Re: [RADIATOR] Radiator 4.11: WARNING: Could not find AuthBy clause with Identifier ...
Hi Heikki, Am 07.07.2013 21:19, schrieb Heikki Vatiainen: ... Yes, that seems to be it. Thanks everyone for locating the change. I was thrown off a bit since I was under the impression it fails with stock 4.11. That's not the case but the change is in the 4.11 patches. It's also not specific to Solaris either. We'll see what can be done for this. the problem, I see with activation during config checks, is only with socket bindings. As far as I see it's only used in: Radius/AddressAllocatorDHCP.pm Radius/ServerRADIUS.pm Radius/ServerTACACSPLUS.pm Radius/StreamServer.pm Maybe you add a condition in this modules during activate() like ... | Radius/StreamServer.pm, sub activate() | 93,99c93,103 | bind($s, $paddr) | || main::log($main::LOG_ERR, Could not bind StreamServer socket: $!); | listen($s, Socket::SOMAXCONN) | || main::log($main::LOG_ERR, Could not listen on StreamServer socket: $!); | Radius::Select::add_file(fileno($s), 1, undef, undef, |\handle_listen_socket_read, $s, $self); | push(@{$self-{sockets}}, $s); | --- | unless ( $self-isCheckingConfiguration ) { | bind( $s, $paddr ) ||| main::log( $main::LOG_ERR, | Could not bind StreamServer socket: $! ); | listen( $s, Socket::SOMAXCONN ) ||| main::log( $main::LOG_ERR, | Could not listen on StreamServer socket: $! ); | Radius::Select::add_file( fileno($s), 1, undef, undef, | \handle_listen_socket_read, $s, $self ); | push( @{ $self-{sockets} }, $s ); | } Maybe we introduce other bugs in distance, sigh. Best Regards Charly -- Karl Gaissmaier Universität Ulm ___ radiator mailing list radiator@open.com.au http://www.open.com.au/mailman/listinfo/radiator
[RADIATOR] SIGHUP restart and AuthByRADSEC opens an additional socket
Hi Radiator team, a SIGHUP to a running radiator (Version 4.11) opens an additional socket for AuthByRADSEC: before SIGHUP mizar:.../~# netstat -f inet -P tcp -n | grep 193.*2083 134.60.Y.X.45917 193.174.Y.X.2083 64128 0 128872 0 ESTABLISHED after SIGHUP mizar:.../~# netstat -f inet -P tcp -n | grep 193.*2083 134.60.Y.X.45917 193.174.Y.X.2083 64128 0 128872 0 ESTABLISHED 134.60.Y.X.57680 193.174.Y.X.2083 9792 0 128872 0 ESTABLISHED Please verify it whether it's a general problem. Best Regards Charly -- Karl Gaissmaier Universität Ulm ___ radiator mailing list radiator@open.com.au http://www.open.com.au/mailman/listinfo/radiator
[RADIATOR] Tacacs password issue
Hi ALL, We have a starange password issue on radiator tacacs.We setup password length to 8.When user enter 7 character password access rejected,that is ok.But when a user enters more than 8 characters(like 9,10 etc) He can login to the related device.What can be the problem? Thanks ___ radiator mailing list radiator@open.com.au http://www.open.com.au/mailman/listinfo/radiator
Re: [RADIATOR] Tacacs password issue
Hi, How are your passwords stored? DES/traditional crypt hashes chops off anything longer than 8 chars. Original message From: Murat Bilal murat.bi...@ericsson.com Date: To: radiator@open.com.au Subject: [RADIATOR] Tacacs password issue Hi ALL, We have a starange password issue on radiator tacacs.We setup password length to 8.When user enter 7 character password access rejected,that is ok.But when a user enters more than 8 characters(like 9,10 etc) He can login to the related device.What can be the problem? Thanks___ radiator mailing list radiator@open.com.au http://www.open.com.au/mailman/listinfo/radiator
Re: [RADIATOR] Tacacs password issue
Hi, We have a starange password issue on radiator tacacs.We setup password length to 8.When user enter 7 character password access rejected,that is ok.But when a user enters more than 8 characters(like 9,10 etc) He can login to the related device.What can be the problem? if its standard DES then anything beyong the 8th char is ignored. alan ___ radiator mailing list radiator@open.com.au http://www.open.com.au/mailman/listinfo/radiator