UserDN escape problem and Group membership checking in 3.0.3

Winders, Timothy A twinders at southplainscollege.edu
Wed Nov 19 20:45:43 CET 2014


On 11/19/14, 1:35 PM, "Arran Cudbard-Bell" <a.cudbardb at freeradius.org>
wrote:


>
>> On 19 Nov 2014, at 13:17, Winders, Timothy A
>><twinders at southplainscollege.edu> wrote:
>> 
>> I have FreeRadius 3.0.3 installed on Ubuntu 14.0.4 (free radius
>> 3.0.3-ppa1~trustry package)
>> 
>> I have everything setup with Active Directory for user authentication.
>> This is working correctly, but I am having a problem with Active
>>Directory
>> group membership checking. It appears the problem is with the way
>> FreeRadius escapes the UserDN when doing the query.
>
>Yeah pairparsevalue was molesting the DN string before writing it to the
>DN attribute.
>
>It shouldn't really have been de-escaping \, as it's not something we
>escape normally, and the LDAP code shouldn't of been calling a function
>that used pairparsevalue anyway.
>
>So i've fixed both those issues. The fix will go in 3.0.5 which'll be
>released very soon. If you could build from v3.0.x HEAD and check it's
>resolved, that'd be helpful.


Always nice to know I¹ve reported a bug and not just a dumb-ass move!

I¹ll dig through the docs to see if I can figure out how to checkout the
3.0.x HEAD branch and build from source.  I have the packages installed
now, so it might take me a bit to figure it all outŠ

Thanks!

-- 
Tim Winders

Associate Dean of Information Technology
South Plains College
(806) 716-2369

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5856 bytes
Desc: not available
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20141119/9b004bda/attachment.bin>


More information about the Freeradius-Users mailing list