REG: Cisco-AV Pair not sent
8zero2 operations
8zero2ops at gmail.com
Fri Dec 28 09:02:33 CET 2018
Hi,
I am trying to allocate a string in Cisco-AV Pair and send it as reply
attribute, It works till the length is 247 chars when it becomes 248
nothing is sent back.. and when it is > 248 radius gives malformed packet
error(This is no problem)
But when it is 248 and nothing is sent back. It becomes a big problem as
some security risks arise. Please help
update reply {
Cisco-AVPair = "url-redirect-acl=Web_Auth"
Cisco-AVPair += "%{exec:/bin/cat
/usr/local/etc/raddb/test}"
}
When string length is 248
~ echo 'Service-Type="Call-Check",User-Name="ff:ff:ff:ff:ff:ff"' |
radclient -x 127.0.0.1:1812 auth testing123
Sent Access-Request Id 7 from 0.0.0.0:55619 to 127.0.0.1:1812 length 45
Service-Type = Call-Check
User-Name = "ff:ff:ff:ff:ff:ff"
Received Access-Accept Id 7 from 127.0.0.1:1812 to 0.0.0.0:0 length 53
Cisco-AVPair = "url-redirect-acl=Web_Auth"
~ cat test
url-redirect=
https://abcdef.abc.in:8443/register.php?eu=kMd3HIyURkpxYd%2BxLUCYTG%2B2OqcetWBqgjlDGIDPrgIsFzCJNP0JtON2V4%2BgAJ3y2nOKZNUihAERglbTdfgep3Y%2Fo59YcsXfJp%2B%2FzfrOhbMjHA9MPVKlkUcgL8Slhkb%2BXHtHQGs8mz7du%2Fq%2FHgBqANl94lEhHTOe0udJJASNxQw%3D
=======================================================
When string length is <248
~ echo 'Service-Type="Call-Check",User-Name="ff:ff:ff:ff:ff:ff"' |
radclient -x 127.0.0.1:1812 auth testing123
Sent Access-Request Id 224 from 0.0.0.0:41832 to 127.0.0.1:1812 length 45
Service-Type = Call-Check
User-Name = "ff:ff:ff:ff:ff:ff"
Received Access-Accept Id 224 from 127.0.0.1:1812 to 0.0.0.0:0 length 308
Cisco-AVPair = "url-redirect-acl=Web_Auth"
Cisco-AVPair = "url-redirect=
https://abcdef.abc.in:8443/register.php?eu=kMd3HIyURkpxYd%2BxLUCYTG%2B2OqcetWBqgjlDGIDPrgIsFzCJNP0JtON2V4%2BgAJ3y2nOKZNUihAERglbTdfgep3Y%2Fo59YcsXfJp%2B%2FzfrOhbMjHA9MPVKlkUcgL8Slhkb%2BXHtHQGs8mz7du%2Fq%2FHgBqANl94lEhHTOe0udJJASNxQw%3
"
~ cat test
url-redirect=
https://abcdef.abc.in:8443/register.php?eu=kMd3HIyURkpxYd%2BxLUCYTG%2B2OqcetWBqgjlDGIDPrgIsFzCJNP0JtON2V4%2BgAJ3y2nOKZNUihAERglbTdfgep3Y%2Fo59YcsXfJp%2B%2FzfrOhbMjHA9MPVKlkUcgL8Slhkb%2BXHtHQGs8mz7du%2Fq%2FHgBqANl94lEhHTOe0udJJASNxQw%3
Regards,
Mail: 8zero2.in at gmail.com
Facebook: www.facebook.com/8zero2
Twitter: @8zero2_in
Blog: blog.8zero2.in
More information about the Freeradius-Users
mailing list