Matthew Schumacher wrote:
The patch proved to be unreliable, and now I'm trying to figure out why. Most of the time it works fine, but every now and then it crashes the radius server. In digging around trying to figure out why it doesn't work I was able to capture the Access-Request packet that crashes the server.
In wireshark it shows the error, "VSA too short":
Can you post the *hex* version of the packet? The "VSA too short" error means that it isn't printing out what's actually in the packet. So... it doesn't say *why* the VSA is too short. And does this crash when the server *doesn't* have that patch?
AVP: l=14 t=Vendor-Specific(26) v=UTStarcom Incorporated(429) [VSA too short]
USR VSA's are: 26 (Vendor-Specific) xx (vendor-length) 0000xxxx (USR vendor-ID) 0000tttt (USR vendor-type) ... (data) i.e. at least 12 bytes long. If the Vendor-Specific attribute is 14 bytes, then it means that the Vendor-Type is likely a 'string' type, and it contains 2 characters of string data. But Wireshark also includes the FreeRADIUS dictionaries. So it may think that the attribute is of type "integer", and should therefore be 4 bytes. Without the *contents* of the attribute, it's impossible to know more. Alan DeKok.