Bug #2377
closedCaptive portal fails on empty RADIUS password
100%
Description
An empty password is not sent to the RADIUS server for verification, it just produces an error. PHP code is checking for a password value, when it means to check if the field was sent. The attached patch will fix things up; also fixed some whitespace problems in the vicinity.
Files
Updated by Michael Newton over 12 years ago
Sorry, should be under category "Captive Portal" but I can't make that change now.
Updated by Chris Buechler over 12 years ago
- Category set to Captive Portal
- Target version set to 2.1
- Affected Version set to 2.1
Updated by Michael Newton about 12 years ago
When using a captive portal, the need is often to display T&C and prevent casual users from getting access, not to provide comprehensive AAA.
Since the RFC doesn't require any password value, I guess the relevant question is "why doesn't pfSense allow an empty pass?"
Updated by Michael Newton almost 12 years ago
No updates on this? There seems to be little interest in any changes to RADIUS handling, I keep seeing "why do you need this" when users ask for anything...
Also, with such a low-risk patch there's no reason it couldn't be included in a 2.0x release.
Updated by Cyrill B almost 12 years ago
Do you still have a copy of your patch? The attached file produces a 404 here.
I recently submitted a pull request [1] that fixes the problem that an empty secret key for RADIUS servers 2-4 results in them not being used at all (as they are not written to file without a secret key), although the GUI states that an empty secret key is allowed and also accepts it.
Updated by Ermal Luçi almost 12 years ago
- Status changed from New to Feedback
Merged the pull request.
Updated by Michael Newton almost 12 years ago
That pull request was not for this issue. Please see https://github.com/bsdperimeter/pfsense/pull/357 for the patch allowing an empty password on the captive portal to be passed to RADIUS. Thanks.
Updated by Renato Botelho almost 12 years ago
- Status changed from Feedback to Closed