If you misconfigure freeradius you can expect a crash. however there is
a misconfiguration in the default dictionary.ascend but you can bypass
it if you "vi /usr/share/freeradius/dictionary"
...
#$INCLUDE dictionary.ascend #commented out
# ./radius4a.py 128.165.47.2 32998 215 2 1
Running radius-attributes memory leak test version 1.1
Running test 1
Running test 2
Running test 3
Running test 4
Running test 5
Running test 6
------------------------------------------------------------------
radiusd -X
...
Module: Instantiated detail (reply_log)
Listening on authentication *:32998
Listening on accounting *:32999
Ready to process requests.
rad_recv: Access-Request packet from host 128.165.47.2:43858, id=10,
length=22
Attr-215 = 0x
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
modcall[authorize]: module "preprocess" returns ok for request 0
radius_xlat:
'/var/local/radius/accounting/128.165.47.2/auth-detail-20040826'
rlm_detail:
/var/local/radius/accounting/%{Client-IP-Address}/auth-detail-%Y%m%d
expands to
/var/local/radius/accounting/128.165.47.2/auth-detail-20040826
modcall[authorize]: module "auth_log" returns ok for request 0
modcall: entering group group for request 0
modcall: entering group redundant for request 0
rlm_ldap: - authorize
rlm_ldap: Attribute "User-Name" is required for authentication.
modcall[authorize]: module "uid_entry" returns invalid for request 0
modcall: group redundant returns invalid for request 0
modcall: group group returns invalid for request 0
modcall: group authorize returns invalid for request 0
Invalid user: [<no User-Name attribute>] (from client auth1.ds.lanl.gov
port 0)
Delaying request 0 for 1 seconds
Finished request 0
Going to the next request
--- Walking the entire request list ---
Waking up in 1 seconds...
rad_recv: Access-Accept packet from host 128.165.47.2:43858, id=10,
length=22
Authentication reply packet code 2 sent to a non-proxy reply port from
client auth1.ds.lanl.gov:43858 - ID 10 : IGNORED
Waking up in 1 seconds...
rad_recv: Access-Reject packet from host 128.165.47.2:43858, id=10,
length=22
Authentication reply packet code 3 sent to a non-proxy reply port from
client auth1.ds.lanl.gov:43858 - ID 10 : IGNORED
Waking up in 1 seconds...
rad_recv: Accounting-Request packet from host 128.165.47.2:43858, id=10,
length=22
Accounting-Request packet sent to a non-accounting port from client
auth1.ds.lanl.gov:43858 - ID 10 : IGNORED
Waking up in 1 seconds...
rad_recv: Accounting-Response packet from host 128.165.47.2:43858,
id=10, length=22
Accounting reply packet code 5 sent to a non-proxy reply port from
client auth1.ds.lanl.gov:43858 - ID 10 : IGNORED
Waking up in 1 seconds...
rad_recv: Access-Challenge packet from host 128.165.47.2:43858, id=10,
length=22
Authentication reply packet code 11 sent to a non-proxy reply port from
client auth1.ds.lanl.gov:43858 - ID 10 : IGNORED
Waking up in 1 seconds...
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Sending Access-Reject of id 10 to 128.165.47.2:43858
Waking up in 4 seconds...
--- Walking the entire request list ---
Cleaning up request 0 ID 10 with timestamp 412e40fb
Nothing to do. Sleeping until we see a request.
On Tue, 2004-08-24 at 05:05, Evgeny Demidov wrote:
> Hello,
>
> We are proud to announce the release of the VulnDisco
> RADIUS protocol
> testsuite to the public.
>
> This testsuite is a part of VulnDisco testsuite, which is
> available to
> VulnDisco clients.
>
> The purpose of this testsuite is to evaluate RADIUS
> protocol implementations from the security point of view.
>
> VulnDisco RAIDIUS testsuite written in Python and licensed
> under GPL.
>
> Among other things this release contains a few remotes,
> see README.txt for more information.
>
> The testsuite is available here:
> http://www.gleg.net/security_radius_testsuite.shtml
>
> Best regards
> -Evgeny Demidov
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
