radius.log behaviour change v1 -> v2

Stefan Winter stefan.winter at restena.lu
Fri Apr 11 14:01:26 CEST 2008 

Hi,

following up on myself:

> Wed Dec  5 21:11:11 2007 : Auth: Login OK: [stefan.winter at restena.lu] (from
> client localhost port 0)
> Wed Dec  5 21:11:11 2007 : Auth: Login OK: [@restena.lu] (from client
> radius-1 port 1 cli 00-13-ce-c2-b1-86)
>
> v2 format is: both are logged as coming from real client, like:

> Thu Mar 27 11:00:00 2008 : Auth: Login incorrect: [x.y at uni.lu] (from client
> WLC-Walferdange2 port 0)
>
> Thu Mar 27 11:00:00 2008 : Auth: Login incorrect: [x.y at uni.lu] (from
> client WLC-Walferdange2 port 29 cli 00-1C-BF-73-E6-0A)
>
> That makes parsing the log file more difficult, if the number of
> authentications happening is to be taken out of the radius.log file. If a
> NAS doesn't send Calling-Station-Id, the two are almost not correlatable,
> except for the timestamp and a possibly different port (both seem whacky
> ways of doing it).
>
> Was this change advertantly? Can I get the old behaviour back? Or at least,
> add "-inner" to the client name for inner requests?

Digging through the code, I noticed that there should already be a 
notification by adding "via TLS tunnel" at the end of the log line, the code 
in question in auth_name() in auth.c being a ternary op:

(request->packet->src_port == 0) ? " via TLS tunnel" : "");

This log line never manifested in my setups so far. I don't fully understand 
the inner tunneling code in ttls and peap, I can only say that there was no 
obvious place where packet->src_port is set to 0 when crafting the inner 
request. I wonder under what circumstances this ternary is supposed to 
evaluate to "via TLS tunnel"... Can someone shed some light on this?

Greetings,

Stefan Winter

-- 
Stefan WINTER

Stiftung RESTENA - Réseau Téléinformatique de l'Education Nationale et de 
la Recherche
Ingenieur Forschung & Entwicklung

6, rue Richard Coudenhove-Kalergi
L-1359 Luxembourg
E-Mail: stefan.winter at restena.lu     Tel.:     +352 424409-1
http://www.restena.lu                Fax:      +352 422473
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 194 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.freeradius.org/pipermail/freeradius-devel/attachments/20080411/9c0baf50/attachment.pgp>

More information about the Freeradius-Devel mailing list