Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[defect]: rlm_rest use only last attribute with multiple tags #5298

Closed
vitalvas opened this issue Feb 27, 2024 · 1 comment
Closed

[defect]: rlm_rest use only last attribute with multiple tags #5298

vitalvas opened this issue Feb 27, 2024 · 1 comment
Labels
defect category: a defect or misbehaviour

Comments

@vitalvas
Copy link

What type of defect/bug is this?

Unexpected behaviour (obvious or verified by project member)

How can the issue be reproduced?

  1. Configure http server by response this json string:
{"Framed-Pool":{"value":"pppoe-pool"},"Session-Timeout":{"value":"120"},"ERX-Service-Activate:1":{"value":"svc-global-pppoe(10485760,10485760)"},"ERX-Service-Activate:4":{"value":"svc-guest-pppoe"}}
  1. Make Access-Request.

Log output from the FreeRADIUS daemon

(0) Received Access-Request Id 26 from 192.0.2.11:62238 to 192.0.2.1:1812 length 221
(0)   User-Name = "test"
(0)   Service-Type = Framed-User
(0)   Framed-Protocol = PPP
(0)   CHAP-Password = 0x03ceba0024a24af946e39468e14bbc22a2
(0)   CHAP-Challenge = 0x83614639140874125973ccba6ab124f26c24c97ee2
(0)   Chargeable-User-Identity = 0x00
(0)   Acct-Session-Id = "1609632"
(0)   ERX-Dhcp-Mac-Addr = "5254.0094.243e"
(0)   NAS-Identifier = "mx304-test"
(0)   NAS-Port = 99
(0)   NAS-Port-Id = "et-0/0/0.3221748367:99"
(0)   NAS-Port-Type = Ethernet
(0)   ERX-Client-Profile-Name = "dpf-pppoe:"
(0)   ERX-Pppoe-Description = "pppoe 52:54:00:94:24:3e"
(0)   NAS-IP-Address = 192.0.2.11
(0) # Executing section authorize from file /etc/freeradius/sites-enabled/billing
(0)   authorize {
rlm_rest (rest): Reserved connection (0)
(0) rest: Expanding URI components
(0) rest: EXPAND http://127.0.0.1:8010
(0) rest:    --> http://127.0.0.1:8010
(0) rest: EXPAND /freeradius/%{ERX-Client-Profile-Name}/authorize
(0) rest:    --> /freeradius/dpf-pppoe%3A/authorize
(0) rest: Sending HTTP POST to "http://127.0.0.1:8010/freeradius/dpf-pppoe%3A/authorize"
(0) rest: Encoding attribute "User-Name"
(0) rest: Encoding attribute "CHAP-Password"
(0) rest: Encoding attribute "NAS-IP-Address"
(0) rest: Encoding attribute "NAS-Port"
(0) rest: Encoding attribute "Service-Type"
(0) rest: Encoding attribute "Framed-Protocol"
(0) rest: Encoding attribute "NAS-Identifier"
(0) rest: Encoding attribute "CHAP-Challenge"
(0) rest: Encoding attribute "NAS-Port-Type"
(0) rest: Encoding attribute "Acct-Session-Id"
(0) rest: Encoding attribute "NAS-Port-Id"
(0) rest: Encoding attribute "Chargeable-User-Identity"
(0) rest: Encoding attribute "ERX-Pppoe-Description"
(0) rest: Encoding attribute "ERX-Dhcp-Mac-Addr"
(0) rest: Encoding attribute "ERX-Client-Profile-Name"
(0) rest: Processing response header
(0) rest:   Status : 200 (OK)
(0) rest:   Type   : json (application/json)
(0) rest: Adding reply:REST-HTTP-Status-Code = "200"
(0) rest: Parsing attribute "Framed-Pool"
(0) rest: EXPAND pppoe-pool
(0) rest:    --> pppoe-pool
(0) rest: Framed-Pool := "pppoe-pool"
(0) rest: Parsing attribute "Session-Timeout"
(0) rest: EXPAND 120
(0) rest:    --> 120
(0) rest: Session-Timeout := 120
(0) rest: Parsing attribute "ERX-Service-Activate:1"
(0) rest: EXPAND svc-global-pppoe(10485760,10485760)
(0) rest:    --> svc-global-pppoe(10485760,10485760)
(0) rest: ERX-Service-Activate:1 := "svc-global-pppoe(10485760,10485760)"
(0) rest: Parsing attribute "ERX-Service-Activate:4"
(0) rest: EXPAND svc-guest-pppoe
(0) rest:    --> svc-guest-pppoe
(0) rest: ERX-Service-Activate:4 := "svc-guest-pppoe"
rlm_rest (rest): Released connection (0)
Need more connections to reach 10 spares
rlm_rest (rest): Opening additional connection (5), 1 of 27 pending slots used
rlm_rest (rest): Connecting to "http://127.0.0.1:8010"
(0)     [rest] = updated
(0)     if (ok || updated) {
(0)     if (ok || updated)  -> TRUE
(0)     if (ok || updated)  {
(0)       update control {
(0)         Auth-Type := Accept
(0)       } # update control = noop
(0)     } # if (ok || updated)  = noop
(0)   } # authorize = updated
(0) Found Auth-Type = Accept
(0) Auth-Type = Accept, accepting the user
(0) Sent Access-Accept Id 26 from 192.0.2.1:1812 to 192.0.2.11:62238 length 62
(0)   Framed-Pool = "pppoe-pool"
(0)   Session-Timeout = 120
(0)   ERX-Service-Activate:4 = "svc-guest-pppoe"
(0) Finished request

Relevant log output from client utilities

No response

Backtrace from LLDB or GDB

No response
@vitalvas vitalvas added the defect category: a defect or misbehaviour label Feb 27, 2024
@alandekok
Copy link
Member

You need to add an operator to the returned json. This tells the server whether it should over-write existing attributes, add them, etc.

This is documented: https://github.com/FreeRADIUS/freeradius-server/blob/v3.2.x/raddb/mods-available/rest#L139

The operators are the normal :=, +=, etc. In this cae you want += for the tagged attributes.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
defect category: a defect or misbehaviour
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@alandekok @vitalvas