radius: T7039: fix broken IPv6 source address

When configuring RADIUS to use IPv6 as connection to the server with an optional source-address set system login radius server 2001:db8::4 key '9LMVCtPYpG' set system login radius source-address '2001:db8::1' It will error out: pam_radius_auth(sshd:auth): Failed looking up source IP address [2001:db8::1] for server [2001:db8::4]:1812 (error=System error) The source address is not allowed to be in [] - thus the brackets need to be removed.
vyos · Jan 10, 2025 · f48eb0c · f48eb0c
1 parent 13d2ad2
commit f48eb0c
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/data/templates/login/pam_radius_auth.conf.j2 b/data/templates/login/pam_radius_auth.conf.j2
@@ -9,7 +9,7 @@
 {%             if address | is_ipv4 %}
 {%                 set source_address.ipv4 = address %}
 {%             elif address | is_ipv6 %}
-{%                 set source_address.ipv6 = "[" + address + "]" %}
+{%                 set source_address.ipv6 = address %}
 {%             endif %}
 {%         endfor %}
 {%     endif %}
@@ -21,7 +21,7 @@
 {%             if server | is_ipv4 %}
 {{ server }}:{{ options.port }} {{ "%-25s" | format(options.key) }} {{ "%-10s" | format(options.timeout) }} {{ source_address.ipv4 if source_address.ipv4 is vyos_defined }}
 {%             else %}
-[{{ server }}]:{{ options.port }} {{ "%-25s" | format(options.key) }} {{ "%-10s" | format(options.timeout) }} {{ source_address.ipv6 if source_address.ipv6 is vyos_defined }}
+{{ server | bracketize_ipv6 }}:{{ options.port }} {{ "%-25s" | format(options.key) }} {{ "%-10s" | format(options.timeout) }} {{ source_address.ipv6 if source_address.ipv6 is vyos_defined }}
 {%             endif %}
 {%         endfor %}
 {%     endif %}