Re: Segmentation fault when linking 2.2.0 against openSSL 1.0.1c
On 17 Sep 2012, at 10:34, Stefan Winter wrote: > Hi, > --with-openssl-includes=/usr/local/freeradius/openssl-1.0.1c/include/openssl > >>> Are you sure? The "openssl SEGV" problem is almost always because you >>> have two versions of OpenSSL installed. >>> >>> What is likely happening is that the compile stage is picking up the >>> system-supplied OpenSSL include files. The way to test this is to >>> rename / move them, do the build, and then the install. >>> >>> If it now works, it was picking up OpenSSL X, and linking against >>> OpenSSL Y. >> >> Hm, okay... will do. > > That was it indeed. Had to change the include path above to > --with-openssl-includes=/usr/local/freeradius/openssl-1.0.1c/include > > because configure adds the openssl/ sub-path on its own. Now it works > like a charm (as usual :-) ). > > Thanks! Also you have a typo in your config, should be "earli", assuming the Reply-Message is meant to be read with a piratey accent. -Arran - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Segmentation fault when linking 2.2.0 against openSSL 1.0.1c
Hi, >>> --with-openssl-includes=/usr/local/freeradius/openssl-1.0.1c/include/openssl >> Are you sure? The "openssl SEGV" problem is almost always because you >> have two versions of OpenSSL installed. >> >> What is likely happening is that the compile stage is picking up the >> system-supplied OpenSSL include files. The way to test this is to >> rename / move them, do the build, and then the install. >> >> If it now works, it was picking up OpenSSL X, and linking against >> OpenSSL Y. > > Hm, okay... will do. That was it indeed. Had to change the include path above to --with-openssl-includes=/usr/local/freeradius/openssl-1.0.1c/include because configure adds the openssl/ sub-path on its own. Now it works like a charm (as usual :-) ). Thanks! Stefan > > Stefan > >> >> Alan DeKok. >> - >> List info/subscribe/unsubscribe? See >> http://www.freeradius.org/list/users.html >> > > > > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > -- Stefan WINTER Ingenieur de Recherche Fondation RESTENA - Réseau Téléinformatique de l'Education Nationale et de la Recherche 6, rue Richard Coudenhove-Kalergi L-1359 Luxembourg Tel: +352 424409 1 Fax: +352 422473 signature.asc Description: OpenPGP digital signature - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Segmentation fault when linking 2.2.0 against openSSL 1.0.1c
Hi, >> Today, I compiled with >> >> --with-openssl >> --with-openssl-includes=/usr/local/freeradius/openssl-1.0.1c/include/openssl >> >> --with-openssl-libraries=/usr/local/freeradius/openssl-1.0.1c/lib >> >> the path is in ld.so.conf, and ldd shows that linking against this new >> version works. > > Are you sure? The "openssl SEGV" problem is almost always because you > have two versions of OpenSSL installed. > > What is likely happening is that the compile stage is picking up the > system-supplied OpenSSL include files. The way to test this is to > rename / move them, do the build, and then the install. > > If it now works, it was picking up OpenSSL X, and linking against > OpenSSL Y. Hm, okay... will do. Stefan > > Alan DeKok. > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > -- Stefan WINTER Ingenieur de Recherche Fondation RESTENA - Réseau Téléinformatique de l'Education Nationale et de la Recherche 6, rue Richard Coudenhove-Kalergi L-1359 Luxembourg Tel: +352 424409 1 Fax: +352 422473 signature.asc Description: OpenPGP digital signature - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Segmentation fault when linking 2.2.0 against openSSL 1.0.1c
Stefan Winter wrote: > until today, I have been running FreeRADIUS 2.2.0 successfully with a > system-supplied openSSL. > > Today, I compiled with > > --with-openssl > --with-openssl-includes=/usr/local/freeradius/openssl-1.0.1c/include/openssl > > --with-openssl-libraries=/usr/local/freeradius/openssl-1.0.1c/lib > > the path is in ld.so.conf, and ldd shows that linking against this new > version works. Are you sure? The "openssl SEGV" problem is almost always because you have two versions of OpenSSL installed. What is likely happening is that the compile stage is picking up the system-supplied OpenSSL include files. The way to test this is to rename / move them, do the build, and then the install. If it now works, it was picking up OpenSSL X, and linking against OpenSSL Y. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Segmentation fault when linking 2.2.0 against openSSL 1.0.1c
Hi, until today, I have been running FreeRADIUS 2.2.0 successfully with a system-supplied openSSL. Today, I compiled with --with-openssl --with-openssl-includes=/usr/local/freeradius/openssl-1.0.1c/include/openssl --with-openssl-libraries=/usr/local/freeradius/openssl-1.0.1c/lib the path is in ld.so.conf, and ldd shows that linking against this new version works. However, when running PEAP on this version, I get a segmentation fault now: [eap] Request found, released from the list [eap] EAP/peap [eap] processing type peap [peap] processing EAP-TLS [peap] eaptls_verify returned 7 [peap] Done initial handshake [peap] eaptls_process returned 7 [peap] EAPTLS_OK [peap] Session established. Decoding tunneled attributes. [peap] Peap state send tlv success [peap] Received EAP-TLV response. [peap] Success [peap] Using saved attributes from the original Access-Accept User-Name = "test.edur...@education.lu" Reply-Message = "What shall we do with the drunken sailor? What shall we do with the drunken sailor? What shall we do with the drunken sailor - early in the morning? Give him eduroam." Reply-Message = "What shall we do with the drunken sailor? What shall we do with the drunken sailor? What shall we do with the drunken sailor - early in the morning? Give him eduroam." Reply-Message = "What shall we do with the drunken sailor? What shall we do with the drunken sailor? What shall we do with the drunken sailor - early in the morning? Give him eduroam." Reply-Message = "What shall we do with the drunken sailor? What shall we do with the drunken sailor? What shall we do with the drunken sailor - early in the morning? Give him eduroam." Reply-Message = "What shall we do with the drunken sailor? What shall we do with the drunken sailor? What shall we do with the drunken sailor - early in the morning? Give him eduroam." Reply-Message = "What shall we do with the drunken sailor? What shall we do with the drunken sailor? What shall we do with the drunken sailor - early in the morning? Give him eduroam." Reply-Message = "What shall we do with the drunken sailor? What shall we do with the drunken sailor? What shall we do with the drunken sailor - early in the morning? Give him eduroam." Reply-Message = "What shall we do with the drunken sailor? What shall we do with the drunken sailor? What shall we do with the drunken sailor - early in the morning? Give him eduroam." Reply-Message = "What shall we do with the drunken sailor? What shall we do with the drunken sailor? What shall we do with the drunken sailor - early in the morning? Give him eduroam." Reply-Message = "What shall we do with the drunken sailor? What shall we do with the drunken sailor? What shall we do with the drunken sailor - early in the morning? Give him eduroam." Segmentation fault The repetition of that attribute is NOT an error; it's there to inflate the packet beyond 1500 bytes to trigger UDP fragmentation (this is our Nagios testing). In 2.2.0 against the old openSSL version, everything works fine - Access-Accept. Any hints? Greetings, Stefan winter -- Stefan WINTER Ingenieur de Recherche Fondation RESTENA - Réseau Téléinformatique de l'Education Nationale et de la Recherche 6, rue Richard Coudenhove-Kalergi L-1359 Luxembourg Tel: +352 424409 1 Fax: +352 422473 signature.asc Description: OpenPGP digital signature - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html