Non-ascii username and linelog

Jean-Marc TÊTU jm.tetu at telecom-bretagne.eu
Tue Jun 7 17:44:11 CEST 2016


Thanks a  lot for your answer, Matthew.

It seems resolve my problem ! I only use the new (compiled)  src/modules/rlm_linelog/rlm_linelog.c

./test_radtest_non_ascii.txt 
Sent Access-Request Id 71 from 0.0.0.0:34102 to 127.0.0.1:1812 length 79
	User-Name = "wke"
	User-Password = "hello"
	NAS-IP-Address = 127.0.1.1
	NAS-Port = 0
	Message-Authenticator = 0x00
	Cleartext-Password = "hello"
Received Access-Reject Id 71 from 127.0.0.1:1812 to 0.0.0.0:0 length 31
	User-Name = "wke"
(0) -: Expected Access-Accept got Access-Reject


and the  result of radiusd -X


(36) # Executing group from file /usr/local/FR3011/etc/raddb//sites-enabled/default
(36)   Post-Auth-Type REJECT {
(36) linelog: EXPAND messages.%{%{reply:Packet-Type}:-default}
(36) linelog:    --> messages.Access-Reject
(36) linelog: EXPAND %D:%H:%G : Reject : %{User-Name} : %{Calling-Station-Id} : %{NAS-IP-Address} : %{Called-Station-Id}
(36) linelog:    --> 20160607:17:35 : Reject : e :  : 127.0.1.1 : 
(36) linelog: EXPAND /usr/local/FR3011/var/log/radius/linelog
(36) linelog:    --> /usr/local/FR3011/var/log/radius/linelog
(36)     [linelog] = ok
(36)   } # Post-Auth-Type REJECT = ok
(36) Delaying response for 1.000000 seconds
Waking up in 0.2 seconds.
Waking up in 0.7 seconds.
(36) Sending delayed response
(36) Sent Access-Reject Id 71 from 127.0.0.1:1812 to 127.0.0.1:34102 length 31
(36)   User-Name = "wke"
Waking up in 3.9 seconds.
(36) Cleaning up request packet ID 71 with timestamp +535
Ready to process requests



----- Mail original -----
De: "Matthew Newton" <mcn4 at leicester.ac.uk>
À: "FreeRadius users mailing list" <freeradius-users at lists.freeradius.org>
Cc: "noc" <noc at telecom-bretagne.eu>
Envoyé: Mardi 7 Juin 2016 12:59:53
Objet: Re: Non-ascii username and linelog

On Tue, Jun 07, 2016 at 11:32:35AM +0200, Jean-Marc TÊTU wrote:
> We run a Freeradius 3.0.11 on an ubuntu 14.04. 
> And il seems that one of our students find the way to put KO our server.
> 
> He tries to authenticate with a  user-name in non ASCII and
> freeradius crash on the write ( in linelog module ) of
> %{User-Name}
...
> If somebody have an idea....

This was fixed in 1bb3ef53c98b.

Please try v3.0.x (or wait for 3.0.12, due soon).

Thanks,

Matthew


-- 
Matthew Newton, Ph.D. <mcn4 at le.ac.uk>

Systems Specialist, Infrastructure Services,
I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom

For IT help contact helpdesk extn. 2253, <ithelp at le.ac.uk>



More information about the Freeradius-Users mailing list