Possible FreeBSD Jail problem, or other bug in/with FreeRADIUS 2.0.0-pre2
Scott Lambert
lambert at lambertfam.org
Fri Sep 21 17:51:31 CEST 2007
On Fri, Sep 21, 2007 at 05:02:43PM +0200, Alan DeKok wrote:
> Scott Lambert wrote:
> > If I need to look deeper into the problem on my own, I will be happy to
> > do so. If I have, once again, picked on a piece of the code that has
> > no bearing in my issue, please don't be afraid to tell me I am being
> > stupid.
>
> I don't think I have any issues doing that...
:-)
> ...
> >> That's all well and good. However, perhaps the problem comes when
> >> we get to recv_one_packet() in radclient.c and unconditionally set
> >> reply->dst_ipaddr = client_ipaddr which is apparantly due to "udpfromto
> >> issues."
> >>
> >> /*
> >> * udpfromto issues. We may have bound to "*",
> >> * and we want to find the replies that are sent to
> >> * (say) 127.0.0.1.
> >> */
> >> reply->dst_ipaddr = client_ipaddr;
> >>
> >> Commenting that line out makes my jail work.
>
> OK, I see why that works for radclient. I recall, though, that the
> original issue you ran into was with proxying. Do you still have an
> issue with that, or does this one-line fix address everything?
I've been expecting that there would be a similar chunk of code in the
server that I could go find if you thought I was on the right track.
I have not had sufficient confidence in my code reading to trust my
changes to the now semi-production server.
I would not expect that code in radclient.c could fix radiusd. I've
been wrong before.
I've been using radclient to debug because you indicated that it
used the same library for matching up packets. If the above is
legitimately the bug I was looking for, I'll have to solve the proxy
issue seperately, but with a better idea of what I am looking for.
I will do my homework, look for a similar line in the daemon code, and
get back to you, hopefully tonight or tomorrow.
--
Scott Lambert KC5MLE Unix SysAdmin
lambert at lambertfam.org
More information about the Freeradius-Users
mailing list