(RADIATOR) Weird behavior.

Sergio Alejandro Gonzalez Z (S2010) sagonzal at sky.net.co
Thu Feb 23 15:43:38 CST 2006 

Hello:

I found a kind of DOS that must had been prevented with
usernamecharset. I would like to know if there is something
wrong with my config.

I got at the beginning of my config file:


Trace           4

DbDir           /etc/radiator
LogDir          /tmp
LogFile         %L/Radiator-%d%v%Y.log
DictionaryFile  %D/dictionary
UsernameCharset a-zA-Z0-9\/\.\_\@\-\^\+

BindAddress a.b.c.d

AuthPort xxxx
AcctPort xxxx

RewriteUsername s/\%/\@/
RewriteUsername s/\*+//;
RewriteUsername s/\s*\Z//;
RewriteUsername s/\\/9/
RewriteUsername s/^([0-9]{10,11}\Z)/$1\@DOMAIN/


So with the usernamecharset I asure there wont be any other
characters than the ones I expect in such list.
Unfortunately I found this in the log file:

*** Received from k.l.m.n port xxxx ....
Code:       Access-Request
Identifier: 126
Authentic:  XXXXXXXXXXXXXXXXXXXXX
Attributes:
        User-Name = "*<9>*"
        User-Password = "XXXXXXXXXXX"
        NAS-Port = 682
        NAS-Port-Type = Async
        Calling-Station-Id = "XXXXXXXXXXXXXXX"
        Called-Station-Id = "XXXXXXXXXXXXXX"
        Service-Type = Login-User
        NAS-IP-Address = k.l.m.n

Thu Feb 23 12:23:06 2006: DEBUG: Rewrote user name to * *
Thu Feb 23 12:23:06 2006: DEBUG: Rewrote user name to   *
Thu Feb 23 12:23:06 2006: DEBUG: Rewrote user name to   *
Thu Feb 23 12:23:06 2006: DEBUG: Rewrote user name to   *
Thu Feb 23 12:23:06 2006: DEBUG: Rewrote user name to   *


As you can see, the username charset didn't make the trick
and leave the username with an *. The real problem is I'm
authenticating against an LDAP server (among other things)
with MANY branches (it's really big), so the * cause a user
binding for ALL the users in ALL the branches. Radiator
couldn't make it, and crashed.

I already made another rewriteusername that deals with the
remaining *, but, the question is, why usernamecharset
didn't catch the bad username?


Best regards.


Sergio Gonzalez
IT Engineer.

--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list