Bug #8466
closedradiusd crash
0%
Description
Radiusd crash when for a user is set a password in plain text containing " (double qoutes)
After this all users get auth failed.
I'm getting this on pfsense version 2.4.3 latest stable amd64, is the only version i have installed.
Updated by Yury Zaytsev almost 4 years ago
Same here on 2.4.5-RELEASE-p1 (amd64) - a nice way of locking yourself out of pfSense :-(
Updated by Viktor Gurov almost 4 years ago
- Affected Version deleted (
2.4.3)
able to reproduce:
Thu Dec 10 18:21:14 2020 : Error: /usr/local/etc/raddb/mods-config/files/authorize[2]: Parse error (check) for entry radiususer1: Expected end of line or comma Thu Dec 10 18:21:14 2020 : Error: Failed reading /usr/local/etc/raddb/mods-config/files/authorize Thu Dec 10 18:21:14 2020 : Error: /usr/local/etc/raddb/mods-enabled/files[9]: Instantiation failed for module "files"
fix:
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/15
Updated by Renato Botelho almost 4 years ago
- Status changed from New to Feedback
- Assignee set to Viktor Gurov
PR has been merged. Thanks!
Updated by Danilo Zrenjanin almost 4 years ago
I tested on the latest snapshot. It still allows entering " as the first character.
e.g., entering the password "pfsense will pass the check but get stuck when the user tries to log in.
Updated by Danilo Zrenjanin almost 4 years ago
Updated by Jim Pingle almost 4 years ago
- Status changed from Feedback to Pull Request Review
Updated by Renato Botelho almost 4 years ago
- Status changed from Pull Request Review to Feedback
- Assignee changed from Viktor Gurov to Danilo Zrenjanin
PR has been merged. Thanks!
Updated by Danilo Zrenjanin almost 4 years ago
I retested and added another minor fix.
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/51
Updated by Jim Pingle almost 4 years ago
- Status changed from Feedback to Pull Request Review
Updated by Renato Botelho almost 4 years ago
- Status changed from Pull Request Review to Feedback
Merged
Updated by Danilo Zrenjanin almost 4 years ago
- Status changed from Feedback to Resolved
Tested on the latest release.
It works as expected. Ticket resolved.