[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Radiusplugin-users] username end with space can login succeed, but
|
From: |
Ralf Lübben |
|
Subject: |
Re: [Radiusplugin-users] username end with space can login succeed, but can't be accounted. |
|
Date: |
Sat, 18 Feb 2012 15:11:54 +0100 |
|
User-agent: |
KMail/4.7.3 (Linux/3.0.0-16-generic-pae; KDE/4.7.4; i686; ; ) |
Hi,
can you increase the verbosity level of OpenVPN to 7 or more, to find where the
rewrite happens.
The log should show which parameters are passed to the plugin. Probably
OpenVPN does some rewritting:
"String Types and Remapping" in the man page.
Ralf
Am Samstag, 18. Februar 2012, 21:48:37 schrieb Jacky.He:
> Hi,
>
>
>
> I have an OpenVPN 2.2 server with radiusplugin 2.1a Beta1 running in a Linux
> server, with bellowing config:
>
> -----
>
> status openvpn-status.log 1
>
> plugin /etc/openvpn/radiusplugin.so /etc/openvpn/radiusplugin.cnf
>
> client-cert-not-required
>
> username-as-common-name
>
> -----
>
>
>
>
>
> Everything runs fine, I recently found some user login with an _ at the end
> of username, like "jacky" can login as "jacky_" successfully, but user
> traffic can't be accounted.
>
> OpenVPN logs like:
>
>
>
> TLS: Username/Password authentication succeeded for username 'jacky_' [CN
> SET]
>
> .
>
> RADIUS-PLUGIN: BACKGROUND ACCT: No accounting data was found for jacky
> ,1xx.xx.xxx.xxx:57534
>
>
>
>
>
> I found if I add a space at the end of username in the password file of
> openvpn client config, I can playback the problem: user can login with end
> of _ , but can't be accounted.
>
> And I also check the username in my radius database, it doesn't contain any
> _ or any space.
>
>
>
> How can I avoid this problem? What I want is:
>
> if user add a or more space at the end of username in the password file,
> OpenVPN server will refuse the user to login.
>
>
>
> Please help, thanks.
>
>
>
> --
>
> Best Regards
>
> Jacky