Adam.Bishop at jisc.ac.uk
Wed Mar 4 01:02:31 CET 2015
We have a set of NAS's that are at the end of an unreliable (GSM) connection managed by a third party. Sometimes the AuthN requests are sent to us malformed - like you'd see if the shared secret is correct, except it can't be because well formed requests are interspersed with malformed ones, seconds apart with the same source and destination servers.
Unfortunately the user name is almost always intact, so the request is valid enough to be processed and, eventually lockout the afflicted user's account.
While the vendor tries to fix their problem so this doesn't happen, I need to filter out the malformed requests.
I can do this by writing a regex to bin any requests that contain any unprintable characters (as FreeRADIUS does using fr_utf8_char()), but before I sit down and try and figure that out is there a better way to do this?
Is the check done by FreeRADIUS for unprintable characters available to unlang (or if not, would this be easy to expose)?
Jisc is a registered charity (number 1149740) and a company limited by guarantee which is registered in England under Company No. 5747339, VAT No. GB 197 0632 86. Jisc’s registered office is: One Castlepark, Tower Hill, Bristol, BS2 0JA. T 0203 697 5800.
Jisc Collections and Janet Ltd. is a wholly owned Jisc subsidiary and a company limited by guarantee which is registered in England under Company No. number 2881024, VAT No. GB 197 0632 86. The registered office is: Lumen House, Library Avenue, Harwell, Didcot, Oxfordshire, OX11 0SG. T 01235 822200.
More information about the Freeradius-Users