strange behavior of checkrad and radius with Authen::Radius

Igor Smitran sigor at
Wed Feb 14 23:35:07 UTC 2024

I am using Authen::Radius and checkrad in order to check for duplicate 
connections on ASR 9901.

Everything is ok when i call checkrad directly from command line:

checkrad cisco_coa nas_ip nas_port username session_id

It correctly checks for session using COA REQUEST and returns 44 or 45 
(ACK or NAK).

But, when called from freeradius Authen::Radius looses $self{'secret'} 
value, it becomes undef.

When freeradius started with -X it prints:

Use of uninitialized value in subroutine entry at 
/usr/local/share/perl/5.34.0/Authen/ line 1004.

If i edit line 1004 and


replace with hardcoded secret:


everything works, checkrad is able to do COA REQUEST and detect 
duplicate session.

So, for some reason when checkrad called from freeradius this value 
becomes undef.

Also, cisco_coa is new type defined in checkrad, i have created entirely 
new subroutine for coa call and included Authen::Radius:

sub cisco_coa {

         return 2 unless (check_authen_radius());

         my ($login, $pass) = naspasswd($ARGV[1], 1);

         $ro = new Authen::Radius(Host => $ARGV[1].':1700', Secret => 
$pass, Debug => 0);
         $ro->add_attributes (
                 { Name => 'User-Name', Value => $ARGV[3]},
                 { Name => 'Acct-Session-Id', Value => $ARGV[4]}
         $ro->send_packet(COA_REQUEST) and $tip = $ro->recv_packet();

         if ($tip == 44) {
                 return 1;
         } elsif ($tip == 45) {
                 return 0;
         } else {
                 return 2;

If anyone is able to help i will very much appreciate it,

Thank you,


More information about the Freeradius-Users mailing list