bin/61294: [patch] PPP sends incorrect data to RADIUS where
OctetsIn or OctetsOut are going over UINT32_MAX
boris at tagnet.ru
boris at tagnet.ru
Mon Jan 12 23:30:26 PST 2004
>Number: 61294
>Category: bin
>Synopsis: [patch] PPP sends incorrect data to RADIUS where OctetsIn or OctetsOut are going over UINT32_MAX
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Mon Jan 12 23:30:18 PST 2004
>Closed-Date:
>Last-Modified:
>Originator: Boris Kovalenko
>Release: FreeBSD 5.1-RELEASE-p10 i386
>Organization:
JSC Tagnet
>Environment:
System: FreeBSD ns.palladant.ru 5.1-RELEASE-p10 FreeBSD 5.1-RELEASE-p10 #3: Thu Nov 20 09:50:51 YEKT 2003 root at ns.palladant.ru:/usr/src/sys/i386/compile/PALLADA i386
>Description:
When RADIUS is enabled in PPP it send its accounting data to RADIUS.
OctetsIn and OctetsOut are defined as unsigned long long (UINT64) values,
but RADIUS allows only UINT32 values, so we are loosing information when
values goes over UINT32_MAX limit. RFC2869 defines two new RADIUS attributes
Acct-Input-Gigawords and Acct-Output-Gigawords to tell the RADIUS how many
times Acct-Input-Octets and Acct-Output-Octets has wrapped around UINT32_MAX.
So we need to put this attributes in RADIUS request and also modify OctetsIn
and OctetsOut as needed.
>How-To-Repeat:
Try to download more then 4G with PPP connection. This is really possible
if use PPPoE.
>Fix:
Patches attached.
--- radlib.h.diff begins here ---
--- radlib.h.orig Tue Jan 13 09:01:15 2004
+++ radlib.h Tue Jan 13 11:29:44 2004
@@ -168,6 +168,9 @@
#define RAD_TERM_HOST_REQUEST 18
#define RAD_ACCT_MULTI_SESSION_ID 50 /* String */
#define RAD_ACCT_LINK_COUNT 51 /* Integer */
+/* RFC 2869 */
+#define RAD_ACCT_INPUT_GIGAWORDS 52
+#define RAD_ACCT_OUTPUT_GIGAWORDS 53
struct rad_handle;
struct timeval;
--- radlib.h.diff ends here ---
--- radius.c.diff begins here ---
--- radius.c.orig Sat Jun 28 21:37:04 2003
+++ radius.c Tue Jan 13 11:40:37 2004
@@ -27,6 +27,7 @@
*
*/
+#include <stdint.h>
#include <sys/param.h>
#include <sys/socket.h>
@@ -1144,9 +1145,11 @@
if (acct_type == RAD_STOP)
/* Show some statistics */
- if (rad_put_int(r->cx.rad, RAD_ACCT_INPUT_OCTETS, stats->OctetsIn) != 0 ||
+ if (rad_put_int(r->cx.rad, RAD_ACCT_INPUT_OCTETS, stats->OctetsIn % UINT32_MAX) != 0 ||
rad_put_int(r->cx.rad, RAD_ACCT_INPUT_PACKETS, stats->PacketsIn) != 0 ||
- rad_put_int(r->cx.rad, RAD_ACCT_OUTPUT_OCTETS, stats->OctetsOut) != 0 ||
+ rad_put_int(r->cx.rad, RAD_ACCT_OUTPUT_OCTETS, stats->OctetsOut % UINT32_MAX) != 0 ||
+ rad_put_int(r->cx.rad, RAD_ACCT_INPUT_GIGAWORDS, stats->OctetsIn / UINT32_MAX) != 0 ||
+ rad_put_int(r->cx.rad, RAD_ACCT_OUTPUT_GIGAWORDS, stats->OctetsOut / UINT32_MAX) != 0 ||
rad_put_int(r->cx.rad, RAD_ACCT_OUTPUT_PACKETS, stats->PacketsOut)
!= 0 ||
rad_put_int(r->cx.rad, RAD_ACCT_SESSION_TIME, throughput_uptime(stats))
--- radius.c.diff ends here ---
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-bugs
mailing list