Responding to Matthew (I subscribed with digest enabled, so replying to specific emails is a challenge. Mistake on my part). Revised section of code is: if (status == eDSNoErr) { RDEBUG2("ELW: status == eDSNoErr\n"); if (pStepBuff->fBufferLength > 4) { RDEBUG2("ELW: pStepBuff->fBufferLength > 4\n"); uint32_t len; memcpy(&len, pStepBuff->fBufferData, sizeof(len)); RDEBUG2("ELW: sizeof(len) = %lu\n", sizeof(len)); RDEBUG2("ELW: value of len is %lu\n", len); if (len == 40) { RDEBUG2("ELW: Inside len == 40\n"); char mschap_reply[42] = { '\0' }; pStepBuff->fBufferData[len+4] = '\0'; mschap_reply[0] = 'S'; mschap_reply[1] = '='; memcpy(&(mschap_reply[2]), &(pStepBuff->fBufferData[4]), len); RDEBUG2("About to mschap_add_reply with %s\n", mschap_reply); mschap_add_reply(request, &request->reply->vps, *response->vp_strvalue, "MS-CHAP2-Success", mschap_reply, len+2); RDEBUG2("dsDoDirNodeAuth returns stepbuff: %s (len=%zu)\n", mschap_reply, len); That gets me a bit farther (inside the len == 40 check), but then I get a seg fault in the call to mschap_add_reply: Ready to process requests (0) Received Access-Request Id 62 from 192.168.1.1:44978 to 192.168.1.2:1812 length 132 (0) Service-Type = Framed-User (0) Framed-Protocol = PPP (0) User-Name = "eric" (0) MS-CHAP-Challenge = 0x574ca5b59a8e344553b717024fa20962 (0) MS-CHAP2-Response = 0x3b0091c88b94ecc81c10752a252fd386ca2b0000000000000000a394fdc9ca017ded44b770f4d01a535f3fe7fee7a1f6df4c (0) NAS-IP-Address = 127.0.1.1 (0) NAS-Port = 0 (0) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default (0) authorize { (0) policy filter_username { (0) if (&User-Name) { (0) if (&User-Name) -> TRUE (0) if (&User-Name) { (0) if (&User-Name =~ / /) { (0) if (&User-Name =~ / /) -> FALSE (0) if (&User-Name =~ /@[^@]*@/ ) { (0) if (&User-Name =~ /@[^@]*@/ ) -> FALSE (0) if (&User-Name =~ /\.\./ ) { (0) if (&User-Name =~ /\.\./ ) -> FALSE (0) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) { (0) if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/)) -> FALSE (0) if (&User-Name =~ /\.$/) { (0) if (&User-Name =~ /\.$/) -> FALSE (0) if (&User-Name =~ /@\./) { (0) if (&User-Name =~ /@\./) -> FALSE (0) } # if (&User-Name) = notfound (0) } # policy filter_username = notfound (0) [preprocess] = ok (0) auth_log: EXPAND /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d (0) auth_log: --> /var/log/radius/radacct/192.168.1.1/auth-detail-20181205 (0) auth_log: /var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d expands to /var/log/radius/radacct/192.168.1.1/auth-detail-20181205 (0) auth_log: EXPAND %t (0) auth_log: --> Wed Dec 5 08:30:37 2018 (0) [auth_log] = ok (0) [chap] = noop (0) mschap: Found MS-CHAP attributes. Setting 'Auth-Type = mschap' (0) [mschap] = ok (0) [digest] = noop (0) suffix: Checking for suffix after "@" (0) suffix: No '@' in User-Name = "eric", looking up realm NULL (0) suffix: No such realm "NULL" (0) [suffix] = noop (0) eap: No EAP-Message, not doing EAP (0) [eap] = noop (0) files: users: Matched entry DEFAULT at line 181 (0) [files] = ok (0) opendirectory: The host 192.168.1.1 does not have an access group. (0) [opendirectory] = ok (0) sql: EXPAND %{User-Name} (0) sql: --> eric (0) sql: SQL-User-Name set to 'eric' rlm_sql (sql): Reserved connection (1) (0) sql: EXPAND SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id (0) sql: --> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'eric' ORDER BY id (0) sql: Executing select query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'eric' ORDER BY id (0) sql: EXPAND SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority (0) sql: --> SELECT groupname FROM radusergroup WHERE username = 'eric' ORDER BY priority (0) sql: Executing select query: SELECT groupname FROM radusergroup WHERE username = 'eric' ORDER BY priority (0) sql: User not found in any groups rlm_sql (sql): Released connection (1) Need 4 more connections to reach 10 spares rlm_sql (sql): Opening additional connection (6), 1 of 26 pending slots used rlm_sql_sqlite: Opening SQLite database "/var/db/radius/freeradius.db" (0) [sql] = notfound (0) [expiration] = noop (0) [logintime] = noop (0) pap: WARNING: No "known good" password found for the user. Not setting Auth-Type (0) pap: WARNING: Authentication will fail unless a "known good" password is available (0) [pap] = noop (0) } # authorize = ok (0) Found Auth-Type = mschap (0) # Executing group from file /usr/local/etc/raddb/sites-enabled/default (0) authenticate { (0) mschap: WARNING: No Cleartext-Password configured. Cannot create NT-Password (0) mschap: WARNING: No Cleartext-Password configured. Cannot create LM-Password (0) mschap: No NT-Password configured. Trying OpenDirectory Authentication (0) mschap: OD username_string = eric, OD shortUserName=eric (length = 4) (0) mschap: Stepbuf server challenge : 574cffffffa5ffffffb5ffffff9affffff8e344553ffffffb717024fffffffa20962 (0) mschap: Stepbuf peer challenge : ffffff91ffffffc8ffffff8bffffff94ffffffecffffffc81c10752a252fffffffd3ffffff86ffffffca2b (0) mschap: Stepbuf p24 : ffffffa3ffffff94fffffffdffffffc9ffffffca017dffffffed44ffffffb770fffffff4ffffffd01a535f3fffffffe7fffffffeffffffe7ffffffa1fffffff6ffffffdf4c (0) mschap: ELW: status == eDSNoErr (0) mschap: ELW: pStepBuff->fBufferLength > 4 (0) mschap: ELW: sizeof(len) = 4 (0) mschap: ELW: value of len is 40 (0) mschap: ELW: Inside len == 40 (0) mschap: About to mschap_add_reply with S=B523E9A9A2F00BF04246DD46E1C3BDC1E7F0CA3F???? Segmentation fault: 11 Matthew wrote: On Tue, 2018-12-04 at 22:16 -0500, Eric Wittle wrote:
if (pStepBuff->fBufferLength > 4) { RDEBUG2("ELW: pStepBuff->fBufferLength > 4\n"); size_t len;
I suspect changing that from uint32_t to size_t has had the unintended consequences of making it a 64-bit integer on your platform, which breaks the (len == 40) comparison. Try changing "size_t len" to "uint32_t len" and see if that fixes it.
(0) mschap: ELW: len == 3978992058181353512
The lower 32 bits of this value are "40"... the rest is junk. -- Matthew