From aef32844819b8430d41d76ab59c2145251bad784 Mon Sep 17 00:00:00 2001 From: Aki Tuomi Date: Fri, 1 Dec 2017 13:49:31 +0200 Subject: [PATCH] auth: Use rip instead of real_rip in policy server attributes real_rip contains proxy IP, not client IP --- src/auth/auth-settings.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/auth/auth-settings.c b/src/auth/auth-settings.c index 0c4d630a3e..0f5eeee82f 100644 --- a/src/auth/auth-settings.c +++ b/src/auth/auth-settings.c @@ -300,7 +300,7 @@ static const struct auth_settings auth_default_settings = { .policy_server_timeout_msecs = 2000, .policy_hash_mech = "sha256", .policy_hash_nonce = "", - .policy_request_attributes = "login=%{orig_username} pwhash=%{hashed_password} remote=%{real_rip} device_id=%{client_id} protocol=%s", + .policy_request_attributes = "login=%{orig_username} pwhash=%{hashed_password} remote=%{rip} device_id=%{client_id} protocol=%s", .policy_reject_on_fail = FALSE, .policy_hash_truncate = 12, -- 2.47.3