(RADIATOR) Radiator crashes from garbage user name input
David Miller
dmiller at newportnet.com
Thu Mar 14 18:40:00 CST 2002
Hugh:
After a little further investigation I found the culprit. The
characters %s in a user name will kill the radiator process every time.
Have added a RewriteUsername rule ( s/%//g ) to remove the % sign from any
strings before they are authenticated and this seems to do the trick as a
work around. I will check out the UsernameCharset parameter. Thanks for the
quick reply.
David Miller
System Engineer -- Newport Internet
dmiller at newportnet.com
At 11:23 AM 3/15/02 +1100, Hugh Irvine wrote:
>Hello David -
>
>Thanks for reporting this - we will investigate the cause and make sure it
>doesn't happen again.
>
>Meanwhile, you should really use the UsernameCharset parameter is specify the
>acceptable characters the a user can enter.
>
>Have a look at section 6.4.30 in the Radiator 2.19 reference manual.
>("doc/ref.html").
>
>regards
>
>Hugh
>
>
>On Fri, 15 Mar 2002 10:25, David Miller wrote:
> > Hi all:
> > I work at a small ISP and we use Radiator (2.19) running on RedHat Linux
> > (7.1) to authenticate dial-up users onto our system. Today for the first
> > time since we started using Radiator it died unexpectedly on the primary
> > and secondary servers. The last line to be logged from each server was the
> > same, a failed login that contained nothing but garbage as the user name
> > (we see these all the time from windows boxes that are in bad need of a
> > reboot). Since the last line in each log was the same I did a little
> > testing with radpwtst and found the following string, when supplied as the
> > user name, will kill Radiator every time in our environment.
> >
> > ~?~?~&fn,uv~?~?~?~?~?~?~?~?~?~?~?~?~?~?~?~?~?~?~?b0%sjgr~?~?~?~
> >
> > This came as quite a surprise as we have been running Radiator here for six
> > months and never experienced even so much as a hiccup. Any light that
> > someone could shed on this would be appreciated. I have started exploring
> > the use of the restartWrapper to restart Radiator in the event of a repeat
> > occurance. Thanks for a great product and superb support.
> >
> > Regards,
> > David Miller
> > System Engineer -- Newport Internet
> > dmiller at newportnet.com
> >
> >
> > config file follows:
> > -------------------------------------------
> > # radius.cfg
> > # Created for use at Newport Internet
> > # Author: David Miller (dmiller at newportnet.com)
> > #
> > # Uses replicated MySql session database on localhost and 10.10.10.18 using
> > # private network address. RADONLINE table must have columns for the
> > # rewritten user name (USERNAME), and user name as supplied by the NAS
> > # (NASUSERNAME).
> > # Uses snmpget program to verify DefaultSimultaneous-Use violations
> > # Uses SNMPAgent clause to allow snmp queries of Radiator server.
> > # Logs accounting packets to the details file, as well as the ACCOUNTING
> > # table of the RADIUS database.
> > # Logs log messages to RADLOG table of RADIUS database.
> > #
> > #=====================
> > # Global Parameters
> > #=====================
> > LogDir /var/log/radius
> > DbDir /etc/radiator/raddb
> >
> > AuthPort 1645
> > AcctPort 1646
> >
> > # User a low trace level in production systems. Increase
> > # it to 4 or 5 for debugging, or use the -trace flag to radiusd
> > Trace 3
> > #Trace 5
> >
> > # Log file, in form of logfile.dd_Mmm_yyy
> > LogFile %L/logfile.%d_%v_%Y
> >
> > # Username Rewrite Rules. Strip off realm name, change to lowercase, and
> > remove # any whitespace.
> > RewriteUsername s/^([^@]+).*/$1/
> > RewriteUsername tr/A-Z/a-z/
> > RewriteUsername s/\s+//g
> >
> > # location of snmpget program
> > SnmpgetProg /usr/bin/snmpget
> >
> > # must define LivingstonHole as 0 to get snmpget to work properly
> > LivingstonHole 0
> >
> > # SNMP Agent -- allow snmp queries of Radiator server
> > <SNMPAgent>
> > ROCommunity xxxxxxx
> > BindAddress 10.10.10.17
> > Managers 10.10.10.122 localhost
> > </SNMPAgent>
> >
> > #===========
> > # Clients
> > #===========
> > <Client aaa.bbb.ccc.ddd>
> > Secret xxxxxx
> > DupInterval 2
> > NasType Portmaster3
> > SNMPCommunity xxxxxx
> > </Client>
> >
> > <Client aaa.bbb.ccc.eee>
> > Secret xxxxxx
> > DupInterval 2
> > NasType Portmaster3
> > SNMPCommunity xxxxxx
> > </Client>
> >
> > <Client aaa.bbb.ccc.fff>
> > Secret xxxxxx
> > DupInterval 2
> > NasType Portmaster3
> > SNMPCommunity xxxxxx
> > </Client>
> >
> > <Client aaa.bbb.ccc.ggg>
> > Secret xxxxxx
> > DupInterval 2
> > NasType Portmaster3
> > SNMPCommunity xxxxxx
> > </Client>
> >
> > #===============
> > # test clients
> > #===============
> > <Client aaa.bbb.ccc.hhh>
> > Secret xxxxxx
> > </Client>
> >
> > <Client 127.0.0.1>
> > Secret xxxxxx
> > </Client>
> >
> > #===============
> > # SQL Logger
> > #===============
> > <Log SQL>
> > Identifier SQLLogger
> > DBSource dbi:mysql:RADIUS
> > DBUsername raduser
> > DBAuth xxxxxx
> >
> > Table RADLOG
> > LogQuery insert into RADLOG (TIME_STAMP, PRIORITY, MESSAGE) \
> > values ('%Y-%m-%d %H:%M:%S', '%1', %2 );
> > Trace 3
> > </Log SQL>
> >
> > #==================
> > # Session Database
> > #==================
> > <SessionDatabase SQL>
> > Identifier RadiusSessionDB
> > # primary (localhost) session database
> > DBSource dbi:mysql:RADIUS
> > DBUsername raduser
> > DBAuth xxxxxx
> >
> > # secondary session database
> > DBSource dbi:mysql:RADIUS:10.10.10.18
> > DBUsername raduser
> > DBAuth xxxxxx
> >
> > AddQuery insert into RADONLINE \
> > (USERNAME, NASUSERNAME, NASIDENTIFIER, NASPORT, ACCTSESSIONID, TIME_STAMP,
> > \ ACCTDELAYTIME, FRAMEDIPADDRESS, NASPORTTYPE, SERVICETYPE) \
> > values ('%n', '%u', '%N', '0%{NAS-Port}', \
> > '%{Acct-Session-Id}', '%{Timestamp}', \
> > '%{Acct-Delay-Time}', '%{Framed-IP-Address}', \
> > '%{NAS-Port-Type}', '%{Service-Type}');
> >
> > DeleteQuery delete from RADONLINE \
> > where NASIDENTIFIER = '%N' and NASPORT = '0%{NAS-Port}';
> >
> > ClearNasQuery delete from RADONLINE where NASIDENTIFIER = '%N';
> >
> > CountQuery select NASIDENTIFIER, NASPORT, ACCTSESSIONID from RADONLINE \
> > where USERNAME = '%n';
> > </SessionDatabase SQL>
> >
> > #==================
> > # AuthBy clauses
> > #==================
> > <AuthBy SQL>
> > Identifier SQLAccountingStarts
> > DBSource dbi:mysql:RADIUS
> > DBUsername raduser
> > DBAuth xxxxxx
> >
> > # empty AuthSelect clause, no authentication
> > AuthSelect
> > # we only want starts
> > AccountingStartsOnly
> >
> > #Accounting table definition
> > AccountingTable ACCOUNTING
> > AcctColumnDef USERNAME, User-Name
> > AcctColumnDef TIME_STAMP, Timestamp, integer
> > AcctColumnDef ACCTSTATUSTYPE, Acct-Status-Type
> > AcctColumnDef ACCTDELAYTIME, Acct-Delay-Time, integer
> > AcctColumnDef ACCTINPUTOCTETS, Acct-Input-Octets, integer
> > AcctColumnDef ACCTOUTPUTOCTETS, Acct-Output-Octets, integer
> > AcctColumnDef ACCTSESSIONID, Acct-Session-Id
> > AcctColumnDef ACCTSESSIONTIME, Acct-Session-Time, integer
> > AcctColumnDef ACCTTERMINATECAUSE, Acct-Terminate-Cause, integer
> > AcctColumnDef NASIDENTIFIER, NAS-IP-Address
> > AcctColumnDef NASPORT, NAS-Port, integer
> > AcctColumnDef FRAMEDIPADDRESS, Framed-IP-Address
> > </AuthBy>
> >
> > <AuthBy SQL>
> > Identifier SQLAccountingStops
> > DBSource dbi:mysql:RADIUS
> > DBUsername raduser
> > DBAuth xxxxxx
> >
> > # empty AuthSelect clause, no authentication
> > AuthSelect
> >
> > # we only want stop packets
> > AccountingStopsOnly
> >
> > #Accounting table definition
> > AccountingTable ACCOUNTING
> > AcctColumnDef USERNAME, User-Name
> > AcctColumnDef TIME_STAMP, Timestamp, integer
> > AcctColumnDef ACCTSTATUSTYPE, Acct-Status-Type
> > AcctColumnDef ACCTDELAYTIME, Acct-Delay-Time, integer
> > AcctColumnDef ACCTINPUTOCTETS, Acct-Input-Octets, integer
> > AcctColumnDef ACCTOUTPUTOCTETS, Acct-Output-Octets, integer
> > AcctColumnDef ACCTSESSIONID, Acct-Session-Id
> > AcctColumnDef ACCTSESSIONTIME, Acct-Session-Time, integer
> > AcctColumnDef ACCTTERMINATECAUSE, Acct-Terminate-Cause, integer
> > AcctColumnDef NASIDENTIFIER, NAS-IP-Address
> > AcctColumnDef NASPORT, NAS-Port, integer
> > AcctColumnDef FRAMEDIPADDRESS, Framed-IP-Address
> >
> > # AcctSQL Statements
> > </AuthBy>
> >
> > <AuthBy FILE>
> > Identifier UserFile
> > Filename %D/users
> > CaseInsensitivePasswords # passwords case insensitive
> > DefaultSimultaneousUse 1 # Can be overridden on a per user basis.
> > </AuthBy>
> >
> > #==================
> > # Realms
> > #==================
> > <Realm DEFAULT>
> > # Session Database to use
> > SessionDatabase RadiusSessionDB
> >
> > # AuthBy Policy -- we continue always
> > AuthByPolicy ContinueAlways
> >
> > AuthBy SQLAccountingStarts
> > AuthBy SQLAccountingStops
> > AuthBy UserFile
> >
> > # Log accounting to a detail file
> > # Detail filename in form of detail.dd_Mmm_yyy
> > AcctLogFileName %L/detail.%d_%v_%Y
> > </Realm>
> >
> >
> >
> > ===
> > Archive at http://www.open.com.au/archives/radiator/
> > Announcements on radiator-announce at open.com.au
> > To unsubscribe, email 'majordomo at open.com.au' with
> > 'unsubscribe radiator' in the body of the message.
>
>--
>Radiator: the most portable, flexible and configurable RADIUS server
>anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
>-
>Nets: internetwork inventory and management - graphical, extensible,
>flexible with hardware, software, platform and database independence.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list