Removed workaround for Livingstone 1.16

That server is ancient, there shouldn't be any workarounds in the code for that. Just fix the radius server instead of the client.
FreeRADIUS · Jan 14, 2016 · 3843e65 · 3843e65
1 parent 0865977
commit 3843e65
Show file tree

Hide file tree

Showing 10 changed files with 2 additions and 185 deletions.
diff --git a/BUGS b/BUGS
@@ -6,11 +6,5 @@ Testing can show the presense of bugs, but not their absence.
 Radlogin respectively send_server in sendserver.c does not honour a 
 ACCESS_CHALLENGE packet from the RADIUS server. 
 
-There are interoperability problems with radiusd 1.16... but all the Merit
-radiusds I tried worked (last one I tried 2.4.21). There is an option to
-configure (--enable-radius-116) to kludge around this... It turned out to be
-a bug in radiusd 1.16: it doesn't include the shared secret in the digest
-calculation. See patches/radiusd-1.16.accounting.diff for a real fix.
-
 There are some issues that occur on occasion when defining clients with
 hostnames, rather than dotted-quad IPs.  
diff --git a/config.h.in b/config.h.in
@@ -238,9 +238,6 @@
 /* Define to the version of this package. */
 #undef PACKAGE_VERSION
 
-/* include code to kludge aroung Livingston RADIUS server 1.16 */
-#undef RADIUS_116
-
 /* Define as the return type of signal handlers (`int' or `void'). */
 #undef RETSIGTYPE
 

diff --git a/configure b/configure
@@ -783,7 +783,6 @@ enable_shadow
 with_nettle
 with_secure_path
 with_facility
-enable_radius_116
 enable_scp
 '
       ac_precious_vars='build_alias
@@ -1432,7 +1431,6 @@ Optional Features:
                           speeds up one-time build
   --disable-libtool-lock  avoid locking (might break parallel builds)
   --enable-shadow         Enable shadow password support
-  --enable-radius-116     Include support for Livingston's RADIUS server 1.16
   --enable-scp            Add service type hints derived from username prefix
 
 Optional Packages:
@@ -14319,35 +14317,6 @@ $as_echo "LOG_DAEMON" >&6; }
 fi
 
 
-{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether to include Livingston's RADIUS server 1.16 kludge" >&5
-$as_echo_n "checking whether to include Livingston's RADIUS server 1.16 kludge... " >&6; }
-# Check whether --enable-radius-116 was given.
-if test "${enable_radius_116+set}" = set; then :
-  enableval=$enable_radius_116;
-        { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
-$as_echo "yes" >&6; }
-	$as_echo "#define RADIUS_116 1" >>confdefs.h
-
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: !! This is a bug in Livingston's RADIUS server v1.16. There" >&5
-$as_echo "$as_me: WARNING: !! This is a bug in Livingston's RADIUS server v1.16. There" >&2;}
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: !! is a patch included with radiusclient which fixes this" >&5
-$as_echo "$as_me: WARNING: !! is a patch included with radiusclient which fixes this" >&2;}
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: !! problem. See patches/radiusd-1.16.accounting.diff. With" >&5
-$as_echo "$as_me: WARNING: !! problem. See patches/radiusd-1.16.accounting.diff. With" >&2;}
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: !! the patched RADIUS server you no longer need to activate" >&5
-$as_echo "$as_me: WARNING: !! the patched RADIUS server you no longer need to activate" >&2;}
-	{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: !! this hack." >&5
-$as_echo "$as_me: WARNING: !! this hack." >&2;}
-
-else
-
-        { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
-$as_echo "no" >&6; }
-
-
-fi
-
-
 { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether to add service type hints derived from username prefix" >&5
 $as_echo_n "checking whether to add service type hints derived from username prefix... " >&6; }
 # Check whether --enable-scp was given.

diff --git a/configure.in b/configure.in
@@ -291,24 +291,6 @@ AC_ARG_WITH(facility,
 ]
 )
 
-dnl RADIUS_116
-AC_MSG_CHECKING(whether to include Livingston's RADIUS server 1.16 kludge)
-AC_ARG_ENABLE(radius-116,
-[  --enable-radius-116     Include support for Livingston's RADIUS server 1.16],
-[
-        AC_MSG_RESULT(yes)
-	AC_DEFINE(RADIUS_116)
-	AC_MSG_WARN([!! This is a bug in Livingston's RADIUS server v1.16. There])
-	AC_MSG_WARN([!! is a patch included with radiusclient which fixes this])
-	AC_MSG_WARN([!! problem. See patches/radiusd-1.16.accounting.diff. With])
-	AC_MSG_WARN([!! the patched RADIUS server you no longer need to activate])
-	AC_MSG_WARN([!! this hack.])
-],
-[
-        AC_MSG_RESULT(no)
-]
-)
-
 dnl SCP
 AC_MSG_CHECKING(whether to add service type hints derived from username prefix)
 AC_ARG_ENABLE(scp,
@@ -337,8 +319,6 @@ AH_OUTPUT([HAVE_STRUCT_UTSNAME_DOMAINNAME], [/*struct utsname has domainname fie
 #undef HAVE_STRUCT_UTSNAME_DOMAINNAME])
 AH_OUTPUT([NEED_SIG_PROTOTYPES], [/* do you need the sig* prototypes ? */
 #undef NEED_SIG_PROTOTYPES])
-AH_OUTPUT([RADIUS_116], [/* include code to kludge aroung Livingston RADIUS server 1.16 */
-#undef RADIUS_116])
 AH_OUTPUT([SCP], [/* SCP support */
 #undef SCP])
 AH_OUTPUT([PACKAGE], [

diff --git a/lib/sendserver.c b/lib/sendserver.c
@@ -609,18 +609,6 @@ static int rc_check_reply (AUTH_HDR *auth, int bufferlen, char const *secret, un
 	if (memcmp ((char *) reply_digest, (char *) calc_digest,
 		    AUTH_VECTOR_LEN) != 0)
 	{
-#ifdef RADIUS_116
-		/* the original Livingston radiusd v1.16 seems to have
-		   a bug in digest calculation with accounting requests,
-		   authentication request are ok. i looked at the code
-		   but couldn't find any bugs. any help to get this
-		   kludge out are welcome. preferably i want to
-		   reproduce the calculation bug here to be compatible
-		   to stock Livingston radiusd v1.16.	-lf, 03/14/96
-		 */
-		if (auth->code == PW_ACCOUNTING_RESPONSE)
-			return OK_RC;
-#endif
 		rc_log(LOG_ERR, "rc_check_reply: received invalid reply digest from RADIUS server");
 		return BADRESP_RC;
 	}

diff --git a/patches/Makefile.am b/patches/Makefile.am
@@ -12,5 +12,4 @@ AUTOMAKE_OPTIONS = foreign
 
 CLEANFILES = *~
 
-EXTRA_DIST = README merit-2.4.21-CHAP.diff radiusd-1.16.shadow.diff \
-	radiusd-1.16.accounting.diff
+EXTRA_DIST = README merit-2.4.21-CHAP.diff
diff --git a/patches/Makefile.in b/patches/Makefile.in
@@ -253,8 +253,7 @@ top_builddir = @top_builddir@
 top_srcdir = @top_srcdir@
 AUTOMAKE_OPTIONS = foreign
 CLEANFILES = *~
-EXTRA_DIST = README merit-2.4.21-CHAP.diff radiusd-1.16.shadow.diff \
-	radiusd-1.16.accounting.diff
+EXTRA_DIST = README merit-2.4.21-CHAP.diff
 
 all: all-am
 

diff --git a/patches/README b/patches/README
@@ -15,21 +15,6 @@ merit-2.4.21-CHAP.diff
 	this patch to Merit, so hopefully it'll be included in the next release.
 	Apply this patch from the "src" directory of the radiusd sources.
 
-radiusd-1.16.shadow.diff
-
-	Patch to the original radiusd by Livingston to recognize "*"
-	as a special password to look for shadow passwords.
-	Apply this patch from the "src" directory of the radiusd sources.
-
-
-radiusd-1.16.accounting.diff
-
-	The patch for Livingston's (now Lucent's) radiusd 1.16 fixes the
-	accounting reply digest bug. When you've applied this patch to your
-	RADIUS server you no longer need to compile radiusclient with
-	--enable-radius-116. This patch was contributed by Tilman
-	Mueller-Gerbes <tmg@suse.de>. Thanks, Tilman!
-
 rename.patch
 
         The patch renames the library to radiusclient-ng (that means 

diff --git a/patches/radiusd-1.16.accounting.diff b/patches/radiusd-1.16.accounting.diff
diff --git a/patches/radiusd-1.16.shadow.diff b/patches/radiusd-1.16.shadow.diff