Freeradius 1.0.2 crashes in startup due tls

Mikko Saarinen mikko.saarinen at radionet.com
Tue May 31 12:15:40 CEST 2005 

Hey,

Not sure if this would belong to devel list, but still.

I'm trying to test the PEAP support, but Freeradius 1.0.2 dies when
it loads and configures the tls module. In older version 0.9.3 the
tls works a-ok, but it has no peap support.

Anyone have idea if this is a known problem and if there is version
in which the peap runs.

OpenSSL version:
OpenSSL 0.9.7e 25 Oct 2004

Here is the log and stack from running radiusd -X under gdb:

(gdb) run -X
Starting program: /usr/local/sbin/radiusd -X
(no debugging symbols found)
[Thread debugging using libthread_db enabled]
[New Thread 16384 (LWP 5377)]
Starting - reading configuration files ...
reread_config:  reading radiusd.conf
Config:   including file: /usr/local/etc/raddb/proxy.conf
Config:   including file: /usr/local/etc/raddb/clients.conf
Config:   including file: /usr/local/etc/raddb/snmp.conf
Config:   including file: /usr/local/etc/raddb/sql.conf
 main: prefix = "/usr/local"
 main: localstatedir = "/usr/local/var"
 main: logdir = "/usr/local/var/log/radius"
 main: libdir = "/usr/local/lib"
 main: radacctdir = "/usr/local/var/log/radius/radacct"
 main: hostname_lookups = no
 main: max_request_time = 30
 main: cleanup_delay = 5
 main: max_requests = 1024
 main: delete_blocked_requests = 0
 main: port = 0
 main: allow_core_dumps = no
 main: log_stripped_names = no
 main: log_file = "/usr/local/var/log/radius/radius.log"
 main: log_auth = no
 main: log_auth_badpass = no
 main: log_auth_goodpass = no
 main: pidfile = "/usr/local/var/run/radiusd/radiusd.pid"
 main: bind_address = 192.168.1.50 IP address [192.168.1.50]
 main: user = "(null)"
 main: group = "(null)"
 main: usercollide = no
 main: lower_user = "no"
 main: lower_pass = "no"
 main: nospace_user = "no"
 main: nospace_pass = "no"
 main: checkrad = "/usr/local/sbin/checkrad"
 main: proxy_requests = yes
 proxy: retry_delay = 5
 proxy: retry_count = 3
 proxy: synchronous = no
 proxy: default_fallback = yes
 proxy: dead_time = 120
 proxy: post_proxy_authorize = yes
 proxy: wake_all_if_all_dead = no
 security: max_attributes = 200
 security: reject_delay = 1
 security: status_server = no
 main: debug_level = 0
read_config_files:  reading dictionary
read_config_files:  reading naslist
Using deprecated naslist file.  Support for this will go away soon.
read_config_files:  reading clients
read_config_files:  reading realms
radiusd:  entering modules setup
Module: Library search path is /usr/local/lib
Module: Loaded expr
Module: Instantiated expr (expr)
Module: Loaded PAP
 pap: encryption_scheme = "crypt"
Module: Instantiated pap (pap)
Module: Loaded CHAP
Module: Instantiated chap (chap)
Module: Loaded MS-CHAP
 mschap: use_mppe = yes
 mschap: require_encryption = no
 mschap: require_strong = no
 mschap: with_ntdomain_hack = no
 mschap: passwd = "(null)"
 mschap: authtype = "MS-CHAP"
 mschap: ntlm_auth = "(null)"
Module: Instantiated mschap (mschap)
Module: Loaded System
 unix: cache = no
 unix: passwd = "(null)"
 unix: shadow = "(null)"
 unix: group = "(null)"
 unix: radwtmp = "/usr/local/var/log/radius/radwtmp"
 unix: usegroup = no
 unix: cache_reload = 600
Module: Instantiated unix (unix)
Module: Loaded eap
 eap: default_eap_type = "peap"
 eap: timer_expire = 60
 eap: ignore_unknown_eap_types = no
 eap: cisco_accounting_username_bug = no
rlm_eap: Loaded and initialized type md5
rlm_eap: Loaded and initialized type leap
 tls: rsa_key_exchange = no
 tls: dh_key_exchange = yes
 tls: rsa_key_length = 512
 tls: dh_key_length = 512
 tls: verify_depth = 0
 tls: CA_path = "(null)"
 tls: pem_file_type = yes
 tls: private_key_file = "/usr/local/etc/raddb/foocerts/privkey.pem"
 tls: certificate_file = "/usr/local/etc/raddb/foocerts/cacert.pem"
 tls: CA_file = "/usr/local/etc/raddb/foocerts/cacert.pem"
 tls: private_key_password = "SecretKeyPass77"
 tls: dh_file = "/usr/local/etc/raddb/certs/dh"
 tls: random_file = "/dev/urandom"
 tls: fragment_size = 1024
 tls: include_length = yes
rlm_eap_tls: conf N ctx stored
rlm_eap: Loaded and initialized type tls

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 16384 (LWP 5377)]
0x400630df in lt_dlsym (handle=0x815e3f0, symbol=0xbfffe970
"rlm_eap_peap")
    at ltdl.c:3330
3330      lensym = LT_STRLEN (symbol) + LT_STRLEN
(handle->loader->sym_prefix)
(gdb) bt
#0  0x400630df in lt_dlsym (handle=0x815e3f0, symbol=0xbfffe970
"rlm_eap_peap")
    at ltdl.c:3330
#1  0x402324c7 in eaptype_load (type=0xc, eap_type=12, cs=0xc) at
eap.c:114
#2  0x40231aea in eap_instantiate (cs=0x80a7410, instance=0xc) at
rlm_eap.c:134
#3  0x080558f3 in find_module_instance ()
#4  0x08056cd5 in modcall ()
#5  0x08056e32 in compile_modsingle ()
#6  0x08055dad in find_module_instance ()
#7  0x08056144 in setup_modules ()
#8  0x0804cea0 in main ()
(gdb)


-- 
Mikko Saarinen  mikko.saarinen at radionet.com

More information about the Freeradius-Users mailing list