From owner-freebsd-ports-bugs@FreeBSD.ORG Fri Jan 20 11:10:06 2006 Return-Path: X-Original-To: freebsd-ports-bugs@hub.freebsd.org Delivered-To: freebsd-ports-bugs@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7031216A41F for ; Fri, 20 Jan 2006 11:10:06 +0000 (GMT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4BA2643D46 for ; Fri, 20 Jan 2006 11:10:05 +0000 (GMT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.4/8.13.4) with ESMTP id k0KBA5Kw098018 for ; Fri, 20 Jan 2006 11:10:05 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.13.4/8.13.4/Submit) id k0KBA5E7098017; Fri, 20 Jan 2006 11:10:05 GMT (envelope-from gnats) Resent-Date: Fri, 20 Jan 2006 11:10:05 GMT Resent-Message-Id: <200601201110.k0KBA5E7098017@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-ports-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Riccardo Torrini Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BB6AF16A41F for ; Fri, 20 Jan 2006 11:07:46 +0000 (GMT) (envelope-from nobody@FreeBSD.org) Received: from www.freebsd.org (www.freebsd.org [216.136.204.117]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7579D43D4C for ; Fri, 20 Jan 2006 11:07:46 +0000 (GMT) (envelope-from nobody@FreeBSD.org) Received: from www.freebsd.org (localhost [127.0.0.1]) by www.freebsd.org (8.13.1/8.13.1) with ESMTP id k0KB7kvA066621 for ; Fri, 20 Jan 2006 11:07:46 GMT (envelope-from nobody@www.freebsd.org) Received: (from nobody@localhost) by www.freebsd.org (8.13.1/8.13.1/Submit) id k0KB7kKD066617; Fri, 20 Jan 2006 11:07:46 GMT (envelope-from nobody) Message-Id: <200601201107.k0KB7kKD066617@www.freebsd.org> Date: Fri, 20 Jan 2006 11:07:46 GMT From: Riccardo Torrini To: freebsd-gnats-submit@FreeBSD.org X-Send-Pr-Version: www-2.3 Cc: Subject: ports/92050: Please update net/openradius to 0.9.11a X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 20 Jan 2006 11:10:06 -0000 >Number: 92050 >Category: ports >Synopsis: Please update net/openradius to 0.9.11a >Confidential: no >Severity: critical >Priority: medium >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: update >Submitter-Id: current-users >Arrival-Date: Fri Jan 20 11:10:04 GMT 2006 >Closed-Date: >Last-Modified: >Originator: Riccardo Torrini >Release: FreeBSD 5.4-STABLE >Organization: >Environment: FreeBSD 5.4-STABLE #15: Tue Jan 3 19:20:33 CET 2006 ... >Description: As Emile van Bergen replyed to my question about random garbage at the end of the password version 0.9.10 fail with passwords that are a multiple of 16 chars so we really need to update our port (I relay RADIUS auth to win AD and our users has very long password). -----8<----- > - using same user/pass as win logon and having some really long > password I noticed that password exactly 16 chars long fail > auth and log with random garbage at the end. Is OR imposing > this limit or can I change it (and if yes, where?) > [...] > radldap: Binding on 'cn={xxx},cn=Users,dc=it,dc={xxx},dc=priv' > using password '1234567890123456ª#âÛ²z<ÍCpá' This is a bug that's present in a few experimental behaviour files that claimed to overcome the 16 character password length limitation without using the 'papdecrypt' operator that was added in 0.9.11. The hack used there failed with passwords that are a multiple of 16 long, and it was a hack anyway, hence the new operator. Older behaviour files work, and upgrading to 0.9.11b will work too, with the added benefit of supporting any password length up to 128, as allowed by the specification. -----8<----- I tryed myself and noticed that Emile included previous (0.9.10) patch for FreeBSD made by port maintainer (jettea46@yahoo.com) so sould be fast and simple :-) -----8<----- http://www.xs4all.nl/~evbergen/openradius/download/openradius-0.9.11a/CHANGELOG [...] Renamed ARCH variable in build system to ARCHIVE, so that ARCH can hold an architecture name, as is the case on eg. FreeBSD, suggested by Adam Jette -----8<----- >How-To-Repeat: Install OR 0.9.10 and try to authenticate a user with a 16 char long. >Fix: Update to 0.9.11a >Release-Note: >Audit-Trail: >Unformatted: