(Fwd) Re: Seg Fault - radius 3.0 Debug
Hello,
I finally solved my issue. It was a problem of linking mysql libs.
I'm sorry . Apologies to all
but.. Maybe variables have changed but since 3.0 version the variable
%{Huntgroup-Name}
is no more recognized.
tested on version 2.1.11 - Works perfectly
Any ideas ?
Thanks
--- Forwarded message follows ---
Date sent: Thu, 17 Mar 2011 21:20:20 +
From: Alan Buxey a.l.m.bu...@lboro.ac.uk
To: nicolas.bre...@belcenter.biz
nicolas.bre...@belcenter.biz,
FreeRadius users mailing list freeradius-users@lists.freeradius.org
Subject:Re: Seg Fault - radius 3.0 Debug
Hi,
Here is my debug file with gbd on the seg fault
[Thread debugging using libthread_db enabled]
[New Thread 0x7600b700 (LWP 23433)]
[Thread 0x7600b700 (LWP 23433) exited]
Program received signal SIGSEGV, Segmentation fault.
0x76032890 in mysql_field_count () from
/usr/lib64/mysql/libmysqlclient_r.so.16
Missing separate debuginfos, use: debuginfo-install
glibc-2.13-1.x86_64
suggest you follow the information given to get more debugging info
out
alan
--- End of forwarded message ---
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: (Fwd) Re: Seg Fault - radius 3.0 Debug
Breuer Nicolas wrote:
but.. Maybe variables have changed but since 3.0 version the variable
%{Huntgroup-Name}
is no more recognized.
It should work. The git master branch hasn't changed any of that
functionality.
And (as always) what does debug mode say?
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
(Fwd) (Fwd) Re: Seg Fault - radius 3.0 Debug
The debug mode said anything - No errors.
My variable is in the SQLIPPOOL.conf file and called with %{Huntgroup-Name}
No values were returned.
With 2.1.11 - Same directory, dic files, etc , i have a value.
--- Forwarded message follows ---
Breuer Nicolas wrote:
but.. Maybe variables have changed but since 3.0 version the variable
%{Huntgroup-Name}
is no more recognized.
It should work. The git master branch hasn't changed any of that
functionality.
And (as always) what does debug mode say?
Alan DeKok.
--- Forwarded message follows ---
From: Breuer Nicolas nicolas.bre...@belcenter.biz
To: freeradius-users@lists.freeradius.org
Subject:(Fwd) Re: Seg Fault - radius 3.0 Debug
Date sent: Fri, 18 Mar 2011 12:45:23 +0100
Hello,
I finally solved my issue. It was a problem of linking mysql libs.
I'm sorry . Apologies to all
but.. Maybe variables have changed but since 3.0 version the variable
%{Huntgroup-Name}
is no more recognized.
tested on version 2.1.11 - Works perfectly
Any ideas ?
Thanks
--- Forwarded message follows ---
Date sent: Thu, 17 Mar 2011 21:20:20 +
From: Alan Buxey a.l.m.bu...@lboro.ac.uk
To: nicolas.bre...@belcenter.biz nicolas.bre...@belcenter.biz,
FreeRadius users mailing list freeradius-users@lists.freeradius.org
Subject: Re: Seg Fault - radius 3.0 Debug
Hi,
Here is my debug file with gbd on the seg fault
[Thread debugging using libthread_db enabled]
[New Thread 0x7600b700 (LWP 23433)]
[Thread 0x7600b700 (LWP 23433) exited]
Program received signal SIGSEGV, Segmentation fault.
0x76032890 in mysql_field_count () from
/usr/lib64/mysql/libmysqlclient_r.so.16
Missing separate debuginfos, use: debuginfo-install
glibc-2.13-1.x86_64
suggest you follow the information given to get more debugging info
out
alan
--- End of forwarded message ---
--- End of forwarded message ---
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: (Fwd) (Fwd) Re: Seg Fault - radius 3.0 Debug
Breuer Nicolas wrote: The debug mode said anything - No errors. Then I guess there are no problems. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Seg Fault - radius 3.0 Debug
Dear all, Here is my debug file with gbd on the seg fault [Thread debugging using libthread_db enabled] [New Thread 0x7600b700 (LWP 23433)] [Thread 0x7600b700 (LWP 23433) exited] Program received signal SIGSEGV, Segmentation fault. 0x76032890 in mysql_field_count () from /usr/lib64/mysql/libmysqlclient_r.so.16 Missing separate debuginfos, use: debuginfo-install glibc-2.13-1.x86_64 keyutils-libs-1.2- 6.fc12.x86_64 krb5-libs-1.8.2-7.fc14.x86_64 libcom_err-1.41.12-6.fc14.x86_64 libgcc-4.5.1- 4.fc14.x86_64 libselinux-2.0.96-6.fc14.1.x86_64 mysql-libs-5.1.55-1.fc14.x86_64 nss- softokn-freebl-3.12.9-2.fc14.x86_64 openssl-1.0.0d-1.fc14.x86_64 zlib-1.2.5-2.fc14.x86_64 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re : Seg Fault - radius 3.0 Debug
More messages
--- Forwarded message follows ---
From: root r...@mail-mx-out.belcenter.com
Date sent: Thu, 17 Mar 2011 18:43:14 +0100
To: nicolas.bre...@belcenter.be
Program received signal SIGSEGV, Segmentation fault.
0x76032890 in mysql_field_count () from
/usr/lib64/mysql/libmysqlclient_r.so.16
Missing separate debuginfos, use: debuginfo-install glibc-2.13-1.x86_64
keyutils-libs-1.2-
6.fc12.x86_64 krb5-libs-1.8.2-7.fc14.x86_64 libcom_err-1.41.12-6.fc14.x86_64
libgcc-4.5.1-
4.fc14.x86_64 libselinux-2.0.96-6.fc14.1.x86_64 mysql-libs-5.1.55-1.fc14.x86_64
nss-
softokn-freebl-3.12.9-2.fc14.x86_64 openssl-1.0.0d-1.fc14.x86_64
zlib-1.2.5-2.fc14.x86_64
* 1 Thread 0x77bba720 (LWP 23430) 0x76032890 in mysql_field_count
() from
/usr/lib64/mysql/libmysqlclient_r.so.16
Thread 1 (Thread 0x77bba720 (LWP 23430)):
#0 0x76032890 in mysql_field_count () from
/usr/lib64/mysql/libmysqlclient_r.so.16
No symbol table info available.
#1 0x76391dee in sql_num_fields (sqlsocket=value optimized out,
config=value
optimized out) at sql_mysql.c:239
num = 0
mysql_sock = 0x8986b0
#2 0x7639233d in sql_select_query (sqlsocket=0x898640, config=0x847480,
querystr=value optimized out) at sql_mysql.c:275
ret = 0
#3 0x76598c67 in rlm_sql_select_query (sqlsocket=0x898640,
inst=0x847410,
query=0x7fffaf40 SELECT ip_address FROM radippool WHERE pool_name =
'BC*'
AND expiry_time NOW() ORDER BY rand(), pool_name, expiry_time LIMIT 1 FOR
UPDATE) at sql.c:566
ret = value optimized out
#4 0x74ff1c3b in sqlippool_query1 (out=0x7fffd180 \001,
fmt=value optimized
out, sqlsocket=0x898640, data=0x8c59f0,
request=0x8d5b20, param_len=0, param=0x0, outlen=-2) at rlm_sqlippool.c:359
expansion = SELECT ip_address FROM radippool WHERE pool_name =
'%{reply:Pool-Suffix}*%{Huntgroup-Name}' AND expiry_time NOW() ORDER BY
rand(),
pool_name, expiry_time LIMIT 1 FOR
UPDATE\000\000.\341\377\377\377\177\000\000\000\000\000\000\377\177, '\000'
repeats
34 times, , '\000' repeats 15 times...
query = SELECT ip_address FROM radippool WHERE pool_name = 'BC*' AND
expiry_time NOW() ORDER BY rand(), pool_name, expiry_time LIMIT 1 FOR
UPDATE\000\377\177\000\000\220\322\377\377\377\177\000\000(\256C, '\000'
repeats
13 times, [xA\000\000\000\000\000[LIVE-SYSTEM-01] \texpand: COMMIT -...
rlen = value optimized out
retval = 0
#5 0x74ff1f6c in sqlippool_postauth (instance=0x8c59f0,
request=0x8d5b20) at
rlm_sqlippool.c:596
data = 0x8c59f0
allocation =
\001\000\000\000\000\000\000\000\237\314\336\367\377\177\000\000
[\215\000\000\000\000\000\350\003, '\000' repeats 14 times,
O\317\336\367\377\177\000\000\000\004\000\000\000\000\000\000H[\215\000\000\000\000
\000 [\215\000\000\000\000\000\001, '\000' repeats 15 times\305,
#B\000\000\000\000\000
\000\000\000\060\000\000\000\340\322\377\377\377\177\000\000\000\322\377\377\377\177
\000\000\026\371:\367\377\177\000\000\060\000\000\000\060\000\000\000\020\323\377\37
7\377\177\000\000
\322\377\377\377\177\000\000\000\000\000\000\000\000\000\000]pC\000\000\000\000\000\
260X\214\000\000\000\000\000\200\033y\000\000\000\000\000H[\215\000\000\000\000\000\
002\000\000\000\000\000\000\000\300\204C\000\000\000\000\000\310t\335\367\377\177\00
0\000\000\000\000\000\377\177\000\000\000\000\000\000\000\000\000\000
[\215\000\000\000\000\000\340\060y\000\000\000\000\000Saf\000\000
allocation_len = value optimized out
ip_allocation = value optimized out
vp = value optimized out
sqlsocket = 0x898640
ipaddr = {af = 6709588, ipaddr = {ip4addr = {s_addr = 0}, ip6addr =
{__in6_u = {
__u6_addr8 = \000\000\000\000\265=a\234\061\000\000\000@Y\215,
__u6_addr16 = {0, 0, 15797, 40033, 49, 0, 22848, 141},
__u6_addr32 = {0, 2623618485, 49, 9263424, scope = 0}
logstr =
@E{\367\377\177\000\000/\346:\367\377\177\000\000\000\000\000\000\000\000\000\000\0
22\004\000\000\000\000\000\000Pv\215\000\000\000\000\000\025\000\000\000\000\000\00
0\000\005, '\000' repeats 15 times, \020\321\377\377\377\177\000\000p\001,
'\000'
repeats 30 times,
\025\000\000\000\065\000\000\000[\000\000\000n\000\000\000w\000\000\000|\000\000\000
\321\377\377\377\177\000\000\017\321\377\377\377\177\000\000\377\377\377\377\000\000
\000\000\062\316\335\367\377\177\000\000\000\000\000\000\000\000\000\000\342\v\336\3
67\377\177\000\000\360\070
\000\000\000\000\000\300qÜ1\000\000\000@\001\000\000\000\000\000\000\001\000\000\0
00\000\000\000\000\270\274w\000\000\000\000\000@\322\377\377\377\177\000\000PCy\0
00\000\000\000\000\375\237\247\234\061\000\000\000\350\003\000\000\000\000\000\000\2
70\274w\000\000
sqlusername =
BCa10733@BELCENTER\000\367\377\177\000\000\230\066@\000\000\000\000\000ؐ\244
Re: Re : Seg Fault - radius 3.0 Debug
Breuer Nicolas wrote: Thread 1 (Thread 0x77bba720 (LWP 23430)): #0 0x76032890 in mysql_field_count () from /usr/lib64/mysql/libmysqlclient_r.so.16 No symbol table info available. #1 0x76391dee in sql_num_fields (sqlsocket=value optimized out, config=value optimized out) at sql_mysql.c:239 num = 0 mysql_sock = 0x8986b0 Unfortunately, that doesn't help too much. The core dump is in the MySQL client library, which we don't know anything about. This would be a hard issue to track down, unfortunately. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Seg Fault - radius 3.0 Debug
Hi, Here is my debug file with gbd on the seg fault [Thread debugging using libthread_db enabled] [New Thread 0x7600b700 (LWP 23433)] [Thread 0x7600b700 (LWP 23433) exited] Program received signal SIGSEGV, Segmentation fault. 0x76032890 in mysql_field_count () from /usr/lib64/mysql/libmysqlclient_r.so.16 Missing separate debuginfos, use: debuginfo-install glibc-2.13-1.x86_64 suggest you follow the information given to get more debugging info out alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
(Fwd) Seg Fault - 3.0
--- Forwarded message follows ---
From: Breuer Nicolas nicolas.bre...@belcenter.biz
To: freeradius-de...@lists.freeradius.org
Subject:Seg Fault - 3.0
Date sent: Wed, 16 Mar 2011 15:23:22 +0100
Hello
I discovered a Seg Fault on the release 3.0 on the GIT server.
Seems happening on the first auth.
(30) Login OK: [XXX] (from client XXX)
(30) # Executing section post-auth from file /etc/XXX.conf
(30) +- entering group post-auth {...}
(30) ++? if (reply:Framed-IP-Address)
(30) ? Evaluating (reply:Framed-IP-Address) - FALSE
(30) ++? if (reply:Framed-IP-Address) - FALSE
(30) ++- entering else else {...}
rlm_sql (ACCOUNTING-01): Reserving sql socket id: 14
(30) [IP-POOLING-01] expand: %{User-Name} - XXX
(30) [IP-POOLING-01] sql_set_user escaped user -- 'XXX'
(30) [IP-POOLING-01] expand: BEGIN - BEGIN
(30) [IP-POOLING-01] expand: COMMIT - COMMIT
(30) [IP-POOLING-01] expand: SELECT ip_address FROM radippool WHERE pool_name
= '%{reply:Pool-Suffix}*%{Huntgroup-Name}' AND expiry_time NOW() ORDER BY
rand(),
pool_name, expiry_time LIMIT 1 FOR UPDATE - SELECT ip_address FROM radippool
WHERE pool_name = 'BC*' AND expiry_time NOW() ORDER BY rand(), pool_name,
expiry_time LIMIT 1 FOR UPDATE
Segmentation fault
I see the expand of variable HuntGroup-Name didn't get any values...
Maybe the reason of Seg fault ?
--- End of forwarded message ---
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: (Fwd) Seg Fault - 3.0
Breuer Nicolas wrote: ... Segmentation fault See doc/bugs I see the expand of variable HuntGroup-Name didn't get any values... Maybe the reason of Seg fault ? We don't know. You need to supply more information for us to know. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Seg Fault - 3.0 - More Info needed
Hello Alan,
Could you precise wich infos you need to go further ?
Thanks
--- End of forwarded message ---
Hello
I discovered a Seg Fault on the release 3.0 on the GIT server.
Seems happening on the first auth.
(30) Login OK: [XXX] (from client XXX)
(30) # Executing section post-auth from file /etc/XXX.conf
(30) +- entering group post-auth {...}
(30) ++? if (reply:Framed-IP-Address)
(30) ? Evaluating (reply:Framed-IP-Address) - FALSE
(30) ++? if (reply:Framed-IP-Address) - FALSE
(30) ++- entering else else {...}
rlm_sql (ACCOUNTING-01): Reserving sql socket id: 14
(30) [IP-POOLING-01] expand: %{User-Name} - XXX
(30) [IP-POOLING-01] sql_set_user escaped user -- 'XXX'
(30) [IP-POOLING-01] expand: BEGIN - BEGIN
(30) [IP-POOLING-01] expand: COMMIT - COMMIT
(30) [IP-POOLING-01] expand: SELECT ip_address FROM radippool WHERE pool_name
= '%{reply:Pool-Suffix}*%{Huntgroup-Name}' AND expiry_time NOW() ORDER BY
rand(),
pool_name, expiry_time LIMIT 1 FOR UPDATE - SELECT ip_address FROM radippool
WHERE pool_name = 'BC*' AND expiry_time NOW() ORDER BY rand(), pool_name,
expiry_time LIMIT 1 FOR UPDATE
Segmentation fault
I see the expand of variable HuntGroup-Name didn't get any values...
Maybe the reason of Seg fault ?
--- End of forwarded message ---
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Seg Fault - 3.0 - More Info needed
Breuer Nicolas wrote: Hello Alan, Could you precise wich infos you need to go further ? Yes. I was precise. Read the file doc/bugs. This is documented. Follow the instructions there. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Seg Fault in 2.0.3
Garber, Neal wrote: I have a FR 2.0.3 server running under FreeBSD 6.3 which intermittently exits with a segmentation fault. Upgrade. I tried searching the list for known seg fault issues with 2.0.3 and only found one which sounded like it only happens when running under gdb. Do you think upgrading to 2.1.3 (it’s the latest port for FR under FreeBSD) could potentially resolve this issue? (I’m not looking for a guarantee, just an opinion based upon whether there were known seg faults in 2.0.3 that were fixed in later releases.) Yes. Should I run FR under gdb to get more information about the seg fault? You could, but unless you're going to debug the source code yourself, I wouldn't suggest it. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Seg Fault in 2.0.3
Upgrade. That's what I was hoping you would say. Thanks Alan. Should I run FR under gdb to get more information about the seg fault? You could, but unless you're going to debug the source code yourself, I wouldn't suggest it. I would, but there's no need if upgrading to 2.1.3 will correct the problem. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Seg Fault in 2.0.3
I have a FR 2.0.3 server running under FreeBSD 6.3 which intermittently exits with a segmentation fault. I tried searching the list for known seg fault issues with 2.0.3 and only found one which sounded like it only happens when running under gdb. Do you think upgrading to 2.1.3 (it's the latest port for FR under FreeBSD) could potentially resolve this issue? (I'm not looking for a guarantee, just an opinion based upon whether there were known seg faults in 2.0.3 that were fixed in later releases.) Should I run FR under gdb to get more information about the seg fault? This morning it happened while I was running radiusd -Xx and the error occurred a few minutes after a request was successfully processed as a new request was received and before it was able to output any information about it. The server had been running for less than a week (most times it runs longer than this before crashing). So, the last two lines of output were: Tue Mar 31 07:52:08 2009 : Debug: Ready to process requests. Segmentation Fault: 11 I realize this isn't enough to diagnose the problem (but, it's all the information I currently have). Please let me know how you think it's best to proceed (e.g., upgrade, get more info about the problem, other..) Thanks in advance for any assistance/advice you can provide. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Seg Fault - Not much info..
Hi,
I'm running Freeradius 2.1.3 on my Ubuntu 8.04 machine. Basically, my
setup is a VPN system linked to freeradius via a specialized plugin.
Before I updated my freeradius (from the old 1.x), everything was
working fine. Now that I have updated to 2.1.3, I can't seem to get it
working again.
Taking the VPN and plugin out of the mix, I run my freeradius in -X
mode, then send a 'radtest' authentication packet. The freeradius server
receives the request:
rad_recv: Access-Request packet from host 127.0.0.1 port 46625,
id=69, length=93
User-Name = test
User-Password = test
NAS-IP-Address = 127.0.1.1
NAS-Port = 1812
Then, straight away I am faced with:
+- entering group authorize {...}
Segmentation fault
This is all the info that I am receiving from the freeradius server -
and not being very knowledgeable on freeradius - I am pretty stumped as
to what my problem is.
I have had a glance around the 'authorize' section, and it contains:
authorize {
preprocess
# auth_log
chap
mschap
# digest
# IPASS
suffix
# ntdomain
# eap {
# ok = return
# }
# unix
# files
sql
# etc_smbpasswd
# ldap
# daily
# checkval
# expiration
# logintime
pap
#Auth-Type Status-Server {
#
#}
}
which is exactly as it was on my old version.
Any ideas?
Thanks.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Seg Fault - Not much info..
I'm running Freeradius 2.1.3 on my Ubuntu 8.04 machine. Basically, my
setup is a VPN system linked to freeradius via a specialized plugin.
Before I updated my freeradius (from the old 1.x), everything was
working fine. Now that I have updated to 2.1.3, I can't seem to get it
working again.
Taking the VPN and plugin out of the mix, I run my freeradius in -X
mode, then send a 'radtest' authentication packet. The freeradius server
receives the request:
rad_recv: Access-Request packet from host 127.0.0.1 port 46625,
id=69, length=93
User-Name = test
User-Password = test
NAS-IP-Address = 127.0.1.1
NAS-Port = 1812
Then, straight away I am faced with:
+- entering group authorize {...}
Segmentation fault
This is all the info that I am receiving from the freeradius server -
and not being very knowledgeable on freeradius - I am pretty stumped as
to what my problem is.
I have had a glance around the 'authorize' section, and it contains:
authorize {
preprocess
# auth_log
chap
mschap
# digest
# IPASS
suffix
# ntdomain
# eap {
# ok = return
# }
# unix
# files
sql
# etc_smbpasswd
# ldap
# daily
# checkval
# expiration
# logintime
pap
#Auth-Type Status-Server {
#
#}
}
which is exactly as it was on my old version.
Any ideas?
Read doc/bugs on how to get more information.
Ivan Kalik
Kalik Informatika ISP
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Non capturing parenthesis in regexp causes seg fault.
Arran Cudbard-Bell wrote:
Hi,
Got this on my 32bit intel box running Ubuntu Linux 6.10
if(%{User-Name} =~ /(?:.*)/){
I'm not sure that's a valid regular expression... '?' is usually a
modifier...
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread -1213196608 (LWP 6433)]
0xb7bc9492 in regexec () from /lib/tls/i686/cmov/libc.so.6
(gdb) bt
#0 0xb7bc9492 in regexec () from /lib/tls/i686/cmov/libc.so.6
It might be a bug in the regular expression library...
#1 0x0806d6a9 in ?? ()
Ugh. 2.0.x *should* be built with debugging symbols, and should *not*
be stripped of those symbols before being installed.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Non capturing parenthesis in regexp causes seg fault.
Alan DeKok wrote:
Arran Cudbard-Bell wrote:
Hi,
Got this on my 32bit intel box running Ubuntu Linux 6.10
if(%{User-Name} =~ /(?:.*)/){
I'm not sure that's a valid regular expression... '?' is usually a
modifier...
It is...
It allows you to create backreferences but not capture the result directly.
http://www.regular-expressions.info/brackets.html
Pretty sure it's supported with the PCRE library.
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread -1213196608 (LWP 6433)]
0xb7bc9492 in regexec () from /lib/tls/i686/cmov/libc.so.6
(gdb) bt
#0 0xb7bc9492 in regexec () from /lib/tls/i686/cmov/libc.so.6
It might be a bug in the regular expression library...
#1 0x0806d6a9 in ?? ()
Ugh. 2.0.x *should* be built with debugging symbols, and should *not*
be stripped of those symbols before being installed.
Yes, and this is from CVS. I'll rebuild with the debug flags...
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
--
Arran Cudbard-Bell ([EMAIL PROTECTED])
Authentication, Authorisation and Accounting Officer
Infrastructure Services | ENG1 E1-1-08
University Of Sussex, Brighton
EXT:01273 873900 | INT: 3900
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Non capturing parenthesis in regexp causes seg fault.
Arran Cudbard-Bell wrote:
Alan DeKok wrote:
Arran Cudbard-Bell wrote:
Hi,
Got this on my 32bit intel box running Ubuntu Linux 6.10
if(%{User-Name} =~ /(?:.*)/){
I'm not sure that's a valid regular expression... '?' is usually a
modifier...
It is...
It allows you to create backreferences but not capture the result
directly.
http://www.regular-expressions.info/brackets.html
Pretty sure it's supported with the PCRE library.
man pcre
SUBPATTERNS
Subpatterns are delimited by parentheses (round brackets), which can be
nested. Turning part of a pattern into a subpattern does two things:
1. It localizes a set of alternatives. For example, the pattern
cat(aract|erpillar|)
matches one of the words cat, cataract, or caterpillar. Without
the parentheses, it would match cataract, erpillar or an empty
string.
2. It sets up the subpattern as a capturing subpattern. This means
that, when the whole pattern matches, that portion of the subject
string that matched the subpattern is passed back to the caller via the
ovector argument of pcre_exec(). Opening parentheses are counted from
left to right (starting from 1) to obtain numbers for the capturing
subpatterns.
For example, if the string the red king is matched against the pat-
tern
the ((red|white) (king|queen))
the captured substrings are red king, red, and king, and are num-
bered 1, 2, and 3, respectively.
The fact that plain parentheses fulfil two functions is not always
helpful. There are often times when a grouping subpattern is required
without a capturing requirement. If an opening parenthesis is followed
by a question mark and a colon, the subpattern does not do any captur-
ing, and is not counted when computing the number of any subsequent
capturing subpatterns. For example, if the string the white queen is
matched against the pattern
the ((?:red|white) (king|queen))
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread -1213196608 (LWP 6433)]
0xb7bc9492 in regexec () from /lib/tls/i686/cmov/libc.so.6
(gdb) bt
#0 0xb7bc9492 in regexec () from /lib/tls/i686/cmov/libc.so.6
It might be a bug in the regular expression library...
#1 0x0806d6a9 in ?? ()
Ugh. 2.0.x *should* be built with debugging symbols, and should *not*
be stripped of those symbols before being installed.
Yes, and this is from CVS. I'll rebuild with the debug flags...
Ok with --enable-developer , it's exactly the same. Grrr
Alan DeKok.
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
--
Arran Cudbard-Bell ([EMAIL PROTECTED])
Authentication, Authorisation and Accounting Officer
Infrastructure Services | ENG1 E1-1-08
University Of Sussex, Brighton
EXT:01273 873900 | INT: 3900
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Non capturing parenthesis in regexp causes seg fault.
Hi,
Got this on my 32bit intel box running Ubuntu Linux 6.10
if(%{User-Name} =~ /(?:.*)/){
}
---
++? if (%{User-Name} =~ /(?:.*)/)
expand: %{User-Name} - anonymous
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread -1213196608 (LWP 6433)]
0xb7bc9492 in regexec () from /lib/tls/i686/cmov/libc.so.6
(gdb) bt
#0 0xb7bc9492 in regexec () from /lib/tls/i686/cmov/libc.so.6
#1 0x0806d6a9 in ?? ()
#2 0xbfb2e650 in ?? ()
#3 0xbfb2ee84 in ?? ()
#4 0x0009 in ?? ()
#5 0xbfb2e608 in ?? ()
#6 0x in ?? ()
Normal expressions work fine.
Thanks,
Arran
--
Arran Cudbard-Bell ([EMAIL PROTECTED])
Authentication, Authorisation and Accounting Officer
Infrastructure Services | ENG1 E1-1-08
University Of Sussex, Brighton
EXT:01273 873900 | INT: 3900
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Non capturing parenthesis in regexp causes seg fault.
Arran Cudbard-Bell wrote:
Arran Cudbard-Bell wrote:
Alan DeKok wrote:
Arran Cudbard-Bell wrote:
Hi,
Got this on my 32bit intel box running Ubuntu Linux 6.10
if(%{User-Name} =~ /(?:.*)/){
I'm not sure that's a valid regular expression... '?' is usually a
modifier...
It is...
It allows you to create backreferences but not capture the result
directly.
http://www.regular-expressions.info/brackets.html
Pretty sure it's supported with the PCRE library.
But FR doesn't use the PCRE library, it uses the regular expression
library included in libc ... POSIX.2 regular expressions.
So your right , non-capturing backreferences aren't supported.
Thanks Anyway !
Arran
--
Arran Cudbard-Bell ([EMAIL PROTECTED])
Authentication, Authorisation and Accounting Officer
Infrastructure Services | ENG1 E1-1-08
University Of Sussex, Brighton
EXT:01273 873900 | INT: 3900
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: seg fault
Since we have no idea what the problem is, the answer is likely no. totally fair =) If malloc() is core dumping, then something else is going wrong. i.e. some other part of the server is over-writing memory. when you say the server i assume you mean freeradius not another app.?? I would try 2.0. Large amounts of code have been re-written or updated. It may not be perfect, but there are good odds that this problem won't re-appear. that's what i'll do then. thanks for the help, Joe - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
seg fault
I've been trying to pin down a rather elusive segfault for over 2 months now. and i finally got it to happen inside of gdb. this is freeradius 1.1.6, on rhel5 x86-64 if this problem is fixed in 2.0 or 1.1.7 please let me know. Starting program: /usr/sbin/radiusd -X [Thread debugging using libthread_db enabled] [New Thread 46912543318400 (LWP 8450)] Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 46912543318400 (LWP 8450)] 0x2c1666d5 in _int_malloc () from /lib64/libc.so.6 * 1 Thread 46912543318400 (LWP 8450) 0x2c1666d5 in _int_malloc () from /lib64/libc.so.6 Thread 1 (Thread 46912543318400 (LWP 8450)): #0 0x2c1666d5 in _int_malloc () from /lib64/libc.so.6 No symbol table info available. #1 0x2c167d4d in malloc () from /lib64/libc.so.6 No symbol table info available. #2 0x2be05102 in CRYPTO_malloc () from /lib64/libcrypto.so.6 No symbol table info available. #3 0x2be2a6b7 in BN_free () from /lib64/libcrypto.so.6 No symbol table info available. #4 0x2be2a808 in bn_expand2 () from /lib64/libcrypto.so.6 No symbol table info available. #5 0x2be2abd5 in BN_bin2bn () from /lib64/libcrypto.so.6 No symbol table info available. #6 0x2be36ea0 in RSA_PKCS1_SSLeay () from /lib64/libcrypto.so.6 No symbol table info available. #7 0x2bb7cc62 in ssl3_get_client_key_exchange () from /lib64/libssl.so.6 No symbol table info available. #8 0x2bb7ecaf in ssl3_accept () from /lib64/libssl.so.6 No symbol table info available. #9 0x2bb854c3 in ssl3_read_bytes () from /lib64/libssl.so.6 No symbol table info available. #10 0x2bb82431 in ssl3_renegotiate_check () from /lib64/libssl.so.6 No symbol table info available. #11 0x2e1d77da in tls_handshake_recv (ssn=0x58718240) at tls.c:173 err = value optimized out #12 0x2e1d6ad5 in eaptls_process (handler=0x59e07860) at eap_tls.c:638 tls_session = (tls_session_t *) 0x58718240 tlspacket = (EAPTLS_PACKET *) 0x5860bc80 status = EAPTLS_LENGTH_INCLUDED #13 0x2ebe642b in eappeap_authenticate (arg=0x584e9ac0, handler=0x59e07860) at rlm_eap_peap.c:169 rcode = value optimized out status = value optimized out tls_session = (tls_session_t *) 0x58718240 #14 0x2dfcf1c6 in eaptype_call (atype=0x584e7d50, handler=0x59e07860) at eap.c:167 rcode = value optimized out #15 0x2dfcf30a in eaptype_select (inst=0x584d23d0, handler=0x59e07860) at eap.c:361 default_eap_type = value optimized out eaptype = (eaptype_t *) 0x59d5feb8 vp = value optimized out namebuf = [EMAIL PROTECTED] eaptype_name = 0x2e1d7d26 peap #16 0x2dfcdffb in eap_authenticate (instance=0x584d23d0, request=0x58609f90) at rlm_eap.c:261 inst = (rlm_eap_t *) 0x2c442960 handler = (EAP_HANDLER *) 0x59e07860 eap_packet = (eap_packet_t *) 0x0 rcode = value optimized out #17 0x55563682 in modcall (component=0, c=0x584cfe30, request=0x58609f90) at modcall.c:236 myresult = 0 #18 0x55563c71 in call_one (component=-1404819104, p=0x80, request=0x5860b0e0, priority=0x2c442ad0, result=0x40) at modcall.c:269 r = value optimized out #19 0x5556384c in modcall (component=0, c=0x584cfe80, request=0x58609f90) at modcall.c:324 g = (modgroup *) 0x584cfe80 myresult = 0 #20 0xb763 in rad_check_password (request=0x58609f90) at auth.c:380 dval = (DICT_VALUE *) 0x0 auth_type_pair = value optimized out cur_config_item = value optimized out password_pair = (VALUE_PAIR *) 0x0 auth_item = value optimized out string = [EMAIL PROTECTED]:XUU\000\000LíVUUU\000\0008ö\a\000\000\000\000\000uest 521P\031OXUU\000\000ç6VUUU\000\000\220\237`XUU\000\000\000\020\000\000\002\000\000\000\200ázª*\000\000\000\000\000\000\000\000ÿÿö\003\000\000\030\000\000\000P(OXUU\000\000Ä\\oÑÿ\177\000\000À\\oÑÿ\177\000\000\001\000\000\000\000\000\000\000\220\237`XUU\000\000P\031OXUU\000\000qVUUU\000\000P(OXUU\000\000P\031OXUU\000\000Ä\\oÑÿ\177\000\000... auth_type = 6 result = value optimized out auth_type_count = 1 #21 0xbc8a in rad_authenticate (request=0x58609f90) at auth.c:675 check_item = value optimized out vp = (VALUE_PAIR *) 0x5860b0e0 namepair = (VALUE_PAIR *) 0x586c89d0 check_item = value optimized out reply_item = value optimized out auth_item = (VALUE_PAIR *) 0x0 module_msg = value optimized out tmp = (VALUE_PAIR *) 0x0 result = 3 r = value optimized out umsg =
RE: seg fault
no - i'd read that as some other part of your 64bit x86 box is trashing the memory. hmm, the box itself is totally stable, nothing else has been an issue... hyperthreading on? no they are true dualcore Xeon's w/ no hyperthreading. Joe - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: seg fault
Hi, If malloc() is core dumping, then something else is going wrong. i.e. some other part of the server is over-writing memory. when you say the server i assume you mean freeradius not another app.?? no - i'd read that as some other part of your 64bit x86 box is trashing the memory. hyperthreading on? alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: seg fault
Joe Vieira wrote: Hi, i've got freeradius 1.1.6 running on rhel5. when i goto do an ldap auth. i get this ... Segmentation fault See doc/bugs Alan DeKok. -- http://deployingradius.com - The web site of the book http://deployingradius.com/blog/ - The blog - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: seg fault
attached is my gdb log, looks like something happens with the ldap_set_option() function. thanks for having a lot Joe -Original Message- From: [EMAIL PROTECTED] on behalf of Alan Dekok Sent: Wed 6/13/2007 3:33 AM To: FreeRadius users mailing list Subject: Re: seg fault Joe Vieira wrote: Hi, i've got freeradius 1.1.6 running on rhel5. when i goto do an ldap auth. i get this ... Segmentation fault See doc/bugs Alan DeKok. -- http://deployingradius.com - The web site of the book http://deployingradius.com/blog/ - The blog - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html gdb.radiusd.log Description: gdb.radiusd.log - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: seg fault
Found the issue, i added -DLDAP_DEPRECATED to the CFLAGS. Joe Joe Vieira wrote: Hi, i've got freeradius 1.1.6 running on rhel5. when i goto do an ldap auth. i get this ... Segmentation fault See doc/bugs Alan DeKok. -- http://deployingradius.com - The web site of the book http://deployingradius.com/blog/ - The blog - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
seg fault
Hi, i've got freeradius 1.1.6 running on rhel5. when i goto do an ldap auth. i get this Listening on authentication 10.5.5.11:1812 Ready to process requests. rad_recv: Access-Request packet from host 10.5.5.11:32769, id=76, length=59 User-Name = jvieira User-Password = test NAS-IP-Address = 255.255.255.255 NAS-Port = 10 rlm_ldap: - authorize rlm_ldap: performing user authorization for jvieira rlm_ldap: ldap_get_conn: Checking Id: 0 rlm_ldap: ldap_get_conn: Got Id: 0 rlm_ldap: (re)connect to erebus.clarku.edu:389, authentication 0 Segmentation fault __ dmesg radiusd[3396]: segfault at 70f2e4c8 rip 2efb9380 rsp 409fe650 error 4 any ideas? thanks, Joe - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: EAP-TLS/seg fault with 4096 bit keys
James Lever wrote: As soon as I migrate back to 2k keys it again works as expected. Can anybody make any suggestions on how to debug this? doc/bugs Alan DeKok. -- http://deployingradius.com - The web site of the book http://deployingradius.com/blog/ - The blog - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
EAP-TLS/seg fault with 4096 bit keys
Hi again list, Another issue I have had in setting up a WPA2 Enterprise environment is that I can get it to work as expected with 2k keys, however, if I go to 4k keys, freeradius 1.1.4 loads properly but seg faults when handling a 4k key request. The environment is Apple Airport Extreme base station, and MacBook Pro client wth FreeRADIUS 1.1.4 under FreeBSD 5-STABLE. As soon as I migrate back to 2k keys it again works as expected. Can anybody make any suggestions on how to debug this? cheers, James - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Problem Seg Fault
Hello
I've just installed Fedora 4 with MYSQL 4.1.18
I tried to install the last version of freeradius
and i 've a big error at the startup
Mysql is correctly installed into the system..
startup with -X
Module: Loaded SQL
sql: driver = rlm_sql_mysql
sql: server = xxx.yyy.be
sql: port =
sql: login =
sql: password =
sql: radius_db = radius
sql: acct_table = radacct
sql: acct_table2 = radacct
sql: authcheck_table = radcheck
sql: authreply_table = radreply
sql: groupcheck_table = radgroupcheck
sql: groupreply_table = radgroupreply
sql: usergroup_table = usergroup
sql: nas_table = nas
sql: dict_table = dictionary
sql: sqltrace = no
sql: sqltracefile = /var/log//sqltrace.sql
sql: readclients = no
sql: deletestalesessions = yes
sql: num_sql_socks = 5
sql: sql_user_name = %{User-Name}
sql: default_user_profile =
sql: query_on_not_found = no
sql: authorize_check_query = SELECT id,UserName,Attribute,Value,op
FROM radcheck WHERE Username = '%{SQL-User-Name}' ORDER BY
id
sql: authorize_reply_query = SELECT id,UserName,Attribute,Value,op
FROM radreply WHERE Username = '%{SQL-User-Name}' ORDER BY id
sql: postauth_table = radpostauth
sql: postauth_query = INSERT into radpostauth (id, user, pass, reply,
date) values ('', '%{User-Name}', '%{User-Password:-Chap-Password}',
'%{reply:Packet-Type}', NOW())
sql: safe-characters =
@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ012
3456789.-_: /
Segmentation fault
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Problem Seg Fault
I've found a problem...
configure: warning: mysql libraries not found. Use --with-mysql-lib-
dir=path.
configure: warning: sql submodule 'mysql' disabled
i've used :
./configure --with-mysql-lib-dir=/usr/local/lib/mysql/
and in this dir , i have
libdbug.a libmerge.a libmyisammrg.alibmysqlclient.la
libmysqlclient.so.14 libmystrings.a libnisam.a
libheap.a libmyisam.a libmysqlclient.a libmysqlclient.so
libmysqlclient.so.14.0.0 libmysys.a libvio.a
On 9 Feb 2006 at 21:30, Breuer Nicolas wrote:
From: Breuer Nicolas [EMAIL PROTECTED]
Organization: BELCENTER ISPPORTALS
To: freeradius-users@lists.freeradius.org
Date sent: Thu, 09 Feb 2006 21:30:38 +0100
Priority: normal
Subject:Problem Seg Fault
Send reply to: [EMAIL PROTECTED],
FreeRadius users mailing list
freeradius-users@lists.freeradius.org
mailto:[EMAIL PROTECTED]
mailto:[EMAIL PROTECTED]
Hello
I've just installed Fedora 4 with MYSQL 4.1.18
I tried to install the last version of freeradius
and i 've a big error at the startup
Mysql is correctly installed into the system..
startup with -X
Module: Loaded SQL
sql: driver = rlm_sql_mysql
sql: server = xxx.yyy.be
sql: port =
sql: login =
sql: password =
sql: radius_db = radius
sql: acct_table = radacct
sql: acct_table2 = radacct
sql: authcheck_table = radcheck
sql: authreply_table = radreply
sql: groupcheck_table = radgroupcheck
sql: groupreply_table = radgroupreply
sql: usergroup_table = usergroup
sql: nas_table = nas
sql: dict_table = dictionary
sql: sqltrace = no
sql: sqltracefile = /var/log//sqltrace.sql
sql: readclients = no
sql: deletestalesessions = yes
sql: num_sql_socks = 5
sql: sql_user_name = %{User-Name}
sql: default_user_profile =
sql: query_on_not_found = no
sql: authorize_check_query = SELECT id,UserName,Attribute,Value,op
FROM radcheck WHERE Username = '%{SQL-User-Name}' ORDER BY
id
sql: authorize_reply_query = SELECT id,UserName,Attribute,Value,op
FROM radreply WHERE Username = '%{SQL-User-Name}' ORDER BY id
sql: postauth_table = radpostauth
sql: postauth_query = INSERT into radpostauth (id, user, pass,
reply,
date) values ('', '%{User-Name}', '%{User-Password:-Chap-Password}',
'%{reply:Packet-Type}', NOW())
sql: safe-characters =
@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ012
3456789.-_: /
Segmentation fault
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
seg. fault with eap/tls and wrong certificate
hi all! i am trying to set up eap/tls using freeradius (1.0.4, on debian sarge, built package with option -disable-shared) and ran in the following problem: if i am using the wrong certificate (both client and server certs were build like the ones in the freeradius package using adapted CA.certs) freeradius crashes! the last lines of the output from freeradius -X -A -s is: -8- rad_recv: Access-Request packet from host 192.168.0.5:1028, id=35, length=167 User-Name = test NAS-IP-Address = 192.168.0.5 NAS-Identifier = Hawalius Framed-MTU = 1496 Called-Station-Id = 00-a0-c5-d1-03-15 Calling-Station-Id = 00-30-65-16-7d-49 NAS-Port-Type = Wireless-802.11 EAP-Message = 0x020800250d80001b1503010016cfbdb541e440865ba84b325309cdc5ad9d36af5784ff State = 0x0d56c72289ea3a6f6b45a070acc255db Message-Authenticator = 0x926e442107d8167882c136d983905804 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 15 modcall[authorize]: module preprocess returns ok for request 15 modcall[authorize]: module chap returns noop for request 15 modcall[authorize]: module mschap returns noop for request 15 rlm_eap: EAP packet type response id 8 length 37 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module eap returns updated for request 15 users: Matched entry DEFAULT at line 152 modcall[authorize]: module files returns ok for request 15 modcall: group authorize returns updated for request 15 rad_check_password: Found Auth-Type EAP auth: type EAP Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 15 rlm_eap: Request found, released from the list rlm_eap: EAP/tls rlm_eap: processing type tls rlm_eap_tls: Authenticate rlm_eap_tls: processing TLS rlm_eap_tls: Length Included eaptls_verify returned 11 rlm_eap_tls: TLS 1.0 Handshake [length 060b], Certificate -- verify error:num=26:unsupported certificate purpose chain-depth=0, error=26 Segmentation fault -8- actually i am not sure to have all configured correctly because i get an access-accept reply regardless of username and password but with the 'correct' certificate. btw: the client is a mac os x 10.3.9 any ideas anyone?? thanks in advance for any hint! markus -- Markus Krause email: [EMAIL PROTECTED] Computing CenterTel.: 089 - 89 40 85 99 Group Lottspeich / Proteomics Fax.: 089 - 89 40 85 98 - This message was sent using https://webmail.biochem.mpg.de If you encounter any problems please report to [EMAIL PROTECTED] - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: mysql seg fault
Am Mi, den 22.12.2004 schrieb Mathias Röhl um 14:51: Hi Hi after rebuilding openssl and fr from the sources now the radiusd -X has no error, I don't know exactly why but it works have a few fine days and all the best for 2005... regards [EMAIL PROTECTED] -- TANK!!! I need an exit!! FAAAST!!! - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
mysql seg fault
Hi
I installed fr from the source, also openssl, and tested with EAP/TLS
and it works fine. So far...Now I want to do it with LDAP and MYSQL,
LDAP for users and MYSQL for storing accounting informations. I
configured in rlm_ldap and rlm_sql and after doing this I started radius
-X -A, but nwo I got a segmentation fault. Looks like this
Module: Loaded SQL
sql: driver = rlm_sql_mysql
sql: server = localhost
sql: port =
sql: login = root
sql: password = bintec
sql: radius_db = radius
sql: acct_table = radacct
sql: acct_table2 = radacct
sql: authcheck_table = radcheck
sql: authreply_table = radreply
sql: groupcheck_table = radgroupcheck
sql: groupreply_table = radgroupreply
sql: usergroup_table = usergroup
sql: nas_table = nas
sql: dict_table = dictionary
sql: sqltrace = no
sql: sqltracefile = /usr/local//var/log/radius/sqltrace.sql
sql: readclients = no
sql: deletestalesessions = yes
sql: num_sql_socks = 5
sql: sql_user_name = %{User-Name}
sql: default_user_profile =
sql: query_on_not_found = no
sql: authorize_check_query = SELECT id,UserName,Attribute,Value,op
FROM radcheck WHERE Username = '%{SQL-User-Name}' ORDER BY id
sql: authorize_reply_query = SELECT id,UserName,Attribute,Value,op
FROM radreply WHERE Username = '%{SQL-User-Name}' ORDER BY id
sql: authorize_group_check_query = SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op
FROM radgroupcheck,usergroup WHERE usergroup.Username = '%{SQL-User-Name}'
AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id
sql: authorize_group_reply_query = SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op
FROM radgroupreply,usergroup WHERE usergroup.Username = '%{SQL-User-Name}'
AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id
sql: accounting_onoff_query = UPDATE radacct SET AcctStopTime='%S',
AcctSessionTime=unix_timestamp('%S') - unix_timestamp(AcctStartTime),
AcctTerminateCause='%{Acct-Terminate-Cause}', AcctStopDelay =
'%{Acct-Delay-Time}' WHERE AcctSessionTime=0 AND AcctStopTime=0 AND
NASIPAddress= '%{NAS-IP-Address}' AND AcctStartTime = '%S'
sql: accounting_update_query = UPDATE radacct ? SET FramedIPAddress =
'%{Framed-IP-Address}', ? AcctSessionTime = '%{Acct-Session-Time}', ?
AcctInputOctets = '%{Acct-Input-Octets}', ? AcctOutputOctets =
'%{Acct-Output-Octets}' ? WHERE AcctSessionId = '%{Acct-Session-Id}' ?
AND UserName = '%{SQL-User-Name}' ? AND NASIPAddress=
'%{NAS-IP-Address}'
sql: accounting_update_query_alt = INSERT into radacct (AcctSessionId,
AcctUniqueId, UserName, Realm, NASIPAddress, NASPortId, NASPortType,
AcctStartTime, AcctSessionTime, AcctAuthentic, ConnectInfo_start,
AcctInputOctets, AcctOutputOctets, CalledStationId, CallingStationId,
ServiceType, FramedProtocol, FramedIPAddress, AcctStartDelay)
values('%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}',
'%{SQL-User-Name}', '%{Realm}', '%{NAS-IP-Address}', '%{NAS-Port}',
'%{NAS-Port-Type}', DATE_SUB('%S',INTERVAL (%{Acct-Session-Time:-0} +
%{Acct-Delay-Time:-0}) SECOND), '%{Acct-Session-Time}',
'%{Acct-Authentic}', '', '%{Acct-Input-Octets}',
'%{Acct-Output-Octets}', '%{Called-Station-Id}',
'%{Calling-Station-Id}', '%{Service-Type}', '%{Framed-Protocol}',
'%{Framed-IP-Address}', '0')
sql: accounting_start_query = INSERT into radacct (AcctSessionId,
AcctUniqueId, UserName, Realm, NASIPAddress, NASPortId, NASPortType,
AcctStartTime, AcctStopTime, AcctSessionTime, AcctAuthentic,
ConnectInfo_start, ConnectInfo_stop, AcctInputOctets, AcctOutputOctets,
CalledStationId, CallingStationId, AcctTerminateCause, ServiceType,
FramedProtocol, FramedIPAddress, AcctStartDelay, AcctStopDelay)
values('%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}',
'%{SQL-User-Name}', '%{Realm}', '%{NAS-IP-Address}', '%{NAS-Port}',
'%{NAS-Port-Type}', '%S', '0', '0',
'%{Acct-Authentic}', '%{Connect-Info}', '', '0', '0',
'%{Called-Station-Id}', '%{Calling-Station-Id}', '', '%{Service-Type}',
'%{Framed-Protocol}', '%{Framed-IP-Address}', '%{Acct-Delay-Time}',
'0')
sql: accounting_start_query_alt = UPDATE radacct SET AcctStartTime =
'%S', AcctStartDelay = '%{Acct-Delay-Time}', ConnectInfo_start =
'%{Connect-Info}' WHERE AcctSessionId = '%{Acct-Session-Id}' AND
UserName = '%{SQL-User-Name}' AND NASIPAddress = '%{NAS-IP-Address}'
sql: accounting_stop_query = UPDATE radacct SET AcctStopTime = '%S',
AcctSessionTime = '%{Acct-Session-Time}', AcctInputOctets =
'%{Acct-Input-Octets}', AcctOutputOctets = '%{Acct-Output-Octets}',
AcctTerminateCause = '%{Acct-Terminate-Cause}', AcctStopDelay =
'%{Acct-Delay-Time}', ConnectInfo_stop = '%{Connect-Info}' WHERE
AcctSessionId = '%{Acct-Session-Id}' AND UserName = '%{SQL-User-Name}'
AND NASIPAddress = '%{NAS-IP-Address}'
sql: accounting_stop_query_alt = INSERT into radacct (AcctSessionId,
AcctUniqueId, UserName, Realm, NASIPAddress, NASPortId, NASPortType,
AcctStartTime, AcctStopTime,
Re: mysql seg fault
Am Mi, den 22.12.2004 schrieb Mathias Röhl um 13:28: Am Mi, den 22.12.2004 schrieb Mathias Röhl um 11:47: Seems so I forgot to read the Documentation In order to build the drivers, you MUST ALSO install the development versions of the database. Hm'kay, I'll try it again Hi I did this, installed the libmysqlclient-dev.deb package and in the /src/modules/rlm_sql I did ./configure make make install. Same with rlm_sql_mysql. LD_LIBRARY_PATH is correct set to /usr/local/lib. But after starting radius -X it says - sql: safe-characters = @abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_: / rlm_sql (sql): Could not link driver rlm_sql_mysql: /usr/local/lib/rlm_sql_mysql.a: invalid ELF header rlm_sql (sql): Make sure it (and all its dependent libraries!) are in the search path of your system's ld. radiusd.conf[14]: sql: Module instantiation failed. --- The gdb says sql: safe-characters = @abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_: / Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 1076734432 (LWP 13679)] 0x0809059e in lt_dlsym (handle=0x81a7668, symbol=0x81a4038 rlm_sql_freetds) at ltdl.c:3330 3330 lensym = LT_STRLEN (symbol) + LT_STRLEN (handle-loader-sym_prefix) (gdb) bt #0 0x0809059e in lt_dlsym (handle=0x81a7668, symbol=0x81a4038 rlm_sql_freetds) at ltdl.c:3330 #1 0x080702ae in rlm_sql_instantiate (conf=0x81a4038, instance=0xf) at rlm_sql.c:682 #2 0x08059763 in find_module_instance (instname=0x80f4130 sql) at modules.c:358 #3 0x0805ac4d in do_compile_modsingle (component=3, ci=0x80f4110, filename=0x80972f4 radiusd.conf, grouptype=0, modname=0xbfffeae8) at modcall.c:814 #4 0x0805add2 in compile_modsingle (component=3, ci=0xf, filename=0xf Address 0xf out of bounds, modname=0xf) at modcall.c:829 #5 0x08059c6d in load_component_section (cs=0x80f40a0, comp=3, filename=0x80972f4 radiusd.conf) at modules.c:584 #6 0x0805a044 in setup_modules () at modules.c:874 #7 0x08050bfd in main (argc=2, argv=0xbd34) at radiusd.c:965 -- May be I forget something to doI don't think this is a bug... thx in advance for kindly help regards [EMAIL PROTECTED] -- TANK!!! I need an exit!! FAAAST!!! - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Seg fault in rlm_ldap on Redhat Enterprise Linux 3 - solved
For those remotely interested in this issue, the problem was actually due to an issue in OpenLDAP, as I mentioned some time ago (see below). Redhat now has a released fix for this. The bug description is shown at https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=111492, and the fix at http://rhn.redhat.com/errata/RHBA-2004-224.html. Regards Tarun -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Tarun Bhushan Sent: Tuesday, 17 August 2004 6:08 PM To: [EMAIL PROTECTED] Subject: RE: Seg fault in rlm_ldap on Redhat Enterprise Linux 3 - solved, sort of I found that the problem is within the OpenLDAP library libldap (line 845 in tls.c method-ext_free(alt);) and is the same as OpenLDAP problem 1924 (http://www.openldap.org/its/index.cgi/Software%20Bugs?id=1924;selectid=1924). This was reported and fixed back in 2002, but Redhat did not apply it to the OpenLDAP released with RHEL3 nearly a year and a half later! Anyway, by adapting the patch, I was able to fix this issue - just in case others have encountered it. In case you are interested, also see Redhat Bugzilla bugs 128364 and 111492. Patch for your reference: --- openldap-2.0.27/libraries/libldap/tls.c 2004-08-18 22:09:10.0 +1000 +++ openldap-2.0.27/libraries/libldap/tls.c 2004-08-18 22:11:09.0 +1000 @@ -816,7 +816,6 @@ int n, len1, len2; char *domain; GENERAL_NAME *gn; - X509V3_EXT_METHOD *method; len1 = strlen(name); n = sk_GENERAL_NAME_num(alt); @@ -841,8 +840,7 @@ break; } } - method = X509V3_EXT_get(ex); - method-ext_free(alt); + GENERAL_NAMES_free(alt); if (i n) /* Found a match */ ret = LDAP_SUCCESS; } Regards Tarun NOTICE This e-mail and any attachments are confidential and may contain copyright material of Macquarie Bank or third parties. If you are not the intended recipient of this email you should not read, print, re-transmit, store or act in reliance on this e-mail or any attachments, and should destroy all copies of them. Macquarie Bank does not guarantee the integrity of any emails or any attached files. The views or opinions expressed are the author's own and may not reflect the views or opinions of Macquarie Bank. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Seg fault in rlm_ldap on Redhat Enterprise Linux 3 - solved, sort of
I found that the problem is within the OpenLDAP library libldap (line 845 in tls.c method-ext_free(alt);) and is the same as OpenLDAP problem 1924 (http://www.openldap.org/its/index.cgi/Software%20Bugs?id=1924;selectid=1924). This was reported and fixed back in 2002, but Redhat did not apply it to the OpenLDAP released with RHEL3 nearly a year and a half later! Anyway, by adapting the patch, I was able to fix this issue - just in case others have encountered it. In case you are interested, also see Redhat Bugzilla bugs 128364 and 111492. Patch for your reference: --- openldap-2.0.27/libraries/libldap/tls.c 2004-08-18 22:09:10.0 +1000 +++ openldap-2.0.27/libraries/libldap/tls.c 2004-08-18 22:11:09.0 +1000 @@ -816,7 +816,6 @@ int n, len1, len2; char *domain; GENERAL_NAME *gn; - X509V3_EXT_METHOD *method; len1 = strlen(name); n = sk_GENERAL_NAME_num(alt); @@ -841,8 +840,7 @@ break; } } - method = X509V3_EXT_get(ex); - method-ext_free(alt); + GENERAL_NAMES_free(alt); if (i n) /* Found a match */ ret = LDAP_SUCCESS; } Regards Tarun -Original Message- From: Tarun Bhushan Sent: Tuesday, 17 August 2004 12:42 PM To: [EMAIL PROTECTED] Subject: Seg fault in rlm_ldap on Redhat Enterprise Linux 3 On Redhat Enterprise Linux 3, when I try to use LDAP (Port = 636 and hence with TLS), FreeRadius seg faults within rlm_ldap. I have been following the various seg faults for this module discussed recently (including on Fedora Core 2, etc), but this appears to be a different problem to Bug #73. Without TLS, it works fine, but as soon as the port is changed to 636 (or even another high port with tls_mode=yes), the seg fault happens. snip NOTICE This e-mail and any attachments are confidential and may contain copyright material of Macquarie Bank or third parties. If you are not the intended recipient of this email you should not read, print, re-transmit, store or act in reliance on this e-mail or any attachments, and should destroy all copies of them. Macquarie Bank does not guarantee the integrity of any emails or any attached files. The views or opinions expressed are the author's own and may not reflect the views or opinions of Macquarie Bank. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Seg fault in rlm_ldap on Redhat Enterprise Linux 3
On Redhat Enterprise Linux 3, when I try to use LDAP (Port = 636 and hence with TLS), FreeRadius seg faults within rlm_ldap. I have been following the various seg faults for this module discussed recently (including on Fedora Core 2, etc), but this appears to be a different problem to Bug #73. Without TLS, it works fine, but as soon as the port is changed to 636 (or even another high port with tls_mode=yes), the seg fault happens. I am using FR version 1.0.0 on RHEL3 ES [OpenLDAP v2.0.27 (RH update 2.0.27-11), OpenSSL v0.9.7a (RH update 0.9.7a-33.4)]. I have previously tried this with FR 0.9.0, 0.9.3 and 1.0.0pre3, with the same result. I also tried it on a vanilla RHEL3 ES install with none of their updates - same result. There are no other OpenSSL installations on the machine - I have tried this on fresh OS installs too to eliminate any chance of this, to no avail. The LDDs on libldap, libldap_r and rlm_ldap are shown at the bottom of this message, if needed. After compiling all components locally with debug, I ran it under GDB (gdb radiusd, and then run -X). It shows that the seg fault happens at the line 845 in tls.c within the OpenLDAP library libldap. The line is method-ext_free(alt);. The last few lines of the FR debug trace and the GDB backtrace are shown below: rlm_ldap: (re)connect to ldap1.dimmy.someplace.com:636, authentication 0 rlm_ldap: setting TLS mode to 1 rlm_ldap: setting TLS CACert File to /etc/raddb/certs/demoCA/rootca.ca.pem rlm_ldap: bind as cn=luuser,ou=users,dc=dimmy,dc=someplace,dc=com/password to ldap1.dimmy.someplace.com:636 ldap_bind ldap_simple_bind ldap_sasl_bind ldap_send_initial_request ldap_new_connection ldap_int_open_connection ldap_connect_to_host: ldap1.dimmy.someplace.com ldap_new_socket: 10 ldap_prepare_socket: 10 ldap_connect_to_host: Trying 10.24.10.4:636 ldap_connect_timeout: fd: 10 tm: 5 async: 0 ldap_ndelay_on: 10 ldap_is_sock_ready: 10 ldap_ndelay_off: 10 ldap_int_sasl_open: host=ldap1.dimmy.someplace.com TLS trace: SSL_connect:before/connect initialization TLS trace: SSL_connect:SSLv2/v3 write client hello A TLS trace: SSL_connect:SSLv3 read server hello A TLS certificate verification: depth: 1, subject: removed, issuer: removed TLS certificate verification: depth: 0, subject: removed, issuer: removed TLS trace: SSL_connect:SSLv3 read server certificate A TLS trace: SSL_connect:SSLv3 read server certificate request A TLS trace: SSL_connect:SSLv3 read server done A TLS trace: SSL_connect:SSLv3 write client certificate A TLS trace: SSL_connect:SSLv3 write client key exchange A TLS trace: SSL_connect:SSLv3 write change cipher spec A TLS trace: SSL_connect:SSLv3 write finished A TLS trace: SSL_connect:SSLv3 flush data TLS trace: SSL_connect:SSLv3 read finished A Program received signal SIGSEGV, Segmentation fault. [Switching to Thread -104608 (LWP 20379)] 0x in ?? () (gdb) bt #0 0x in ?? () #1 0xb720a086 in ldap_pvt_tls_check_hostname (s=0xb7571de0, name=0x817ceb0 ldap1.dimmy.someplace.com) at tls.c:845 #2 0xb720a7ce in ldap_int_tls_start (ld=0x817cb40, conn=0x817d358, srv=0xb7571de0) at tls.c:1122 #3 0xb71f07af in ldap_int_open_connection (ld=0x817cb40, conn=0x817d358, srv=0x817ced8, async=135780240) at open.c:300 #4 0xb71fef2b in ldap_new_connection (ld=0x817cb40, srvlist=0x817ced8, use_ldsb=1, connect=1, bind=0x0) at request.c:258 #5 0xb71f01e1 in ldap_open_defconn (ld=0x817cb40) at open.c:29 #6 0xb71feb5e in ldap_send_initial_request (ld=0x817cb40, msgtype=96, dn=0x815ce40 cn=luuser,ou=users,dc=dimmy,dc=someplace,dc=com, ber=0x817cf18) at request.c:90 #7 0xb71f7b98 in ldap_sasl_bind (ld=0x817cb40, dn=0x815ce40 cn=luuser,ou=users,dc=dimmy,dc=someplace,dc=com, mechanism=0x0, cred=0xbfff6350, sctrls=0xb7571de0, cctrls=0xb7571de0, msgidp=0xbfff634c) at sasl.c:149 #8 0xb71f854c in ldap_simple_bind (ld=0x817cb40, dn=0xb7571de0 U, passwd=0x815da38 password) at sbind.c:78 #9 0xb71ef909 in ldap_bind (ld=0x817cb40, dn=0xb7571de0 U, passwd=0xb7571de0 U, authmethod=128) at bind.c:67 #10 0xb723b0bd in ldap_connect (instance=0x815d958, dn=0x815ce40 cn=luuser,ou=users,dc=dimmy,dc=someplace,dc=com, password=0x815da38 password, auth=0, result=0xbfff6408) at rlm_ldap.c:1684 #11 0xb72382c9 in perform_search (instance=0x815d958, conn=0x815dcf0, search_basedn=0xbfff64b0 dc=dimmy,dc=someplace,dc=com, scope=2, filter=0xbfff6cb0 (cn=someuser), attrs=0xbfff64a8, result=0xbfff6498) at rlm_ldap.c:694 #12 0xb723876e in ldap_groupcmp (instance=0x815d958, req=0x817bf18, request=0x817c018, check=0x8176760, check_pairs=0x81764d0, reply_pairs=0x817c010) at rlm_ldap.c:846 #13 0x0804fdc7 in paircompare (req=0x817bf18, request=0x817c018, check=0x819ca70, check_pairs=0x81764d0, reply_pairs=0x817c010) at valuepair.c:97 #14 0x0804ff61 in paircmp (req=0x817bf18, request=0x817c018, check=0x81764d0, reply=0x817c010) at valuepair.c:322 #15 0xb71bd030 in file_authorize (instance=0xb7571de0, request
EAP/TLS - seg fault with bad certificate
Hi to all,
I have configured freeradius with EAP/TLS on debian for testing. I have also
create a CA and all necessary certificates.
The system works well in normal condition but when I try to use on the
supplicant a fake certificate (signed by another CA) freeradius get
segmentation fault.
I have tried to re-compile the server with another version of openssl but the
result is the same. Below a summary of my tests:
freeradius openssl
0.9.3 0.9.7d deb packages and, later, compiled from
source
1.0.0 pre1 0.9.7d source
1.0.0 pre2 0.9.7d and 0.9.6m source
The NAS are a Apple Airport extreme and a cisco aironet 350 but i think the
problem isn't here. On the supplicant side I have used a ibook with MacosX
10.3.4 and Windows XP SP1.
Any idea?
Thanks in advance,
Antonio Tamborino
mostro2:/home/tony# radiusd -X
Starting - reading configuration files ...
reread_config: reading radiusd.conf
Config: including file: /usr/local/etc/raddb/clients.conf
Config: including file: /usr/local/etc/raddb/snmp.conf
Config: including file: /usr/local/etc/raddb/eap.conf
Config: including file: /usr/local/etc/raddb/sql.conf
main: prefix = /usr/local
main: localstatedir = /usr/local/var
main: logdir = /usr/local/var/log/radius
main: libdir = /usr/local/lib
main: radacctdir = /usr/local/var/log/radius/radacct
main: hostname_lookups = no
main: max_request_time = 30
main: cleanup_delay = 5
main: max_requests = 1024
main: delete_blocked_requests = 0
main: port = 0
main: allow_core_dumps = no
main: log_stripped_names = yes
main: log_file = /usr/local/var/log/radius/radius.log
main: log_auth = yes
main: log_auth_badpass = yes
main: log_auth_goodpass = yes
main: pidfile = /usr/local/var/run/radiusd/radiusd.pid
main: user = (null)
main: group = (null)
main: usercollide = no
main: lower_user = no
main: lower_pass = no
main: nospace_user = no
main: nospace_pass = no
main: checkrad = /usr/local/sbin/checkrad
main: proxy_requests = no
security: max_attributes = 200
security: reject_delay = 1
security: status_server = no
main: debug_level = 0
read_config_files: reading dictionary
read_config_files: reading naslist
Using deprecated naslist file. Support for this will go away soon.
read_config_files: reading clients
read_config_files: reading realms
radiusd: entering modules setup
Module: Library search path is /usr/local/lib
Module: Loaded exec
exec: wait = yes
exec: program = (null)
exec: input_pairs = request
exec: output_pairs = (null)
exec: packet_type = (null)
rlm_exec: Wait=yes but no output defined. Did you mean output=none?
Module: Instantiated exec (exec)
Module: Loaded expr
Module: Instantiated expr (expr)
Module: Loaded eap
eap: default_eap_type = tls
eap: timer_expire = 60
eap: ignore_unknown_eap_types = no
eap: cisco_accounting_username_bug = no
rlm_eap: Loaded and initialized type md5
tls: rsa_key_exchange = no
tls: dh_key_exchange = yes
tls: rsa_key_length = 512
tls: dh_key_length = 512
tls: verify_depth = 0
tls: CA_path = (null)
tls: pem_file_type = yes
tls: private_key_file = /usr/local/etc/raddb/certificati/mostro2.pem
tls: certificate_file = /usr/local/etc/raddb/certificati/mostro2.pem
tls: CA_file = /usr/local/etc/raddb/certificati/root.pem
tls: private_key_password = whatever
tls: dh_file = /usr/local/etc/raddb/certificati/dh
tls: random_file = /usr/local/etc/raddb/certificati/random
tls: fragment_size = 1024
tls: include_length = yes
tls: check_crl = no
tls: check_cert_cn = (null)
rlm_eap: Loaded and initialized type tls
Module: Instantiated eap (eap)
Module: Loaded preprocess
preprocess: huntgroups = /usr/local/etc/raddb/huntgroups
preprocess: hints = /usr/local/etc/raddb/hints
preprocess: with_ascend_hack = no
preprocess: ascend_channels_per_line = 23
preprocess: with_ntdomain_hack = no
preprocess: with_specialix_jetstream_hack = no
preprocess: with_cisco_vsa_hack = no
Module: Instantiated preprocess (preprocess)
Module: Loaded detail
detail: detailfile =
/usr/local/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d
detail: detailperm = 384
detail: dirperm = 493
detail: locking = no
Module: Instantiated detail (auth_log)
Module: Loaded files
files: usersfile = /usr/local/etc/raddb/users
files: acctusersfile = /usr/local/etc/raddb/acct_users
files: preproxy_usersfile = /usr/local/etc/raddb/preproxy_users
files: compat = no
Module: Instantiated files (files)
Module: Loaded Acct-Unique-Session-Id
acct_unique: key = User-Name, Acct-Session-Id, NAS-IP-Address,
Client-IP-Address, NAS-Port
Module: Instantiated acct_unique (acct_unique)
detail: detailfile =
/usr/local/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d
detail: detailperm = 384
detail: dirperm = 493
detail: locking = no
Module: Instantiated detail (detail)
Module: Loaded System
unix: cache = no
unix: passwd = (null)
Re: EAP/TLS - seg fault with bad certificate
Antonio Tamborino [EMAIL PROTECTED] wrote: Any idea? doc/bugs the report above is with FR 1.0.0pre2 compiled with Openssl 0.9.7d and 0.9.6m Uh.. both? That's bad. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: EAP/TLS - seg fault with bad certificate
First thank
Antonio Tamborino [EMAIL PROTECTED] wrote:
Any idea?
doc/bugs
I've forgotten to write that the problem exist also with a good certificate
and the check_cert_cn = %{User-Name} option in tls section. IT seems there
is a problem analizing the certificate.
the report above is with FR 1.0.0pre2 compiled with Openssl 0.9.7d and
0.9.6m
Uh.. both? That's bad.
what's bad? using two version of openssl for freeradius?
Alan DeKok.
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
Antonio
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: EAP/TLS - seg fault with bad certificate
Antonio Tamborino [EMAIL PROTECTED] wrote: doc/bugs I've forgotten to write that the problem exist also with a good certificate ... Please READ doc/bugs, and FOLLOW IT'S SUGGESTIONS. There's no point in posting many messages saying it doesn't work, if you're not going to say what is going wrong. what's bad? using two version of openssl for freeradius? Yes. It will cause core dumps. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Seg fault on Ascend-Data-Filter
Chris Chapman [EMAIL PROTECTED] wrote: When returning an Ascend-Data-Filter of ip in forward tcp est as the first data filter radiusd core dumps. When returning another data filter first such as ip in drop tcp dstport = 135 all data filters except the tcp est are returned with no errors. Fixed, thanks. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Seg fault on Ascend-Data-Filter
Alan DeKok wrote: Chris Chapman [EMAIL PROTECTED] wrote: When returning an Ascend-Data-Filter of ip in forward tcp est as the first data filter radiusd core dumps. When returning another data filter first such as ip in drop tcp dstport = 135 all data filters except the tcp est are returned with no errors. doc/bugs Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html bash-2.03# uname -a SunOS radius-1 5.8 Generic_108528-24 sun4u sparc SUNW,UltraSPARC-IIi-Engine bash-2.03# /usr/local/sbin/radiusd -v radiusd: FreeRADIUS Version 1.0.0-pre0, for host , built on Feb 17 2004 at 14:32:38 Copyright (C) 2000-2003 The FreeRADIUS server project. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. You may redistribute copies of FreeRADIUS under the terms of the GNU General Public License. For more information about these matters, see the file named COPYRIGHT. (gdb) bt #0 0xff0b31f0 in strlen () from /usr/lib/libc.so.1 #1 0xff1062b8 in _doprnt () from /usr/lib/libc.so.1 #2 0xff10842c in vsnprintf () from /usr/lib/libc.so.1 #3 0xff3589bc in librad_log ( fmt=0xff360878 Unknown extra string \%s\ in IP data filter) at log.c:52 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Seg fault on Ascend-Data-Filter
Chris Chapman [EMAIL PROTECTED] wrote: When returning an Ascend-Data-Filter of ip in forward tcp est as the first data filter radiusd core dumps. When returning another data filter first such as ip in drop tcp dstport = 135 all data filters except the tcp est are returned with no errors. doc/bugs Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
