#773280 openvpn-auth-radius: invalid `route add' command on route without gateway

Package:
openvpn-auth-radius
Source:
openvpn-auth-radius
Description:
OpenVPN RADIUS authentication module
Submitter:
nest1ing
Date:
2014-12-18 09:27:05 UTC
Severity:
wishlist
#773280#5
Date:
2014-12-16 10:41:33 UTC
From:
To:
Dear Maintainer,

In our system radius return routes like '10.128.0.0/24'.
This response was prepared several VPN servers than should to register at this route
and connected party should be the gateway.

I fix the source than if worked correctly for me.
Perhaps it is deemed right in principle.
--- UserAcct.cpp.old	2014-12-16 13:20:37.699467727 +0300
+++ UserAcct.cpp	2014-12-16 13:30:57.367678753 +0300
@@ -699,7 +699,11 @@
 				strncat(routestring, "/" ,1);
 				strncat(routestring, framednetmask_cidr, 2);
 				strncat(routestring, " gw ", 4);
-				strncat(routestring, framedgw, 16);
+                if (framedgw[0] != '\0')
+                    strncat(routestring, framedgw, 16);
+                else
+                    strncat(routestring, this->getFramedIp().c_str(), this->getFramedIp().size());
+
 				if (framedmetric[0]!='\0')
 				{
 					strncat(routestring, " metric ", 8);
@@ -853,7 +857,11 @@
 				strncat(routestring, "/" ,1);
 				strncat(routestring, framednetmask_cidr, 2);
 				strncat(routestring, " gw ", 4);
-				strncat(routestring, framedgw, 16);
+                if (framedgw[0] != '\0')
+                    strncat(routestring, framedgw, 16);
+                else
+                    strncat(routestring, this->getFramedIp().c_str(), this->getFramedIp().size());
+
 				if (framedmetric[0]!='\0')
 				{
 					strncat(routestring, " metric ", 8);
#773280#10
Date:
2014-12-16 11:51:46 UTC
From:
To:
Hello!

Can you please be more verbosive? Which Radius Attribute are you referring to? Do you have a example config of your Radius Server, where you set the attribute. Can you please provide the resulting route string with and without your patch including logfiles?

Greetings Torge
#773280#15
Date:
2014-12-16 11:51:46 UTC
From:
To:
Hello!

Can you please be more verbosive? Which Radius Attribute are you referring to? Do you have a example config of your Radius Server, where you set the attribute. Can you please provide the resulting route string with and without your patch including logfiles?

Greetings Torge
#773280#20
Date:
2014-12-16 18:37:22 UTC
From:
To:

2014-12-16 14:51 GMT+03:00 Dr. Torge Szczepanek <debian@cygnusnetworks.de>:

Hello
like this:
  Framed-Route = 10.128.0.0/24

Logs without my patch:
Mon Dec 15 17:59:03 2014 RADIUS-PLUGIN: BACKGROUND ACCT: Get a command.
Mon Dec 15 17:59:03 2014 RADIUS-PLUGIN: BACKGROUND ACCT: New User.
Mon Dec 15 17:59:03 2014 RADIUS-PLUGIN: BACKGROUND ACCT: New user acct:
username: 2, interval: 0, calling station: XX.XX.XX.XX, commonname: 2,
framed ip: 172.122.0.2.
Mon Dec 15 17:59:03 2014 RADIUS-PLUGIN: BACKGROUND-ACCT:  Get
ACCOUNTING_RESPONSE-Packet.
Mon Dec 15 17:59:03 2014 RADIUS-PLUGIN: BACKGROUND ACCT: Start packet was
send.
Mon Dec 15 17:59:03 2014 RADIUS-PLUGIN: BACKGROUND ACCT: User was added to
accounting scheduler.
Mon Dec 15 17:59:03 2014 RADIUS-PLUGIN: BACKGROUND-ACCT:  Create route
string route add -net 10.128.0.0/24 gw  2> /dev/null.
Mon Dec 15 17:59:03 2014 RADIUS-PLUGIN: BACKGROUND-ACCT:  Route route add
-net 10.128.0.0/24 gw  2> /dev/null could not set. Route already set or bad
route string.
Mon Dec 15 17:59:03 2014 RADIUS-PLUGIN: FOREGROUND: Accouting succeeded!


Logs with my patch:
Tue Dec 16 15:00:47 2014 RADIUS-PLUGIN: BACKGROUND ACCT: Get a command.
Tue Dec 16 15:00:47 2014 RADIUS-PLUGIN: BACKGROUND ACCT: New User.
Tue Dec 16 15:00:47 2014 RADIUS-PLUGIN: BACKGROUND ACCT: New user acct:
username: 2, interval: 0, calling station: XX.XX.XX.XX, commonname: 2,
framed ip: 172.121.0.2.
Tue Dec 16 15:00:47 2014 RADIUS-PLUGIN: BACKGROUND-ACCT:  Get
ACCOUNTING_RESPONSE-Packet.
Tue Dec 16 15:00:47 2014 RADIUS-PLUGIN: BACKGROUND ACCT: Start packet was
send.
Tue Dec 16 15:00:47 2014 RADIUS-PLUGIN: BACKGROUND ACCT: User was added to
accounting scheduler.
Tue Dec 16 15:00:47 2014 RADIUS-PLUGIN: BACKGROUND-ACCT:  Create route
string route add -net 10.128.0.0/24 gw 172.121.0.2 2> /dev/null.
Tue Dec 16 15:00:47 2014 RADIUS-PLUGIN: BACKGROUND-ACCT:  Add route to
system routing table.
Tue Dec 16 15:00:47 2014 RADIUS-PLUGIN: FOREGROUND: Accouting succeeded!
#773280#25
Date:
2014-12-16 19:23:24 UTC
From:
To:
Forward due to missing CC
#773280#30
Date:
2014-12-16 19:25:15 UTC
From:
To:
2014-12-16 18:11 GMT+03:00 nestling <shurik.f@gmail.com>:

I fixed my patch. It now corresponds to the RFC, and also allows specify
the route without gateway.
#773280#35
Date:
2014-12-18 09:23:27 UTC
From:
To:
Hello!

Ok, great. I will take a look at this after my vacation mid of January.

Greetings Torge