Re: Proposed release of 2.1.6

Thu, 14 May 2009 06:54:50 -0700 

hi,

something is stripping the "\n" string formfactor from requests... ie

if User-Name = LUNET\netsec-1  then it all works fine - authentication
etc etc but right at the end, something b0rks - heres the final bits of log

Sending Access-Accept of id 215 to 192.168.8.198 port 1645
        User-Name = "LUNET\netsec-1\000"
        User-Name = "LUNET\netsec-1"
        MS-MPPE-Recv-Key = 
0xb7dc0bca3dd592c0754d68544e8daa2584af32869ab180941ab15628077c874f
        MS-MPPE-Send-Key = 
0x6d0853823df58acf447488e8d4956985a78cb1ff503682f47616a7beef2e54f9
        EAP-Message = 0x03090004
        Message-Authenticator = 0x00000000000000000000000000000000
Finished request 21.
Going to the next request
Waking up in 4.8 seconds.
rad_recv: Accounting-Request packet from host 192.168.8.198 port 1646, id=96, 
length=142
        Acct-Session-Id = "0000004E"
        User-Name = "LUNET\netsec-1"
        Acct-Authentic = RADIUS
        Acct-Status-Type = Start
        NAS-Port-Type = Ethernet
        NAS-Port = 50002
        NAS-Port-Id = "FastEthernet0/2"
        Called-Station-Id = "00-10-FF-52-DA-02"
        Calling-Station-Id = "00-1E-7B-DF-EC-66"
        Service-Type = Framed-User
        NAS-IP-Address = 192.168.8.198
        Acct-Delay-Time = 0
+- entering group preacct {...}
++[preprocess] returns ok
[acct_unique] Hashing 'NAS-Port = 50002,Client-IP-Address = 
192.168.8.198,NAS-IP-Address = 192.168.8.198,Acct-Session-Id = 
"0000004E",User-Name = "LUNET\netsec-1"'
[acct_unique] Acct-Unique-Session-ID = "856473d000a76781".
++[acct_unique] returns ok
[suffix] No '@' in User-Name = "LUNET etsec-1", looking up realm NULL
[suffix] Found realm "DEFAULT"
[suffix] Adding Stripped-User-Name = "LUNET etsec-1"
[suffix] Adding Realm = "DEFAULT"
[suffix] Accounting realm is LOCAL.
++[suffix] returns ok
++[files] returns noop
+- entering group accounting {...}
[detail]        expand: 
/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d -> 
/var/log/radius/radacct/192.168.8.198/detail-20090514
[detail] /var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d expands to 
/var/log/radius/radacct/192.168.8.198/detail-20090514
[detail]        expand: %t -> Thu May 14 14:47:27 2009
++[detail] returns ok
[attr_filter.accounting_response]       expand: %{User-Name} -> LUNET etsec-1
 attr_filter: Matched entry DEFAULT at line 12
++[attr_filter.accounting_response] returns updated
Sending Accounting-Response of id 96 to 192.168.8.198 port 1646
Finished request 22.
Cleaning up request 22 ID 96 with timestamp +230
Going to the next request
Waking up in 3.8 seconds.
Cleaning up request 14 ID 208 with timestamp +229


as you can see, all the access-accept stuff is fine - LUNET\netsec-1  = great
however, after this has happened, the accouting stuff kicks in and its all 
turned into "LUNET etsec-1"
- is this a debug cosmetic issue or is something internal getting twisted?


PS cached EAP credentials - fantastic! 

alan
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Reply via email to