yet ANOTHER EAP-TTLS/PAP with OpenLDAP problem ...
Phil Mayers
p.mayers at imperial.ac.uk
Sat Mar 29 14:52:25 CET 2008
>>
>> Somebody please tell me where I should be looking to make this work
>> correctly.
>
> It doesn't work because the PAP module isn't doing anything. The PAP
> module *should* be taking the crypt'd password, and doing something
> useful with it. (See "man rlm_pap")
I don't have a copy of 2.0.3 handy, but this looks like a bug to me at
~line 383 of rlm_pap.c:
case PW_PROXY_TO_REALM:
{
REALM *realm = realm_find(vp->vp_strvalue);
if (realm && !realm->auth_pool) {
return RLM_MODULE_NOOP;
}
break;
}
Shouldn't that be:
if (realm && realm->auth_pool)
i.e. if the realm is known/real *and* has servers i.e. isn't local, then
no-op?
More information about the Freeradius-Users
mailing list