User password

Nicolas Breuer Nicolas.Breuer at belcenter.biz
Wed May 22 15:48:46 CEST 2019


Hi Matthew,

Thanks for the update. Yes the software of the Cisco is very old and cannot be updated.
The issue there is that was working very well before.

I need to split with "\000" ?


-----Message d'origine-----
De : Freeradius-Users <freeradius-users-bounces+nicolas.breuer=belcenter.biz at lists.freeradius.org> De la part de Matthew Newton
Envoyé : mercredi 22 mai 2019 13:06
À : FreeRadius users mailing list <freeradius-users at lists.freeradius.org>
Objet : Re: User password

On Wed, 2019-05-22 at 09:12 +0000, Nicolas Breuer wrote:
> (9)   Calling-Station-Id = "71"
> (9)   User-Password = "alerteo268\000N: In"
> (9)   Service-Type = Framed-User
...
> 
> Any ideas from where the \000N:In comes from ?
> The user password is "alerteo268"

Looks like your NAS is broken. It's not calculating the length of the
User-Name attribute correctly and presumably leaking whatever memory
was after it.

It should be sending it with, in this case, length 10 and no NULL.

If there's no software update for the NAS to fix it then you may be
able to work around it by writing some unlang with a regex to chop it
down to the right length.

-- 
Matthew


-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html



More information about the Freeradius-Users mailing list