Nice. What testing I was able to do shows this as a fix and works fine.
In reference to the newly added reply-message feature, is it possible to
forward these replies through to the openvpn log (preferably both client
and server)?
My log file shows:
Sun Mar 21 11:25:10 2010 Error: RADIUS-PLUGIN: BACKGROUND AUTH:
Auth failed!
But no reply-message follows. Am I being dumb and missing something
obvious?
Thanks.
-----Original Message-----
From: address@hidden
[mailto:address@hidden
rg] On Behalf Of Ralf Lübben
Sent: 21 March 2010 11:11
To: address@hidden
Subject: Re: [Radiusplugin-users] Freeradius Reply-Message
Hi,
the plugin freezes if you set "useauthcontrolfile=false" in the plugin
configuration file. If set to true the plugin won't freeze. I will update
it as
soon as possible.
Ralf
Am Samstag, 20. März 2010 20:20:06 schrieb Dequan Randolph:
Thanks for this Ralf.
However, after some testing, this new version seems to break my openvpn
service. I would love to provide further details, but I can't provide
any
solid evidence as to the source of the problem -- I just can't find any!
I have a user who is part of a group with a radgroupcheck "Auth-Type :=
Reject", and a radgroupreply with "Reply-Message = Disabled by
administrator". I can receive a successful rejection one time, but
another
time the openvpn service seems to freeze before the access-reject is
sent
(I assume before it even hits freeradius). I would then try to restart
the
service, but it would fail to load as it says the openvpn management
port
is currently in use (the program has hung I assume), so I am forced to
kill the process manually then restart the service.
I have tried rolling back to beta6, and have not been able to replicate
this issue on it -- so I have to conclude there is something wrong in
beta7 causing the freeze (never had a single problem before).
I wish I could be more helpful than just saying, "it's broken for me"!
-----Original Message-----
From:
address@hidden
[mailto:address@hidden
r
g ] On Behalf Of Ralf Lübben
Sent: 20 March 2010 11:49
To: address@hidden
Subject: Re: [Radiusplugin-users] Freeradius Reply-Message
Hi,
I added it in the new version at
http://www.nongnu.org/radiusplugin/
Ralf
Am Mittwoch, 10. Februar 2010 19:10:38 schrieb Ralf Lübben:
Hi,
yes I will put it on my ToDo list and add it the next beta release.
Maybe it will take one or two weeks.
Regards,
Ralf
Am Dienstag, 9. Februar 2010 23:56:59 schrieb Dequan Randolph:
Assuming -- as you said -- it would be easy to implement, would it
be
possible to implement this in the one of the next releases?
Being able to pass a custom Reply-Message would be extremely useful
for
me (and hopefully other people too).
Regards,
Dequan.
-----------------------------------------------------------------------
-
Ralf Lübben wrote:
Hi,
so far this feature is not implemented, only few radius attributes
are evaluated, which can be mapped to OpenVPN attributes.
But it would be easy to implement it.
Regards
Ralf
Am Mittwoch, 3. Februar 2010 20:35:46 schrieb Dequan Randolph:
Im not sure if this relates directly to this plugin, but is it
possible for the plugin to forward a radgroupreply
"Reply-Message"
created by Freeradius following a radgroupcheck?
Ideally i'd like to create a more accurate return of information
during a failed login process. For example, if the user has been
disabled by an administrator, a reply-message could be forwarded
to
OpenVPN
(specifically the log file) indicating a more detailed
explanation
of why he/she is rejected, i.e. "Your account has been disabled".
As it stands OpenVPN can output to a log, but the only
information
concerning a failed login attempt is indicated by:
AUTH: Received AUTH_FAILED control message
Would it be possible to return more detailed information via a
Reply-Message packet?
Regards,
Dequan.
_______________________________________________
Radiusplugin-users mailing list
address@hidden
http://lists.nongnu.org/mailman/listinfo/radiusplugin-users
_______________________________________________
Radiusplugin-users mailing list
address@hidden
http://lists.nongnu.org/mailman/listinfo/radiusplugin-users
_______________________________________________
Radiusplugin-users mailing list
address@hidden
http://lists.nongnu.org/mailman/listinfo/radiusplugin-users
_______________________________________________
Radiusplugin-users mailing list
address@hidden
http://lists.nongnu.org/mailman/listinfo/radiusplugin-users
_______________________________________________
Radiusplugin-users mailing list
address@hidden
http://lists.nongnu.org/mailman/listinfo/radiusplugin-users
_______________________________________________
Radiusplugin-users mailing list
address@hidden
http://lists.nongnu.org/mailman/listinfo/radiusplugin-users