Proposed release of 2.1.6

A.L.M.Buxey at lboro.ac.uk A.L.M.Buxey at lboro.ac.uk
Thu May 14 15:53:28 CEST 2009


hi,

something is stripping the "\n" string formfactor from requests... ie

if User-Name = LUNET\netsec-1  then it all works fine - authentication
etc etc but right at the end, something b0rks - heres the final bits of log

Sending Access-Accept of id 215 to 192.168.8.198 port 1645
	User-Name = "LUNET\netsec-1\000"
	User-Name = "LUNET\netsec-1"
	MS-MPPE-Recv-Key = 0xb7dc0bca3dd592c0754d68544e8daa2584af32869ab180941ab15628077c874f
	MS-MPPE-Send-Key = 0x6d0853823df58acf447488e8d4956985a78cb1ff503682f47616a7beef2e54f9
	EAP-Message = 0x03090004
	Message-Authenticator = 0x00000000000000000000000000000000
Finished request 21.
Going to the next request
Waking up in 4.8 seconds.
rad_recv: Accounting-Request packet from host 192.168.8.198 port 1646, id=96, length=142
	Acct-Session-Id = "0000004E"
	User-Name = "LUNET\netsec-1"
	Acct-Authentic = RADIUS
	Acct-Status-Type = Start
	NAS-Port-Type = Ethernet
	NAS-Port = 50002
	NAS-Port-Id = "FastEthernet0/2"
	Called-Station-Id = "00-10-FF-52-DA-02"
	Calling-Station-Id = "00-1E-7B-DF-EC-66"
	Service-Type = Framed-User
	NAS-IP-Address = 192.168.8.198
	Acct-Delay-Time = 0
+- entering group preacct {...}
++[preprocess] returns ok
[acct_unique] Hashing 'NAS-Port = 50002,Client-IP-Address = 192.168.8.198,NAS-IP-Address = 192.168.8.198,Acct-Session-Id = "0000004E",User-Name = "LUNET\netsec-1"'
[acct_unique] Acct-Unique-Session-ID = "856473d000a76781".
++[acct_unique] returns ok
[suffix] No '@' in User-Name = "LUNET etsec-1", looking up realm NULL
[suffix] Found realm "DEFAULT"
[suffix] Adding Stripped-User-Name = "LUNET etsec-1"
[suffix] Adding Realm = "DEFAULT"
[suffix] Accounting realm is LOCAL.
++[suffix] returns ok
++[files] returns noop
+- entering group accounting {...}
[detail] 	expand: /var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d -> /var/log/radius/radacct/192.168.8.198/detail-20090514
[detail] /var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d expands to /var/log/radius/radacct/192.168.8.198/detail-20090514
[detail] 	expand: %t -> Thu May 14 14:47:27 2009
++[detail] returns ok
[attr_filter.accounting_response] 	expand: %{User-Name} -> LUNET etsec-1
 attr_filter: Matched entry DEFAULT at line 12
++[attr_filter.accounting_response] returns updated
Sending Accounting-Response of id 96 to 192.168.8.198 port 1646
Finished request 22.
Cleaning up request 22 ID 96 with timestamp +230
Going to the next request
Waking up in 3.8 seconds.
Cleaning up request 14 ID 208 with timestamp +229


as you can see, all the access-accept stuff is fine - LUNET\netsec-1  = great
however, after this has happened, the accouting stuff kicks in and its all turned into "LUNET etsec-1"
- is this a debug cosmetic issue or is something internal getting twisted?


PS cached EAP credentials - fantastic! 

alan



More information about the Freeradius-Users mailing list