- Package:
- openvpn-auth-radius
- Source:
- openvpn-auth-radius
- Description:
- OpenVPN RADIUS authentication module
- Submitter:
- nest1ing
- Date:
- 2014-12-18 09:27:05 UTC
- Severity:
- wishlist
Dear Maintainer,
In our system radius return routes like '10.128.0.0/24'.
This response was prepared several VPN servers than should to register at this route
and connected party should be the gateway.
I fix the source than if worked correctly for me.
Perhaps it is deemed right in principle.
--- UserAcct.cpp.old 2014-12-16 13:20:37.699467727 +0300
+++ UserAcct.cpp 2014-12-16 13:30:57.367678753 +0300
@@ -699,7 +699,11 @@
strncat(routestring, "/" ,1);
strncat(routestring, framednetmask_cidr, 2);
strncat(routestring, " gw ", 4);
- strncat(routestring, framedgw, 16);
+ if (framedgw[0] != '\0')
+ strncat(routestring, framedgw, 16);
+ else
+ strncat(routestring, this->getFramedIp().c_str(), this->getFramedIp().size());
+
if (framedmetric[0]!='\0')
{
strncat(routestring, " metric ", 8);
@@ -853,7 +857,11 @@
strncat(routestring, "/" ,1);
strncat(routestring, framednetmask_cidr, 2);
strncat(routestring, " gw ", 4);
- strncat(routestring, framedgw, 16);
+ if (framedgw[0] != '\0')
+ strncat(routestring, framedgw, 16);
+ else
+ strncat(routestring, this->getFramedIp().c_str(), this->getFramedIp().size());
+
if (framedmetric[0]!='\0')
{
strncat(routestring, " metric ", 8);
Hello! Can you please be more verbosive? Which Radius Attribute are you referring to? Do you have a example config of your Radius Server, where you set the attribute. Can you please provide the resulting route string with and without your patch including logfiles? Greetings Torge
Hello! Can you please be more verbosive? Which Radius Attribute are you referring to? Do you have a example config of your Radius Server, where you set the attribute. Can you please provide the resulting route string with and without your patch including logfiles? Greetings Torge
2014-12-16 14:51 GMT+03:00 Dr. Torge Szczepanek <debian@cygnusnetworks.de>: Hello like this: Framed-Route = 10.128.0.0/24 Logs without my patch: Mon Dec 15 17:59:03 2014 RADIUS-PLUGIN: BACKGROUND ACCT: Get a command. Mon Dec 15 17:59:03 2014 RADIUS-PLUGIN: BACKGROUND ACCT: New User. Mon Dec 15 17:59:03 2014 RADIUS-PLUGIN: BACKGROUND ACCT: New user acct: username: 2, interval: 0, calling station: XX.XX.XX.XX, commonname: 2, framed ip: 172.122.0.2. Mon Dec 15 17:59:03 2014 RADIUS-PLUGIN: BACKGROUND-ACCT: Get ACCOUNTING_RESPONSE-Packet. Mon Dec 15 17:59:03 2014 RADIUS-PLUGIN: BACKGROUND ACCT: Start packet was send. Mon Dec 15 17:59:03 2014 RADIUS-PLUGIN: BACKGROUND ACCT: User was added to accounting scheduler. Mon Dec 15 17:59:03 2014 RADIUS-PLUGIN: BACKGROUND-ACCT: Create route string route add -net 10.128.0.0/24 gw 2> /dev/null. Mon Dec 15 17:59:03 2014 RADIUS-PLUGIN: BACKGROUND-ACCT: Route route add -net 10.128.0.0/24 gw 2> /dev/null could not set. Route already set or bad route string. Mon Dec 15 17:59:03 2014 RADIUS-PLUGIN: FOREGROUND: Accouting succeeded! Logs with my patch: Tue Dec 16 15:00:47 2014 RADIUS-PLUGIN: BACKGROUND ACCT: Get a command. Tue Dec 16 15:00:47 2014 RADIUS-PLUGIN: BACKGROUND ACCT: New User. Tue Dec 16 15:00:47 2014 RADIUS-PLUGIN: BACKGROUND ACCT: New user acct: username: 2, interval: 0, calling station: XX.XX.XX.XX, commonname: 2, framed ip: 172.121.0.2. Tue Dec 16 15:00:47 2014 RADIUS-PLUGIN: BACKGROUND-ACCT: Get ACCOUNTING_RESPONSE-Packet. Tue Dec 16 15:00:47 2014 RADIUS-PLUGIN: BACKGROUND ACCT: Start packet was send. Tue Dec 16 15:00:47 2014 RADIUS-PLUGIN: BACKGROUND ACCT: User was added to accounting scheduler. Tue Dec 16 15:00:47 2014 RADIUS-PLUGIN: BACKGROUND-ACCT: Create route string route add -net 10.128.0.0/24 gw 172.121.0.2 2> /dev/null. Tue Dec 16 15:00:47 2014 RADIUS-PLUGIN: BACKGROUND-ACCT: Add route to system routing table. Tue Dec 16 15:00:47 2014 RADIUS-PLUGIN: FOREGROUND: Accouting succeeded!
Forward due to missing CC
2014-12-16 18:11 GMT+03:00 nestling <shurik.f@gmail.com>: I fixed my patch. It now corresponds to the RFC, and also allows specify the route without gateway.
Hello! Ok, great. I will take a look at this after my vacation mid of January. Greetings Torge