[freeside] Problems with radiusd-cistron-1.6.6
Stephen Bechard
steve at destek.net
Sat Dec 7 17:59:11 PST 2002
I added it to the password section based on the same
reasoning as the username-ampersand, in case it causes
problems with shell commands.
Enjoy,
Steve
Here are the diffs for only the exclamation if you choose
not to apply the password-noampersand:
Accounting# diff -u
/home/freeside/installation/freeside-1.4.1beta5/FS/FS/svc_acct.pm
svc_acct.pm
--- /home/freeside/installation/freeside-1.4.1beta5/FS/FS/svc_acct.pm Tue
Nov 5 18:29:41 2002
+++ svc_acct.pm Sat Dec 7 20:54:37 2002
@@ -7,6 +7,7 @@
$username_ampersand $username_letter $username_letterfirst
$username_noperiod $username_nounderscore $username_nodash
$username_uppercase
+ $password_noexclamation
$mydomain
$welcome_template $welcome_from $welcome_subject
$welcome_mimetype
$smtpmachine
@@ -51,6 +52,7 @@
$username_nodash = $conf->exists('username-nodash');
$username_uppercase = $conf->exists('username-uppercase');
$username_ampersand = $conf->exists('username-ampersand');
+ $password_noexclamation = $conf->exists('password-noexclamation');
$mydomain = $conf->config('domain');
$dirhash = $conf->config('dirhash') || 0;
if ( $conf->exists('welcome_email') ) {
@@ -697,6 +699,9 @@
}
unless ( $username_ampersand ) {
$recref->{username} =~ /\&/ and return gettext('illegal_username');
+ }
+ if ( $password_noexclamation ) {
+ $recref->{_password} =~ /\!/ and return gettext('illegal_password');
}
$recref->{popnum} =~ /^(\d*)$/ or return "Illegal popnum:
".$recref->{popnum};
Accounting# diff -u
/home/freeside/installation/freeside-1.4.1beta5/FS/FS/Conf.pm Conf.pm
--- /home/freeside/installation/freeside-1.4.1beta5/FS/FS/Conf.pm Sat
Nov 16 05:33:16 2002
+++ Conf.pm Sat Dec 7 20:54:11 2002
@@ -540,6 +540,13 @@
},
{
+ 'key' => 'password-noexclamation',
+ 'section' => 'password',
+ 'description' => 'Disallow exclamations in passwords (Not setting this
could break Livingston or Cistron Radius servers)',
+ 'type' => 'checkbox',
+ },
+
+ {
'key' => 'qmailmachines',
'section' => 'mail',
'description' => 'Your qmail machines, one per line. This enables
export of `/var/qmail/control/virtualdomains\',
`/var/qmail/control/recipientmap\', and `/var/qmail/control/rcpthosts\'.
Setting this option (even if empty) also turns on user `.qmail-extension\'
file maintenance in conjunction with the <b>shellmachine</b> option.',
----- Original Message -----
From: <ivan at 420.am>
To: <ivan-freeside at sisd.com>
Sent: Saturday, December 07, 2002 7:34 PM
Subject: Re: [freeside] Problems with radiusd-cistron-1.6.6
Can you send a patch which only adds the password-noexclamation option,
or explain what password-noampersand would be used for?
On Sat, Dec 07, 2002 at 02:41:24AM -0500, Stephen Bechard wrote:
> I just learned the hard way that exclamations in a users
> password will cause radiusd-cistron-1.6.6 to die on reload
> unless they are escaped out ( aka \! )
>
> If anyone is interested, I choose to modified the
> svc_acct.pm and Conf.pm to disallow exclamations and
> ampersands in the passwords via the Configuration settings.
> No ampersands are not a problem with the radius servers,
> but I just added it as another option while I was in there. ;)
>
> Enjoy,
> Steve
>
> Here are the diffs:
>
> Accounting# diff -u
> /home/freeside/installation/freeside-1.4.1beta5/FS/FS/svc_acct.pm
> svc_acct.pm
> --- /home/freeside/installation/freeside-1.4.1beta5/FS/FS/svc_acct.pm
Tue
> Nov 5 18:29:41 2002
> +++ svc_acct.pm Sat Dec 7 02:26:22 2002
> @@ -7,6 +7,7 @@
> $username_ampersand $username_letter $username_letterfirst
> $username_noperiod $username_nounderscore $username_nodash
> $username_uppercase
> + $password_noampersand $password_noexclamation
> $mydomain
> $welcome_template $welcome_from $welcome_subject
> $welcome_mimetype
> $smtpmachine
> @@ -51,6 +52,8 @@
> $username_nodash = $conf->exists('username-nodash');
> $username_uppercase = $conf->exists('username-uppercase');
> $username_ampersand = $conf->exists('username-ampersand');
> + $password_noampersand = $conf->exists('password-noampersand');
> + $password_noexclamation = $conf->exists('password-noexclamation');
> $mydomain = $conf->config('domain');
> $dirhash = $conf->config('dirhash') || 0;
> if ( $conf->exists('welcome_email') ) {
> @@ -697,6 +700,12 @@
> }
> unless ( $username_ampersand ) {
> $recref->{username} =~ /\&/ and return gettext('illegal_username');
> + }
> + if ( $password_noampersand ) {
> + $recref->{_password} =~ /\&/ and return gettext('illegal_password');
> + }
> + if ( $password_noexclamation ) {
> + $recref->{_password} =~ /\!/ and return gettext('illegal_password');
> }
>
> $recref->{popnum} =~ /^(\d*)$/ or return "Illegal popnum:
> ".$recref->{popnum};
>
>
>
>
>
> Accounting# diff -u
> /home/freeside/installation/freeside-1.4.1beta5/FS/FS/Conf.pm Conf.pm
> --- /home/freeside/installation/freeside-1.4.1beta5/FS/FS/Conf.pm
Sat
> Nov 16 05:33:16 2002
> +++ Conf.pm Sat Dec 7 02:28:09 2002
> @@ -540,6 +540,20 @@
> },
>
> {
> + 'key' => 'password-noampersand',
> + 'section' => 'password',
> + 'description' => 'Disallow ampersands in passwords',
> + 'type' => 'checkbox',
> + },
> +
> + {
> + 'key' => 'password-noexclamation',
> + 'section' => 'password',
> + 'description' => 'Disallow exclamations in passwords (Not setting
this
> could break Livingston or Cistron Radius servers)',
> + 'type' => 'checkbox',
> + },
> +
> + {
> 'key' => 'qmailmachines',
> 'section' => 'mail',
> 'description' => 'Your qmail machines, one per line. This enables
> export of `/var/qmail/control/virtualdomains\',
> `/var/qmail/control/recipientmap\', and `/var/qmail/control/rcpthosts\'.
> Setting this option (even if empty) also turns on user `.qmail-extension\'
> file maintenance in conjunction with the <b>shellmachine</b> option.',
>
--
_ivan
More information about the freeside-users
mailing list