[RADIATOR] AuthBy RADIUS and UseExtendedIds, stripped Proxy-State and strange behavior after 256 requests

Heikki Vatiainen hvn at open.com.au
Sun Jul 14 03:54:59 CDT 2013


On 07/14/2013 11:30 AM, Karl Gaissmaier wrote:

> Please fix this, if you UseExtendedIds in AuthBy RADIUS you should
> always WARN if the Proxy-State is stripped or mangled.

Good point. It's a good idea make this separate from getting an unknown
reply, which is currently logged for the both cases.

> And sure, we need better packet dumps in this case to see the
> sent/missing/mangled attributes in the reply packet.

We are actually working on this now. There will be two changes at least:
- enable PackeTrace for requests received from AuthBy RADIUS and RADSEC
- see that packet dump is called so that any Log ... within AuthBy etc.
module will be called instead of the dump going just to the main log file

Thanks,
Heikki

-- 
Heikki Vatiainen <hvn at open.com.au>

Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
NetWare etc.


More information about the radiator mailing list