eDir Universal password implementation.

Alan DeKok aland at deployingradius.com
Fri Dec 7 17:30:32 CET 2012


Olivier Beytrison wrote:
> On 07.12.2012 16:14, Alan DeKok wrote:
>> - I didn't make any changes to the main rlm_ldap.c file.
>>   I'm not sure I'm happy with that code.  There may be simpler ways to
>> do it.
> 
> you mean in the authorize section ? How would your rather do it ?

  Yes.  I'm not sure how else to do it.  I didn't have time to do any
in-depth review.

> I've grabbed a fresh copy. Added @edir@ in all.mk.in for rlm_ldap
> Everything compiles fine. Server starts. rlm_ldap loads correctly.

  OK, thanks.

> But The server fails to retrieve the universal password! Error code is
> -1633 (buf_overflow)
> 
> Problem comes from edir.c:220. is MAX_STRING_LEN available ? I need to
> gdb this to see the size of buffer ... but weird

  It's available in src/include/libradius.h

  So what's "bufsize" in edir.c?  Is it updated by berDecodeLoginData()?

> On my side, I've implemented post-auth. tested. works like a charm.

  Push it to your repo, and I'll take a look at it.

  Alan DeKok.


More information about the Freeradius-Devel mailing list