RADIUS Protocol Analyzer

Description

topic/vladg/radius is ready to be merged. It's been running at CMU for a few months with no issues.

Environment

None

Activity

Show:
Robin Sommer
February 14, 2014, 7:24 PM

Nice!

Do you have a test trace?

Two questions for scripts/base/protocols/radius/main.bro:

  • I'm not sure I understand the expiration logic: is the assumption that even after expire() has expired an entry, there'll be a further message coming in for that ID and then it will be logged? In other words, I would have expected expire() to log the entry itself.

  • the attribute list is a vector but no other elements than the first are used?

Robin Sommer
March 31, 2014, 7:10 PM

Vlad, any trace?

What about the two questions above?

Vlad Grigorescu
March 31, 2014, 9:54 PM

Found my trace. I need to sanitize it and will create a test for it.

  • For the expiration logic - you're right, expire should log the entry. I'll try to get that a test for that as well.

  • For the attribute list - it's a vector because technically you could have multiple entries of the same attribute type. The only place this seems to happen in the real world is for the vendor-specific type. I have some code that would deal with those types, but it requires some further work (and that won't be a base script). I'm not sure what to do in the case that other attribute types (e.g. username, calling station id, etc.) are present multiple times. It's not a violation of the RFC, so perhaps just a weird?

Robin Sommer
May 9, 2014, 3:08 PM

Ping.

Vlad Grigorescu
May 15, 2014, 4:21 PM

Sorry for the delay...

  • expiration logic fixed

  • baselines updated

  • functional and memleak btests added

It's good to go.

Assignee

Robin Sommer

Reporter

Vlad Grigorescu

Labels

None

External issue ID

None

Components

Fix versions

Affects versions

Priority

Normal
Configure