[ previous ] [ next ] [ threads ]
 
 From:  "Jonathan De Graeve" <Jonathan dot De dot Graeve at imelda dot be>
 To:  "Manuel Kasper" <mk at neon1 dot net>
 Cc:  <m0n0wall dash dev at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall-dev] RE: [m0n0wall] 1Minute reauthentication broke in 1.2 (also in 1.2b10)
 Date:  Tue, 11 Oct 2005 17:18:02 +0200
FIXED:

/etc/inc/captiveportal.inc:
                        /* check this user against RADIUS again */
-                       $auth_val = RADIUS_AUTHENTICATION($cpdb[$i][4],
+                       $auth_list = RADIUS_AUTHENTICATION($cpdb[$i][4],
 
base64_decode($cpdb[$i][6]),
-
$radiusservers[0]['ipaddr'],
-
$radiusservers[0]['port'],
-
$radiusservers[0]['key']);
+
$radiusservers);

-                       if ($auth_val == 3) {
+                       if ($auth_list['auth_val'] == 3) {
                                captiveportal_disconnect($cpdb[$i],
$radiusservers);
 
captiveportal_logportalauth($cpdb[$i][4], $cpdb[$i][3], $cpdb[$i][2],
"RADIUS_DISCONNECT");
                                unset($cpdb[$i]);
~

I didn't retrieve direct $auth_val === 3 since I switched to array
instead of int

J.

-- 
Jonathan De Graeve
Network/System Administrator
Imelda vzw
Informatica Dienst
015/50.52.98
jonathan dot de dot graeve at imelda dot be

---------
Always read the manual for the correct way to do things because the
number of incorrect ways to do things is almost infinite
---------

-----Oorspronkelijk bericht-----
Van: Jonathan De Graeve [mailto:Jonathan dot De dot Graeve at imelda dot be] 
Verzonden: dinsdag 11 oktober 2005 13:46
Aan: Manuel Kasper
CC: m0n0wall dash dev at lists dot m0n0 dot ch
Onderwerp: [m0n0wall-dev] RE: [m0n0wall] 1Minute reauthentication broke
in 1.2 (also in 1.2b10)

I solved the problem myself.

I proxied the requests from one radius server to another radius server.

The current code doesn't handle a reject_delay > 0 (I had configured
with a value of 1second) in freeradius config well.

The delay was too big to handle the request immediately from within
M0n0wall

J.


-- 
Jonathan De Graeve
Network/System Administrator
Imelda vzw
Informatica Dienst
015/50.52.98
jonathan dot de dot graeve at imelda dot be

---------
Always read the manual for the correct way to do things because the
number of incorrect ways to do things is almost infinite
---------

-----Oorspronkelijk bericht-----
Van: Manuel Kasper [mailto:mk at neon1 dot net] 
Verzonden: dinsdag 11 oktober 2005 10:55
Aan: Jonathan De Graeve
CC: m0n0wall dash dev at lists dot m0n0 dot ch
Onderwerp: RE: [m0n0wall] 1Minute reauthentication broke in 1.2 (also in
1.2b10)

On 11.10.05 10:39 +0200, Jonathan De Graeve wrote:

> Tue Oct 11 10:33:32 2005 : Auth: Login incorrect (Home Server says
> so): [jonathan/pass] (from client hotspot-2 port 0)
> 
> From captive portal log:
> Oct 11 10:33:32 RADIUS_DISCONNECT: jonathan, ....
> 
> As you can see it only logs the user out after about 6!!!! Rejects

I'm sorry, but I just tried again and it worked for me on first try.
I guess you'll have to debug this one on your own - I know you can do
it after what you've done with the RADIUS code. :)

- Manuel




---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash dev dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash dev dash help at lists dot m0n0 dot ch