3.0.x: user-password length decoding sometimes wrong?

Arran Cudbard-Bell a.cudbardb at freeradius.org
Tue Dec 1 00:47:33 CET 2015


> On 30 Nov 2015, at 18:37, Stefano Mason <stefano.mason at eng-mo.it> wrote:
> 
> Dear Alan,
>   I'm curios to know why this Access-Request from Brocade switch to Freeradius 3.0.10 report the User-Password end with many NULL, instead, Freeradius 2.2.9 report a clean User-Password?

Because in v3.0.x we follow RFC 2865 to the letter, and do not give null bytes any special treatment.

The FreeRADIUS 2.2.9 behaviour was incorrect, the 3.0.10 behaviour is correct.  The Brocade NAS is broken.  It looks like it's sending the contents of a fixed length (16 byte) buffer and incorrectly calculating the length of the data in that buffer (someone probably used sizeof() instead of strlen).

Anyway, open a support case with Brocade to get this fixed, they are absolutely doing the wrong thing here.

-Arran

Arran Cudbard-Bell <a.cudbardb at freeradius.org>
FreeRADIUS development team

FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 872 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20151130/affbd6b0/attachment.sig>


More information about the Freeradius-Users mailing list