Date: Tue, 15 Jun 1999 22:38:27 +0300 (EEST) From: bamby@marka.net.ua To: FreeBSD-gnats-submit@freebsd.org Subject: bin/12225: Incompletness of radius request in ppp Message-ID: <199906151938.WAA21466@bamby.marka.net.ua>
next in thread | raw e-mail | index | archive | help
>Number: 12225
>Category: bin
>Synopsis: incompletness of radius request in /usr/sbin/ppp
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Tue Jun 15 12:50:00 PDT 1999
>Closed-Date:
>Last-Modified:
>Originator: Andriy I Pilipenko
>Release: FreeBSD 3.2-STABLE i386
>Organization:
Marka Ltd, Zaporizhia, Ukraine
>Environment:
/usr/sbin/ppp from FreeBSD 3.2-STABLE and Merit AAA Radius Server
>Description:
Current implementation of /usr/sbin/ppp creates malformed radius request
with NAS identifier missing. Merit AAA Radius Server refuses to process
such a request.
>How-To-Repeat:
Build radius package from /usr/ports/net/radius and try to run ppp with
radius authentication. ppp never receives reply and server will report
malformed request.
>Fix:
Following patch is made partially based on PAM radius module from
FreeBSD 3.2-STABLE. Patch adds two attributes to radius request -
NAS-IP-Address (or NAS-Identifier if address is not available) and
NAS-Port which is simply ttyslot() return value.
*** radius.c.orig Wed May 26 21:15:40 1999
--- radius.c Mon Jun 7 19:54:06 1999
***************
*** 41,46 ****
--- 41,48 ----
#include <string.h>
#include <sys/time.h>
#include <termios.h>
+ #include <unistd.h>
+ #include <netdb.h>
#include "defs.h"
#include "log.h"
***************
*** 337,342 ****
--- 339,347 ----
{
struct timeval tv;
int got;
+ char hostname[MAXHOSTNAMELEN];
+ struct hostent *hp;
+ struct in_addr hostaddr;
if (!*r->cfg.file)
return;
***************
*** 390,396 ****
--- 395,432 ----
rad_close(r->cx.rad);
return;
}
+
+ if (gethostname(hostname, sizeof hostname) != 0) {
+ log_Printf(LogERROR, "rad_put: cannot get own hostname\n");
+ rad_close(r->cx.rad);
+ return;
+ }
+ if ((hp = gethostbyname(hostname)) == (struct hostent *) NULL) {
+ if (rad_put_string(r->cx.rad, RAD_NAS_IDENTIFIER, hostname) != 0) {
+ log_Printf(LogERROR, "rad_put: rad_put_string: %s\n",
+ rad_strerror(r->cx.rad));
+ rad_close(r->cx.rad);
+ return;
+ }
+ }
+ else {
+ hostaddr.s_addr = *(u_long *)hp->h_addr;
+ if (rad_put_addr(r->cx.rad, RAD_NAS_IP_ADDRESS, hostaddr) != 0) {
+ log_Printf(LogERROR, "rad_put: rad_put_string: %s\n",
+ rad_strerror(r->cx.rad));
+ rad_close(r->cx.rad);
+ return;
+ }
+ }
+
+ if(rad_put_int(r->cx.rad, RAD_NAS_PORT, ttyslot()) != 0) {
+ log_Printf(LogERROR, "rad_put: rad_put_string: %s\n",
+ rad_strerror(r->cx.rad));
+ rad_close(r->cx.rad);
+ return;
+ }
+
if ((got = rad_init_send_request(r->cx.rad, &r->cx.fd, &tv)))
radius_Process(r, got);
else {
>Release-Note:
>Audit-Trail:
>Unformatted:
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199906151938.WAA21466>