Any known problems with socket I/O in Perl?

Wed, 09 Feb 2005 12:16:14 -0800 

Here is the situation:

I installed the packages authen::radius and apache::authenradius in order in to
implement protecting some web pages using SecurID (using a RADIUS interface).
According to the RADIUS log files the authentication is succeeding but the Perl
module says it is not.  If I test interactively, it appears that Radius.pm is
not properly reading the returned packet.

Debugging output from the interactive test:

CPNS3$ perl test.pl
Using Radius server 139.121.16.3:1645
Adding attribute 1 (1) with value 'berryman'
Adding attribute 2 (2) with value '0123456789'      {obfuscated}
Adding attribute 4 (4) with value '139.121.16.11'
Sending request:
          00 01 02 03 04 05 06 07 - 08 09 0A 0B 0C 0D 0E 0F  0123456789ABCDEF

00000000  01 4D 00 36 CC 55 05 D2 - 65 58 53 01 6B DE 68 10  .M.6.U..eXS.k.h.
00000010  43 28 69 BE 01 0A 62 65 - 72 72 79 6D 61 6E 02 12  C(i...berryman..
00000020  07 E6 30 9A 2D 7A 29 8A - D2 6A 0A 9C 30 E4 27 00  ..0.-z)..j..0.'.
00000030  04 06 8B 79 10 0B                                  ...y..
Received response:
          00 01 02 03 04 05 06 07 - 08 09 0A 0B 0C 0D 0E 0F  0123456789ABCDEF

00000000
auth result=
error=EBADAUTH
strerror=bad response authenticator

TCPDUMP capture of this same session:

11:50:12.14 139.121.16.11.3922 > 139.121.16.3.1645: udp 54
                 4500 0052 28da 0000 4011 1ac1 8b79 100b E..R([EMAIL PROTECTED]
                 8b79 1003 0f52 066d 003e 8f0e 014d 0036 .y...R.m.>...M.6
                 cc55 05d2 6558 5301 6bde 6810 4328 69be .U..eXS.k.h.C(i.
                 010a 6265 7272 796d 616e 0212 07e6 309a ..berryman....0.
                 2d7a 298a d26a 0a9c 30e4 2700 0406 8b79 -z)..j..0.'....y
                 100b                                    ..
11:50:14.22 139.121.16.3.1645 > 139.121.16.11.3922: udp 57
                 4500 0055 8eb5 0000 8011 74e2 8b79 1003 E..U......t..y..
                 8b79 100b 066d 0f52 0041 0fbe 024d 0039 .y...m.R.A...M.9
                 aca2 14c5 a434 6fd6 4a13 bf4f 7c00 4c71 .....4o.J..O|.Lq
                 1925 4349 5343 4f41 4353 3a30 3030 3038 .%CISCOACS:00008
                 3535 332f 3862 3739 3130 3062 2f62 6572 553/8b79100b/ber
                 7279 6d61 6e                            ryman


Here is the recv_packet subroutine from Radius.PM:

sub recv_packet {
        my ($self) = @_;
        my ($data, $type, $id, $length, $auth, $sh);

        $self->set_error;

        $sh = new IO::Select($self->{'sock'}) or return 
$self->set_error('ESELECTFAIL');
        $sh->can_read($self->{'timeout'}) or return 
$self->set_error('ETIMEOUT');

        $self->{'sock'}->recv ($data, 65536) or return 
$self->set_error('ERECVFAIL');
        if ($debug) {
                print STDERR "Received response:\n";
                print HexDump $data;
        }
        ($type, $id, $length, $auth, $self->{'attributes'}) = unpack('C C n a16 
a*', $data);
        return $self->set_error('EBADAUTH') if $auth ne 
$self->calc_authenticator($type, $id, $length);

        $type;
}

This is still Perl 5.6.1 since I need to use modperl in Apache.  Are there any
known issues or any other hints as to what I should be looking at that anyone
here knows about?

Mark Berryman

Reply via email to