PAP password

[Doug Hardie]

On 12 May 2009, at 13:29, Doug Hardie wrote:

> V 2.1.5.  I am having a problem with PAP not using the proper user  
> id.  IF the user id is just a plain
> <user_id> then it works properly.  However, I have some realms setup  
> that have prefixes and suffixes e.g., DUB+<user_id>@lafn.  PAP is  
> trying to find the user_id DUB+<user_id>@lafn rather than the  
> stripped user id <user_id> and hence it doesn't find a password for  
> the user.  Everything works just fine if I add Auth-Type := Accept  
> to the users file, but thats not a great way to run a railroad.   
> Obviously I missed something.
>
> hints has:
>
> DEFAULT Prefix == "DUB+", Suffix == "@lafn", Strip-User-Name = Yes
>        Hint = "SlipStream"
>
>
> What have I missed?

I seem to have reached a dead end with this.  Version 1.x would strip  
both the prefix and the suffix in Stripped-User-Name and then use that  
to find the password.  Version 2.x will strip one or the other, but  
not both.  From what I can see in presufcmp there appears to be no  
easy way to get it to strip both.  I have tried a number of kludges in  
hints to try and get that done.  None seem to work.  I am having to  
run a production server with Auth-Type := Accept to keep things up and  
running, but this is not really acceptable.

One kludge that appears might work is in paircmp.c at line 142 add:

	for (len=0; len<strlen(rest); len++)
		if (rest[len] == '\@') rest[len] = '\0';

I believe that would work since when both a prefix and suffix are  
present the prefix is removed and the suffix remains.  All my suffixes  
have a @.