The thing is that the previous version of Radius RFC standard(RFC 2138) > specified that the access request "SHOULD" contain either a NAS-IP or a > NAS-Identifier but the current version use "MUST" instead. > A patch for this is now in git master, please test. -- -- Howard Chu CTO, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/
changed notes changed state Open to Test moved from Incoming to Contrib
Howard Chu wrote: > > jet@transniaga.co.th wrote: > > Full_Name: Jetasik Anantakunupakorn > > Version: 2.4.32 > > OS: FreeBSD 9.0-RELEASE amd64 > > URL: > > http://www.openldap.org/lists/openldap-technical/201208/msg00172.html > > Submission from: (NULL) (58.11.65.20) > > > > > > Pass-through radius authentication in contrib's passwd > > module(radius.c) does not include either a NAS-IP or a NAS-Identifier, > > according to radius RFC 2865 one of these attributes is mandatory in the > access request. > > > > The thing is that the previous version of Radius RFC standard(RFC > > 2138) specified that the access request "SHOULD" contain either a > > NAS-IP or a NAS-Identifier but the current version use "MUST" instead. > > > A patch for this is now in git master, please test. > Awesome!Thanks a lot. Properly tested with no error. -- JET JETASIK
changed notes changed state Test to Closed
fixed in master fixed in RE24