Menu
▾
▴
Re: [PacketFence-users] Can't link PacketFence with AD Server.
|
From: Adrian D. <adr...@no...> - 2019-02-11 15:18:13
|
Hello Fabrice,
Thanks for the patch, it applied well on my system:
[root@pfcen7 pf]# patch -p1 --dry-run < ./multiples_attributes.diff
(Stripping trailing CRs from patch; use --binary to disable.)
checking file lib/pf/Switch.pm
(Stripping trailing CRs from patch; use --binary to disable.)
checking file lib/pf/api.pm
(Stripping trailing CRs from patch; use --binary to disable.)
checking file lib/pf/radius/rest.pm
[root@pfcen7 pf]# patch -p1 < ./multiples_attributes.diff
(Stripping trailing CRs from patch; use --binary to disable.)
patching file lib/pf/Switch.pm
(Stripping trailing CRs from patch; use --binary to disable.)
patching file lib/pf/api.pm
(Stripping trailing CRs from patch; use --binary to disable.)
patching file lib/pf/radius/rest.pm
I then, restarted my system.
##########################################################
However, the patch have a side effect on the web server
There is a loop on the start of the webservice:
Feb 11 16:14:54 pfcen7 packetfence_httpd.aaa: httpd.aaa(8869) WARN: [mac:[undef]] "my" variable %remapped_radius_request masks earlier declaration in same scope at /usr/local/pf/lib/pf/api.pm line 1301.
(pf::WebAPI::BEGIN)
Feb 11 16:14:56 pfcen7 pfqueue: pfqueue(8876) WARN: [mac:[undef]] "my" variable %remapped_radius_request masks earlier declaration in same scope at /usr/local/pf/lib/pf/api.pm line 1301.
(main::BEGIN)
Feb 11 16:14:56 pfcen7 pfqueue: "my" variable %remapped_radius_request masks earlier declaration in same scope at /usr/local/pf/lib/pf/api.pm line 1301.
Feb 11 16:14:56 pfcen7 pfqueue: BEGIN not safe after errors--compilation aborted at /usr/local/pf/lib/pf/api.pm line 1301.
Feb 11 16:14:56 pfcen7 pfqueue: Compilation failed in require at /usr/local/pf/sbin/pfqueue line 47.
Feb 11 16:14:56 pfcen7 pfqueue: BEGIN failed--compilation aborted at /usr/local/pf/sbin/pfqueue line 47.
Feb 11 16:14:56 pfcen7 packetfence: INFO -e(8886): generating /usr/local/pf/var/conf/ssl-certificates.conf (pf::services::manager::httpd::generateCommonConfig)
Feb 11 16:14:56 pfcen7 packetfence: INFO -e(8886): generating /usr/local/pf/var/conf/captive-portal-common (pf::services::manager::httpd::generateCommonConfig)
Feb 11 16:14:57 pfcen7 packetfence: INFO -e(8894): generating /usr/local/pf/var/conf/ssl-certificates.conf (pf::services::manager::httpd::generateCommonConfig)
Feb 11 16:14:57 pfcen7 packetfence: INFO -e(8894): generating /usr/local/pf/var/conf/captive-portal-common (pf::services::manager::httpd::generateCommonConfig)
Feb 11 16:14:57 pfcen7 packetfence: INFO -e(8902): generating /usr/local/pf/var/conf/ssl-certificates.conf (pf::services::manager::httpd::generateCommonConfig)
Feb 11 16:14:57 pfcen7 packetfence: INFO -e(8902): generating /usr/local/pf/var/conf/captive-portal-common (pf::services::manager::httpd::generateCommonConfig)
Feb 11 16:15:01 pfcen7 packetfence_httpd.webservices: httpd.webservices(8909) WARN: [mac:[undef]] "my" variable %remapped_radius_request masks earlier declaration in same scope at /usr/local/pf/lib/pf/api.pm line 1301.
(pf::WebAPI::BEGIN)
Feb 11 16:15:03 pfcen7 pfqueue: pfqueue(8917) WARN: [mac:[undef]] "my" variable %remapped_radius_request masks earlier declaration in same scope at /usr/local/pf/lib/pf/api.pm line 1301.
(main::BEGIN)
Feb 11 16:15:03 pfcen7 pfqueue: "my" variable %remapped_radius_request masks earlier declaration in same scope at /usr/local/pf/lib/pf/api.pm line 1301.
Feb 11 16:15:03 pfcen7 pfqueue: BEGIN not safe after errors--compilation aborted at /usr/local/pf/lib/pf/api.pm line 1301.
Feb 11 16:15:03 pfcen7 pfqueue: Compilation failed in require at /usr/local/pf/sbin/pfqueue line 47.
Feb 11 16:15:03 pfcen7 pfqueue: BEGIN failed--compilation aborted at /usr/local/pf/sbin/pfqueue line 47.
Feb 11 16:15:03 pfcen7 packetfence_httpd.aaa: httpd.aaa(8926) WARN: [mac:[undef]] "my" variable %remapped_radius_request masks earlier declaration in same scope at /usr/local/pf/lib/pf/api.pm line 1301.
(pf::WebAPI::BEGIN)
Feb 11 16:15:04 pfcen7 packetfence: INFO -e(8936): generating /usr/local/pf/var/conf/ssl-certificates.conf (pf::services::manager::httpd::generateCommonConfig)
Feb 11 16:15:04 pfcen7 packetfence: INFO -e(8936): generating /usr/local/pf/var/conf/captive-portal-common (pf::services::manager::httpd::generateCommonConfig)
Feb 11 16:15:07 pfcen7 packetfence: INFO -e(8948): generating /usr/local/pf/var/conf/ssl-certificates.conf (pf::services::manager::httpd::generateCommonConfig)
Feb 11 16:15:07 pfcen7 packetfence: INFO -e(8948): generating /usr/local/pf/var/conf/captive-portal-common (pf::services::manager::httpd::generateCommonConfig)
Feb 11 16:15:09 pfcen7 pfqueue: pfqueue(8952) WARN: [mac:[undef]] "my" variable %remapped_radius_request masks earlier declaration in same scope at /usr/local/pf/lib/pf/api.pm line 1301.
(main::BEGIN)
Feb 11 16:15:09 pfcen7 pfqueue: "my" variable %remapped_radius_request masks earlier declaration in same scope at /usr/local/pf/lib/pf/api.pm line 1301.
Feb 11 16:15:09 pfcen7 pfqueue: BEGIN not safe after errors--compilation aborted at /usr/local/pf/lib/pf/api.pm line 1301.
Feb 11 16:15:09 pfcen7 pfqueue: Compilation failed in require at /usr/local/pf/sbin/pfqueue line 47.
Feb 11 16:15:09 pfcen7 pfqueue: BEGIN failed--compilation aborted at /usr/local/pf/sbin/pfqueue line 47.
Feb 11 16:15:10 pfcen7 packetfence_httpd.webservices: httpd.webservices(8953) WARN: [mac:[undef]] "my" variable %remapped_radius_request masks earlier declaration in same scope at /usr/local/pf/lib/pf/api.pm line 1301.
(pf::WebAPI::BEGIN)
Has a result, the web administration page is not available.
Thanks in advance for your help,
Best Regards,
Adrian
De: "packetfence-users" <pac...@li...>
À: "packetfence-users" <pac...@li...>
Cc: "Durand fabrice" <fd...@in...>
Envoyé: Samedi 9 Février 2019 02:17:51
Objet: Re: [PacketFence-users] Can't link PacketFence with AD Server.
Hello Adrian,
i did the patch based on the devel branch.
Here a new one based on packetfence 8.3.
Regards
Fabrice
Le 19-02-08 à 04 h 13, Adrian Dessaigne via PacketFence-users a écrit :
> Hi, I've done the patch and I got one error for Switch.pm
>
> ############################################################################
>
> Below is the result of my patch command:
>
> [root@pfcen7 pf]# patch -p1 --dry-run < ./multiples_attributes.diff
> (Stripping trailing CRs from patch; use --binary to disable.)
> checking file lib/pf/Switch.pm
> Hunk #1 FAILED at 3035.
> 1 out of 1 hunk FAILED
> (Stripping trailing CRs from patch; use --binary to disable.)
> checking file lib/pf/api.pm
> Hunk #1 succeeded at 1297 (offset 3 lines).
> (Stripping trailing CRs from patch; use --binary to disable.)
> checking file lib/pf/radius/rest.pm
>
> #############################################################################
>
> The second commande is returning my this:
>
> [root@pfcen7 pf]# patch -p1 < ./multiples_attributes.diff
> (Stripping trailing CRs from patch; use --binary to disable.)
> patching file lib/pf/Switch.pm
> Hunk #1 FAILED at 3035.
> 1 out of 1 hunk FAILED -- saving rejects to file lib/pf/Switch.pm.rej
> (Stripping trailing CRs from patch; use --binary to disable.)
> patching file lib/pf/api.pm
> Hunk #1 succeeded at 1297 (offset 3 lines).
> (Stripping trailing CRs from patch; use --binary to disable.)
> patching file lib/pf/radius/rest.pm
>
> #############################################################################
>
> Here is the content of " lib/pf/Switch.pm.rej ":
> --- lib/pf/Switch.pm
> +++ lib/pf/Switch.pm
> @@ -3035,9 +3035,16 @@
> sub parseRequest {
> my ( $self, $radius_request ) = @_;
>
> - my $client_mac = ref($radius_request->{'Calling-Station-Id'}) eq 'ARRAY'
> - ? clean_mac($radius_request->{'Calling-Station-Id'}[0])
> - : clean_mac($radius_request->{'Calling-Station-Id'});
> + my $client_mac;
> + if (ref($radius_request->{'Calling-Station-Id'}) eq 'ARRAY') {
> + foreach my $callingStationId (@{$radius_request->{'Calling-Station-Id'}}) {
> + if (valid_mac($callingStationId)) {
> + $client_mac = clean_mac($callingStationId);
> + }
> + }
> + } else {
> + $client_mac = clean_mac($radius_request->{'Calling-Station-Id'});
> + }
> my $user_name = $radius_request->{'TLS-Client-Cert-Subject-Alt-Name-Upn'} || $radius_request->{'TLS-Client-Cert-Common-Name'} || $radius_request->{'User-Name'};
> my $nas_port_type = ( defined($radius_request->{'NAS-Port-Type'}) ? $radius_request->{'NAS-Port-Type'} : ( defined($radius_request->{'Called-Station-SSID'}) ? "Wireless-802.11" : undef ) );
> my $port = $radius_request->{'NAS-Port'};
>
> Is there any other information you need ?
>
> Regards,
>
> Adrian
>
> ----- Mail original -----
> De: "packetfence-users" <pac...@li...>
> À: "packetfence-users" <pac...@li...>
> Cc: "Durand fabrice" <fd...@in...>
> Envoyé: Vendredi 8 Février 2019 02:54:11
> Objet: Re: [PacketFence-users] Can't link PacketFence with AD Server.
>
> Hello Adrian,
>
> if the switch send two Calling-Station-Id then it's a bug on the switch
> side.
>
> But i made a patch in order to test if there is multiple attributes and
> test if one of them is a mac address.
>
> So go in /usr/local/pf
>
> patch -p1 --dry-run < ./mulpiples_attributes.diff
>
> if there is no error:
>
> patch -p1 < ./mulpiples_attributes.diff
>
> Let me know if it helps.
>
> Regards
>
> Fabrice
>
>
> _______________________________________________
> PacketFence-users mailing list
> Pac...@li...
> https://lists.sourceforge.net/lists/listinfo/packetfence-users
_______________________________________________
PacketFence-users mailing list
Pac...@li...
https://lists.sourceforge.net/lists/listinfo/packetfence-users
|
