All password checks disabled... ugh
Stefan Winter
stefan.winter at restena.lu
Tue Apr 15 22:02:55 CEST 2014
Hi,
> Found that it is set in config. My pap module config is really minimal:
> pap {
> auto_header = no
> }
>
> It doesn't set normalise, and as per code it then defaults to "yes". So inst->normify should do its job.
>
> Which means I'm more clueless than before, if that's even possible :-(
> Use GDB and step through?
>
> It can attach to a running process, especially if you've got a panic action set :)
>
Might do. Meanwhile, one of the mini things I found while chasing ghosts
is that my "files" instance separates the username and the NT-Password
:= ABCDFOO with *spaces*, while the doc says it need to be tabs.
I see now that that requirement was also in v2 - but it worked there.
My theory is that it might have matched line 22, but not actually picked
up the password; and then by some dubious assumption concluded "nothing
to check, so Accept"?
This doesn't explain why other clients on the same virtual server do
check the NT-Password. Oh well.
Hope that's not it, but... let me know. It's going to be one of the
things to test when back in the office.
Stefan
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 901 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freeradius.org/pipermail/freeradius-devel/attachments/20140415/7546e6d9/attachment-0001.pgp>
More information about the Freeradius-Devel
mailing list