(RADIATOR) Error from AuthLDAP2.pm in Radiator 3.9

Hugh Irvine hugh at open.com.au
Mon Feb 28 11:12:05 CST 2005 

Hello Kenny -

There have been some changes in the AuthBy LDAP2 clause, that is why I 
mentioned the latest release.

I am not aware of any specific bugs however.

All I can suggest is that you set up a test environment so you can 
troubleshoot the problem.

Perhaps Mike has further suggestions?

regards

Hugh


On 28 Feb 2005, at 13:21, Kenny Kwok wrote:

> Hi Irvine,
>
>    Since the ERROR statement is quite expressive that addressed a 
> particular problem in line 118 of the LDAP2.pm module,
> would there be any known bugs/problems there for our reported case?
>
>    As we are just using the AuthBy LDAP2, we're not familier with 
> what's inside that module.
> Is there any suspected cause or insight from your professional point 
> of view? For the debug message you have mentions,
> we still dunno where to get start with~ and it is really too difficult 
> for us to setup a profiling configuration in a production
> environment.
>
>    Thank you for your help, and waiting for your further 
> finding/suggestions.
>
> Regards,
> K.Kwok
>
> Hugh Irvine wrote:
>
>>
>> Hello Kenny -
>>
>> All I can suggest is that you add some debug messages to your hook so 
>> you can see what is happening.
>>
>> There are some examples showing how to do this in "goodies/hooks.txt".
>>
>> BTW - the latest version is Radiator 3.11 (plus patches).
>>
>> regards
>>
>> Hugh
>>
>>
>> On 28 Feb 2005, at 05:30, Kenny Kwok wrote:
>>
>>> Hi,
>>>
>>>    Our radiator system (v3.9) was working fine with LDAP before, but 
>>> we encountered
>>> problems yesterday and found the following error from the radiator 
>>> log file:
>>>
>>> Mon Feb 28 03:01:37 2005 712786: ERR: Error in PreAuthHook(): Can't 
>>> use an undefined value as a symbol reference at /usr/lib/perl5/s
>>> ite_perl/5.8.0/Radius/AuthLDAP2.pm line 118, <DATA> line 450.
>>>
>>> Do you know what's wrong with it?
>>> The server was working properly as expected before, but failed to 
>>> work with LDAP yesterday.
>>> At that moment, our network is normal, we can manually connect to 
>>> our LDAP server from the radiator machine.
>>> We finally restarted the radiator machine and all seems 'normal' 
>>> again.
>>>
>>>
>>> For your further information, here are the code and configuration we 
>>> have, for your investigation:
>>>
>>> 1. The AuthLDAP2.pm in our radiator v3.9, line 112-122:
>>> === quote start ===
>>> sub reconnect
>>> {
>>>    my ($self) = @_;
>>>
>>>    # Some LDAP servers (notably imail) disconnect us after an unbind
>>>    # so we see if we are still connected now
>>>    if ($self->{ld} && !getpeername($self->{ld}->{net_ldap_socket}))
>>>    {
>>>        close($self->{ld}->{net_ldap_socket});
>>>        $self->{ld} = undef;
>>>    }
>>> === quote end ===
>>> There seems to be error in the line  "if ($self->{ld} && 
>>> !getpeername($self->{ld}->{net_ldap_socket}))"
>>>
>>> 2. Our AuthBy LDAP2 Clause defined in the configuration file:
>>> === LDAP_19_Dippping Auth quote start ===
>>> <AuthBy LDAP2>
>>>        Identifier LDAP_19_Dipping
>>>        AuthenticateAccounting
>>>        Host XXXXXXXXX
>>>        Port 389
>>>        AuthDN XXXXXXXXXX
>>>        AuthPassword XXXXXXXXXX
>>>        BaseDN XXXXXXXXXX
>>>        Scope one
>>>        PasswordAttr
>>>        SearchFilter (smcAMSISDN=%{Pre-Calling-Station-Id})
>>>        AuthAttrDef 
>>> smcSubscriberNumber,Post-Calling-Station-Id,request
>>>        Timeout 2
>>>        FailureBackoffTime 0
>>> </AuthBy LDAP2>
>>> === LDAP_19_Dipping Auth quote end ===
>>> This authby clause will only be called inside a PreAuthHook function 
>>> in a particular Handler.
>>>
>>> 3. The PreAuthHook code we have be defined, which is working 
>>> properly in our system:
>>> === PreAuthHook quote start ===
>>> sub
>>> {
>>>    my $p = ${$_[0]};
>>>    my $rp = ${$_[1]};
>>>    my $code = $p->code();
>>>    # Only deal with accounting requests
>>>    return unless ($code eq 'Accounting-Request');
>>>    # ...
>>>
>>>                $p->change_attr('Pre-Calling-Station-Id', 
>>> 'XXXXXXXXXX');
>>>                my $LDAP_Identifier = "LDAP_19_Dipping";
>>>                my $authbyLDAP = 
>>> Radius::AuthGeneric::find($LDAP_Identifier);
>>>                my $result = $authbyLDAP->findUser('BBQ', $p);
>>>    # ...
>>>    return;
>>> }
>>> === PreAuthHook quote end ===
>>>
>>>
>>> Thank you very much.
>>>
>>> Regards,
>>> Kenny Kwok
>>>
>>> -- 
>>> Archive at http://www.open.com.au/archives/radiator/
>>> Announcements on radiator-announce at open.com.au
>>> To unsubscribe, email 'majordomo at open.com.au' with
>>> 'unsubscribe radiator' in the body of the message.
>>>
>>>
>>
>> NB: I am travelling this week, so there may be delays in our 
>> correspondence.
>>
>
>

NB: I am travelling this week, so there may be delays in our 
correspondence.

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.

--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list