I'm wondering if anyone else has seen this.
My setup is as follows, Seimens controller doing .1x auth, EAP-TLS
Both requests are from different users, and what I have now, is set
max_requests_per_server to 300
Doesn't seem to have helped, as radwatch is reporting that another
radiusd died....
Could this simply be an error with the specific certificates? I haven't
looked at it long enough to determine if the same two or three requests
are killing radiusd...
I got the following when running radiusd -X with openssl .0.9.7c on
gentoo, radius 1.1.1-r1
modcall[authorize]: module "sql" returns notfound for request 14091
modcall: leaving group authorize (returns updated) for request 14091
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 14091
rlm_eap: Request found, released from the list
rlm_eap: EAP/tls
rlm_eap: processing type tls
rlm_eap_tls: Authenticate
rlm_eap_tls: processing TLS
rlm_eap_tls: Received EAP-TLS ACK message
rlm_eap_tls: ack handshake is finished
eaptls_verify returned 3
eaptls_process returned 3
rlm_eap: Freeing handler
*** glibc detected *** free(): invalid pointer: 0x0b415350 ***
Aborted
I had thought that perhaps this was an error with openssl , so I
recompiled, with 0.9.8 openssl on gentoo, radiusd 1.1.1-r1
and now I get this.
modcall[authorize]: module "sql" returns notfound for request 13856
modcall: leaving group authorize (returns updated) for request 13856
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 13856
rlm_eap: Request found, released from the list
rlm_eap: EAP/tls
rlm_eap: processing type tls
rlm_eap_tls: Authenticate
rlm_eap_tls: processing TLS
rlm_eap_tls: Length Included
eaptls_verify returned 11
rlm_eap_tls: <<< TLS 1.0 Handshake [length 0297], Certificate
Segmentation fault
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
