Re: [squid-users] change for squid_rad_auth

Henrik Nordstrom said:
> On Mon, 19 Sep 2005, Joost de Heer wrote:
>
>> I recently had to work with squid_rad_auth 1.07 on a Linux machine,
>> which needed to talk to a radius server on Solaris 8. I couldn't get the
>> thing to work properly, and after lots of searching I found out that
>> there is a difference between the ports defined for radius in
>> /etc/services on Linux and Solaris. On Linux, the default radius port is
>> 1812, on Solaris it's 1645. On Linux, this port is called 'datametrics'.
>
> IANA (who assigns the official port numbers) say:
>
> radius 1812/tcp RADIUS
> radius 1812/udp RADIUS
> # Carl Rigney <cdr@livingston.com>
> radius-acct 1813/tcp RADIUS Accounting
> radius-acct 1813/udp RADIUS Accounting
> # Carl Rigney <cdr@livingston.com>

From the Linux /etc/services:

datametrics 1645/tcp old-radius # datametrics / old radius
entry
datametrics 1645/udp old-radius # datametrics / old radius
entry
sa-msg-port 1646/tcp old-radacct # sa-msg-port / old
radacct entry
sa-msg-port 1646/udp old-radacct # sa-msg-port / old
radacct entry

So it looks like the port used to be 1645, and somewhere in history this
was changed. Apparently our Solaris radius server still uses this old
port, as I found out after debugging.

> but I have in principle nothing against also having support for this to
> the config file. To make my life easier please resend the above diff as a
> unified diff (-u option to diff).

--- squid_radius_auth-1.07/squid_rad_auth.c 2004-08-07
18:42:13.000000000 -0400
+++ squid_radius_auth-1.07-joost/squid_rad_auth.c 2005-09-15
02:48:53.000000000 -0400
@@ -74,6 +74,7 @@
 static char secretkey[MAXPASS + 1] = "";
 static char server[MAXLINE] = "";
 static char identifier[MAXLINE] = "";
+static char svc_name[MAXLINE] = "radius";
 static int nasport = 111;
 static UINT4 nas_ipaddr;
 static UINT4 auth_ipaddr;
@@ -164,6 +165,8 @@
            crt = sscanf(line, "secret %s", secretkey);
        if (!memcmp(line, "identifier", 10))
            sscanf(line, "identifier %s", identifier);
+ if (!memcmp(line, "service", 7))
+ sscanf(line, "service %s", svc_name);
     }
     if (srv && crt)
        return 0;
@@ -340,7 +343,6 @@
     struct sockaddr_in saremote;
     struct servent *svp;
     u_short svc_port;
- const char *svc_name = "radius";
     char username[MAXPWNAM];
     char passwd[MAXPASS];
     char *ptr;
@@ -359,7 +361,7 @@
            strcpy(server, optarg);
            break;
        case 'p':
- svc_name = optarg;
+ strcpy(svc_name, optarg);
            break;
        case 'w':
            strcpy(secretkey, optarg);

Joost
Received on Tue Sep 20 2005 - 07:55:01 MDT