2.0.4 occasionally loses User-Password attribute?

Alan DeKok aland at deployingradius.com
Wed May 28 19:05:12 CEST 2008

Stefan Winter wrote:
> Funny enough, our own Nagios suffers from the exact same (noticed that
> just a few minutes later as our migration went on). That config is even
> simpler. It seems like a stanza like:
> update control {
>     Cleartext-Password := "something"
> }
> is enough to erase the User-Password from the server's request list.

  No... the password is cached in request->password, in *addition* to
being in the request list.  If that pointer gets mangled, then a module
will think that the password doesn't exist, even though it does.

  This *should* have been fixed in 2.0.4.  But the underlying solution
is to get rid of request->password altogether.

  Alan DeKok.

More information about the Freeradius-Users mailing list