[RADIATOR] Radiator sotp to respond to request : stuck in a script : I/O error Interrupted
Hugh Irvine
hugh at open.com.au
Thu Jan 16 17:28:07 CST 2014
Salut Pascal -
Bonne Annee 2014!
There are many examples of how to do this in the Radiator source code.
Here is an extract from “Radius/AuthLDAP2.pm”:
#####################################################################
# Check a password for a DN, by attempting to bind with a
# supplied password. Careful: an empty password will always appear
# to match, so we reject that case
sub checkPassword
{
my ($self, $dn, $password) = @_;
my $result;
return if $self->{LDAPRejectEmptyPassword} && $password eq '';
&Radius::Util::exec_timeout($self->{Timeout},
sub {$result = $self->{ld}->bind(dn => $dn, password => $password);});
if (!$result ||
($result->code()
&& $result->code() != Net::LDAP::Constant->LDAP_INAPPROPRIATE_AUTH
&& $result->code() != Net::LDAP::Constant->LDAP_INVALID_CREDENTIALS))
…….
regards
Hugh
On 17 Jan 2014, at 06:56, Pascal Beauregard <Pascal.Beauregard at USherbrooke.ca> wrote:
> Hi,
> yesterday we have experienced twice a situation where Radiator stops to respond to requests apparently because the server was stuck in the execution of a script.
>
> Here is what we saw in the logfile :
>
> Tue Jan 14 13:13:56 2014: DEBUG: Deleting session for demk2801, 10.40.0.130, 1
> Tue Jan 14 13:13:56 2014: DEBUG: Handling with Radius::AuthFILE:
> Tue Jan 14 13:13:56 2014: DEBUG: Handling with EAP: code 2, 11, 43, 25
> Tue Jan 14 13:13:56 2014: DEBUG: Response type 25
> Tue Jan 14 13:13:56 2014: DEBUG: EAP Success, elapsed time 0.267233
> Tue Jan 14 13:13:56 2014: DEBUG: EAP result: 0,
> Tue Jan 14 13:13:56 2014: DEBUG: AuthBy FILE result: ACCEPT,
> Tue Jan 14 13:13:56 2014: DEBUG: Running aeriusSecurise_VLAN: for user demk2801 (Jan 14, 2014 13:13) : Accept
> Tue Jan 14 13:13:56 2014: DEBUG: Running aeriusSecurise_VLAN: verify demk2801 is memberOf... for VLAN selection
> 13:47
> Tue Jan 14 13:24:23 2014: ERR: Error in PostAuthHook(): I/O Error Interrupted system call at /etc/radiator/hooks/ADI.pm line 111, <GEN1> line 16081.
>
> Here is what we have at line 111 of ADI.pm
>
> #print " Bind LDAP session with user $ldapuser \n";
> my $mesg = $ldap->bind($ldapuser,
> password => pack('H*',$ldappass))
> or die $@;
>
> Is there a way to make sure that if a bind does not work we exit the script after a period of time ?
>
>
> ______________________________
> Pascal Beauregard
> Analyste en télécommunications
> Service des Technologies de l'information
> Université de Sherbrooke
>
> Tél. : 819-821-7770
> Courriel : pascal.beauregard at usherbrooke.ca
>
>
> _______________________________________________
> radiator mailing list
> radiator at open.com.au
> http://www.open.com.au/mailman/listinfo/radiator
--
Hugh Irvine
hugh at open.com.au
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER etc.
Full source on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc.
More information about the radiator
mailing list