3.0.x: user-password length decoding sometimes wrong?

Stefano Mason stefano.mason at eng-mo.it
Tue Dec 1 10:35:57 CET 2015


On 12/01/2015 12:47 AM, Arran Cudbard-Bell wrote:
> Because in v3.0.x we follow RFC 2865 to the letter, and do not give null bytes any special treatment.


OK.


>
> The FreeRADIUS 2.2.9 behaviour was incorrect, the 3.0.10 behaviour is correct.  The Brocade NAS is broken.  It looks like it's sending the contents of a fixed length (16 byte) buffer and incorrectly calculating the length of the data in that buffer (someone probably used sizeof() instead of strlen).


I'm totally agree!

On my multivendor environment:

Juniper: User-Password = "db00000"
Fortinet: User-Password = "db00000"
Cisco: User-Password = "db00000"
CheckPoint: User-Password = "db00000"
HP: User-Password = "db00000"
3COM: User-Password = "db00000"
Dell switch: User-Password = "db00000"
Brocade NET switch: User-Password = 
"db00000\000\000\000\000\000\000\000\000\031"


>
> Anyway, open a support case with Brocade to get this fixed, they are absolutely doing the wrong thing here.
>
> -Arran
>


Many thanks Arran to make some light on this behaviour.
Best regards.

Stefano





More information about the Freeradius-Users mailing list