Package: ipppd
Version: 1:3.8.2005-12-06-4
Severity: normal
When ipppd checks the existence of a CHAP entry for authenticating the
local host to the remote host (them checking us) it uses the wrong name.
The variable "user" should be used in this case.
It currently uses the variable "our_name" which should only be used for
authenticating the remote host (us checking them).
The following patch corrects the problem.
-- System Information
Debian Release: 3.1
Kernel Version: Linux gondolin 2.4.27-hx-1-686-smp #3 SMP Tue Oct 5 20:01:26
EST 2004 i686 GNU/Linux
--
--- ipppd/auth.c.orig 2006-01-20 11:07:14.267103076 +1100
+++ ipppd/auth.c 2006-01-20 11:07:43.009555457 +1100
@@ -596,10 +596,10 @@
wo->neg_upap = 0;
#ifdef RADIUS
if (ao->neg_chap && !ask_passwd && !fdpasswd &&
- !have_chap_secret(our_name, remote_name) && !useradius ) {
+ !have_chap_secret(user, remote_name) && !useradius ) {
#else
if (ao->neg_chap && !ask_passwd && !fdpasswd &&
- !have_chap_secret(our_name, remote_name)) {
+ !have_chap_secret(user, remote_name)) {
#endif
syslog(LOG_INFO,"info: no CHAP secret entry for this user!\n");
ao->neg_chap = 0;
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
