Polish wrote:
Hello,
I tried test FR 3.0.3. During parsing configuration files FR goes down with segmentation fault. I'm using radsec tunnels. Used configuration files are from previous git version.
/usr/sbin/freeradius -C Segmentation fault
(gdb) run Starting program: /usr/sbin/freeradius [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
Program received signal SIGSEGV, Segmentation fault. 0x00007ffff71f5133 in CRYPTO_set_ex_data () from /usr/lib/x86_64-linux-gnu/libcrypto.so.1.0.0 (gdb) bt #0 0x00007ffff71f5133 in CRYPTO_set_ex_data () from /usr/lib/x86_64-linux-gnu/libcrypto.so.1.0.0 #1 0x00000000004331ae in init_tls_ctx (conf=conf@entry=0x821700, client=client@entry=1) at src/main/tls.c:2009
My guess is that SSL_CTX_New() is returning a NULL context. i.e. it can't create one. If you could confirm that with gdb, it would help. I'm not sure how to avoid the problem, but I can add a check which prevents it from crashing.
fragment_size = 8192
Please don't do that. It will very likely not work. That fragment size is larger than the allowed RADIUS packets. The fragment_size should be set to more than 1000 bytes, and less than 4000 bytes. Alan DeKok.