Null pointer deref

Daniel O'Connor darius at dons.net.au
Tue May 2 01:44:20 CEST 2006


On Monday 01 May 2006 23:01, Alan DeKok wrote:
> "Daniel O'Connor" <darius at dons.net.au> wrote:
> > It appears that in read_radius_conf_file conf_read returns NULL so the
> > cf_section_parse call is never made.
>
>   So how did you convince the server to keep running after that?  My
> reading of the code indicates that it should exit() if that
> conf_read() returns NULL.

I am not sure :(
Perhaps I am misunderstanding the failure mode.

I've attached my config files if you wish to try and replicate the problem.

I run 'radiusd -X -A' and then test it with..
radtest testuser testpassword localhost 1 password

-- 
Daniel O'Connor software and network engineer
for Genesis Software - http://www.gsoft.com.au
"The nice thing about standards is that there
are so many of them to choose from."
  -- Andrew Tanenbaum
GPG Fingerprint - 5596 B766 97C0 0E94 4347 295E E593 DC20 7B3F CE8C
-------------- next part --------------
DEFAULT Group == "disabled", Auth-Type := Reject
		Reply-Message = "Your account has been disabled."

-------------- next part --------------
client 127.0.0.1 {
	secret		= password
	shortname	= localhost
	nastype		= other
}

-------------- next part --------------
#confdir = /usr/local/etc/raddb

eap {
	default_eap_type = tls
	timer_expire     = 60
	ignore_unknown_eap_types = no
	cisco_accounting_username_bug = no

	md5 {
	}

	tls {
		#private_key_password = seekritpassword
		private_key_file = ${confdir}/certs/wrt.key
		certificate_file = ${confdir}/certs/wrt.crt
		CA_file = ${confdir}/certs/ca.crt
		dh_file = ${confdir}/certs/dh
		random_file = /dev/random
		fragment_size = 1024
	}

	ttls {
		default_eap_type = md5
		copy_request_to_tunnel = no
		use_tunneled_reply = no

	}

	peap {
		default_eap_type = mschapv2
	}

	mschapv2 {
	}
}

-------------- next part --------------

-------------- next part --------------
prefix = /usr/local
exec_prefix = ${prefix}
sysconfdir = ${prefix}/etc
localstatedir = /var
sbindir = ${exec_prefix}/sbin
logdir = /var/log
raddbdir = ${sysconfdir}/raddb
radacctdir = ${logdir}/radacct
confdir = ${raddbdir}

listen {
	ipaddr = *
	port = 0
	type = auth
}

thread pool {
	start_servers = 1
	max_servers = 4
	min_spare_servers = 1
	max_spare_servers = 3
	max_requests_per_server = 0
}

$INCLUDE  ${confdir}/clients.conf

modules {
	pap {
		encryption_scheme = clear
	}

	chap {
		authtype = CHAP
	}

	mschap {
		authtype = MS-CHAP
		with_ntdomain_hack = yes
	}

	mschapv2 {
	}

	$INCLUDE ${confdir}/eap.conf

	files {
		usersfile = ${confdir}/users
		compat = no
	}
}

authorize {
	files
	eap
}

authenticate {
	eap
}

-------------- next part --------------
DEFAULT Group == "disabled", Auth-Type := Reject
		Reply-Message = "Your account has been disabled."
testuser    User-Password == "testpassword"


-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.freeradius.org/pipermail/freeradius-devel/attachments/20060502/54937f26/attachment.pgp>


More information about the Freeradius-Devel mailing list