Freeradius 1.1.1: 'radclient' incorrect Authenticator value
Robles Rodriguez,Alejandro
Alejandro.RoblesRodriguez at tre.se
Mon Jun 12 15:04:10 CEST 2006
Hi,
I'm using freeradius 1.1.1 and trying to performance test it using as client the 'radclient' utility program. I have been experiencing some problems when load testing it since freeradius was responding in some cases responding to the client with old (already sent) responses when in fact the request was different (Attribute-wise at least).
...
rad_recv: Access-Request packet from host 10.66.20.20:36426, id=235, length=110
Sending duplicate reply to client localtest:36426 - ID: 235
Re-sending Access-Accept of id 235 to 10.66.20.20 port 36426
...
After struggling a bit I noticed that the Access-Requests sent by 'radclient' where all having the same Authenticator value for the same request ID (0-255). In some cases the cached reply was gone before the next request with the same Authenticator value came hence a brand new reply was generated however it became a problem otherwise (reply still in the cache).
Have any of you guys noticed this problem and do you have a solution to it (besides changing the code)? My test files contain at least 1000 Access-Requests each therefore the IDs will be reused.
I might be mistaken but one odd thing is that I see a comment in the code saying that if a request has already been used then it needs to make sure that the Authenticator value is unique. However I don't see that happening in the code actually ('radclient.c', function 'request_free'):
/*
* If we've already sent a packet, free up the old one,
* and ensure that the next packet has a unique
* authentication vector.
*/
if (radclient->request->data) {
free(radclient->request->data);
radclient->request->data = NULL;
}
Thank you!
Regards,
Alex.
More information about the Freeradius-Users
mailing list