X-Git-Url: https://git.ozlabs.org/?a=blobdiff_plain;f=pppd%2Fplugins%2Fradius%2Fradiusclient%2Fpatches%2Fradiusd-1.16.accounting.diff;fp=pppd%2Fplugins%2Fradius%2Fradiusclient%2Fpatches%2Fradiusd-1.16.accounting.diff;h=0000000000000000000000000000000000000000;hb=4abe4296f0eddbb2b6ff11dbbd27100156c85f87;hp=feda35c677c65cc042b1b66883f95f0c1a887b58;hpb=4b9bf9ae2701487191810e564aaa4672eb95130e;p=ppp.git diff --git a/pppd/plugins/radius/radiusclient/patches/radiusd-1.16.accounting.diff b/pppd/plugins/radius/radiusclient/patches/radiusd-1.16.accounting.diff deleted file mode 100644 index feda35c..0000000 --- a/pppd/plugins/radius/radiusclient/patches/radiusd-1.16.accounting.diff +++ /dev/null @@ -1,82 +0,0 @@ -Message-ID: <19980211151522.51612@Galerkin.fs100.suse.de> -Date: Wed, 11 Feb 1998 15:15:22 +0100 -From: Tilman Mueller-Gerbes -To: Lars Fenneberg -Subject: Re: Radiusclient-0.3-alpha - -Hi! - -Das mit der spec-Datei dauert noch ein bisschen, allerdings habe -ich einen Bug-Fix fuer den Radiusd, d.h. dein Problem mit -den Radius-Accounting-Requests geloest: - -Es ist so, dass bei Radius-Accounting Requests im Response-MD5-Digest -der radiusd 1.16 schlicht und einfach das secret nicht mit -einrechnet. Das secret wird mehr oder weniger zufaellig gesetzt -(d.h. gar nicht erst initialisiert :(. - -Ich habe einen Patch fuer den Radiusd 1.16.1 (unten angehaengt). - -Der Radiusd Berechnet die Digests bei Accounting Requests nicht - -ob das so i.O. ist sei mal dahingestellt, andere Implementationen -werden es wohl auch nicht tun. - - -**** - ---- src/Makefile -+++ src/Makefile 1998/02/11 14:09:51 -@@ -14,7 +14,7 @@ - # unixware: add -Dunixware to CFLAGS, use LIBS= -lucb -lnsl -lsocket - # - SRCDIR=. --CFLAGS= -O -DNOSHADOW -+CFLAGS= -O -DFIX_ACCOUNTING_BUG - LDFLAGS= - CC= cc - LIBS= ---- src/acct.c -+++ src/acct.c 1998/02/11 14:09:10 -@@ -70,6 +70,31 @@ - char buffer[512]; - VALUE_PAIR *pair; - long curtime; -+ char pw_digest[16]; -+ /* -+ * fix accounting bug: when receiving an accounting request -+ * the digest is not checked at all and a wrong -+ * reply digest is calculated, as authreq->secret is not -+ * initialized -+ * this fix should not break any existing code, as the -+ * reply digest was random anyway (and may be never checked -+ * by anyone) -tmg@suse.de- -+ */ -+#if defined(FIX_ACCOUNTING_BUG) -+ /* Verify the client and Calculate the MD5 Password Digest */ -+ if(calc_digest(pw_digest, authreq) != 0) { -+ char msg[512]; -+ /* We dont respond when this fails */ -+ sprintf(msg, "Authenticate: from %s - Security Breach Accounting\n", -+ ip_hostname(authreq->ipaddr)); -+ msg[127] = '\0'; -+ log_err(msg); -+ pairfree(authreq->request); -+ memset(authreq, 0, sizeof(AUTH_REQ)); -+ free(authreq); -+ return; -+ } -+#endif - - strncpy(clientname, ip_hostname(authreq->ipaddr), 128); - clientname[127] = '\0'; - - - - --- - Tilman Mueller-Gerbes, S.u.S.E. GmbH, Gebhardtstr. 2, 90762 Fuerth, Germany - Tel: +49-911-7405330, Fax: +49-911-7417755, Email: tmg@suse.de -+-------------------------------------------------------------------------+ -| S.u.S.E. auf der CeBIT '98! -- Besuchen Sie uns in Halle 5, Stand A61 | -+-------------------------------------------------------------------------+ -