Issues in connecting to IPv6 TacacsPlus server

[vinodkumarvellanki]

Hi Team,

Just wanted to know if there are any open known issues in connecting to IPv6 Tacacs servers.
I have observed issues in connecting to IPv6 server.
Hence added the below fix:
file: support.c
function: tac_copy_addr_info
code modified:
removed the below line:
memcpy (p_dst->ai_addr, p_src->ai_addr, sizeof(struct sockaddr));

added below checks:

  /* ipv6 check */
    if (p_dst->ai_family == AF_INET6) {
      memcpy (p_dst->ai_addr, p_src->ai_addr, sizeof(struct sockaddr_in6));
    } else {
       memcpy (p_dst->ai_addr, p_src->ai_addr, sizeof(struct sockaddr)); 
    }

with the above changes, authentication works correctly.
But accounting does not work.
Issue:
Ipv6 address copied in to "active_server" seems to be getting junk characters in pam_sm_acct_mgmt.

for example, if we set the Tacacs server address as : 2001:DB8:0:1::9
In pam_sm_authenticate function, code can get and connect to active server;

but in pam_sm_acct_mgmt, code fetches this address as " 2001:db8:0:1:6970::9", hence connecting to server does not work.
not sure, how this extra "6970" got introduced into active_server.
Below is the error:
tac_connect_single: connection failed with 2001:db8:0:1:6970::9:49: Transport endpoint is not connected

is there any known issues and fixes for this issue ?

Thank You.

[pprindeville]

Is there a PR that goes with this?

[vinodkumarvellanki]

Thank You for your quick reply.

No, i have not yet raised. I am just trying to test this code.
once it works, I shall raise a PR.

[vinodkumarvellanki]

Hi,

I have fixed this issue.
changes:

1. I have changed the below two as static
   static struct addrinfo active_addrinfo;
   static struct sockaddr active_sockaddr;
2. then have added memset in the function set_active_server for all the structures that are used for storing ipv6 address.

thank you.

[pprindeville]

Now is there a PR?