possible bug on HUP (2.1.6)
Stefan Winter
stefan.winter at restena.lu
Wed Jul 15 09:48:14 CEST 2009
Hi,
after upgrading my FreeRADIUS installation to 2.1.6, I tried SIGHUP and
got a SIGSEGV back :-/
It didn't happen immediately, but only after the next auth attempt was
processed. I have attached my virtual server "Monitoring" - this is the
spot in the server where I changed something; the password for this
User-Name was changed. Before changing that password and HUPing, auth
worked consistently.
I attached with gdb to find out what's wrong, the bt is at the end: it
failed while xlat'ing User-Name for an sql relay. That's really
surprising because I didn't change the User-Name, only the control item
Cleartext-Password.
Greetings,
Stefan Winter
######### virtual server config
server Monitoring {
authorize {
update request {
RESTENA-Service-Type := "Nagios-Monitoring"
}
if ( User-Name == "testuser.monitor at testrealm.lu" ) {
update control {
Cleartext-Password := "obfuscated" <------------
this is what I changed
}
}
auth_log
# users.Nagios
pap
}
authenticate {
pap
}
preacct {
}
accounting {
}
session {
}
post-auth {
reply_log
sql_relay_main
Post-Auth-Type REJECT {
reply_log
sql_relay_main
}
}
pre-proxy {
}
post-proxy {
}
}
########### gdb session with bt
Program received signal SIGHUP, Hangup.
0xb7f9a424 in __kernel_vsyscall ()
(gdb) c
Continuing.
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0xb79d4b90 (LWP 7097)]
0xb7c48073 in strchr () from /lib/libc.so.6
(gdb) bt
#0 0xb7c48073 in strchr () from /lib/libc.so.6
#1 0xb71bae13 in sql_escape_func (out=0xb79d27d0 "", outlen=3964,
in=0xb79d1d34 "testuser.monitor at testrealm.lu") at rlm_sql_log.c:160
#2 0x08067a42 in valuepair2str (out=0xb79d27d0 "", outlen=3964,
pair=0x8d0c3b8, type=0, func=0xb71bad80 <sql_escape_func>) at xlat.c:72
#3 0x08069532 in xlat_packet (instance=0x807d9a4, request=0x8d0bcb0,
fmt=0xb79d2414 "User-Name", out=0xb79d27d0 "", outlen=3964,
func=0xb71bad80 <sql_escape_func>) at xlat.c:383
#4 0x08068887 in radius_xlat (out=0xb79d274c "INSERT INTO radpostauth",
' ' <repeats 37 times>, "(id, user, pass, reply, date)", ' ' <repeats 30
times>, "VALUES ('', '", outlen=4096,
fmt=0x8d0d568 "INSERT INTO radpostauth", ' ' <repeats 37 times>,
"(id, user, pass, reply, date)", ' ' <repeats 30 times>, "VALUES ('',
'%{User-Name}', '%{RESTENA-Service-Type}', '%{reply:Packet-Type}', '%"...,
request=0x8d0bcb0, func=0xb71bad80 <sql_escape_func>) at xlat.c:911
#5 0xb71bac38 in sql_xlat_query (inst=0xb79d261e, request=0x8d0bcb0,
query=0x8d0d568 "INSERT INTO radpostauth", ' ' <repeats 37 times>,
"(id, user, pass, reply, date)", ' ' <repeats 30 times>, "VALUES ('',
'%{User-Name}', '%{RESTENA-Service-Type}', '%{reply:Packet-Type}', '%"...,
xlat_query=0xb79d274c "INSERT INTO radpostauth", ' ' <repeats 37
times>, "(id, user, pass, reply, date)", ' ' <repeats 30 times>, "VALUES
('', '", len=4096) at rlm_sql_log.c:258
#6 0xb71bb187 in sql_log_postauth (instance=0x8c53a40,
request=0x8d0bcb0) at rlm_sql_log.c:398
#7 0x08062bd8 in modcall (component=7, c=0x8d2af90, request=0x8d0bcb0)
at modcall.c:286
#8 0x0805f782 in indexed_modcall (comp=7, idx=13835320,
request=0x8d0bcb0) at modules.c:631
#9 0x0805f89c in module_post_auth (postauth_type=13835320,
request=0x8d0bcb0) at modules.c:1452
#10 0x0804ee17 in rad_postauth (request=0x8d0bcb0) at auth.c:410
#11 0x0806d14d in request_post_handler (request=0x8d0bcb0) at event.c:2333
#12 0x0806d5b3 in radius_handle_request (request=0x8d0bcb0,
fun=0x804ee60 <rad_authenticate>) at event.c:3652
#13 0x08065760 in request_handler_thread (arg=0x8ce21d8) at threads.c:492
#14 0xb7f2f1b5 in start_thread () from /lib/libpthread.so.0
#15 0xb7ca638e in clone () from /lib/libc.so.6
(gdb)
--
Stefan WINTER
Ingenieur de Recherche
Fondation RESTENA - Réseau Téléinformatique de l'Education Nationale et de la Recherche
6, rue Richard Coudenhove-Kalergi
L-1359 Luxembourg
Tel: +352 424409 1
Fax: +352 422473
More information about the Freeradius-Devel
mailing list