(RADIATOR) Possible problem in Addtoreplyifnotexist

Hugh Irvine hugh at open.com.au
Tue Jan 4 01:32:15 CST 2005 

Hello Brian -

There is a patch for this in the patches for Radiator 3.11 - as 
reported by your good self in November:

2004-11-23 Configurable.pm
Fixed a problem with AddToReplyIfNotExist in all AuthBys, where some 
special reply types such as Session-Timeout were not properly 
interpreted. Reported by "Brian Morris".

:-)

regards

Hugh


On 4 Jan 2005, at 18:15, Brian Morris wrote:

> Happy New Year everyone
>  
> During the quiet time between Christmas and New Year we decided to 
> update Radiator.  We updated to v3.11 (from 3.1 ouch) and are now 
> experiencing a problem with the addtoreplyifnotexist parameter.
>  
> The symptoms are that the parameter 'Idle-Timeout' is added to the 
> reply no matter whether it has already been set or not.  Causing it to 
> be allocated twice.
>  
> Here is the snippet of our radius config...
>  
> <Handler Realm=xxx.xxx.xx>
>  RewriteUsername s/\s+//g
>  RewriteUsername s/^([^@]+).*/$1/
>  <AuthBy SQL>
>   DBSource dbi:ODBC:NSAcctDB
>   DBUsername xxx
>   DBAuth xxx
>   AuthSelect  select PASSWORD,REPLYATTR,LoginExpiryDate from 
> SUBSCRIBERS \
>                              where USERNAME='%n' and DISABLED = '0' 
>   AuthColumnDef 0, User-Password, check
>   AuthColumnDef 1, GENERIC, reply
>   AddToReplyIfNotExist 
> Service-Type=Framed-User,Framed-Protocol=PPP,Framed-IP-Netmask = 
> 255.255.255.255,Framed-Compression = Van-Jacobson-TCP-IP,Framed-MTU = 
> 1500,Framed-Routing = None,Idle-Timeout = 1800,Session-Timeout = 28800
>   AccountingStopsOnly
>
>  
> <snip>
>  
> The SUBSCRIBERS table contains a user like this...
> username = usertest
> password = testing
> replyattr = Idle-Timeout=28800,Framed-IP-Address = "203.56.xxx.xx"
> disabled = 0
>  
> However, the auth-response I get back is...
>  
> Attributes:
>  Framed-IP-Address = 203.56.xxx.xx
>  Idle-Timeout = 28800
>  Framed-Protocol = PPP
>  Framed-IP-Netmask = 255.255.255.255
>  Framed-Compression = Van-Jacobson-TCP-IP
>  Framed-MTU = 1500
>  Framed-Routing = None
>  Idle-Timeout = 1800
>  Session-Timeout = 28800
>  
>  
> Notice the Framed-Ip-Address is set as expected along with the 
> Idle-Timeout of 123 in the first two lines, however the Idle-Timeout 
> is then reset in the second last line (as per the addtoreplyifnotexist 
> clause)
>  
> I am certain this did not happen before as we have been running this 
> config for ages without customer problems - as soon as we upgraded the 
> fault calls began.
>  
> Am I doing something wrong or did I find a bug?
>  
> Regards,
>  
> Brian Morris
> NetSpeed.
>  
>  
>

NB:

Have you read the reference manual ("doc/ref.html")?
Have you searched the mailing list archive 
(www.open.com.au/archives/radiator)?
Have you had a quick look on Google (www.google.com)?
Have you included a copy of your configuration file (no secrets),
together with a trace 4 debug showing what is happening?

-- 
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
-
CATool: Private Certificate Authority for Unix and Unix-like systems.

--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list