Stefan Winter <stefan.winter@restena.lu> wrote:
Interesting. This morning I encountered again that radiusd was claiming to be still listening on its ports, but didn't process anything any more. As other logs showed, someone logged into an Access Point via TTLS at 8:22 and at 8:25 the Nagios Monitoring system marked the RADIUS Server as critical. Scan interval for Nagios is every three minutes. So it could very well be that FreeRADIUS stopped processing packets when it tried to do TTLS. Sounds similar to your case, just that it didn't segfault. Note that we usually use TTLS it several times a day, and FreeRADIUS shows this behaviour only sporadically.
That's not nice.
I now reverted to 1.1.0 in the hope that it's better there. The way it is now is... disturbing.
I agree. I don't see why it's the case, either. Maybe the re-arrangement of SSL code from rlm_eap_tls to libeap broke it, but I don't see why. Until we can get more information about what's happening (strace/ktrace, or gdb backtrace), there isn't much anyone can do to fix it. Alan DeKok.