nnrpd with RADIUS auth in INN-2.3.3

Ben Rosengart br+inn at panix.com
Mon Mar 7 23:07:22 UTC 2005


Hi folks,

  We at Panix believe we have found a bug in nnrpd from INN 2.3.3.
When a user's password has a space in it (ASCII 0x20), nnrpd omits
the portion after the space when building an auth request to pass
to the external authenticator (in our case, radius).

We're not really prepared to upgrade all of INN.  I have a few questions:

1) Was this fixed in a later release?
2) If so, how tough would it be to backport the fix?
3) If not, is there anything we can do to help, short
    of finding and fixing it ourselves?

Thanks in advance.

-- 
Ben Rosengart                                            (212) 741-4400 x215
     Sometimes it only makes sense to focus our attention on those
     questions that are equal parts trivial and intriguing.
                                             --Josh Micah Marshall


More information about the inn-workers mailing list