[RADIATOR] hung processes when "Bad authenticator received in reply" using AuthBy RADIUS with Synchronous and Fork
David Zych
dmrz at illinois.edu
Thu Mar 24 17:12:49 CDT 2011
I noticed today when using AuthBy RADIUS with Synchronous and Fork that if the secrets don't match (resulting in "Bad authenticator received in reply to ID 1. Reply is ignored"), this creates forked processes that never terminate and have to be manually force-killed.
>From what I can tell, it appears that AuthRADIUS::handleReply removes the timeout but does not set RadiusResult to tell Synchronous mode that it's finished. Presumably it needs to do both of these things or neither.
<AuthBy GROUP>
AuthByPolicy ContinueUntilAccept
Fork
<AuthBy RADIUS>
Synchronous
Secret WRONG
Host xxx
RetryTimeout 8
Retries 3
</AuthBy>
<AuthBy NTLM>
.....
</AuthBy>
</AuthBy>
More information about the radiator
mailing list