[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#4542) [contrib] RADIUS hash scheme support

Full_Name: Pierangelo Masarati
Version: HEAD
OS: irrelevant?
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (
Submitted by: ando

I've committed to contrib/slapd-modules/passwd/radius.c a contribution that
implements the {RADIUS} hash scheme; users whose entry contains a userPassword
prefixed with "{RADIUS}" are authc'd using radius, where the value of
userPassword is used as RAD_USER_NAME.

For example:

dn: uid=user,ou=people,dc=example,dc=com
objectClass: inetOrgPerson
cn: User Name
sn: Name
uid: user
userPassword: {RADIUS}raduser

when binding as -D "uid=user,ou=people,dc=example,dc=com" -w "radsecret"
authenticate using radius, where "raduser" is used for RAD_USER_NAME and
"radsecret" for RAD_USER_PASSWORD.

The module is loaded as

moduleload <modulename> [config=/path/to/radius.conf]

This contribution is experimental, and essentially untested.  Please test,
comment and report thru the ITS.