<div dir="ltr">Hi everyone,<div><div><br></div><div>I have a freeRADIUS 2.0.4 server which has been running well for the past two years.</div><div>I am trying to integrate smoothly a modified version of the chap module. To do that I've been testing different approach on a VM for tests.</div>
<div><br></div><div><br></div><div>With the sources downloaded from <a href="http://packages.debian.org">packages.debian.org</a>, I wrote my version of rlm_chap.c. Everything compiles and works fine when i do:</div><div>
./configure</div>
<div> make</div><div> make install</div><div>from the source folder and run it with <i>radiusd</i>.</div><div>NB: To avoid lib conflicts i remove the libs generated in /usr/local/lib during installation before i start again /usr/sbin/freeradius</div>
<div><br></div><div>But now i would like to update my working version of freeradius (which was installed through an apt-get install) without causing much trouble. </div><div>As I only modified rlm_chap.c I thought i could simply replace the current library </div>
<div>/usr/lib/<a href="http://rlm_chap-2.0.4.so">rlm_chap-2.0.4.so</a></div><div>with the one produced during compilation </div><div>freeradius-2.0.4/src/modules/rlm_chap/.libs/<a href="http://rlm_chap-2.0.4.so">rlm_chap-2.0.4.so</a></div>
<div><br></div><div>After that i restart freeradius (the apt-get version) with</div><div>freeradius -X</div><div>Everything looks fine but when i send a request i get a segmentation fault when the server tries to enter chap module. (see the debug entry further)</div>
<div><br></div><div><br></div><div><div>If i go back and replace /usr/lib/freeradius/<a href="http://rlm_chap-2.0.4.so">rlm_chap-2.0.4.so</a> by the original</div><div>Everything works fine again.</div><div><br></div><div>
I am pretty sure it has something to do with compilation and the way files were generated.</div><div>Do you think it is possible to do what I want? i.e. inserting a modified library into the working set of library.</div>
<div>
Reinstalling the working freeradius or using the compiled files is not an possibility.</div><div><br></div><div><br></div><div>If you have any idea on what I am doing wrong (I am still a beginner and I probably do a lot of things wrong), please feel free to tell me and to share with me if you had similar situations.</div>
<div><br></div><div>Thanks !</div><div>Regards,</div><div><br></div><div>Yoann Couble</div></div><div><br></div><div>PS: *tldr: I want to replace chap library by a modified library of mine*</div><div><br></div><div>Here is the debug entry</div>
<div>-------------------------------------------------------------------------------------------------------------------------------------------</div><div># freeradius -X<br></div><div>FreeRADIUS Version 2.0.4, for host x86_64-pc-linux-gnu, built on Sep 11 2012 at 17:06:46<br>
Copyright (C) 1999-2009 The FreeRADIUS server project and contributors. <br>There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A <br>PARTICULAR PURPOSE. <br>You may redistribute copies of FreeRADIUS under the terms of the <br>
GNU General Public License v2. <br>Starting - reading configuration files ...<br>including configuration file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/radiusd.conf">/radiusd.conf</a><br>
including configuration file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/proxy.conf">/proxy.conf</a><br>including configuration file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/clients.conf">/clients.conf</a><br>
including files in directory <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/modules/">/modules/</a><br>including configuration file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/modules/digest">/modules/digest</a><br>
including configuration file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/modules/linelog">/modules/linelog</a><br>including configuration file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/modules/always">/modules/always</a><br>
including configuration file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/modules/dynamic_clients">/modules/dynamic_clients</a><br>including configuration file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/modules/opendirectory">/modules/opendirectory</a><br>
including configuration file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/modules/cui">/modules/cui</a><br>including configuration file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/modules/unix">/modules/unix</a><br>
including configuration file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/modules/inner-eap">/modules/inner-eap</a><br>including configuration file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/modules/mschap">/modules/mschap</a><br>
including configuration file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/modules/attr_filter">/modules/attr_filter</a><br>including configuration file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/modules/chap">/modules/chap</a><br>
including configuration file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/modules/sql_log">/modules/sql_log</a><br>including configuration file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/modules/pap">/modules/pap</a><br>
including configuration file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/modules/exec">/modules/exec</a><br>including configuration file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/modules/expiration">/modules/expiration</a><br>
including configuration file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/modules/ntlm_auth">/modules/ntlm_auth</a><br>including configuration file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/modules/acct_unique">/modules/acct_unique</a><br>
including configuration file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/modules/counter">/modules/counter</a><br>including configuration file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/modules/perl">/modules/perl</a><br>
including configuration file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/modules/checkval">/modules/checkval</a><br>including configuration file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/modules/sqlcounter_expire_on_login">/modules/sqlcounter_expire_on_login</a><br>
including configuration file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/modules/logintime">/modules/logintime</a><br>including configuration file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/modules/radutmp">/modules/radutmp</a><br>
including configuration file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/modules/echo">/modules/echo</a><br>including configuration file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/modules/detail">/modules/detail</a><br>
including configuration file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/modules/preprocess">/modules/preprocess</a><br>including configuration file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/modules/smsotp">/modules/smsotp</a><br>
including configuration file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/modules/krb5">/modules/krb5</a><br>including configuration file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/modules/files">/modules/files</a><br>
including configuration file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/modules/sradutmp">/modules/sradutmp</a><br>including configuration file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/modules/ldap">/modules/ldap</a><br>
including configuration file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/modules/realm">/modules/realm</a><br>including configuration file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/modules/ippool">/modules/ippool</a><br>
including configuration file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/modules/detail.example.com">/modules/detail.example.com</a><br>including configuration file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/modules/etc_group">/modules/etc_group</a><br>
including configuration file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/modules/smbpasswd">/modules/smbpasswd</a><br>including configuration file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/modules/attr_rewrite">/modules/attr_rewrite</a><br>
including configuration file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/modules/passwd">/modules/passwd</a><br>including configuration file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/modules/policy">/modules/policy</a><br>
including configuration file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/modules/detail.log">/modules/detail.log</a><br>including configuration file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/modules/mac2ip">/modules/mac2ip</a><br>
including configuration file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/modules/otp">/modules/otp</a><br>including configuration file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/modules/pam">/modules/pam</a><br>
including configuration file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/modules/wimax">/modules/wimax</a><br>including configuration file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/modules/expr">/modules/expr</a><br>
including configuration file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/modules/mac2vlan">/modules/mac2vlan</a><br>including configuration file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/eap.conf">/eap.conf</a><br>
including configuration file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/sql.conf">/sql.conf</a><br>including configuration file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/sql/">/sql/</a><a style="color:rgb(52,101,164)" href="/dialup.conf">/dialup.conf</a><br>
including configuration file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/policy.conf">/policy.conf</a><br>including files in directory <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/sites-enabled/">/sites-enabled/</a><br>
including configuration file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/sites-enabled/default">/sites-enabled/default</a><br>including configuration file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/sites-enabled/inner-tunnel">/sites-enabled/inner-tunnel</a><br>
main {<br> user = "freerad"<br> group = "freerad"<br> allow_core_dumps = no<br>}<br>including dictionary file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/dictionary">/dictionary</a><br>
main {<br> prefix = "/usr"<br> localstatedir = "/var"<br> logdir = "/var/log/freeradius"<br> libdir = "/usr/lib/freeradius"<br> radacctdir = "/var/log/freeradius/radacct"<br>
hostname_lookups = no<br> max_request_time = 30<br> cleanup_delay = 5<br> max_requests = 1024<br> pidfile = "/var/run/freeradius/freeradius.pid"<br> checkrad = "/usr/sbin/checkrad"<br>
debug_level = 0<br> proxy_requests = yes<br> log {<br> stripped_names = no<br> auth = no<br> auth_badpass = no<br> auth_goodpass = no<br> }<br> security {<br> max_attributes = 200<br>
reject_delay = 1<br> status_server = yes<br> }<br>}<br>radiusd: #### Loading Realms and Home Servers ####<br> proxy server {<br> retry_delay = 5<br> retry_count = 3<br> default_fallback = no<br>
dead_time = 120<br> wake_all_if_all_dead = no<br> }<br> home_server localhost {<br> ipaddr = 127.0.0.1<br> port = 1812<br> type = "auth"<br> secret = "testing123"<br>
response_window = 20<br> max_outstanding = 65536<br> require_message_authenticator = yes<br> zombie_period = 40<br> status_check = "status-server"<br> ping_interval = 30<br>
check_interval = 30<br> num_answers_to_alive = 3<br> num_pings_to_alive = 3<br> revive_interval = 120<br> status_check_timeout = 4<br> irt = 2<br> mrt = 16<br> mrc = 5<br>
mrd = 30<br> }<br> home_server_pool my_auth_failover {<br> type = fail-over<br> home_server = localhost<br> }<br> realm <a href="http://example.com">example.com</a> {<br> auth_pool = my_auth_failover<br>
}<br> realm LOCAL {<br> }<br>radiusd: #### Loading Clients ####<br> client <a href="http://0.0.0.0/1">0.0.0.0/1</a> {<br> require_message_authenticator = no<br> secret = "secret"<br> }<br> client <a href="http://128.0.0.0/1">128.0.0.0/1</a> {<br>
require_message_authenticator = no<br> secret = "secret"<br> }<br>radiusd: #### Instantiating modules ####<br> instantiate {<br> Module: Linked to module rlm_exec<br> Module: Instantiating module "exec" from file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/modules/exec">/modules/exec</a><br>
exec {<br> wait = no<br> input_pairs = "request"<br> shell_escape = yes<br> }<br> Module: Linked to module rlm_expr<br> Module: Instantiating module "expr" from file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/modules/expr">/modules/expr</a><br>
Module: Linked to module rlm_expiration<br> Module: Instantiating module "expiration" from file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/modules/expiration">/modules/expiration</a><br>
expiration {<br> reply-message = "Password Has Expired "<br> }<br> Module: Linked to module rlm_logintime<br> Module: Instantiating module "logintime" from file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/modules/logintime">/modules/logintime</a><br>
logintime {<br> reply-message = "You are calling outside your allowed timespan "<br> minimum-timeout = 60<br> }<br> }<br>radiusd: #### Loading Virtual Servers ####<br>server inner-tunnel { # from file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/sites-enabled/inner-tunnel">/sites-enabled/inner-tunnel</a><br>
modules {<br> Module: Checking authenticate {...} for more modules to load<br> Module: Linked to module rlm_pap<br> Module: Instantiating module "pap" from file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/modules/pap">/modules/pap</a><br>
pap {<br> encryption_scheme = "auto"<br> auto_header = no<br> }<br> Module: Linked to module rlm_chap<br> Module: Instantiating module "chap" from file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/modules/chap">/modules/chap</a><br>
Module: Linked to module rlm_mschap<br> Module: Instantiating module "mschap" from file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/modules/mschap">/modules/mschap</a><br>
mschap {<br> use_mppe = yes<br> require_encryption = no<br> require_strong = no<br> with_ntdomain_hack = no<br> }<br> Module: Linked to module rlm_unix<br> Module: Instantiating module "unix" from file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/modules/unix">/modules/unix</a><br>
unix {<br> radwtmp = "/var/log/freeradius/radwtmp"<br> }<br> Module: Linked to module rlm_eap<br> Module: Instantiating module "eap" from file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/eap.conf">/eap.conf</a><br>
eap {<br> default_eap_type = "md5"<br> timer_expire = 60<br> ignore_unknown_eap_types = no<br> cisco_accounting_username_bug = no<br> max_sessions = 4096<br> }<br> Module: Linked to sub-module rlm_eap_md5<br>
Module: Instantiating eap-md5<br> Module: Linked to sub-module rlm_eap_leap<br> Module: Instantiating eap-leap<br> Module: Linked to sub-module rlm_eap_gtc<br> Module: Instantiating eap-gtc<br> gtc {<br> challenge = "Password: "<br>
auth_type = "PAP"<br> }<br> Module: Linked to sub-module rlm_eap_tls<br> Module: Instantiating eap-tls<br> tls {<br> rsa_key_exchange = no<br> dh_key_exchange = yes<br> rsa_key_length = 512<br>
dh_key_length = 512<br> verify_depth = 0<br> CA_path = "/etc/freeradius/certs"<br> pem_file_type = yes<br> private_key_file = "/etc/freeradius/certs/server.key"<br>
certificate_file = "/etc/freeradius/certs/server.pem"<br>
CA_file = "/etc/freeradius/certs/ca.pem"<br> private_key_password = "whatever"<br> dh_file = "/etc/freeradius/certs/dh"<br> random_file = "/dev/urandom"<br>
fragment_size = 1024<br> include_length = yes<br> check_crl = no<br> cipher_list = "DEFAULT"<br> make_cert_command = "/etc/freeradius/certs/bootstrap"<br> cache {<br>
enable = no<br> lifetime = 24<br> max_entries = 255<br> }<br> verify {<br> }<br> }<br> Module: Linked to sub-module rlm_eap_ttls<br> Module: Instantiating eap-ttls<br> ttls {<br> default_eap_type = "md5"<br>
copy_request_to_tunnel = no<br> use_tunneled_reply = no<br> virtual_server = "inner-tunnel"<br> include_length = yes<br> }<br> Module: Linked to sub-module rlm_eap_peap<br> Module: Instantiating eap-peap<br>
peap {<br> default_eap_type = "mschapv2"<br> copy_request_to_tunnel = no<br> use_tunneled_reply = no<br> proxy_tunneled_request_as_eap = yes<br> virtual_server = "inner-tunnel"<br>
}<br> Module: Linked to sub-module rlm_eap_mschapv2<br> Module: Instantiating eap-mschapv2<br> mschapv2 {<br> with_ntdomain_hack = no<br> }<br> Module: Checking authorize {...} for more modules to load<br> Module: Linked to module rlm_realm<br>
Module: Instantiating module "suffix" from file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/modules/realm">/modules/realm</a><br> realm suffix {<br> format = "suffix"<br>
delimiter = "@"<br> ignore_default = no<br> ignore_null = no<br> }<br> Module: Linked to module rlm_files<br> Module: Instantiating module "files" from file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/modules/files">/modules/files</a><br>
files {<br> usersfile = "/etc/freeradius/users"<br> acctusersfile = "/etc/freeradius/acct_users"<br> preproxy_usersfile = "/etc/freeradius/preproxy_users"<br> compat = "no"<br>
}<br> Module: Checking session {...} for more modules to load<br> Module: Linked to module rlm_radutmp<br> Module: Instantiating module "radutmp" from file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/modules/radutmp">/modules/radutmp</a><br>
radutmp {<br> filename = "/var/log/freeradius/radutmp"<br> username = "%{User-Name}"<br> case_sensitive = yes<br> check_with_nas = yes<br> perm = 384<br> callerid = yes<br>
}<br> Module: Checking post-proxy {...} for more modules to load<br> Module: Checking post-auth {...} for more modules to load<br> Module: Linked to module rlm_attr_filter<br> Module: Instantiating module "attr_filter.access_reject" from file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/modules/attr_filter">/modules/attr_filter</a><br>
attr_filter attr_filter.access_reject {<br> attrsfile = "/etc/freeradius/attrs.access_reject"<br> key = "%{User-Name}"<br> }<br> } # modules<br>} # server<br>server { # from file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/radiusd.conf">/radiusd.conf</a><br>
modules {<br> Module: Checking authenticate {...} for more modules to load<br> Module: Linked to module rlm_digest<br> Module: Instantiating module "digest" from file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/modules/digest">/modules/digest</a><br>
Module: Checking authorize {...} for more modules to load<br> Module: Linked to module rlm_preprocess<br> Module: Instantiating module "preprocess" from file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/modules/preprocess">/modules/preprocess</a><br>
preprocess {<br> huntgroups = "/etc/freeradius/huntgroups"<br> hints = "/etc/freeradius/hints"<br> with_ascend_hack = no<br> ascend_channels_per_line = 23<br> with_ntdomain_hack = no<br>
with_specialix_jetstream_hack = no<br> with_cisco_vsa_hack = no<br> with_alvarion_vsa_hack = no<br> }<br> Module: Linked to module rlm_sql<br> Module: Instantiating module "sql" from file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/sql.conf">/sql.conf</a><br>
sql {<br> driver = "rlm_sql_mysql"<br> server = "localhost"<br> port = ""<br> login = "radius"<br> password = "radpass"<br> radius_db = "radius"<br>
read_groups = yes<br> sqltrace = no<br> sqltracefile = "/var/log/freeradius/sqltrace.sql"<br> readclients = no<br> deletestalesessions = yes<br> num_sql_socks = 5<br> lifetime = 0<br>
max_queries = 0<br> sql_user_name = "%{User-Name}"<br> default_user_profile = ""<br> nas_query = "SELECT id, nasname, shortname, type, secret, server FROM nas"<br>
authorize_check_query = "SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id"<br> authorize_reply_query = "SELECT id, username, attribute, value, op FROM radreply WHERE username = '%{SQL-User-Name}' ORDER BY id"<br>
authorize_group_check_query = "SELECT id, groupname, attribute, Value, op FROM radgroupcheck WHERE groupname = '%{Sql-Group}' ORDER BY id"<br> authorize_group_reply_query = "SELECT id, groupname, attribute, value, op FROM radgroupreply WHERE groupname = '%{Sql-Group}' ORDER BY id"<br>
accounting_onoff_query = " UPDATE radacct SET acctstoptime = '%S', acctsessiontime = unix_timestamp('%S') - unix_timestamp(acctstarttime), acctterminatecause = '%{Acct-Terminate-Cause}', acctstopdelay = %{%{Acct-Delay-Time}:-0} WHERE acctstoptime IS NULL AND nasipaddress = '%{NAS-IP-Address}' AND acctstarttime <= '%S'"<br>
accounting_update_query = " UPDATE radacct SET framedipaddress = '%{Framed-IP-Address}', acctsessiontime = '%{Acct-Session-Time}', acctinputoctets = '%{%{Acct-Input-Gigawords}:-0}' << 32 | '%{%{Acct-Input-Octets}:-0}', acctoutputoctets = '%{%{Acct-Output-Gigawords}:-0}' << 32 | '%{%{Acct-Output-Octets}:-0}' WHERE acctsessionid = '%{Acct-Session-Id}' AND username = '%{SQL-User-Name}' AND nasipaddress = '%{NAS-IP-Address}'"<br>
accounting_update_query_alt = " INSERT INTO radacct (acctsessionid, acctuniqueid, username, realm, nasipaddress, nasportid, nasporttype, acctstarttime, acctsessiontime, acctauthentic, connectinfo_start, acctinputoctets, acctoutputoctets, calledstationid, callingstationid, servicetype, framedprotocol, framedipaddress, acctstartdelay, xascendsessionsvrkey) VALUES ('%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}', '%{SQL-User-Name}', '%{Realm}', '%{NAS-IP-Address}', '%{NAS-Port}', '%{NAS-Port-Type}', DATE_SUB('%S', INTERVAL (%{%{Acct-Session-Time}:-0} + %{%{Acct-Delay-Time}:-0}) SECOND), '%{Acct-Session-Time}', '%{Acct-Authentic}', '', '%{%{Acct-Input-Gigawords}:-0}' << 32 | '%{%{Acct-Input-Octets}:-0}', '%{%{Acct-Output-Gigawords}:-0}' << 32 | '%{%{Acct-Output-Octets}:-0}', '%{Called-Station-Id}', '%{Calling-Station-Id}', '%{Service-Type}', '%{Framed-Protocol}', '%{Framed-IP-Address}', '0', '%{X-Ascend-Session-Svr-Key}')"<br>
accounting_start_query = " INSERT INTO radacct (acctsessionid, acctuniqueid, username, realm, nasipaddress, nasportid, nasporttype, acctstarttime, acctstoptime, acctsessiontime, acctauthentic, connectinfo_start, connectinfo_stop, acctinputoctets, acctoutputoctets, calledstationid, callingstationid, acctterminatecause, servicetype, framedprotocol, framedipaddress, acctstartdelay, acctstopdelay, xascendsessionsvrkey) VALUES ('%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}', '%{SQL-User-Name}', '%{Realm}', '%{NAS-IP-Address}', '%{NAS-Port}', '%{NAS-Port-Type}', '%S', NULL, '0', '%{Acct-Authentic}', '%{Connect-Info}', '', '0', '0', '%{Called-Station-Id}', '%{Calling-Station-Id}', '', '%{Service-Type}', '%{Framed-Protocol}', '%{Framed-IP-Address}', '%{%{Acct-Delay-Time}:-0}', '0', '%{X-Ascend-Session-Svr-Key}')"<br>
accounting_start_query_alt = " UPDATE radacct SET acctstarttime = '%S', acctstartdelay = '%{%{Acct-Delay-Time}:-0}', connectinfo_start = '%{Connect-Info}' WHERE acctsessionid = '%{Acct-Session-Id}' AND username = '%{SQL-User-Name}' AND nasipaddress = '%{NAS-IP-Address}'"<br>
accounting_stop_query = " UPDATE radacct SET acctstoptime = '%S', acctsessiontime = '%{Acct-Session-Time}', acctinputoctets = '%{%{Acct-Input-Gigawords}:-0}' << 32 | '%{%{Acct-Input-Octets}:-0}', acctoutputoctets = '%{%{Acct-Output-Gigawords}:-0}' << 32 | '%{%{Acct-Output-Octets}:-0}', acctterminatecause = '%{Acct-Terminate-Cause}', acctstopdelay = '%{%{Acct-Delay-Time}:-0}', connectinfo_stop = '%{Connect-Info}' WHERE acctsessionid = '%{Acct-Session-Id}' AND username = '%{SQL-User-Name}' AND nasipaddress = '%{NAS-IP-Address}'"<br>
accounting_stop_query_alt = " INSERT INTO radacct (acctsessionid, acctuniqueid, username, realm, nasipaddress, nasportid, nasporttype, acctstarttime, acctstoptime, acctsessiontime, acctauthentic, connectinfo_start, connectinfo_stop, acctinputoctets, acctoutputoctets, calledstationid, callingstationid, acctterminatecause, servicetype, framedprotocol, framedipaddress, acctstartdelay, acctstopdelay) VALUES ('%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}', '%{SQL-User-Name}', '%{Realm}', '%{NAS-IP-Address}', '%{NAS-Port}', '%{NAS-Port-Type}', DATE_SUB('%S', INTERVAL (%{%{Acct-Session-Time}:-0} + %{%{Acct-Delay-Time}:-0}) SECOND), '%S', '%{Acct-Session-Time}', '%{Acct-Authentic}', '', '%{Connect-Info}', '%{%{Acct-Input-Gigawords}:-0}' << 32 | '%{%{Acct-Input-Octets}:-0}', '%{%{Acct-Output-Gigawords}:-0}' << 32 | '%{%{Acct-Output-Octets}:-0}', '%{Called-Station-Id}', '%{Calling-Station-Id}', '%{Acct-Terminate-Cause}', '%{Service-Type}', '%{Framed-Protocol}', '%{Framed-IP-Address}', '0', '%{%{Acct-Delay-Time}:-0}')"<br>
group_membership_query = "SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority"<br> connect_failure_retry_delay = 60<br> simul_count_query = ""<br>
simul_verify_query = "SELECT radacctid, acctsessionid, username, nasipaddress, nasportid, framedipaddress, callingstationid, framedprotocol FROM radacct WHERE username = '%{SQL-User-Name}' AND acctstoptime IS NULL"<br>
postauth_query = "INSERT INTO radpostauth (username, pass, reply, authdate) VALUES ( '%{User-Name}', '%{%{User-Password}:-%{Chap-Password}}', '%{reply:Packet-Type}', '%S')"<br>
safe-characters = "@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_: /"<br> }<br>rlm_sql (sql): Driver rlm_sql_mysql (module rlm_sql_mysql) loaded and linked<br>rlm_sql (sql): Attempting to connect to root@localhost:/radius<br>
rlm_sql (sql): starting 0<br>rlm_sql (sql): Attempting to connect rlm_sql_mysql #0<br>rlm_sql_mysql: Starting connect to MySQL server for #0<br>rlm_sql (sql): Connected new DB handle, #0<br>rlm_sql (sql): starting 1<br>rlm_sql (sql): Attempting to connect rlm_sql_mysql #1<br>
rlm_sql_mysql: Starting connect to MySQL server for #1<br>rlm_sql (sql): Connected new DB handle, #1<br>rlm_sql (sql): starting 2<br>rlm_sql (sql): Attempting to connect rlm_sql_mysql #2<br>rlm_sql_mysql: Starting connect to MySQL server for #2<br>
rlm_sql (sql): Connected new DB handle, #2<br>rlm_sql (sql): starting 3<br>rlm_sql (sql): Attempting to connect rlm_sql_mysql #3<br>rlm_sql_mysql: Starting connect to MySQL server for #3<br>rlm_sql (sql): Connected new DB handle, #3<br>
rlm_sql (sql): starting 4<br>rlm_sql (sql): Attempting to connect rlm_sql_mysql #4<br>rlm_sql_mysql: Starting connect to MySQL server for #4<br>rlm_sql (sql): Connected new DB handle, #4<br> Module: Checking preacct {...} for more modules to load<br>
Module: Linked to module rlm_acct_unique<br> Module: Instantiating module "acct_unique" from file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/modules/acct_unique">/modules/acct_unique</a><br>
acct_unique {<br> key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port"<br> }<br> Module: Checking accounting {...} for more modules to load<br> Module: Linked to module rlm_detail<br>
Module: Instantiating module "detail" from file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/modules/detail">/modules/detail</a><br> detail {<br> detailfile = "/var/log/freeradius/radacct/%{Client-IP-Address}/detail-%Y%m%d"<br>
header = "%t"<br> detailperm = 384<br> dirperm = 493<br> locking = no<br> log_packet_header = no<br> }<br> Module: Instantiating module "attr_filter.accounting_response" from file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/modules/attr_filter">/modules/attr_filter</a><br>
attr_filter attr_filter.accounting_response {<br> attrsfile = "/etc/freeradius/attrs.accounting_response"<br> key = "%{User-Name}"<br> }<br> Module: Checking session {...} for more modules to load<br>
Module: Checking post-proxy {...} for more modules to load<br> Module: Checking post-auth {...} for more modules to load<br> } # modules<br>} # server<br>radiusd: #### Opening IP addresses and Ports ####<br>listen {<br>
type = "auth"<br>
ipaddr = *<br> port = 0<br>}<br>listen {<br> type = "acct"<br> ipaddr = *<br> port = 0<br>}<br>listen {<br> type = "auth"<br> ipaddr = 127.0.0.1<br> port = 18120<br>
}<br>Listening on authentication address * port 1812<br>Listening on accounting address * port 1813<br>Listening on authentication address 127.0.0.1 port 18120 as server inner-tunnel<br>Listening on proxy address * port 1814<br>
Ready to process requests.<br>rad_recv: Access-Request packet from host 213.186.50.98 port 47026, id=113, length=57<br> User-Name = "user1"<br> CHAP-Password = 0x7104a64526171941a63bdee5dd7f4d8760<br>
NAS-IP-Address = 127.0.0.1<br> NAS-Port = 1812<br># Executing section authorize from file <a style="color:rgb(52,101,164)" href="/etc/">/etc/</a><a style="color:rgb(52,101,164)" href="/sites-enabled/default">/sites-enabled/default</a><br>
+- entering group authorize {...}<br>++[preprocess] returns ok<br>Segmentation fault<br></div><div><br></div><div>---------------------------------------------------------------------------------------------------------------------------------</div>
<div><br></div><div><br></div><div><br></div></div></div>