[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Bug-gnu-radius] error in proxy_compare_request
|
From: |
Alexey Antipov |
|
Subject: |
[Bug-gnu-radius] error in proxy_compare_request |
|
Date: |
Thu, 26 Dec 2002 16:03:03 +0300 |
|
User-agent: |
Mutt/1.4i |
We have scheme with two NAS sending all their requests thru
one proxy server to backend radius server. When their
identifiers matches, proxy server incorrect finds matching request
using Proxy-State attribute. It seems like proxy_compare_request_no_state
does right things, so I suggest following patch:
======
--- proxy.c.orig Tue Mar 19 18:10:18 2002
+++ proxy.c Thu Dec 26 14:20:54 2002
@@ -536,10 +536,10 @@
RADIUS_REQ *oldreq;
{
debug(10, ("(old=data) id %d %d, ipaddr %#8x %#8x",
- oldreq->id,data->state->id,myip,data->state->ipaddr));
+
oldreq->server_id,data->state->proxy_id,oldreq->server_ipaddr,data->state->rem_ipaddr));
- if (data->state->ipaddr == myip &&
- data->state->id == oldreq->id)
+ if (data->state->rem_ipaddr == oldreq->server_ipaddr &&
+ data->state->proxy_id == oldreq->server_id)
return 0;
return 1;
======
radius version 0.96.4
Log file fragment describing the error:
======
дек 26 13:29:14: [88331]: Main.info: ready
дек 26 13:29:14: [88331]: Main.info: /home/door/apl/gnu-radius/etc/raddb/users
reloaded.
дек 26 13:29:14: [88332]: Main.info: Ready to process requests.
дек 26 13:29:19: [88332]: Main.debug: radius.c:369:radrecv: Request from host
7f000001 code=1, id=135, length=97
дек 26 13:29:19: [88332]: Main.debug: radius.c:383:radrecv: radreq vector
495ABB0D4EDFBD4B6F08361E7C996D08
дек 26 13:29:19: [88332]: Main.debug: radius.c:448:radrecv: recv: User-Name =
address@hidden
дек 26 13:29:19: [88332]: Main.debug: radius.c:448:radrecv: recv: Password =
sPamb)\262\114\261\276\363\341\016\371\156\177
дек 26 13:29:19: [88332]: Main.debug: radius.c:462:radrecv: recv: NAS-Port-Id =
55
дек 26 13:29:19: [88332]: Main.debug: radius.c:462:radrecv: recv: Service-Type
= Framed-User
дек 26 13:29:19: [88332]: Main.debug: radius.c:462:radrecv: recv:
Framed-Protocol = PPP
дек 26 13:29:19: [88332]: Main.debug: radius.c:462:radrecv: recv:
NAS-IP-Address = 127.0.0.1
дек 26 13:29:19: [88332]: Main.debug: radius.c:448:radrecv: recv:
Called-Station-Id = 0742470751
дек 26 13:29:19: [88332]: Main.debug: radius.c:448:radrecv: recv:
Calling-Station-Id = 0742470603
дек 26 13:29:19: [88332]: Main.debug: auth.c:467:rad_auth_init: checking
username: address@hidden
дек 26 13:29:19: [88332]: Main.debug: proxy.c:496:proxy_send: Sending
authentication request of id 0 to 7f000001 (server localhost:21812)
дек 26 13:29:19: [88332]: Main.debug: proxy.c:205:rad_send_request: proxy_send:
User-Name = ldoor
дек 26 13:29:19: [88332]: Main.debug: proxy.c:205:rad_send_request: proxy_send:
Password = sPamb)\262\114\261\276\363\341\016\371\156\177
дек 26 13:29:19: [88332]: Main.debug: proxy.c:205:rad_send_request: proxy_send:
NAS-Port-Id = 55
дек 26 13:29:19: [88332]: Main.debug: proxy.c:205:rad_send_request: proxy_send:
Service-Type = Framed-User
дек 26 13:29:19: [88332]: Main.debug: proxy.c:205:rad_send_request: proxy_send:
Framed-Protocol = PPP
дек 26 13:29:19: [88332]: Main.debug: proxy.c:205:rad_send_request: proxy_send:
NAS-IP-Address = 127.0.0.1
дек 26 13:29:19: [88332]: Main.debug: proxy.c:205:rad_send_request: proxy_send:
Called-Station-Id = 0742470751
дек 26 13:29:19: [88332]: Main.debug: proxy.c:205:rad_send_request: proxy_send:
Calling-Station-Id = 0742470603
дек 26 13:29:19: [88332]: Main.debug: proxy.c:205:rad_send_request: proxy_send:
Proxy-State = \000\000\000\000\207\000\000\000\000\000\000\000\001\000\000\177
дек 26 13:29:19: [88332]: Main.debug: radiusd.c:1265:rad_spawn_child: adding
PROXY request to the list. 1 requests held.
дек 26 13:29:19: [88332]: Main.debug: proxy.c:138:rad_proxy: allocated ptr
0x80aa600
дек 26 13:29:19: [88332]: Main.debug: radius.c:369:radrecv: Request from host
7f000001 code=2, id=0, length=68
дек 26 13:29:19: [88332]: Main.debug: radius.c:383:radrecv: radreq vector
446FC41FB616299A481CE44103B85747
дек 26 13:29:19: [88332]: Main.debug: radius.c:462:radrecv: recv:
Framed-Protocol = PPP
дек 26 13:29:19: [88332]: Main.debug: radius.c:462:radrecv: recv:
Framed-IP-Address = 192.168.88.96
дек 26 13:29:19: [88332]: Main.debug: radius.c:462:radrecv: recv:
Framed-IP-Netmask = 255.255.255.255
дек 26 13:29:19: [88332]: Main.debug: radius.c:462:radrecv: recv:
Framed-Routing = None
дек 26 13:29:19: [88332]: Main.debug: radius.c:462:radrecv: recv: Service-Type
= Framed-User
дек 26 13:29:19: [88332]: Main.debug: radius.c:448:radrecv: recv: Proxy-State =
\000\000\000\000\207\000\000\000\000\000\000\000\001\000\000\177
дек 26 13:29:19: [88332]: Main.debug: proxy.c:623:proxy_receive: state: ipaddr
00000000, id 135, proxy_id 0, rem_ipaddr 7f000001
дек 26 13:29:19: [88332]: Main.debug: proxy.c:630:proxy_receive: Compare: myip
00000000, radreq->id 0, radreq->ipaddr 7f000001
дек 26 13:29:19: [88332]: Main.debug: proxy.c:539:proxy_compare_request:
(old=data) id 135 135, ipaddr 0 0
дек 26 13:29:19: [88332]: Main.debug: proxy.c:655:proxy_receive: radreq vector
446FC41FB616299A481CE44103B85747
дек 26 13:29:19: [88332]: Main.debug: proxy.c:657:proxy_receive: oldreq vector
495ABB0D4EDFBD4B6F08361E7C996D08
дек 26 13:29:19: [88332]: Main.debug: radiusd.c:1265:rad_spawn_child: adding
AUTH request to the list. 2 requests held.
дек 26 13:29:19: [88332]: Main.debug: radiusd.c:1303:rad_spawn_child: started
handler at pid 88336
дек 26 13:29:19: [88336]: Auth.debug: auth.c:784:rad_authenticate: auth:
address@hidden
дек 26 13:29:19: [88336]: Auth.debug: auth.c:1271:sfn_ack: ACK: address@hidden
дек 26 13:29:19: [88336]: Auth.debug: radius.c:113:rad_send_reply: Sending Ack
of id 135 to 7f000001 (nas local)
дек 26 13:29:19: [88336]: Auth.debug: radius.c:122:rad_send_reply: reply:
Framed-Protocol = PPP
дек 26 13:29:19: [88336]: Auth.debug: radius.c:122:rad_send_reply: reply:
Service-Type = Framed-User
дек 26 13:29:19: [88336]: Auth.notice: Login OK: address@hidden/]: CLID
0742470603 (from nas local)
дек 26 13:29:19: [88336]: Auth.debug: auth.c:1291:sfn_ack: timeout for
address@hidden is set to 0 sec
дек 26 13:29:19: [88332]: Main.debug: radiusd.c:1331:rad_child_cleanup: child
88336 exited: 0
дек 26 13:29:20: [88332]: Main.debug: radius.c:369:radrecv: Request from host
c0a87b71 code=1, id=135, length=97
дек 26 13:29:20: [88332]: Main.debug: radius.c:383:radrecv: radreq vector
60758C02196AD109DEFAD364BFA4656A
дек 26 13:29:20: [88332]: Main.debug: radius.c:448:radrecv: recv: User-Name =
address@hidden
дек 26 13:29:20: [88332]: Main.debug: radius.c:448:radrecv: recv: Password =
\073\075\332\121\225\107\217\306\262\247\321\063\220\315\014\374
дек 26 13:29:20: [88332]: Main.debug: radius.c:462:radrecv: recv: NAS-Port-Id =
55
дек 26 13:29:20: [88332]: Main.debug: radius.c:462:radrecv: recv: Service-Type
= Framed-User
дек 26 13:29:20: [88332]: Main.debug: radius.c:462:radrecv: recv:
Framed-Protocol = PPP
дек 26 13:29:20: [88332]: Main.debug: radius.c:462:radrecv: recv:
NAS-IP-Address = 192.168.123.113
дек 26 13:29:20: [88332]: Main.debug: radius.c:448:radrecv: recv:
Called-Station-Id = 0742470751
дек 26 13:29:20: [88332]: Main.debug: radius.c:448:radrecv: recv:
Calling-Station-Id = 0742470603
дек 26 13:29:20: [88332]: Main.debug: auth.c:467:rad_auth_init: checking
username: address@hidden
дек 26 13:29:20: [88332]: Main.debug: proxy.c:496:proxy_send: Sending
authentication request of id 1 to 7f000001 (server localhost:21812)
дек 26 13:29:20: [88332]: Main.debug: proxy.c:205:rad_send_request: proxy_send:
User-Name = ldoor
дек 26 13:29:20: [88332]: Main.debug: proxy.c:205:rad_send_request: proxy_send:
Password = \073\075\332\121\225\107\217\306\262\247\321\063\220\315\014\374
дек 26 13:29:20: [88332]: Main.debug: proxy.c:205:rad_send_request: proxy_send:
NAS-Port-Id = 55
дек 26 13:29:20: [88332]: Main.debug: proxy.c:205:rad_send_request: proxy_send:
Service-Type = Framed-User
дек 26 13:29:20: [88332]: Main.debug: proxy.c:205:rad_send_request: proxy_send:
Framed-Protocol = PPP
дек 26 13:29:20: [88332]: Main.debug: proxy.c:205:rad_send_request: proxy_send:
NAS-IP-Address = 192.168.123.113
дек 26 13:29:20: [88332]: Main.debug: proxy.c:205:rad_send_request: proxy_send:
Called-Station-Id = 0742470751
дек 26 13:29:20: [88332]: Main.debug: proxy.c:205:rad_send_request: proxy_send:
Calling-Station-Id = 0742470603
дек 26 13:29:20: [88332]: Main.debug: proxy.c:205:rad_send_request: proxy_send:
Proxy-State = \000\000\000\000\207\000\000\000\001\000\000\000\001\000\000\177
дек 26 13:29:20: [88332]: Main.debug: radiusd.c:1518:rad_req_cmp: Compare: aip
7f000001, bip c0a87b71, aid 135, bid 135, acode 1 bcode 1
дек 26 13:29:20: [88332]: Main.debug: radiusd.c:1519:rad_req_cmp: Compare: a
vector 495ABB0D4EDFBD4B6F08361E7C996D08
дек 26 13:29:20: [88332]: Main.debug: radiusd.c:1520:rad_req_cmp: Compare: b
vector 60758C02196AD109DEFAD364BFA4656A
дек 26 13:29:20: [88332]: Main.debug: radiusd.c:1527:rad_req_cmp: Compare:
asrvip 7f000001, bsrvip 7f000001, asrvid 0, bsrvid 1, asrvcode 0, bsrvcode 0
дек 26 13:29:20: [88332]: Main.debug: radiusd.c:1265:rad_spawn_child: adding
PROXY request to the list. 3 requests held.
дек 26 13:29:20: [88332]: Main.debug: proxy.c:138:rad_proxy: allocated ptr
0x80aa700
дек 26 13:29:20: [88332]: Main.debug: radius.c:369:radrecv: Request from host
7f000001 code=2, id=1, length=68
дек 26 13:29:20: [88332]: Main.debug: radius.c:383:radrecv: radreq vector
73FD2B5FE6296DDB395C3185FF768BA9
дек 26 13:29:20: [88332]: Main.debug: radius.c:462:radrecv: recv:
Framed-Protocol = PPP
дек 26 13:29:20: [88332]: Main.debug: radius.c:462:radrecv: recv:
Framed-IP-Address = 192.168.88.96
дек 26 13:29:20: [88332]: Main.debug: radius.c:462:radrecv: recv:
Framed-IP-Netmask = 255.255.255.255
дек 26 13:29:20: [88332]: Main.debug: radius.c:462:radrecv: recv:
Framed-Routing = None
дек 26 13:29:20: [88332]: Main.debug: radius.c:462:radrecv: recv: Service-Type
= Framed-User
дек 26 13:29:20: [88332]: Main.debug: radius.c:448:radrecv: recv: Proxy-State =
\000\000\000\000\207\000\000\000\001\000\000\000\001\000\000\177
дек 26 13:29:20: [88332]: Main.debug: proxy.c:623:proxy_receive: state: ipaddr
00000000, id 135, proxy_id 1, rem_ipaddr 7f000001
дек 26 13:29:20: [88332]: Main.debug: proxy.c:630:proxy_receive: Compare: myip
00000000, radreq->id 1, radreq->ipaddr 7f000001
дек 26 13:29:20: [88332]: Main.debug: proxy.c:539:proxy_compare_request:
(old=data) id 135 135, ipaddr 0 0
дек 26 13:29:20: [88332]: Main.debug: proxy.c:655:proxy_receive: radreq vector
73FD2B5FE6296DDB395C3185FF768BA9
дек 26 13:29:20: [88332]: Main.debug: proxy.c:657:proxy_receive: oldreq vector
495ABB0D4EDFBD4B6F08361E7C996D08
дек 26 13:29:20: [88332]: Main.debug: radiusd.c:1518:rad_req_cmp: Compare: aip
7f000001, bip 7f000001, aid 135, bid 135, acode 1 bcode 1
дек 26 13:29:20: [88332]: Main.debug: radiusd.c:1519:rad_req_cmp: Compare: a
vector 495ABB0D4EDFBD4B6F08361E7C996D08
дек 26 13:29:20: [88332]: Main.debug: radiusd.c:1520:rad_req_cmp: Compare: b
vector 495ABB0D4EDFBD4B6F08361E7C996D08
дек 26 13:29:20: [88332]: Main.debug: radiusd.c:1527:rad_req_cmp: Compare:
asrvip 7f000001, bsrvip 7f000001, asrvid 0, bsrvid 0, asrvcode 2, bsrvcode 2
дек 26 13:29:20: [88332]: Main.debug: radiusd.c:1532:rad_req_cmp: Compare:
ipaddrs & codes are equals
дек 26 13:29:20: [88332]: Main.notice: Dropping AUTH packet from client
localhost, ID: 135: duplicate request
======
Good luck.
- [Bug-gnu-radius] error in proxy_compare_request,
Alexey Antipov <=