Last call for 3.0.8
Sam Hartman
hartmans at mit.edu
Tue Mar 31 19:36:48 CEST 2015
Stefan has just noticed that the trustrouter code fails kind of
spectacularly if
you don't have a trustrouter configured.
My recommendation is that if trustrouter is null/empty string/the string
"none" (set in rlm_realm.c as the default) that tr_query_realm should
return NULL.
Here's a patch I've confirmed compiles but have not tested.
I'm unfortunately in the middle of something else and it'll be a bit
before I can test.
Stefan, can you confirm that this helps your problem and especially that
it doesn't break trustrouter usage?
diff --git a/src/modules/rlm_realm/trustrouter.c b/src/modules/rlm_realm/trustrouter.c
index 338f497..47ed024 100644
--- a/src/modules/rlm_realm/trustrouter.c
+++ b/src/modules/rlm_realm/trustrouter.c
@@ -355,6 +355,9 @@ REALM *tr_query_realm(REQUEST *request, char const *realm,
struct resp_opaque cookie;
if (!realm) return NULL;
+ if (!trustrouter || (strcmp(trustrouter, "none") == 0))
+ return NULL;
+
/* clear the cookie structure */
memset (&cookie, 0, sizeof(cookie));
More information about the Freeradius-Devel
mailing list