|
Day before yesterday I installed the squid radius support. In our case it was not like we can download and make install and the authentication helper starts authenticating. I was getting authentication failure when getting into squid with valid radius username/password. We started thinking about why we are getting squid authentication failure. Well, we finally finished with success. The
problem was that there was a parameter Nas_Port_Type
need to send from squid authenticator helper to radius server. We
finally made it;
we have added Nas-Port-Type support to the squid_rad_auth
authentication helper
allowing sending Nas-Port-Type via the authentication request packet to
radius;
The Nas_Port_Type patch is available as an attachment.In patch the
default value for this attribute is 0; you can set your own by changing: static int nasporttype = 0; If you are new to linux/unix and don't know how to
patch; this blog might help. http://weblogs.com.pk/jahil/archive/2007/04/30/patch-in-unix.aspx Regards, Masood Ahmad Shah http://www.nexlinx.net.pk |
--- squid_rad_auth.c 2006-05-24 19:27:32.000000000 +0500
+++ squid_rad_auth.c.nastype 2007-06-12 18:07:42.000000000 +0500
@@ -82,6 +82,9 @@
static char identifier[MAXLINE] = "";
static char svc_name[MAXLINE] = "radius";
static int nasport = 111;
+
+static int nasporttype = 0;
+
static UINT4 nas_ipaddr;
static UINT4 auth_ipaddr;
static int retries = 30;
@@ -314,6 +317,19 @@
ptr += 4;
total_length += 6;
+//Lets add NAS-PORT-TYPE
+
+ *ptr++ = PW_NAS_PORT_TYPE;
+ *ptr++ = 6;
+
+ ui = htonl(nasporttype);
+ memcpy(ptr, &ui, 4);
+ ptr += 4;
+ total_length += 6;
+
+
+//End Here//
+
if (*identifier) {
int len = strlen(identifier);
*ptr++ = PW_NAS_ID;
