bin/61294: [patch] PPP sends incorrect data to RADIUS where OctetsIn or OctetsOut are going over UINT32_MAX

boris at tagnet.ru boris at tagnet.ru
Mon Jan 12 23:30:26 PST 2004 

>Number:         61294
>Category:       bin
>Synopsis:       [patch] PPP sends incorrect data to RADIUS where OctetsIn or OctetsOut are going over UINT32_MAX
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Mon Jan 12 23:30:18 PST 2004
>Closed-Date:
>Last-Modified:
>Originator:     Boris Kovalenko
>Release:        FreeBSD 5.1-RELEASE-p10 i386
>Organization:
JSC Tagnet
>Environment:
System: FreeBSD ns.palladant.ru 5.1-RELEASE-p10 FreeBSD 5.1-RELEASE-p10 #3: Thu Nov 20 09:50:51 YEKT 2003 root at ns.palladant.ru:/usr/src/sys/i386/compile/PALLADA i386


	
>Description:
    When RADIUS is enabled in PPP it send its accounting data to RADIUS. 
    OctetsIn and OctetsOut are defined as unsigned long long (UINT64) values,
    but RADIUS allows only UINT32 values, so we are loosing information when
    values goes over UINT32_MAX limit. RFC2869 defines two new RADIUS attributes
    Acct-Input-Gigawords and Acct-Output-Gigawords to tell the RADIUS how many
    times Acct-Input-Octets and Acct-Output-Octets has wrapped around UINT32_MAX.
    So we need to put this attributes in RADIUS request and also modify OctetsIn
    and OctetsOut as needed.
>How-To-Repeat:
    Try to download more then 4G with PPP connection. This is really possible
    if use PPPoE.
>Fix:
    Patches attached.
    
--- radlib.h.diff begins here ---
--- radlib.h.orig	Tue Jan 13 09:01:15 2004
+++ radlib.h	Tue Jan 13 11:29:44 2004
@@ -168,6 +168,9 @@
         #define RAD_TERM_HOST_REQUEST		18
 #define	RAD_ACCT_MULTI_SESSION_ID	50	/* String */
 #define	RAD_ACCT_LINK_COUNT		51	/* Integer */
+/* RFC 2869 */
+#define	RAD_ACCT_INPUT_GIGAWORDS	52
+#define	RAD_ACCT_OUTPUT_GIGAWORDS	53
 
 struct rad_handle;
 struct timeval;
--- radlib.h.diff ends here ---

--- radius.c.diff begins here ---
--- radius.c.orig	Sat Jun 28 21:37:04 2003
+++ radius.c	Tue Jan 13 11:40:37 2004
@@ -27,6 +27,7 @@
  *
  */
 
+#include <stdint.h>
 #include <sys/param.h>
 
 #include <sys/socket.h>
@@ -1144,9 +1145,11 @@
 
   if (acct_type == RAD_STOP)
   /* Show some statistics */
-    if (rad_put_int(r->cx.rad, RAD_ACCT_INPUT_OCTETS, stats->OctetsIn) != 0 ||
+    if (rad_put_int(r->cx.rad, RAD_ACCT_INPUT_OCTETS, stats->OctetsIn % UINT32_MAX) != 0 ||
         rad_put_int(r->cx.rad, RAD_ACCT_INPUT_PACKETS, stats->PacketsIn) != 0 ||
-        rad_put_int(r->cx.rad, RAD_ACCT_OUTPUT_OCTETS, stats->OctetsOut) != 0 ||
+        rad_put_int(r->cx.rad, RAD_ACCT_OUTPUT_OCTETS, stats->OctetsOut % UINT32_MAX) != 0 ||
+        rad_put_int(r->cx.rad, RAD_ACCT_INPUT_GIGAWORDS, stats->OctetsIn / UINT32_MAX) != 0 ||
+        rad_put_int(r->cx.rad, RAD_ACCT_OUTPUT_GIGAWORDS, stats->OctetsOut / UINT32_MAX) != 0 ||
         rad_put_int(r->cx.rad, RAD_ACCT_OUTPUT_PACKETS, stats->PacketsOut)
         != 0 ||
         rad_put_int(r->cx.rad, RAD_ACCT_SESSION_TIME, throughput_uptime(stats))
--- radius.c.diff ends here ---


>Release-Note:
>Audit-Trail:
>Unformatted:

More information about the freebsd-bugs mailing list