From nobody@FreeBSD.org  Mon Sep 28 14:10:02 2009
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 341C6106566B
	for <freebsd-gnats-submit@FreeBSD.org>; Mon, 28 Sep 2009 14:10:02 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (www.freebsd.org [IPv6:2001:4f8:fff6::21])
	by mx1.freebsd.org (Postfix) with ESMTP id 226358FC08
	for <freebsd-gnats-submit@FreeBSD.org>; Mon, 28 Sep 2009 14:10:02 +0000 (UTC)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by www.freebsd.org (8.14.3/8.14.3) with ESMTP id n8SEA1hf001118
	for <freebsd-gnats-submit@FreeBSD.org>; Mon, 28 Sep 2009 14:10:01 GMT
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.14.3/8.14.3/Submit) id n8SEA0EQ001117;
	Mon, 28 Sep 2009 14:10:00 GMT
	(envelope-from nobody)
Message-Id: <200909281410.n8SEA0EQ001117@www.freebsd.org>
Date: Mon, 28 Sep 2009 14:10:00 GMT
From: Sergey Bondarev <bond@techno-r.ru>
To: freebsd-gnats-submit@FreeBSD.org
Subject: libradius and 3 auth radius-servers
X-Send-Pr-Version: www-3.1
X-GNATS-Notify:

>Number:         139214
>Category:       kern
>Synopsis:       [libradius] libradius and 3 auth radius-servers
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    mav
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Mon Sep 28 14:20:03 UTC 2009
>Closed-Date:    Fri Oct 30 13:04:55 UTC 2009
>Last-Modified:  Fri Oct 30 13:10:06 UTC 2009
>Originator:     Sergey Bondarev
>Release:        6.4
>Organization:
>Environment:
FreeBSD r5.ru 6.4-RELEASE-p3 FreeBSD 6.4-RELEASE-p3 #1: Sun Feb  1 16:19:33 MSK 2009     bond@r5.ru:/usr/obj/usr/src/sys/YADROPU  i386

>Description:
radius.conf
acct 10.255.1.1 radius_password
auth 10.250.1.100 radius_password
auth 10.250.1.250 radius_password
auth 10.255.1.1 radius_password

Situation:
1. Freeradius on host 10.250.1.100 is not started, mpd4.4.1 try to auth user on radius-server. libradius try 10.250.1.100 - wait timeout, then try 10.250.1.250 and succefully authentificate user.

2. HOST 10.205.1.100 is DOWN. mpd4.4.1 try to auth user on radius-server. libradius try 10.250.1.100, get error -1 and exit.
libradius do not try other auth-radius-servers !!!

mpd.log
Sep 28 15:06:25 r5 mpd: [pptp14] AUTH: Auth-Thread started
Sep 28 15:06:25 r5 mpd: [pptp14] AUTH: Trying RADIUS
Sep 28 15:06:25 r5 mpd: [pptp14] RADIUS: RadiusAuthenticate for: user_login
Sep 28 15:06:25 r5 mpd: [pptp14] RADIUS: rad_init_send_request failed: -1 sendto: Host is down
Sep 28 15:06:25 r5 mpd: [pptp14] AUTH: RADIUS returned undefined
Sep 28 15:06:25 r5 mpd: [pptp14] AUTH: Trying INTERNAL

I see to radlib.c source:
        /* Send the request */
        n = sendto(h->fd, h->request, h->req_len, 0,
            (const struct sockaddr *)&h->servers[h->srv].addr,
            sizeof h->servers[h->srv].addr);
        if (n != h->req_len) {
                if (n == -1)
                        generr(h, "sendto: %s", strerror(errno));
                else
                        generr(h, "sendto: short write");
                return -1;
        }
Maybe remove "return -1;" ?

Backup (round-robin) radius server configuration is no work !


>How-To-Repeat:


>Fix:


>Release-Note:
>Audit-Trail:

From: Alexander Motin <mav@FreeBSD.org>
To: bug-followup@FreeBSD.org, bond@techno-r.ru
Cc:  
Subject: Re: misc/139214: libradius and 3 auth radius-servers
Date: Mon, 28 Sep 2009 21:54:41 +0300

 This is a multi-part message in MIME format.
 --------------050703030305070708070608
 Content-Type: text/plain; charset=KOI8-R
 Content-Transfer-Encoding: 7bit
 
 Please try this patch.  It is made against HEAD, but could be easily
 adopted to 6.x/7.x. Thank you.
 
 -- 
 Alexander Motin
 
 --------------050703030305070708070608
 Content-Type: text/plain;
  name="radlib.c.fail.patch"
 Content-Transfer-Encoding: 7bit
 Content-Disposition: inline;
  filename="radlib.c.fail.patch"
 
 --- radlib.c.prev	2009-09-15 20:43:48.000000000 +0300
 +++ radlib.c	2009-09-28 21:49:07.000000000 +0300
 @@ -650,17 +650,12 @@ rad_continue_send_request(struct rad_han
  	n = sendto(h->fd, h->out, h->out_len, 0,
  	    (const struct sockaddr *)&h->servers[h->srv].addr,
  	    sizeof h->servers[h->srv].addr);
 -	if (n != h->out_len) {
 -		if (n == -1)
 -			generr(h, "sendto: %s", strerror(errno));
 -		else
 -			generr(h, "sendto: short write");
 -		return -1;
 -	}
 -
 +	if (n != h->out_len)
 +		tv->tv_sec = 1; /* Do not wait full timeout if send failed. */
 +	else
 +		tv->tv_sec = h->servers[h->srv].timeout;
  	h->try++;
  	h->servers[h->srv].num_tries++;
 -	tv->tv_sec = h->servers[h->srv].timeout;
  	tv->tv_usec = 0;
  	*fd = h->fd;
  
 
 --------------050703030305070708070608--

From: Sergey Bondarev <bond@techno-r.ru>
To: bug-followup@FreeBSD.org, bond@techno-r.ru
Cc: mav@FreeBSD.org
Subject: Re: misc/139214: libradius and 3 auth radius-servers
Date: Tue, 29 Sep 2009 22:57:20 +0400

 Hello Bug-followup,
 
   I found previos PR http://www.freebsd.org/cgi/query-pr.cgi?pr=103764&cat=
   and try patch from kern/103764.
   It worked.
 
   I also try patch from mav@, it work too...
 
 -- 
 Best regards,
  Sergey                          mailto:bond@techno-r.ru
 

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: misc/139214: commit references a PR
Date: Tue, 29 Sep 2009 19:09:32 +0000 (UTC)

 Author: mav
 Date: Tue Sep 29 19:09:17 2009
 New Revision: 197621
 URL: http://svn.freebsd.org/changeset/base/197621
 
 Log:
   Fix bug, when RADIUS client gave up after single sendto() error, do not
   trying backup servers.
   
   PR:		kern/103764, misc/139214
 
 Modified:
   head/lib/libradius/radlib.c
 
 Modified: head/lib/libradius/radlib.c
 ==============================================================================
 --- head/lib/libradius/radlib.c	Tue Sep 29 18:44:34 2009	(r197620)
 +++ head/lib/libradius/radlib.c	Tue Sep 29 19:09:17 2009	(r197621)
 @@ -650,17 +650,12 @@ rad_continue_send_request(struct rad_han
  	n = sendto(h->fd, h->out, h->out_len, 0,
  	    (const struct sockaddr *)&h->servers[h->srv].addr,
  	    sizeof h->servers[h->srv].addr);
 -	if (n != h->out_len) {
 -		if (n == -1)
 -			generr(h, "sendto: %s", strerror(errno));
 -		else
 -			generr(h, "sendto: short write");
 -		return -1;
 -	}
 -
 +	if (n != h->out_len)
 +		tv->tv_sec = 1; /* Do not wait full timeout if send failed. */
 +	else
 +		tv->tv_sec = h->servers[h->srv].timeout;
  	h->try++;
  	h->servers[h->srv].num_tries++;
 -	tv->tv_sec = h->servers[h->srv].timeout;
  	tv->tv_usec = 0;
  	*fd = h->fd;
  
 _______________________________________________
 svn-src-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/svn-src-all
 To unsubscribe, send any mail to "svn-src-all-unsubscribe@freebsd.org"
 
State-Changed-From-To: open->patched 
State-Changed-By: mav 
State-Changed-When: Tue Sep 29 19:10:07 UTC 2009 
State-Changed-Why:  
Fix committed to HEAD. 


Responsible-Changed-From-To: freebsd-bugs->mav 
Responsible-Changed-By: mav 
Responsible-Changed-When: Tue Sep 29 19:10:07 UTC 2009 
Responsible-Changed-Why:  
Fix committed to HEAD. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=139214 
State-Changed-From-To: patched->closed 
State-Changed-By: mav 
State-Changed-When: Fri Oct 30 13:04:28 UTC 2009 
State-Changed-Why:  
Merged to 8 and 7. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=139214 

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: kern/139214: commit references a PR
Date: Fri, 30 Oct 2009 13:02:27 +0000 (UTC)

 Author: mav
 Date: Fri Oct 30 13:02:08 2009
 New Revision: 198674
 URL: http://svn.freebsd.org/changeset/base/198674
 
 Log:
   MFC rev. 197621:
   Fix bug, when RADIUS client gave up after single sendto() error, do not
   trying backup servers.
   
   PR:		kern/103764, misc/139214
 
 Modified:
   stable/8/lib/libradius/   (props changed)
   stable/8/lib/libradius/radlib.c
 
 Modified: stable/8/lib/libradius/radlib.c
 ==============================================================================
 --- stable/8/lib/libradius/radlib.c	Fri Oct 30 12:59:22 2009	(r198673)
 +++ stable/8/lib/libradius/radlib.c	Fri Oct 30 13:02:08 2009	(r198674)
 @@ -650,17 +650,12 @@ rad_continue_send_request(struct rad_han
  	n = sendto(h->fd, h->out, h->out_len, 0,
  	    (const struct sockaddr *)&h->servers[h->srv].addr,
  	    sizeof h->servers[h->srv].addr);
 -	if (n != h->out_len) {
 -		if (n == -1)
 -			generr(h, "sendto: %s", strerror(errno));
 -		else
 -			generr(h, "sendto: short write");
 -		return -1;
 -	}
 -
 +	if (n != h->out_len)
 +		tv->tv_sec = 1; /* Do not wait full timeout if send failed. */
 +	else
 +		tv->tv_sec = h->servers[h->srv].timeout;
  	h->try++;
  	h->servers[h->srv].num_tries++;
 -	tv->tv_sec = h->servers[h->srv].timeout;
  	tv->tv_usec = 0;
  	*fd = h->fd;
  
 _______________________________________________
 svn-src-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/svn-src-all
 To unsubscribe, send any mail to "svn-src-all-unsubscribe@freebsd.org"
 

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: kern/139214: commit references a PR
Date: Fri, 30 Oct 2009 13:03:21 +0000 (UTC)

 Author: mav
 Date: Fri Oct 30 13:03:08 2009
 New Revision: 198675
 URL: http://svn.freebsd.org/changeset/base/198675
 
 Log:
   MFC rev. 197621:
   Fix bug, when RADIUS client gave up after single sendto() error, do not
   trying backup servers.
   
   PR:             kern/103764, misc/139214
 
 Modified:
   stable/7/lib/libradius/   (props changed)
   stable/7/lib/libradius/radlib.c
 
 Modified: stable/7/lib/libradius/radlib.c
 ==============================================================================
 --- stable/7/lib/libradius/radlib.c	Fri Oct 30 13:02:08 2009	(r198674)
 +++ stable/7/lib/libradius/radlib.c	Fri Oct 30 13:03:08 2009	(r198675)
 @@ -650,17 +650,12 @@ rad_continue_send_request(struct rad_han
  	n = sendto(h->fd, h->out, h->out_len, 0,
  	    (const struct sockaddr *)&h->servers[h->srv].addr,
  	    sizeof h->servers[h->srv].addr);
 -	if (n != h->out_len) {
 -		if (n == -1)
 -			generr(h, "sendto: %s", strerror(errno));
 -		else
 -			generr(h, "sendto: short write");
 -		return -1;
 -	}
 -
 +	if (n != h->out_len)
 +		tv->tv_sec = 1; /* Do not wait full timeout if send failed. */
 +	else
 +		tv->tv_sec = h->servers[h->srv].timeout;
  	h->try++;
  	h->servers[h->srv].num_tries++;
 -	tv->tv_sec = h->servers[h->srv].timeout;
  	tv->tv_usec = 0;
  	*fd = h->fd;
  
 _______________________________________________
 svn-src-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/svn-src-all
 To unsubscribe, send any mail to "svn-src-all-unsubscribe@freebsd.org"
 
>Unformatted:
