[Chilli] Infinite redirect loop

David Bird david at coova.com
Thu Dec 1 05:45:39 UTC 2011

I'm confused.. did radius timeout or did it deliver the WISPr redirection URL? There are some changes in this regard pending in development... generally, a redirect loop means a redirect URL is not in the walled garden (which is bad).

Ryan Day <ryan.day at cirrusworks.net> wrote:

>I've seen a problem with some of my Coova installations where I get an
>infinite redirect loop, typically after a RADIUS timeout and the user is
>still making web requests. This happens if there is a WISPr Redirect URL
>set and the user tries to log back in after the timeout. What seems to
>be happening is the initial redirect to the UAM page (which is offsite)
>is being replaced with the previously assigned WISPr Redirect URL. For
>example when printing out my redirect url in the logs, it looks like:
>Since my.wispr.redirect.com is not allowed yet in this session(radius
>timeout has occured and I'm logged out), I am redirected again, and
>again, and again. I should be redirected to
>http://my.uam.authentication.com, but it looks like something is getting
>I've had this problem across several versions (1.2.2, 1.2.5 and 1.2.8)
>and I've been working on it with 1.2.8. After some experimentation, I've
>made a change in redir.c on line ~4035(I've added extra debugging):
>-    char * base_url = (conn.s_params.flags & REQUIRE_REDIRECT &&
>-                       conn.s_params.url[0]) ? (char
>*)conn.s_params.url : redir->homepage;
>+    char * base_url = redir->homepage;
>This doesn't cause any redirection issues, and I can't simulate the
>infinite redirection loop any more. However, I'm not very familiar with
>the code so I'm not sure if this has any undesirable side effects that I
>just haven't seen yet.
>Has anyone else seen this problem? What am I losing by change the
>conditional when determining the base url?
>Chilli mailing list
>Chilli at coova.org

More information about the Chilli mailing list