Bug #8466
closed
Added by Razvan Petrescu about 6 years ago.
Updated about 3 years ago.
Affected Architecture:
amd64
Description
Radiusd crash when for a user is set a password in plain text containing " (double qoutes)
After this all users get auth failed.
I'm getting this on pfsense version 2.4.3 latest stable amd64, is the only version i have installed.
Same here on 2.4.5-RELEASE-p1 (amd64) - a nice way of locking yourself out of pfSense :-(
- Affected Version deleted (
2.4.3)
able to reproduce:
Thu Dec 10 18:21:14 2020 : Error: /usr/local/etc/raddb/mods-config/files/authorize[2]: Parse error (check) for entry radiususer1: Expected end of line or comma
Thu Dec 10 18:21:14 2020 : Error: Failed reading /usr/local/etc/raddb/mods-config/files/authorize
Thu Dec 10 18:21:14 2020 : Error: /usr/local/etc/raddb/mods-enabled/files[9]: Instantiation failed for module "files"
fix:
https://gitlab.netgate.com/pfSense/FreeBSD-ports/-/merge_requests/15
- Status changed from New to Feedback
- Assignee set to Viktor Gurov
PR has been merged. Thanks!
I tested on the latest snapshot. It still allows entering " as the first character.
e.g., entering the password "pfsense will pass the check but get stuck when the user tries to log in.
- Status changed from Feedback to Pull Request Review
- Status changed from Pull Request Review to Feedback
- Assignee changed from Viktor Gurov to Danilo Zrenjanin
PR has been merged. Thanks!
- Status changed from Feedback to Pull Request Review
- Status changed from Pull Request Review to Feedback
- Status changed from Feedback to Resolved
Tested on the latest release.
It works as expected. Ticket resolved.
Also available in: Atom
PDF
Updated by 
Updated by Viktor Gurov 
Updated by 
Updated by 
Updated by