[RADIATOR] possible bug in 4.24-1 ?

[Heikki Vatiainen]

On 31/01/2020 10.43, Kurt Bauer wrote:

> after installing 4.24-1 (radiator_4.24-1.buster_all.deb) on a Debian 
> 10.2 system we get a lot of the following messages in daemon.log:
> Jan 31 08:23:48 xxxx radiator[24242]: Argument "^B^F\0+^Y\0^W^C^A\0 
> =HMM-^S1T(z*MM-^I*l"^N#i..." isn't numeric in sprintf at 
> /opt/radiator/radiator/Radius/Util.pm line 479.

Quite likely you have %{HexAddress:...} configured in a log clause. We 
received a similar report directly today, and further investigation with 
the reporter indicates that this may be one source:

https://wiki.geant.org/display/COHHT/radiator-flr

> After downgrading to 4.23-3 (radiator_4.23-3_all.deb) those loglines 
> don't appear any more. It doesn't seem that functionality is harmed, 
> only the log is flooded, with 4.24-1.

The code that triggers the warning has not changed between 4.23 and 
4.24. What has changed is that we have enabled more warnings and, for 
example, the configuration on the wiki page will trigger it because it 
tries to convert EAP-Message contents.

HexAddress formatter expects an attribute that has an IPv4 attribute 
value. It's not a generic hex formatter.

Also, I think the wiki example logs too much when it tries to log 
EAP-Message contents with authentication log.

In short: I don't think it affects functionality and the fix is simply 
to use HexAddress formatter with an IPv4 address.

Related to this: Maybe we should have a formatter that converts to hex, 
and HexAddress could also support IPv6 addresses, but at least for now, 
it's restricted to IPv4.

Thanks,
Heikki

-- 
Heikki Vatiainen <hvn at open.com.au>

Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, TACACS+, PAM, Active Directory,
EAP, TLS, TTLS, PEAP, WiMAX, RSA, Vasco, Yubikey, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, etc.