(RADIATOR) Patch: Monitor AuthBy PAM terminates radiusd

Hugh Irvine hugh at open.com.au
Wed Sep 1 17:56:17 CDT 2004 

Hello Carl -

Many thanks for your assistance.

We'll have a patch out shortly.

regards

Hugh


On 2 Sep 2004, at 08:45, Carl Litt wrote:

> Hello,
>
> I would like to submit a patch for a fatal bug I found in Radiator 3.9.
>
> I was trying to use AuthBy PAM in the <Monitor> clause, but when I 
> tried to log into the monitor interface radiusd died with:
>
> Can't call method "logPassword" on an undefined value at 
> /usr/lib/perl5/site_perl/Radius/AuthPAM.pm line 152.
>
> The code at this location is trying to call the logPassword method on 
> $p->{Handler}, however since this request came from the Monitor and 
> not a Realm/Handler clause there is no ->{Handler}.
>
> There are several other AuthBy modules I can see which might fail in 
> the same way when used in <Monitor>.  Specifically:
>
> AuthADSI.pm
> AuthIMAP.pm
> AuthNT.pm
> AuthOPIE.pm
> AuthOTP.pm
> AuthPOP3.pm
> AuthTACACSPLUS.pm
> AuthURL.pm
>
>
> A more appropriate fix would be to fake a ->{Handler} on 
> authentication requests  generated by <Monitor>.
>
> Carl Litt
> Network Administrator
> Execulink Internet
> --- Radius/AuthPAM.pm.dist	Fri Nov 29 01:10:17 2002
> +++ Radius/AuthPAM.pm	Wed Sep  1 18:38:15 2004
> @@ -149,12 +149,12 @@
>  	    return $self->checkAttributes($extra_checks, $p)
>  		if $extra_checks;
>  	
> -	    $p->{Handler}->logPassword($user_name, $password, 'PAM', 0, $p);
> +	    $p->{Handler}->logPassword($user_name, $password, 'PAM', 0, $p) 
> if $p->{Handler};
>  	    $result = $main::ACCEPT;
>  	}
>  	else
>  	{     	
> -	    $p->{Handler}->logPassword($user_name, $password, 'PAM', 0, $p);
> +	    $p->{Handler}->logPassword($user_name, $password, 'PAM', 0, $p) 
> if $p->{Handler};
>  	    $result = $main::REJECT;
>  	    $reason = $pamh->pam_strerror($res) . ': ' . $last_message;
>  	    # Forget about that request;
> <carl.vcf>

NB: have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.

--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list