(RADIATOR) Blank password lets users in!

Brian Thu, 15 Apr 1999 10:26:52 -0700
Radiator: 2.12.1
Postgres: 6.3.2
Redhat 5.2


We just noticed a problem with our Radiator setup.  Some uses can get in
by entering a blank password.  I have not find out why it is only some
users and not others.  Take these two users for example, both would be
caught by the "DefaultReply" item in radius.cfg since neither has any
replyattr's:

>From Postgres:

username|encryptedpassword|  uid|gid|gecos             |dir                            
 |shell    |checkattr|replyattr|
-----------------------------------------------------------------------------------------------------------------------
sram    |.zqpNKI2pJlrM    |16767|500|Ramsey, Sam       |/home/cust/s/r/sram/./         
 |/bin/true|         |         |
thomasob|l29JcSDiMW0gM    |21044|500|O'Brien, ThomasW. |/home/cust/t/h/thomasob/./     
 |/bin/true|         |         |
        

Yet:

[root@norad radacct]# radpwtst -s norad -secret xxx -user thomasob -password '' 
-dictionary /usr/local/radiator/raddb/dictionary 
sending Access-Request...
Rejected
sending Accounting-Request Start...
OK
sending Accounting-Request Stop...
OK
[root@norad radacct]# radpwtst -s norad -secret xxx -user sram  -password '' 
-dictionary /usr/local/radiator/raddb/dictionary 
sending Access-Request...
OK
sending Accounting-Request Start...
OK
sending Accounting-Request Stop...
OK

very odd.  The Auth section is this from radius.cfg:

<Realm DEFAULT>
        AcctLogFileName %L/%C/detail
        PasswordLogFileName %L/password.log
        <AuthBy SQL>
                DefaultReply Service-Type = "Framed-User",Framed-Protocol = "PPP",\
                Framed-IP-Address = "255.255.255.254",Framed-Netmask 
="255.255.255.255",\
                Framed-MTU = "1500",Max-Channels = "1",Framed-Routing = "None",\
                Framed-Compression = "Van-Jacobson-TCP-IP"
                DBSource        dbi:Pg:dbname=shrevenet_users;host=norad.shreve.net
                DBUsername      xxxxxxx
                DBAuth          xxxxxxx
                AuthSelect select ENCRYPTEDPASSWORD,CHECKATTR,REPLYATTR from passwd 
where USERNAME='%n'
                EncryptedPassword
                AccountingTable ""
        </AuthBy>
</Realm>

Has anyone seen this? Anyone know what could be the matter?


Below is Trace 4 output for user "sram"

Thu Apr 15 11:53:41 1999: INFO: Server started
Thu Apr 15 11:53:44 1999: DEBUG: Packet dump:
*** Received from 208.206.76.58 port 1830 ....
Code:       Access-Request
Identifier: 0
Authentic:  1234567890123456
Attributes:
        User-Name = "sram"
        Service-Type = Framed-User
        Client-Id = 203.63.154.1
        NAS-Port = 1234
        NAS-Port-Type = Async
        User-Password = ""

Thu Apr 15 11:53:44 1999: DEBUG: Handling request with Handler
'Realm=DEFAULT'
Thu Apr 15 11:53:44 1999: DEBUG: Handling with Radius::AuthSQL
Thu Apr 15 11:53:44 1999: DEBUG: Query is: select
ENCRYPTEDPASSWORD,CHECKATTR,REPLYATTR from passwd where USERNAME='sram'

Thu Apr 15 11:53:44 1999: DEBUG: Radius::AuthSQL looks for match with sram
Thu Apr 15 11:53:44 1999: DEBUG: Packet dump:
*** Sending to 208.206.76.58 port 1830 ....
Code:       Access-Accept
Identifier: 0
Authentic:  1234567890123456
Attributes:
        Service-Type = Framed-User
        Framed-Protocol = PPP
        Framed-IP-Address = 255.255.255.254
        Framed-Netmask = 255.255.255.255
        Framed-MTU = 1500
        Max-Channels = 1
        Framed-Routing = None
        Framed-Compression = Van-Jacobson-TCP-IP

Thu Apr 15 11:53:44 1999: DEBUG: Packet dump:
*** Received from 208.206.76.58 port 1830 ....
Code:       Accounting-Request
Identifier: 1
Authentic:  <168><153><250>-8<199>N<178><7>$J<194>-<194><165>O
Attributes:
        User-Name = "sram"
        Service-Type = Framed-User
        Client-Id = 203.63.154.1
        NAS-Port = 1234
        NAS-Port-Type = Async
        Acct-Session-Id = "00001234"
        Acct-Status-Type = Start

Thu Apr 15 11:53:44 1999: DEBUG: Handling request with Handler
'Realm=DEFAULT'
Thu Apr 15 11:53:44 1999: DEBUG: Handling accounting with Radius::AuthSQL
Thu Apr 15 11:53:44 1999: DEBUG: Adding session for sram, 203.63.154.1,
1234
Thu Apr 15 11:53:44 1999: DEBUG: Packet dump:
*** Sending to 208.206.76.58 port 1830 ....
Code:       Accounting-Response
Identifier: 1
Authentic:  <168><153><250>-8<199>N<178><7>$J<194>-<194><165>O
Attributes:

Thu Apr 15 11:53:44 1999: DEBUG: Packet dump:
*** Received from 208.206.76.58 port 1830 ....
Code:       Accounting-Request
Identifier: 2
Authentic:  <222>o<143><253><224>Id<150><205>K<250><207><150>]<147><227>
Attributes:
        User-Name = "sram"
        Service-Type = Framed-User
        Client-Id = 203.63.154.1
        NAS-Port = 1234
        NAS-Port-Type = Async
        Acct-Session-Id = "00001234"
        Acct-Status-Type = Stop
        Acct-Delay-Time = 0
        Acct-Session-Time = 1000
        Acct-Input-Octets = 20000
        Acct-Output-Octets = 30000



-----------------------------------------------------
Brian Feeny (BF304)     [EMAIL PROTECTED]   
318-222-2638 x 109      http://www.shreve.net/~signal      
Network Administrator   ShreveNet Inc. (ASN 11881)            


===
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.
(RADIATOR) Blank password lets users in!

Reply via email to
