hi recently we are getting too much freeradius faults (more than 5 per day), each fault make the radiusd terminate :-( , we have an script to restart it but ... that is not the solution
today we decided that we should take the time and look more closely no matter how more downtime we had because the service is already _bad_ we found a user that keep sending her username with a newline character plus a lot of blank spaces and when radiusd get that request it makes a segmentation fault and die, here is the output of the radiusd in debug mode: modcall[authorize]: module "sql2" returns ok for request 839 modcall: group redundant returns ok for request 839 rlm_sqlcounter: Entering module authorize code sqlcounter_expand: 'SELECT SUM(AcctSessionTime - GREATEST((1109653200 - UNIX_TIMESTAMP(AcctStartTime)), 0)) FROM radacct WHERE UserName='%{User-Name}' AND UNIX_TIMESTAMP(AcctStartTime) + AcctSessionTime > '1109653200'' radius_xlat: 'SELECT SUM(AcctSessionTime - GREATEST((1109653200 - UNIX_TIMESTAMP(AcctStartTime)), 0)) FROM radacct WHERE Us erName='negri ' AND UNIX_TIMESTAMP(AcctStartTime) + AcctSessionTime > '1109653200'' sqlcounter_expand: '%{sql1:SELECT SUM(AcctSessionTime - GREATEST((1109653200 - UNIX_TIMESTAMP(AcctStartTime)), 0)) FROM rad acct WHERE UserName='negri ' AND UNIX_TIMESTAMP(AcctStartTime) + AcctSessionTime > '1109653200'}' radius_xlat: Running registered xlat function of module sql1 for string 'SELECT SUM(AcctSessionTime - GREATEST((1109653200 - UNIX_TIMESTAMP(AcctStartTime)), 0)) FROM radacct WHERE UserName='negri ' AND UNIX_TIMESTAMP(AcctStartTime) + AcctSessionTime > '1109653200'' rlm_sql (sql1): - sql_xlat radius_xlat: 'negri ' rlm_sql (sql1): sql_set_user escaped user --> 'negri ' radius_xlat: 'SELECT SUM(AcctSessionTime - GREATEST((1109653200 - UNIX_TIMESTAMP(AcctStartTime)), 0)) FROM radacct WHERE UserName='negri ' AND UNIX_TIMESTAMP(AcctStartTime) + AcctSessionTime > '1109653200'' rlm_sql (sql1): Reserving sql socket id: 8 rlm_sql (sql1): - sql_xlat finished rlm_sql (sql1): Released sql socket id: 8 we test the mysql query using the mysql standard client and if a new line character is send the query return a NULL value, ie not a string formed by digits (a number ?) I mention that because in the line 355 of the file src/modules/rlm_sqlcounter/rlm_sqlcounter.c the function atoi() is used counter = atoi(querystr); and i'm not sure what will happen if querystr does not have digits ( for example a NULL result for the query) we change that line for this one: if( ( counter = strtol( querystr, (char **)NULL, 10) ) == 0 ) { return 0; }; but we couldn't test it because the user also fix her dialer client :-( and we don't know how to send a break line in the user name attribute :-( we are using : Freeradius-1.0.1 ( from the sources released from RHEL3 but compiled by ourseft because we need the sqlcounter module) centOS-3.4 (with all the updates apply) we really appreciate any hint or help in this subject thanks roger PD: the previus output is taken from a file generated from this command line: radiusd -xx 2>&1 > debug.txt , in this case i could not get the newline character but if i get the sql query from the stdout (using the mouse) i will get the newline character . ---------------------------------------------------------------------- Nodo central de la red Infomed (http://www.sld.cu) Usuario linux: 97152 (http://counter.li.org) Miembro del grupo de coordinacion de LinuxCuba (http://www.linux.cu) "Whatever you do will be insignificant, but it is very important that you do it." Gandhi ---------------------------------------------------------------------- ------------------------------------------------- Este mensaje fue enviado usando el servicio de correo en web de Infomed http://webmail.sld.cu - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html