[RADIATOR] tacacs_client_identifier hook not working in 4.21
Hugh Irvine
hugh at open.com.au
Tue Oct 9 21:27:52 UTC 2018
Hello Alex -
I use this method at other sites - much easier.
regards
Hugh
> On 9 Oct 2018, at 22:39, <Alexander.Hartmaier at t-systems.com> <Alexander.Hartmaier at t-systems.com> wrote:
>
> Hi Heikki,
> I've found a workaround that I like more than using a hook: just fill the OSC-Client-Identifier attribute in the ClientListSQL query.
> Do you see any downsides of doing it this way?
>
> Thanks, Alex
>
> T-SYSTEMS AUSTRIA GESMBH
> TCO Local Network Factory
> Alexander Hartmaier
> Operation Manager Authentication
> Rennweg 97-99, A-1030 Vienna
> +43 57057 4320 (phone)
> +43 676 8642 4320 (mobile)
> E-mail: alexander.hartmaier at t-systems.com
> http://www.t-systems.at
> http://blog.t-systems.at
>
> BIG CHANGES START SMALL – CONSERVE RESOURCES BY NOT PRINTING EVERY E-MAIL.
>
> ******************************************************************
> T-Systems Austria GesmbH, Rennweg 97-99, A-1030 Vienna
> Commercial Court Vienna, FN 79340b
> **********************************************************************************
> Notice: This e-mail contains information that is confidential and may be
> privileged. If you are not the intended recipient, please notify the sender
> and then delete this e-mail immediately.
> **********************************************************************************
>
> ________________________________________
> Von: radiator <radiator-bounces at lists.open.com.au> im Auftrag von Heikki Vatiainen <hvn at open.com.au>
> Gesendet: Montag, 08. Oktober 2018 15:56
> An: radiator at lists.open.com.au
> Betreff: Re: [RADIATOR] tacacs_client_identifier hook not working in 4.21
>
> On 08/10/2018 11.49, Alexander.Hartmaier at t-systems.com wrote:
>
>> On the new servers the OSC-Client-Identifier isn't populated by the
>> PreHandlerHook named 'tacacs_client_identifier' from goodies/hooks.txt.
>
>> Please check if this is a bug, thanks!
>
> This seems to be a bug in the sample hook. Radius::Client::findAddress
> has been documented to use binary address, not string, for a long time
> but it has worked with the both. This did change in 4.21 which caused
> the hook to break.
>
> Doing this before calling findAddress should fix it and also work with
> older versions.
>
> $client_addr = Radius::Util::inet_pton($client_addr);
>
> Thanks for letting us know about this,
> Heikki
>
> --
> Heikki Vatiainen <hvn at open.com.au>
>
> Radiator: the most portable, flexible and configurable RADIUS server
> anywhere. SQL, proxy, DBM, files, LDAP, TACACS+, PAM, Active Directory,
> EAP, TLS, TTLS, PEAP, WiMAX, RSA, Vasco, Yubikey, HOTP, TOTP,
> DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, etc.
> _______________________________________________
> radiator mailing list
> radiator at lists.open.com.au
> https://lists.open.com.au/mailman/listinfo/radiator
> _______________________________________________
> radiator mailing list
> radiator at lists.open.com.au
> https://lists.open.com.au/mailman/listinfo/radiator
--
Hugh Irvine
hugh at open.com.au
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER, SIM, etc.
Full source on Unix, Linux, Windows, macOS, Solaris, VMS, NetWare etc.
More information about the radiator
mailing list