Fast session resumption segfault (was: Testing 3.0/master)

Phil Mayers p.mayers at imperial.ac.uk
Mon Oct 17 20:58:08 CEST 2011


On 10/09/2011 11:20 AM, Phil Mayers wrote:
> So, I've just compiled up the current "master", and a few things stand
> out. Using my existing 2.1.12 config:
>
> 1. EAP-TTLS/MSCHAP doesn't seem to work any more; the MS-CHAP
> challenge/response are wrong. PEAP works fine. Haven't looked into this
> yet.
>
> 2. rlm_eap_tls now mandates "private_key_password" even if the key is
> not encrypted on disk. You can specify anything - but you must specify
> it. Behaviour change, but not particularly onerous.
>
> 3. Fast Session resumption seems to give a segfault - request_finish
> calls pairfree on process.c:1085 and the value seems to be corrupt. The
> backtrace is a bit useless, since most of the values are optimised out
> (grr gcc) but I will try to get more info.

More info - todays HEAD dies with:

(14) peap : Success
(14) peap : Adding cached attributes to the reply:
	8:��9 <INVALID-TOKEN>
	 <INVALID-TOKEN>
(14) eap : Freeing handler
*** glibc detected *** /usr/local/sbin/radiusd: double free or 
corruption (out): 0x000000000086f670 ***
======= Backtrace: =========
/lib64/libc.so.6[0x398767245f]
/lib64/libc.so.6(cfree+0x4b)[0x39876728bb]
/usr/local/lib/libfreeradius-radius-3.0.0.so(pairfree+0x1f)[0x2aaaaaac3e1f]
/usr/local/sbin/radiusd(session_close+0x39)[0x4387f9]
/usr/local/sbin/radiusd(session_free+0x36)[0x4388a6]
/usr/local/lib/rlm_eap.so(eap_handler_free+0x97)[0x2aaaac139837]
/usr/local/lib/rlm_eap.so[0x2aaaac1379ce]
/usr/local/sbin/radiusd(modcall+0xa2d)[0x41f6dd]
/usr/local/sbin/radiusd(indexed_modcall+0xc5)[0x41c6e5]
/usr/local/sbin/radiusd(rad_authenticate+0x855)[0x40be55]
/usr/local/sbin/radiusd[0x42bfa3]
/usr/local/sbin/radiusd[0x429e9b]
/usr/local/sbin/radiusd(request_insert+0x240)[0x42bdb0]
/usr/local/sbin/radiusd(request_receive+0xa9)[0x42e559]
/usr/local/sbin/radiusd[0x419756]
/usr/local/sbin/radiusd[0x429378]
/usr/local/lib/libfreeradius-radius-3.0.0.so(fr_event_loop+0x344)[0x2aaaaaac7814]
/usr/local/sbin/radiusd(main+0x57e)[0x4203fe]
/lib64/libc.so.6(__libc_start_main+0xf4)[0x398761d994]

...when doing an SSL session resume. No more time to look today, will 
investigate tomorrow.

p.s. I like the new quieter build!



More information about the Freeradius-Devel mailing list