On 06/12/12 15:20, Alan DeKok wrote:
Matt Richards wrote:
Hello,
I have got radius setup to authenticate wireless clients using MS-CHAP and everything works correctly if the entered user / pass is correct.
If the password is wrong, however, I get a buffer overflow error and radiusd dies.
You probably set the "retry_msg" to a very long string.
I did have a retry_msg which was left as the default value of retry_msg = "Re-enter (or reset) the password" After I commented out this line the problem went away. Thanks for your help. I'm guessing this shouldn't crash with the example config? maybe the mschap stuff bloats the reply too much?
*** buffer overflow detected ***: radiusd terminated ======= Backtrace: =========
Reading doc/bugs would help here.
I can replicate this issue with radtest.
Do you have a minimal config which could help?
Does anybody know why this might be happening? If you require any additional info please let me know. One thing I was thinking about trying it going back a few versions of ntlm_auth and tring again. Its interesting how I don't seem to be able to find any information relating to this on the Internet.
The error path here is very small. i.e. ~15 lines of code.
Running the server under "valgrind" would help, too. But first build it with debugging symbols.
Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html