Re: [Radiusplugin-users] Freeradius Reply-Message

radiusplugin-users

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Radiusplugin-users] Freeradius Reply-Message

From:	Ralf Lübben
Subject:	Re: [Radiusplugin-users] Freeradius Reply-Message
Date:	Sun, 21 Mar 2010 12:10:56 +0100
User-agent:	KMail/1.12.2 (Linux/2.6.31-20-generic; KDE/4.3.2; i686; ; )

Hi,

the plugin freezes if you set "useauthcontrolfile=false" in the plugin 
configuration file.  If set to true the plugin won't freeze. I will update it 
as 
soon as possible.

Ralf





Am Samstag, 20. März 2010 20:20:06 schrieb Dequan Randolph:
> Thanks for this Ralf.
> 
> However, after some testing, this new version seems to break my openvpn
> service. I would love to provide further details, but I can't provide any
> solid evidence as to the source of the problem -- I just can't find any!
> 
> I have a user who is part of a group with a radgroupcheck "Auth-Type :=
> Reject", and a radgroupreply with "Reply-Message = Disabled by
> administrator". I can receive a successful rejection one time, but another
> time the openvpn service seems to freeze before the access-reject is sent
>  (I assume before it even hits freeradius). I would then try to restart the
>  service, but it would fail to load as it says the openvpn management port
>  is currently in use (the program has hung I assume), so I am forced to
>  kill the process manually then restart the service.
> 
> I have tried rolling back to beta6, and have not been able to replicate
>  this issue on it -- so I have to conclude there is something wrong in
>  beta7 causing the freeze (never had a single problem before).
> 
> I wish I could be more helpful than just saying, "it's broken for me"!
> 
> -----Original Message-----
> From: address@hidden
> [mailto:address@hidden
> g ] On Behalf Of Ralf Lübben
> Sent: 20 March 2010 11:49
> To: address@hidden
> Subject: Re: [Radiusplugin-users] Freeradius Reply-Message
> 
> Hi,
> 
> I added it in the new version at
> 
> http://www.nongnu.org/radiusplugin/
> 
> Ralf
> 
> Am Mittwoch, 10. Februar 2010 19:10:38 schrieb Ralf Lübben:
> > Hi,
> >
> > yes I will put it on my ToDo list and add it the next beta release.
> >
> > Maybe it will take one or two weeks.
> >
> > Regards,
> > Ralf
> >
> > Am Dienstag, 9. Februar 2010 23:56:59 schrieb Dequan Randolph:
> > > Assuming -- as you said -- it would be easy to implement, would it be
> > > possible to implement this in the one of the next releases?
> > >
> > > Being able to pass a custom Reply-Message would be extremely useful for
> > > me (and hopefully other people too).
> > >
> > > Regards,
> > >
> > > Dequan.
> > >
> > > -----------------------------------------------------------------------
> > >-
> > >
> > > Ralf Lübben wrote:
> > > > Hi,
> > > >
> > > > so far this feature is not implemented, only few radius attributes
> > > > are evaluated, which can be mapped to OpenVPN attributes.
> > > >
> > > > But it would be easy to implement it.
> > > >
> > > > Regards
> > > > Ralf
> > > >
> > > > Am Mittwoch, 3. Februar 2010 20:35:46 schrieb Dequan Randolph:
> > > >> Im not sure if this relates directly to this plugin, but is it
> > > >> possible for the plugin to forward a radgroupreply "Reply-Message"
> > > >> created by Freeradius following a radgroupcheck?
> > > >>
> > > >> Ideally i'd like to create a more accurate return of information
> > > >> during a failed login process. For example, if the user has been
> > > >> disabled by an administrator, a reply-message could be forwarded to
> > > >> OpenVPN
> > > >> (specifically the log file) indicating a more detailed explanation
> > > >> of why he/she is rejected, i.e. "Your account has been disabled".
> > > >>
> > > >> As it stands OpenVPN can output to a log, but the only information
> > > >> concerning a failed login attempt is indicated by:
> > > >>
> > > >>     AUTH: Received AUTH_FAILED control message
> > > >>
> > > >> Would it be possible to return more detailed information via a
> > > >> Reply-Message packet?
> > > >>
> > > >> Regards,
> > > >>
> > > >> Dequan.
> > > >
> > > > _______________________________________________
> > > > Radiusplugin-users mailing list
> > > > address@hidden
> > > > http://lists.nongnu.org/mailman/listinfo/radiusplugin-users
> >
> > _______________________________________________
> > Radiusplugin-users mailing list
> > address@hidden
> > http://lists.nongnu.org/mailman/listinfo/radiusplugin-users
> 
> _______________________________________________
> Radiusplugin-users mailing list
> address@hidden
> http://lists.nongnu.org/mailman/listinfo/radiusplugin-users
> 
> 
> 
> _______________________________________________
> Radiusplugin-users mailing list
> address@hidden
> http://lists.nongnu.org/mailman/listinfo/radiusplugin-users
>

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [Radiusplugin-users] Freeradius Reply-Message, Ralf Lübben, 2010/03/20
- RE: [Radiusplugin-users] Freeradius Reply-Message, Dequan Randolph, 2010/03/20
  - Re: [Radiusplugin-users] Freeradius Reply-Message, Ralf Lübben <=
    - Message not available
    - RE: [Radiusplugin-users] Freeradius Reply-Message, Dequan Randolph, 2010/03/21
    - Re: [Radiusplugin-users] Freeradius Reply-Message, Ralf Lübben, 2010/03/21
    - Re: [Radiusplugin-users] Freeradius Reply-Message, William Cooley, 2010/03/21
    - Re: [Radiusplugin-users] Freeradius Reply-Message, Ralf Lübben, 2010/03/21
    - RE: [Radiusplugin-users] Freeradius Reply-Message, Dequan Randolph, 2010/03/21
    - Re: [Radiusplugin-users] Freeradius Reply-Message, Ralf Lübben, 2010/03/27

Prev by Date: RE: [Radiusplugin-users] Freeradius Reply-Message
Next by Date: RE: [Radiusplugin-users] Freeradius Reply-Message
Previous by thread: RE: [Radiusplugin-users] Freeradius Reply-Message
Next by thread: RE: [Radiusplugin-users] Freeradius Reply-Message
Index(es):
- Date
- Thread