(RADIATOR) Radiator dying on unusual usernames
Barry Brown
bbrown at ibexa.com
Wed Jul 30 19:40:43 CDT 2003
Hi,
We just installed Radiator and are running into situations where it
just rolls over and dies. Sometimes it happens after just a few hours,
sometime I have to wait a day or so. The latest incident happened a few
hours ago and I captured it on the console and in log files. It looks
like Syslog.pm is choking on the data it's being given. It could be
because of the garbage username and password. I can't say for sure
whether the previous incidents were caused by the same thing since I
didn't have the log files set up to capture them.
Should radiator be sanitizing the data before working with it?
Thanks,
Barry
Console output:
bobbidi root # radiusd -config_file /etc/radiusd.conf -foreground
Modification of a read-only value attempted at
/usr/lib/perl5/5.8.0/i686-linux/Sys/Syslog.pm line 296.
Attempt to free unreferenced scalar during global destruction.
Configuration file (no secrets):
#Foreground
#LogStdout
LogDir /var/log/radius
DbDir /etc/raddb
PidFile /var/run/radiusd/radiusd.pid
# User a lower trace level in production systems:
Trace 4
AuthPort 1645,1812
AcctPort 1646,1813
<ClientListSQL>
DBSource dbi:mysql:radius:123.4.5.6
DBUsername XXXXXX
DBAuth XXXXXXXX
GetClientQuery select ipaddr,secret from nas
</ClientListSQL>
<Realm DEFAULT>
<AuthBy SQL>
DBSource dbi:mysql:radius:123.4.5.6
DBUsername XXXXXX
DBAuth XXXXXXX
AuthSelect select Value from radcheck where UserName =
%0
AuthColumnDef 0, User-Password, check
AddToReply Service-Type=Framed-User,\
Framed-Protocol=PPP,\
Framed-Compression=Van-Jacobsen-TCP-IP
</AuthBy>
PasswordLogFileName /var/log/radius/password.log
<AuthLog SYSLOG>
Facility user
Priority info
LogSuccess 0
LogFailure 1
# The defaults for below are %1:%U:%P:OK and
%1:%U:%P:FAIL
SuccessFormat %U:OK
FailureFormat %U:%P:FAIL
</AuthLog>
#<AuthLog SQL>
# DBSource dbi:mysql:radius:123.4.5.6
# DBUsername XXXXXXX
# DBAuth XXXXXXX
#</AuthLog>
</Realm>
Last few lines of the authlog (generated by syslog):
Jul 30 11:23:53 bobbidi /usr/bin/radiusd[11372]: had-e::FAIL: No such
user
Jul 30 11:24:43 bobbidi /usr/bin/radiusd[11372]: ::FAIL: No such user
Jul 30 11:25:59 bobbidi /usr/bin/radiusd[11372]: ::FAIL: No such user
Jul 30 11:26:10 bobbidi /usr/bin/radiusd[11372]: smsshanghai::FAIL: Bad
Password
Jul 30 11:26:51 bobbidi /usr/bin/radiusd[11372]: john23::FAIL: Bad
Password
Jul 30 11:28:45 bobbidi /usr/bin/radiusd[11372]: john23::FAIL: Bad
Password
Jul 30 11:29:26 bobbidi /usr/bin/radiusd[11372]:
EBR=11-~d44KlN0mu#-k7}R%A-m1UfLp:G*t\?yBzb|.3\'>Ccp4&&#Rn\anJ{N/
\(s[+5yx+<x#5a\Q2!i|7U6{:E!'5&>:FAIL: No such user
Jul 30 11:29:26 bobbidi /usr/bin/radiusd[11372]: k-5TK:0I:FAIL: No such
user
Finally, the last few entries from the logfile:
Wed Jul 30 11:29:26 2003: DEBUG: Packet dump:
*** Received from 66.81.0.128 port 3598 ....
Code: Access-Request
Identifier: 192
Authentic: ;<203><191><152>~<163><247><177><14>*q<1>jw<184><208>
Attributes:
User-Name = "EBR=11-~d44KlN%Xmu#-k7}R%A-m1UfLp"
NAS-IP-Address = 66.81.7.27
NAS-Port = 27213
NAS-Port-Type = Async
Service-Type = Login-User
Calling-Station-Id = "5306761012"
Ascend-Calling-Id-Type-Of-Num = Unknown
Ascend-Calling-Id-Number-Plan = Unknown
Called-Station-Id = "5305031325"
Acct-Session-Id = "401591860"
Ascend-Data-Rate = 26400
Ascend-Xmit-Rate = 26400
User-Password =
"A<28><240><183><10>3Yi<192>K<162><2><3>U7m<181>s<186>6<214><14>2<188>L<
221>h<185>~<7>{<236><4>$
<237><245><245><26><168>q<196><8><30>~@w<226>70I<226><251><8>)"N<227><5>
k<17>4=<21>"
Wed Jul 30 11:29:26 2003: DEBUG: Handling request with Handler
'Realm=DEFAULT'
Wed Jul 30 11:29:26 2003: DEBUG: Deleting session for
EBR=11-~d44KlN%Xmu#-k7}R%A-m1UfLp, 66.81.7.27, 27213
Wed Jul 30 11:29:26 2003: DEBUG: Handling with Radius::AuthSQL
Wed Jul 30 11:29:26 2003: DEBUG: Handling with Radius::AuthSQL:
Wed Jul 30 11:29:26 2003: DEBUG: Query is: 'select Value from radcheck
where UserName = 'EBR=11-~d44KlN%Xmu#-k7}R%A-m1UfLp'':
Wed Jul 30 11:29:26 2003: DEBUG: Radius::AuthSQL looks for match with
EBR=11-~d44KlN%Xmu#-k7}R%A-m1UfLp
Wed Jul 30 11:29:26 2003: DEBUG: Query is: 'select Value from radcheck
where UserName = 'DEFAULT'':
Wed Jul 30 11:29:26 2003: INFO: Access rejected for
EBR=11-~d44KlN%Xmu#-k7}R%A-m1UfLp: No such user
Wed Jul 30 11:29:26 2003: DEBUG: Packet dump:
*** Sending to 66.81.0.128 port 3598 ....
Code: Access-Reject
Identifier: 192
Authentic: ;<203><191><152>~<163><247><177><14>*q<1>jw<184><208>
Attributes:
Reply-Message = "Request Denied"
Wed Jul 30 11:29:26 2003: DEBUG: Packet dump:
*** Received from 66.81.0.128 port 3598 ....
Code: Access-Request
Identifier: 193
Authentic: <175>l<22><253><21>NP<243><203><233>Elm<13><<143>
Attributes:
User-Name = "alewis"
NAS-IP-Address = 66.81.7.11
NAS-Port = 26724
NAS-Port-Type = Async
Service-Type = Framed-User
Framed-Protocol = PPP
Calling-Station-Id = "5302724813"
Ascend-Calling-Id-Type-Of-Num = Unknown
Ascend-Calling-Id-Number-Plan = Unknown
Called-Station-Id = "5302051325"
Acct-Session-Id = "398300071"
Ascend-Endpoint-Disc =
"<1><204><25>[<3>x<226>D<<162><13>O<133><195>><29>:"
Ascend-Data-Rate = 26400
Ascend-Xmit-Rate = 50667
User-Password =
";<182><168><225><243><146>L*'8<251>t<161><191><127><164>"
Wed Jul 30 11:29:26 2003: DEBUG: Handling request with Handler
'Realm=DEFAULT'
Wed Jul 30 11:29:26 2003: DEBUG: Deleting session for lewis,
66.81.7.11, 26724
Wed Jul 30 11:29:26 2003: DEBUG: Handling with Radius::AuthSQL
Wed Jul 30 11:29:26 2003: DEBUG: Handling with Radius::AuthSQL:
Wed Jul 30 11:29:26 2003: DEBUG: Query is: 'select Value from radcheck
where UserName = 'alewis'':
Wed Jul 30 11:29:26 2003: DEBUG: Radius::AuthSQL looks for match with
alewis
Wed Jul 30 11:29:26 2003: DEBUG: Radius::AuthSQL ACCEPT:
Wed Jul 30 11:29:26 2003: DEBUG: Access accepted for alewis
Wed Jul 30 11:29:26 2003: DEBUG: Packet dump:
*** Sending to 66.81.0.128 port 3598 ....
Code: Access-Accept
Identifier: 193
Authentic: <175>l<22><253><21>NP<243><203><233>Elm<13><<143>
Attributes:
Service-Type = Framed-User
Framed-Protocol = PPP
Framed-Compression = Van-Jacobsen-TCP-IP
Wed Jul 30 11:29:26 2003: DEBUG: Packet dump:
*** Received from 66.81.0.128 port 3598 ....
Code: Access-Request
Identifier: 195
Authentic: ;<203><191><152>~<163><247><177><14>*q<1>jw<184><208>
Attributes:
User-Name = "k-5TK"
NAS-IP-Address = 66.81.7.27
NAS-Port = 27213
NAS-Port-Type = Async
Service-Type = Login-User
Calling-Station-Id = "5306761012"
Ascend-Calling-Id-Type-Of-Num = Unknown
Ascend-Calling-Id-Number-Plan = Unknown
Called-Station-Id = "5305031325"
Acct-Session-Id = "401591860"
Ascend-Data-Rate = 26400
Ascend-Xmit-Rate = 26400
User-Password = "6<127><132><235>5J<27><19><162>7<140>1_r<9>."
Wed Jul 30 11:29:26 2003: DEBUG: Handling request with Handler
'Realm=DEFAULT'
Wed Jul 30 11:29:26 2003: DEBUG: Deleting session for k-5TK,
66.81.7.27, 27213
Wed Jul 30 11:29:26 2003: DEBUG: Handling with Radius::AuthSQL
Wed Jul 30 11:29:26 2003: DEBUG: Handling with Radius::AuthSQL:
Wed Jul 30 11:29:26 2003: DEBUG: Query is: 'select Value from radcheck
where UserName = 'k-5TK'':
Wed Jul 30 11:29:26 2003: DEBUG: Radius::AuthSQL looks for match with
k-5TK
Wed Jul 30 11:29:26 2003: DEBUG: Query is: 'select Value from radcheck
where UserName = 'DEFAULT'':
Wed Jul 30 11:29:26 2003: INFO: Access rejected for k-5TK: No such user
Wed Jul 30 11:29:26 2003: DEBUG: Packet dump:
*** Sending to 66.81.0.128 port 3598 ....
Code: Access-Reject
Identifier: 195
Authentic: ;<203><191><152>~<163><247><177><14>*q<1>jw<184><208>
Attributes:
Reply-Message = "Request Denied"
Wed Jul 30 11:29:26 2003: DEBUG: Packet dump:
*** Received from 66.81.0.128 port 3598 ....
Code: Access-Request
Identifier: 196
Authentic: ;<203><191><152>~<163><247><177><14>*q<1>jw<184><208>
Attributes:
User-Name =
"R99%KDF{j"kk$B#(5#W>l2TFav%A?<OPfjxt?>~.fu&Q15gj}yfxB;y;9"
NAS-IP-Address = 66.81.7.27
NAS-Port = 27213
NAS-Port-Type = Async
Service-Type = Login-User
Calling-Station-Id = "5306761012"
Ascend-Calling-Id-Type-Of-Num = Unknown
Ascend-Calling-Id-Number-Plan = Unknown
Called-Station-Id = "5305031325"
Acct-Session-Id = "401591860"
Ascend-Data-Rate = 26400
Ascend-Xmit-Rate = 26400
User-Password =
"IV<236><168><13>4!x<139>z<175>EiT7z<22>f<24><131><163><155><141>^<247><
5>L~<244><252>7M|<219>]U<196>:<247><164><234><155><172><146>:<186><140><
247><168>2B<134><174><166>w<205><31><146><184><239><142>#<144>7<216>v<23
1><220><160>>Q<127><22><196><184><247>y<240>#{&ok<169>e<145><232><201><1
55><205><29>$<177>me<179><143><218>o?v<20><6><211>e<175><27><200><129><2
20><21><207>%x<206>v<222>_<202><27><168>Q{`7<224>.)<23><143>d8<8><169><2
11>?V<254>c{<253><20>6<199><30>!<22>x<141><7><136><159><168><211><190>)f
<20>J"
Wed Jul 30 11:29:26 2003: DEBUG: Handling request with Handler
'Realm=DEFAULT'
Wed Jul 30 11:29:26 2003: DEBUG: Deleting session for
R99%KDF{j"kk$B#(5#W>l2TFav%A?<OPfjxt?>~.fu&Q15gj}yfxB;y;9, 66.81.7.27,
27213
Wed Jul 30 11:29:26 2003: DEBUG: Handling with Radius::AuthSQL
Wed Jul 30 11:29:26 2003: DEBUG: Handling with Radius::AuthSQL:
Wed Jul 30 11:29:26 2003: DEBUG: Query is: 'select Value from radcheck
where UserName =
'R99%KDF{j\"kk$B#(5#W>l2TFav%A?<OPfjxt?>~.fu&Q15gj}yfxB;y;9'':
Wed Jul 30 11:29:26 2003: DEBUG: Radius::AuthSQL looks for match with
R99%KDF{j"kk$B#(5#W>l2TFav%A?<OPfjxt?>~.fu&Q15gj}yfxB;y;9
Wed Jul 30 11:29:26 2003: DEBUG: Query is: 'select Value from radcheck
where UserName = 'DEFAULT'':
Wed Jul 30 11:29:26 2003: INFO: Access rejected for
R99%KDF{j"kk$B#(5#W>l2TFav%A?<OPfjxt?>~.fu&Q15gj}yfxB;y;9: No such user
A few lines from Syslog.pm around line 296:
unless ($whoami) {
($whoami = getlogin) ||
($whoami = getpwuid($<)) ||
($whoami = 'syslog');
}
$whoami .= "[$$]" if $lo_pid;
$mask =~ s/%m/$!/g;
$mask .= "\n" unless $mask =~ /\n$/;
$message = sprintf ($mask, @_); # <-- This is 296
$sum = $numpri + $numfac;
my $buf = "<$sum>$whoami: $message\0";
# it's possible that we'll get an error from sending
# (e.g. if method is UDP and there is no UDP listener,
# then we'll get ECONNREFUSED on the send). So what we
# want to do at this point is to fallback onto a different
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list