ldap_pairget fix (was: Release 1.1.0 this week?)

Markus Krause krause at biochem.mpg.de
Tue Jan 10 20:51:09 CET 2006 

Zitat von Nicolas Baradakis <nbk at sitadelle.com>:

> Markus Krause wrote:
>
> > so here is what i did and what happend (on a current debian sarge linux,
> suse
> > seems to be missing some packages):
> > [...]
>
> Very well, everything seems fine.
>
> > now the entry of a ldap user (as ldif):
> > # testuser2, People, mogli.de
> > dn: uid=testuser2,ou=People,dc=mogli,dc=de
> > [...]
> > radiusReplyItem: Reply-Message := foo bar
> > radiusReplyItem: Reply-Message += This_is_a_Reply
> > radiusReplyItem: Reply-Message += This is another Reply with spaces
> > radiusReplyItem: Reply-Message += This_is_yet_another_Reply_without_spaces
>
> It's my mistake, but there is two methods to define attributes into
> the LDAP directory: generic attribute and mapped attribute. I'd like
> you to test with one-to-one-mapped attributes, sorry.
well, no problem!

> I also noticed that Reply-Message isn't in RADIUS-LDAPv3.schema,
that's why i used readiusReplyItem, i thought that is what this item is for (if
there is no such ldap attribute)

> so we need an other attribute of type string for the tests.
> Could you please modify your LDAP entry like that?
>
> # testuser2, People, mogli.de
> dn: uid=testuser2,ou=People,dc=mogli,dc=de
> [...]
> radiusFilterId: foo bar
> radiusFilterId: += foo_bar
>
> Please run radtest or radclient again, and let me know the result.
radiusFilterId is a single-value entry:
++++ (part) RADIUS-LDAPv3.schema
attributetype
   ( 1.3.6.1.4.1.3317.4.3.1.9
      NAME 'radiusFilterId'
      DESC ''
      EQUALITY caseIgnoreIA5Match
      SYNTAX 1.3.6.1.4.1.1466.115.121.1.26
      SINGLE-VALUE
   )
-----

so i used two different users:
testuser3:
 radiusFilterId: foo bar

testuser4:
 radiusFilterId: foo_bar

radtest says:

atlas:~# radtest testuser3 secret localhost 0 testing123
Sending Access-Request of id 53 to 127.0.0.1 port 1812
        User-Name = "testuser3"
        User-Password = "secret"
        NAS-IP-Address = 255.255.255.255
        NAS-Port = 0
rad_recv: Access-Accept packet from host 127.0.0.1:1812, id=53, length=29
        Filter-Id = "foo bar"
atlas:~# radtest testuser3 secret localhost 0 testing123
Sending Access-Request of id 53 to 127.0.0.1 port 1812
        User-Name = "testuser3"
        User-Password = "secret"
        NAS-IP-Address = 255.255.255.255
        NAS-Port = 0
rad_recv: Access-Accept packet from host 127.0.0.1:1812, id=53, length=29
        Filter-Id = "foo bar"

so it looks good for the attribute "Filter-Id"/"radiusFilterID"!

> Thanks for your help.
well, you (and alan and others) do so much great work, i am really glad to be of
some help!

let me know if i can do some more testing!

regards
  markus

--
Markus Krause                           email: krause at biochem.mpg.de
Computing Center                        Tel.: 089 - 89 40 85 99
Group Lottspeich / Proteomics           Fax.: 089 - 89 40 85 98

---------------------------------------------------------------------
     This message was sent using https://webmail.biochem.mpg.de
If you encounter any problems please report to rz-linux at biochem.mpg.de

More information about the Freeradius-Devel mailing list