hi
recently we are getting too much freeradius faults (more than 5 per day), each
fault make
the radiusd terminate :-( , we have an script to restart it but ... that is not
the
solution
today we decided that we should take the time and look more closely no matter
how more
downtime we had because the service is already _bad_
we found a user that keep sending her username with a newline character plus a
lot of
blank spaces and when radiusd get that request it makes a segmentation fault
and die, here
is the output of the radiusd in debug mode:
modcall[authorize]: module "sql2" returns ok for request 839
modcall: group redundant returns ok for
request 839
rlm_sqlcounter:
Entering module authorize code
sqlcounter_expand: 'SELECT SUM(AcctSessionTime - GREATEST((1109653200 -
UNIX_TIMESTAMP(AcctStartTime)), 0)) FROM radacct WHERE UserName='%{User-Name}'
AND
UNIX_TIMESTAMP(AcctStartTime) + AcctSessionTime > '1109653200''
radius_xlat: 'SELECT SUM(AcctSessionTime - GREATEST((1109653200 -
UNIX_TIMESTAMP(AcctStartTime)), 0)) FROM radacct WHERE Us
erName='negri
' AND UNIX_TIMESTAMP(AcctStartTime) + AcctSessionTime > '1109653200''
sqlcounter_expand:
'%{sql1:SELECT SUM(AcctSessionTime - GREATEST((1109653200 -
UNIX_TIMESTAMP(AcctStartTime)), 0)) FROM rad
acct WHERE UserName='negri
' AND UNIX_TIMESTAMP(AcctStartTime) + AcctSessionTime >
'1109653200'}'
radius_xlat: Running registered xlat function of module sql1 for string 'SELECT
SUM(AcctSessionTime - GREATEST((1109653200 -
UNIX_TIMESTAMP(AcctStartTime)), 0)) FROM radacct WHERE UserName='negri
' AND
UNIX_TIMESTAMP(AcctStartTime) + AcctSessionTime > '1109653200''
rlm_sql (sql1): - sql_xlat
radius_xlat: 'negri
' rlm_sql (sql1): sql_set_user escaped user -->
'negri
'
radius_xlat: 'SELECT SUM(AcctSessionTime - GREATEST((1109653200 -
UNIX_TIMESTAMP(AcctStartTime)), 0)) FROM radacct WHERE UserName='negri
' AND
UNIX_TIMESTAMP(AcctStartTime) + AcctSessionTime > '1109653200''
rlm_sql (sql1): Reserving sql socket id: 8
rlm_sql (sql1): - sql_xlat finished
rlm_sql (sql1): Released sql socket id: 8
we test the mysql query using the mysql standard client and if a new line
character is
send the query return a NULL value, ie not a string formed by digits (a number
?)
I mention that because in the line 355 of the file
src/modules/rlm_sqlcounter/rlm_sqlcounter.c the function atoi() is used
counter = atoi(querystr);
and i'm not sure what will happen if querystr does not have digits ( for
example a NULL
result for the query)
we change that line for this one:
if( ( counter = strtol( querystr, (char **)NULL, 10) ) == 0 ) { return 0; };
but we couldn't test it because the user also fix her dialer client :-( and we
don't know
how to send a break line in the user name attribute :-(
we are using :
Freeradius-1.0.1 ( from the sources released from RHEL3 but compiled by ourseft
because we
need the sqlcounter module)
centOS-3.4 (with all the updates apply)
we really appreciate any hint or help in this subject
thanks
roger
PD: the previus output is taken from a file generated from this command line:
radiusd -xx 2>&1 > debug.txt , in this case i could not get the newline
character but if i
get the sql query from the stdout (using the mouse) i will get the newline
character .
----------------------------------------------------------------------
Nodo central de la red Infomed (http://www.sld.cu)
Usuario linux: 97152 (http://counter.li.org)
Miembro del grupo de coordinacion de LinuxCuba (http://www.linux.cu)
"Whatever you do will be insignificant, but it is very important
that you do it."
Gandhi
----------------------------------------------------------------------
-------------------------------------------------
Este mensaje fue enviado usando el servicio de correo en web de Infomed
http://webmail.sld.cu
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
