Null pointer deref
Daniel O'Connor
darius at dons.net.au
Tue May 2 01:44:20 CEST 2006
On Monday 01 May 2006 23:01, Alan DeKok wrote:
> "Daniel O'Connor" <darius at dons.net.au> wrote:
> > It appears that in read_radius_conf_file conf_read returns NULL so the
> > cf_section_parse call is never made.
>
> So how did you convince the server to keep running after that? My
> reading of the code indicates that it should exit() if that
> conf_read() returns NULL.
I am not sure :(
Perhaps I am misunderstanding the failure mode.
I've attached my config files if you wish to try and replicate the problem.
I run 'radiusd -X -A' and then test it with..
radtest testuser testpassword localhost 1 password
--
Daniel O'Connor software and network engineer
for Genesis Software - http://www.gsoft.com.au
"The nice thing about standards is that there
are so many of them to choose from."
-- Andrew Tanenbaum
GPG Fingerprint - 5596 B766 97C0 0E94 4347 295E E593 DC20 7B3F CE8C
-------------- next part --------------
DEFAULT Group == "disabled", Auth-Type := Reject
Reply-Message = "Your account has been disabled."
-------------- next part --------------
client 127.0.0.1 {
secret = password
shortname = localhost
nastype = other
}
-------------- next part --------------
#confdir = /usr/local/etc/raddb
eap {
default_eap_type = tls
timer_expire = 60
ignore_unknown_eap_types = no
cisco_accounting_username_bug = no
md5 {
}
tls {
#private_key_password = seekritpassword
private_key_file = ${confdir}/certs/wrt.key
certificate_file = ${confdir}/certs/wrt.crt
CA_file = ${confdir}/certs/ca.crt
dh_file = ${confdir}/certs/dh
random_file = /dev/random
fragment_size = 1024
}
ttls {
default_eap_type = md5
copy_request_to_tunnel = no
use_tunneled_reply = no
}
peap {
default_eap_type = mschapv2
}
mschapv2 {
}
}
-------------- next part --------------
-------------- next part --------------
prefix = /usr/local
exec_prefix = ${prefix}
sysconfdir = ${prefix}/etc
localstatedir = /var
sbindir = ${exec_prefix}/sbin
logdir = /var/log
raddbdir = ${sysconfdir}/raddb
radacctdir = ${logdir}/radacct
confdir = ${raddbdir}
listen {
ipaddr = *
port = 0
type = auth
}
thread pool {
start_servers = 1
max_servers = 4
min_spare_servers = 1
max_spare_servers = 3
max_requests_per_server = 0
}
$INCLUDE ${confdir}/clients.conf
modules {
pap {
encryption_scheme = clear
}
chap {
authtype = CHAP
}
mschap {
authtype = MS-CHAP
with_ntdomain_hack = yes
}
mschapv2 {
}
$INCLUDE ${confdir}/eap.conf
files {
usersfile = ${confdir}/users
compat = no
}
}
authorize {
files
eap
}
authenticate {
eap
}
-------------- next part --------------
DEFAULT Group == "disabled", Auth-Type := Reject
Reply-Message = "Your account has been disabled."
testuser User-Password == "testpassword"
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.freeradius.org/pipermail/freeradius-devel/attachments/20060502/54937f26/attachment.pgp>
More information about the Freeradius-Devel
mailing list