segmentation fault in rlm_attr_rewrite and eaptls module

nikitha sumi.techno at gmail.com
Fri Apr 6 17:46:41 CEST 2007


Hi All,

Continued.. from my previous mail..
I am seeing some more issues when i restarted radiusd. Please see the debug
log below.

rad_recv: Access-Request packet from host 192.168.1.1:18007, id=13,
length=319

        User-Name = "anonymous"
        Called-Station-Id = "00-15-70-23-E5-60:wpa_psk"
        Calling-Station-Id = "00-00-00-22-00-8B"
        NAS-Port = 4
        NAS-Port-Type = Wireless-802.11
        Framed-MTU = 1400
        Service-Type = Framed-User
        NAS-IP-Address = 192.168.1.1
        NAS-Identifier = "Wireless Services"
        NAS-Port-Id = "wpa_psk"
        Connect-Info = "CONNECT 54Mbps 802.11a"
        State = 0x3d55ed1056c3716334e831a761baf07e
        EAP-Message =
0x0202007019800000006616030100610100005d0301461654c362b26af0ff6d48f398a5156d6566ebbced03258c344461681761d8ed00003600390038003500160013000a00330032002f0007006600050004006300620061001500120009006500640060001400110008000600030100
        Message-Authenticator = 0x572da3efc1f70fab4cbd23469ec0722a
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 1163
  modcall[authorize]: module "preprocess" returns ok for request 1163
radius_xlat:  'anonymous'
rlm_attr_rewrite: Added attribute Stripped-User-Name with value 'anonymous'
  modcall[authorize]: module "copy_user_name" returns ok for request 1163
radius_xlat:  '^(.*[\/]+)'
rlm_attr_rewrite: No match found for attribute Stripped-User-Name with value
'anonymous'
  modcall[authorize]: module "add_dollar_sign" returns ok for request 1163
  modcall[authorize]: module "etc_passwd" returns notfound for request 1163
  modcall[authorize]: module "etc_group" returns notfound for request 1163
  modcall[authorize]: module "chap" returns noop for request 1163
  modcall[authorize]: module "mschap" returns noop for request 1163
    rlm_realm: No '/' in User-Name = "anonymous", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix_oblic" returns noop for request 1163
    rlm_realm: No '\' in User-Name = "anonymous", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix_oblic_fs" returns noop for request 1163
    rlm_realm: No '/' in User-Name = "anonymous", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "prefix_oblic" returns noop for request 1163
    rlm_realm: No '\' in User-Name = "anonymous", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "prefix_oblic_fs" returns noop for request 1163
    rlm_realm: No '@' in User-Name = "anonymous", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix_at" returns noop for request 1163
    rlm_realm: No '@' in User-Name = "anonymous", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "prefix_at" returns noop for request 1163
    rlm_realm: No '%' in User-Name = "anonymous", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix_percent" returns noop for request 1163
    rlm_realm: No '%' in User-Name = "anonymous", looking up realm NULL
  modcall[authorize]: module "prefix_percent" returns noop for request 1163
    users: Matched entry anonymous at line 5
  modcall[authorize]: module "files" returns ok for request 1163
  rlm_eap: EAP packet type response id 2 length 112
  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
  modcall[authorize]: module "eap" returns updated for request 1163
modcall: leaving group authorize (returns updated) for request 1163
  rad_check_password:  Found Auth-Type EAP
  rad_check_password:  Found Auth-Type EAP
Warning:  Found 2 auth-types on request for user 'anonymous'
auth: type "EAP"
  Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 1163
  rlm_eap: Request found, released from the list
  rlm_eap: EAP/peap
  rlm_eap: processing type peap
  rlm_eap_peap: Authenticate
  rlm_eap_tls: processing TLS
rlm_eap_tls:  Length Included
  eaptls_verify returned 11
    (other): before/accept initialization
    TLS_accept: before/accept initialization
  rlm_eap_tls: <<< TLS 1.0 Handshake [length 0061], ClientHello

Program received signal SIGSEGV, Segmentation fault.
0xb7e71b10 in mallopt () from /lib/libc.so.6
(gdb) where
#0  0xb7e71b10 in mallopt () from /lib/libc.so.6
#1  0xb7e721b0 in mallopt () from /lib/libc.so.6
#2  0xb7e70b38 in realloc () from /lib/libc.so.6
#3  0xb7c0c794 in default_realloc_ex () from /usr/lib/libcrypto.so.0.9.8
#4  0x00000040 in ?? ()
#5  0xb7cf36c0 in ?? () from /usr/lib/libcrypto.so.0.9.8
#6  0xb7c0cfeb in CRYPTO_realloc () from /usr/lib/libcrypto.so.0.9.8
#7  0x08158db8 in ?? ()
#8  0x00000040 in ?? ()
#9  0xb7ce8c45 in dummy_nid () from /usr/lib/libcrypto.so.0.9.8
#10 0x00000096 in ?? ()
#11 0xb7d27e50 in SSL_CTX_callback_ctrl () from /usr/lib/libssl.so.0.9.8
#12 0xb7d37880 in ?? () from /usr/lib/libssl.so.0.9.8
#13 0xb7cf36c0 in ?? () from /usr/lib/libcrypto.so.0.9.8
#14 0xb7ce8c45 in dummy_nid () from /usr/lib/libcrypto.so.0.9.8
#15 0x00000096 in ?? ()
#16 0x08140ab0 in ?? ()
#17 0xb7c73439 in sk_insert () from /usr/lib/libcrypto.so.0.9.8
#18 0x08158db8 in ?? ()
#19 0x00000040 in ?? ()
#20 0xb7ce8c45 in dummy_nid () from /usr/lib/libcrypto.so.0.9.8
#21 0x00000096 in ?? ()
#22 0x08140ab0 in ?? ()
---Type <return> to continue, or q <return> to quit---
#23 0xb7ce8c45 in dummy_nid () from /usr/lib/libcrypto.so.0.9.8
#24 0x03000032 in ?? ()
#25 0xb7cf36c0 in ?? () from /usr/lib/libcrypto.so.0.9.8
#26 0x0000000e in ?? ()
#27 0x00000002 in ?? ()
#28 0x081684d9 in ?? ()
#29 0xb7c73579 in sk_push () from /usr/lib/libcrypto.so.0.9.8
#30 0xb7d38760 in ssl3_ciphers () from /usr/lib/libssl.so.0.9.8
#31 0x00000007 in ?? ()
#32 0xb7c7328b in sk_new_null () from /usr/lib/libcrypto.so.0.9.8
#33 0xb7d2c090 in SSL_SESSION_get_id () from /usr/lib/libssl.so.0.9.8
#34 0xb7d37880 in ?? () from /usr/lib/libssl.so.0.9.8
#35 0xb7d282a3 in ssl_bytes_to_cipher_list () from /usr/lib/libssl.so.0.9.8
#36 0xb7d38760 in ssl3_ciphers () from /usr/lib/libssl.so.0.9.8
#37 0x00000020 in ?? ()
#38 0x000000e1 in ?? ()
#39 0x00000064 in ?? ()
#40 0x08158f0c in ?? ()
#41 0x08140ab0 in ?? ()
#42 0xb7d37880 in ?? () from /usr/lib/libssl.so.0.9.8
#43 0x00000036 in ?? ()
#44 0x081684ff in ?? ()
#45 0x0815b220 in ?? ()
---Type <return> to continue, or q <return> to quit---
#46 0xb7d106a9 in ssl3_get_client_hello () from /usr/lib/libssl.so.0.9.8
#47 0x081684c9 in ?? ()
#48 0x00000036 in ?? ()
#49 0xbffce244 in ?? ()
#50 0x00004000 in ?? ()
#51 0xbffce248 in ?? ()
#52 0xbffce224 in ?? ()
#53 0xb7c79007 in EVP_DigestInit_ex () from /usr/lib/libcrypto.so.0.9.8
#54 0x00000000 in ?? ()
 Please let me know what could be the reason for this issue, and if there
are any fixes arround please let me know. Its very urgent.

Hope to get a reply soon.

Thanks in advance.
-- Nikitha

On 4/6/07, nikitha <sumi.techno at gmail.com> wrote:
>
> Hi All,
>
> I am running freeradius-1.1.1 for quite a long time. Never seen this kind
> of issue when few requests are sent to the radiusd.
> The issue is when many requests are coming, then radiusd is crashing or
> going in an infinite loop and hogging for 99.9% of CPU.
>
> Please find the debug logs below.
>
>   modcall[authorize]: module "preprocess" returns ok for request 1522
> radius_xlat:  'anonymous'
> rlm_attr_rewrite: Added attribute Stripped-User-Name with value
> 'anonymous'
>   modcall[authorize]: module "copy_user_name" returns ok for request 1522
> radius_xlat:  '^(.*[\/]+)'
>
> Program received signal SIGSEGV, Segmentation fault.
> 0xb7df9693 in mallopt () from /lib/libc.so.6
> (gdb) where
> #0  0xb7df9693 in mallopt () from /lib/libc.so.6
> #1  0xb7df877c in malloc () from /lib/libc.so.6
> #2  0xb7e2a329 in re_comp () from /lib/libc.so.6
> #3  0xb7e2a176 in re_comp () from /lib/libc.so.6
> #4  0xb7e29c4f in regcomp () from /lib/libc.so.6
> #5  0xb7b2e4d6 in do_attr_rewrite () from /usr/lib/rlm_attr_rewrite-
> 1.1.1.so
> #6  0xb7b2eb44 in attr_rewrite_authorize ()
>    from /usr/lib/rlm_attr_rewrite-1.1.1.so
> #7  0x08055f26 in module_post_auth ()
> #8  0x0805660d in modcall ()
> #9  0x08055f9a in module_post_auth ()
> #10 0x0805609c in module_post_auth ()
> #11 0x08056565 in modcall ()
> #12 0x08055269 in find_module_instance ()
> #13 0x08055b8a in module_authorize ()
> #14 0x0804d7a1 in rad_authenticate ()
> #15 0x08059d52 in rad_respond ()
> #16 0x08059a22 in main ()
>
>  and when i restarted the server the crash happened in eaptls module.
>
> rad_recv: Access-Request packet from host 192.168.1.1:7988, id=114,
> length=319
>         User-Name = "anonymous"
>         Called-Station-Id = "00-15-70-23-03-00:wpa_psk"
>         Calling-Station-Id = "00-00-00-22-00-07"
>         NAS-Port = 8
>         NAS-Port-Type = Wireless-802.11
>         Framed-MTU = 1400
>         Service-Type = Framed-User
>         NAS-IP-Address = 192.168.1.1
>         NAS-Identifier = "Wireless Services"
>         NAS-Port-Id = "wpa_psk"
>         Connect-Info = "CONNECT 54Mbps 802.11g"
>         State = 0x72fe4ac90661f9590e32dcb0c7059d75
>         EAP-Message =
> 0x0202007019800000006616030100610100005d030146161ab12118da21a43b116bb44c8bed120272f7b2796c3976e35bd114643a5c00003600390038003500160013000a00330032002f0007006600050004006300620061001500120009006500640060001400110008000600030100
>
>         Message-Authenticator = 0x9521947e080287f8034d050f25bc08ea
>   Processing the authorize section of radiusd.conf
> modcall: entering group authorize for request 2652
>   modcall[authorize]: module "preprocess" returns ok for request 2652
> radius_xlat:  'anonymous'
> rlm_attr_rewrite: Added attribute Stripped-User-Name with value
> 'anonymous'
>   modcall[authorize]: module "copy_user_name" returns ok for request 2652
> radius_xlat:  '^(.*[\/]+)'
> rlm_attr_rewrite: No match found for attribute Stripped-User-Name with
> value 'anonymous'
>   modcall[authorize]: module "add_dollar_sign" returns ok for request 2652
>   modcall[authorize]: module "etc_passwd" returns notfound for request
> 2652
>   modcall[authorize]: module "etc_group" returns notfound for request 2652
>   modcall[authorize]: module "chap" returns noop for request 2652
>   modcall[authorize]: module "mschap" returns noop for request 2652
>     rlm_realm: No '/' in User-Name = "anonymous", looking up realm NULL
>     rlm_realm: No such realm "NULL"
>   modcall[authorize]: module "suffix_oblic" returns noop for request 2652
>     rlm_realm: No '\' in User-Name = "anonymous", looking up realm NULL
>     rlm_realm: No such realm "NULL"
>   modcall[authorize]: module "suffix_oblic_fs" returns noop for request
> 2652
>     rlm_realm: No '/' in User-Name = "anonymous", looking up realm NULL
>     rlm_realm: No such realm "NULL"
>   modcall[authorize]: module "prefix_oblic" returns noop for request 2652
>     rlm_realm: No '\' in User-Name = "anonymous", looking up realm NULL
>     rlm_realm: No such realm "NULL"
>   modcall[authorize]: module "prefix_oblic_fs" returns noop for request
> 2652
>     rlm_realm: No '@' in User-Name = "anonymous", looking up realm NULL
>     rlm_realm: No such realm "NULL"
>   modcall[authorize]: module "suffix_at" returns noop for request 2652
>     rlm_realm: No '@' in User-Name = "anonymous", looking up realm NULL
>     rlm_realm: No such realm "NULL"
>   modcall[authorize]: module "prefix_at" returns noop for request 2652
>     rlm_realm: No '%' in User-Name = "anonymous", looking up realm NULL
>     rlm_realm: No such realm "NULL"
>   modcall[authorize]: module "suffix_percent" returns noop for request
> 2652
>     rlm_realm: No '%' in User-Name = "anonymous", looking up realm NULL
>     rlm_realm: No such realm "NULL"
>   modcall[authorize]: module "prefix_percent" returns noop for request
> 2652
>     users: Matched entry anonymous at line 5
>   modcall[authorize]: module "files" returns ok for request 2652
>   rlm_eap: EAP packet type response id 2 length 112
>   rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
>   modcall[authorize]: module "eap" returns updated for request 2652
> modcall: leaving group authorize (returns updated) for request 2652
>   rad_check_password:  Found Auth-Type EAP
>   rad_check_password:  Found Auth-Type EAP
> Warning:  Found 2 auth-types on request for user 'anonymous'
> auth: type "EAP"
>   Processing the authenticate section of radiusd.conf
> modcall: entering group authenticate for request 2652
>   rlm_eap: Request found, released from the list
>   rlm_eap: EAP/peap
>   rlm_eap: processing type peap
>   rlm_eap_peap: Authenticate
>   rlm_eap_tls: processing TLS
> rlm_eap_tls:  Length Included
>   eaptls_verify returned 11
>
> Program received signal SIGSEGV, Segmentation fault.
> 0xb7e86693 in mallopt () from /lib/libc.so.6
> (gdb) where
> #0  0xb7e86693 in mallopt () from /lib/libc.so.6
> #1  0xb7e8577c in malloc () from /lib/libc.so.6
> #2  0xb7bd8023 in eaptls_extract () from /usr/lib/libeap-1.1.1.so
> #3  0xb7bd81fc in eaptls_process () from /usr/lib/libeap-1.1.1.so
> #4  0xb7bc510f in eappeap_authenticate () from /usr/lib/rlm_eap_peap-
> 1.1.1.so
> #5  0xb7bde4fe in eaptype_call () from /usr/lib/rlm_eap-1.1.1.so
> #6  0xb7bde9bb in eaptype_select () from /usr/lib/rlm_eap-1.1.1.so
> #7  0xb7bdda81 in eap_authenticate () from /usr/lib/rlm_eap-1.1.1.so
> #8  0x08055f26 in module_post_auth ()
> #9  0x0805660d in modcall ()
> #10 0x08055f9a in module_post_auth ()
> #11 0x0805609c in module_post_auth ()
> #12 0x08056565 in modcall ()
> #13 0x08055269 in find_module_instance ()
> #14 0x08055bb2 in module_authenticate ()
> #15 0x0804d43b in rad_check_password ()
> #16 0x0804d9ac in rad_authenticate ()
> #17 0x08059d52 in rad_respond ()
> #18 0x08059a22 in main ()
>
> Please let me know the details about this issue.
> Awaiting for your reply..
>
> Thanks,
> Nikitha
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-devel/attachments/20070406/53031768/attachment.html>


More information about the Freeradius-Devel mailing list