(RADIATOR) Anti-Freeze for my Radiator

Thu, 11 May 2000 13:57:36 -0700 


We have recently installed Radiator 2.15 on our RedHat Linux 6.2 box after
installing Perl 5 v5.005, Perl LDAP v.16, and Perl MD5 v2.09.  Everything
compiled without a hitch.  And, we modified the ldap.cfg file to reflect our
environment.  We're using OpenLDAP 1.2.9.

The server worked perfectly for the first 14 hours, but then died overnight.
After a fair amount of research, we found that Radiator dies when a user
tries to authenticate using an incorrect username.  In our case, it's a
matter of a misspelled username, or old username that is no longer valid.
Subsequent authentication attempts fall silently on Radiator's ears (fail)
until Radiator is killed and restarted.

OpenLDAP returns an error code of errno=0 and nentries=0 when the username
is entered incorrectly, and the last log entry message says: Connecting to
localhost, port 389.  Radiator no longer processes authenication requests
until restarted.

Here is our config file and a trace 4 segment from our log for your review:

# Revised radius.cfg based on ldap.cfg #

LogDir  .
LogFile ./%Y-%m-logfile
DbDir           .
Trace           4


<Client xxx.xxx.xx.xx>
        Secret  yyyyyyyy
        DupInterval 0
</Client>

<Client localhost>
      Secret  yyyyyyyy
        DupInterval 0
</Client>

<Realm DEFAULT>

        <AuthBy LDAP2>
                Host                    localhost
                AuthDN          cn=Manager, o=my.domain.org, c=US
                AuthPassword    xxxxxxxx
                BaseDN          o=my.doman.org, c=US
                UsernameAttr    uid
                EncryptedPasswordAttr userPassword

                AddToReply Framed-Protocol = PPP,\
                Service-Type = Framed-User,\
                Framed-IP-Netmask = 255.255.255.254,\
                Framed-Routing = None,\
                Framed-MTU = 1500,\
                Framed-Compression = Van-Jacobson-TCP-IP

                Debug 255
        </AuthBy>

        AcctLogFileName ./%Y-%m-Accounting_detail

</Realm>

Here's an excerpt from our logfile:

Wed May 10 17:58:29 2000: DEBUG: Packet dump:
*** Received from 134.174.91.8 port 2081 ....

Packet length = 82
01 17 00 52 d7 c4 ad e2 73 30 a9 2e cf 5c 65 3a
eb 48 e1 06 01 08 73 6d 6f 6b 65 79 02 12 96 ab
95 a0 38 83 f6 98 b2 af 5d b7 7e f3 42 6f 20 12
4c 61 6e 52 6f 76 65 72 45 5f 32 41 33 35 43 30
04 06 86 ae 5b 08 05 06 00 00 50 15 3d 06 00 00
00 00
Code:       Access-Request
Identifier: 23
Authentic:  <215><196><173><226>s0<169>.<207>\e:<235>H<225><6>
Attributes:
        User-Name = "smokey"
        User-Password =
"<150><171><149><160>8<131><246><152><178><175>]<183>~<243>Bo"
        NAS-Identifier = "LanRoverE_2A35C0"
        NAS-IP-Address = 134.174.91.8
        NAS-Port = 20501
        NAS-Port-Type = Async

Wed May 10 17:58:29 2000: DEBUG: Handling request with Handler
'Realm=DEFAULT'
Wed May 10 17:58:29 2000: DEBUG:  Deleting session for smokey, 134.174.91.8,
20501
Wed May 10 17:58:29 2000: DEBUG: Handling with Radius::AuthLDAP2
Wed May 10 17:58:29 2000: DEBUG: Connecting to localhost, port 389


===
Archive at http://www.starport.net/~radiator/
Announcements on [EMAIL PROTECTED]
To unsubscribe, email '[EMAIL PROTECTED]' with
'unsubscribe radiator' in the body of the message.

Reply via email to