<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
</head>
<body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; ">
Hello,
<div><br>
</div>
<div>This morning I was attempting to move dialup (PPP) authentication to FreeRadius, and was met with a segmentation fault. I am using version 2.2 on RHEL. Below are details of my configuration. Users are using MSCHAPv2.</div>
<div><br>
</div>
<div><b>/etc/raddb/users</b></div>
<div><br>
</div>
<div>DEFAULT Framed-Protocol == PPP, Proxy-To-Realm := DIALUP_REALM</div>
<div><br>
</div>
<div><b>/etc/raddb/proxy.conf</b></div>
<div><br>
</div>
<div>realm DIALUP_REALM {</div>
<div><span class="Apple-tab-span" style="white-space:pre"></span>virtual server = dialup</div>
<div>}</div>
<div><br>
</div>
<div><b>/etc/raddb/sites-enabled/dialup</b></div>
<div><br>
</div>
<div>server dialup {</div>
<div><span class="Apple-tab-span" style="white-space:pre"></span>authorize {</div>
<div><span class="Apple-tab-span" style="white-space:pre"></span>files</div>
<div><span class="Apple-tab-span" style="white-space:pre"></span>mschap</div>
<div><span class="Apple-tab-span" style="white-space:pre"></span>pap</div>
<div><span class="Apple-tab-span" style="white-space:pre"></span>}</div>
<div><span class="Apple-tab-span" style="white-space:pre"></span>authenticate {</div>
<div><span class="Apple-tab-span" style="white-space:pre"></span>Auth-Type PAP {</div>
<div><span class="Apple-tab-span" style="white-space:pre"></span>pap</div>
<div><span class="Apple-tab-span" style="white-space:pre"></span>}</div>
<div><span class="Apple-tab-span" style="white-space:pre"></span>Auth-Type MS-CHAP {</div>
<div><span class="Apple-tab-span" style="white-space:pre"></span>mschap</div>
<div><span class="Apple-tab-span" style="white-space:pre"></span>}</div>
<div><span class="Apple-tab-span" style="white-space:pre"></span>}</div>
<div><span class="Apple-tab-span" style="white-space:pre"></span>post-auth {</div>
<div><span class="Apple-tab-span" style="white-space:pre"></span>#20+ group checks via LDAP</div>
<div><span class="Apple-tab-span" style="white-space:pre"></span>}</div>
<div>}</div>
<div><br>
</div>
<div><br>
</div>
<div>In this configuration, I get a segmentation fault. It occurs before the mschap module is called in the authenticate stanza. (I cannot provide debug at this time, since I am outside the service window.)</div>
<div><br>
</div>
<div>If I remove the manual proxying from the users file, the default server will handle the request fine. The default server looks like this:</div>
<div><br>
</div>
<div><br>
</div>
<div>authorize {</div>
<div><span class="Apple-tab-span" style="white-space:pre"></span>preprocess</div>
<div><span class="Apple-tab-span" style="white-space:pre"></span>chap</div>
<div><span class="Apple-tab-span" style="white-space:pre"></span>mschap</div>
<div><span class="Apple-tab-span" style="white-space:pre"></span>files</div>
<div><span class="Apple-tab-span" style="white-space:pre"></span>suffix</div>
<div><span class="Apple-tab-span" style="white-space:pre"></span>eap {</div>
<div><span class="Apple-tab-span" style="white-space:pre"></span>ok = return</div>
<div><span class="Apple-tab-span" style="white-space:pre"></span>}</div>
<div><span class="Apple-tab-span" style="white-space:pre"></span>expiration</div>
<div><span class="Apple-tab-span" style="white-space:pre"></span>logintime</div>
<div><span class="Apple-tab-span" style="white-space:pre"></span>pap</div>
<div>}</div>
<div><br>
</div>
<div>authenticate {</div>
<div><span class="Apple-tab-span" style="white-space:pre"></span>Auth-Type PAP {</div>
<div><span class="Apple-tab-span" style="white-space:pre"></span>pap</div>
<div><span class="Apple-tab-span" style="white-space:pre"></span>}</div>
<div><span class="Apple-tab-span" style="white-space:pre"></span>Auth-Type CHAP {</div>
<div><span class="Apple-tab-span" style="white-space:pre"></span>chap</div>
<div><span class="Apple-tab-span" style="white-space:pre"></span>}</div>
<div><span class="Apple-tab-span" style="white-space:pre"></span>Auth-Type MS-CHAP {</div>
<div><span class="Apple-tab-span" style="white-space:pre"></span>mschap</div>
<div><span class="Apple-tab-span" style="white-space:pre"></span>}</div>
<div><span class="Apple-tab-span" style="white-space:pre"></span>unix</div>
<div><span class="Apple-tab-span" style="white-space:pre"></span>eap</div>
<div>}</div>
<div><br>
</div>
<div>Finally, if I put the manual proxy back in, and mirror the default server in my dialup virtual server, the seg fault returns.</div>
<div><br>
</div>
<div>Any ideas would be appreciated.</div>
<div><br>
</div>
<div>Dave</div>
<div><br>
</div>
<div>
<div apple-content-edited="true"></div>
<br>
</div>
</body>
</html>