2.0.4 occasionally loses User-Password attribute?
Alan DeKok
aland at deployingradius.com
Wed May 28 19:05:12 CEST 2008
Stefan Winter wrote:
> Funny enough, our own Nagios suffers from the exact same (noticed that
> just a few minutes later as our migration went on). That config is even
> simpler. It seems like a stanza like:
>
> update control {
> Cleartext-Password := "something"
> }
>
> is enough to erase the User-Password from the server's request list.
No... the password is cached in request->password, in *addition* to
being in the request list. If that pointer gets mangled, then a module
will think that the password doesn't exist, even though it does.
This *should* have been fixed in 2.0.4. But the underlying solution
is to get rid of request->password altogether.
Alan DeKok.
More information about the Freeradius-Users
mailing list