Bug 404243

Summary: Freeradius binds to random port
Product: [openSUSE] openSUSE 11.0 Reporter: Moritz M <dr.glastonbury>
Component: NetworkAssignee: Pavol Rusnak <prusnak>
Status: RESOLVED FIXED QA Contact: E-mail List <qa-bugs>
Severity: Normal    
Priority: P5 - None CC: cleidh_mor, herbert, meissner, o.nicolas, security-team, wolfgang
Version: Final   
Target Milestone: ---   
Hardware: i586   
OS: openSUSE 11.0   
Whiteboard:
Found By: Community of Practice Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Moritz M 2008-06-26 18:09:28 UTC 
Hi,
I'm using Freeradius for my WLAN-AP an configured it with this howto: http://wiki.freeradius.org/WPA_HOWTO

The new Version of Freeradius which comes with openSUSE-11.0 uses a new method to bind Port and IP-Address:

# radiusd -X -f
[...]
radiusd: #### Opening IP addresses and Ports ####
listen {
        type = "auth"
        ipaddr = 192.168.112.1
        port = 1812
}
listen {
        type = "acct"
        ipaddr = 192.168.112.1
        port = 1813
}
main {
        snmp = no
        smux_password = ""
        snmp_write_access = no
}
Listening on authentication address 192.168.112.1 port 27596
Listening on accounting address 192.168.112.1 port 27712
Ready to process requests.

As you can see, it just ignores the given port and uses everytime you start it a random one.
I found this bug already at the gentoo-bug-system: http://bugs.gentoo.org/show_bug.cgi?id=228887 but this solution didn't work for me.
Comment 1 Herbert Graeber 2008-06-30 08:17:21 UTC 
I can confirm this behavior.

It is solved in newer freeradius versiona. After installing freeradius 2.0.5 from the BuildService (network:aaa), the problem disapears.
Comment 2 Olivier Nicolas 2008-07-21 19:56:01 UTC 
I can also confirm the problem on X86-64

The problem was also discussed in freeRadius mailing list

http://www.mail-archive.com/freeradius-users@lists.freeradius.org/msg44977.html
Comment 3 Pavol Rusnak 2008-07-23 08:53:13 UTC 
I will update STABLE to 2.0.5.

Anja: are we going to do maintenance update for 11.0?
Comment 5 Pavol Rusnak 2008-07-31 08:27:57 UTC 
*** Bug 413250 has been marked as a duplicate of this bug. ***
Comment 6 Stephan Kulow 2008-08-01 09:08:00 UTC 
according to #413250 it's a security problem, so we should do it. Marcus, does security-team approve the update?
Comment 7 Marcus Meissner 2008-08-01 09:44:23 UTC 
it just came in via the opensuse-security list, only mildy security relevant.


Its however a critical bug in my eyes, so Anja, please go ahead ;)
Comment 9 Pavol Rusnak 2008-08-01 15:32:42 UTC 
Submitted to 11.0. Patchinfos created.
Comment 10 Anja Stock 2008-08-07 09:55:31 UTC 
released
Comment 11 Pavol Rusnak 2008-08-12 16:07:01 UTC 
Closing then.