Crash in FR with no secret defined for a realm
Stefan Paetow
Stefan.Paetow at jisc.ac.uk
Wed Apr 1 15:43:38 CEST 2015
I don't think *this* is supposed to happen!
:-/
Copyright (C) 1999-2015 The FreeRADIUS server project and contributors
There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE
You may redistribute copies of FreeRADIUS under the terms of the
GNU General Public License
For more information about these matters, see the file named COPYRIGHT
Starting - reading configuration files ...
including dictionary file /usr/share/freeradius/dictionary
including dictionary file /usr/share/freeradius/dictionary.dhcp
including dictionary file /usr/share/freeradius/dictionary.vqp
including dictionary file /etc/raddb/dictionary
including configuration file /etc/raddb/radiusd.conf
including configuration file /etc/raddb/proxy.conf
including configuration file /etc/raddb/clients.conf
including files in directory /etc/raddb/mods-enabled/
including configuration file /etc/raddb/mods-enabled/expiration
including configuration file /etc/raddb/mods-enabled/echo
including configuration file /etc/raddb/mods-enabled/exec
including configuration file /etc/raddb/mods-enabled/always
including configuration file /etc/raddb/mods-enabled/sradutmp
including configuration file /etc/raddb/mods-enabled/attr_filter
including configuration file /etc/raddb/mods-enabled/utf8
including configuration file /etc/raddb/mods-enabled/digest
including configuration file /etc/raddb/mods-enabled/unpack
including configuration file /etc/raddb/mods-enabled/dynamic_clients
including configuration file /etc/raddb/mods-enabled/logintime
including configuration file /etc/raddb/mods-enabled/preprocess
including configuration file /etc/raddb/mods-enabled/pap
including configuration file /etc/raddb/mods-enabled/soh
including configuration file /etc/raddb/mods-enabled/chap
including configuration file /etc/raddb/mods-enabled/dhcp
including configuration file /etc/raddb/mods-enabled/linelog
including configuration file /etc/raddb/mods-enabled/expr
including configuration file /etc/raddb/mods-enabled/radutmp
including configuration file /etc/raddb/mods-enabled/ntlm_auth
including configuration file /etc/raddb/mods-enabled/mschap
including configuration file /etc/raddb/mods-enabled/realm
including configuration file /etc/raddb/mods-enabled/passwd
including configuration file /etc/raddb/mods-enabled/abfab_psk_sql
including configuration file /etc/raddb/mods-enabled/eap
including configuration file /etc/raddb/mods-enabled/detail.log
including configuration file /etc/raddb/mods-enabled/detail
including configuration file /etc/raddb/mods-enabled/unix
including configuration file /etc/raddb/mods-enabled/replicate
including configuration file /etc/raddb/mods-enabled/files
including configuration file /etc/raddb/mods-enabled/cache_eap
including files in directory /etc/raddb/policy.d/
including configuration file /etc/raddb/policy.d/filter
including configuration file /etc/raddb/policy.d/accounting
including configuration file /etc/raddb/policy.d/cui
including configuration file /etc/raddb/policy.d/dhcp
including configuration file /etc/raddb/policy.d/control
including configuration file /etc/raddb/policy.d/abfab-tr
including configuration file /etc/raddb/policy.d/canonicalization
including configuration file /etc/raddb/policy.d/eap
including configuration file /etc/raddb/policy.d/debug
including configuration file /etc/raddb/policy.d/operator-name
including files in directory /etc/raddb/sites-enabled/
including configuration file /etc/raddb/sites-enabled/default
including configuration file /etc/raddb/sites-enabled/abfab-tr-idp
including configuration file /etc/raddb/sites-enabled/channel_bindings
including configuration file /etc/raddb/sites-enabled/inner-tunnel
including configuration file /etc/raddb/sites-enabled/abfab-tls
main {
name = "radiusd"
prefix = "/usr"
localstatedir = "/var"
sbindir = "/usr/sbin"
logdir = "/var/log/radius"
run_dir = "/var/run/radiusd"
libdir = "/usr/lib64/freeradius"
radacctdir = "/var/log/radius/radacct"
hostname_lookups = no
max_request_time = 30
cleanup_delay = 5
max_requests = 1024
pidfile = "/var/run/radiusd/radiusd.pid"
checkrad = "/usr/sbin/checkrad"
debug_level = 0
proxy_requests = yes
log {
stripped_names = no
auth = no
auth_badpass = no
auth_goodpass = no
colourise = yes
msg_denied = "You are already logged in - access denied"
}
resources {
}
security {
max_attributes = 200
reject_delay = 1.000000
status_server = yes
allow_vulnerable_openssl = "yes"
}
}
radiusd: #### Loading Realms and Home Servers ####
proxy server {
retry_delay = 5
retry_count = 3
default_fallback = no
dead_time = 120
wake_all_if_all_dead = no
}
home_server localhost {
ipaddr = 127.0.0.1
port = 1812
type = "auth"
secret = <<< secret >>>
response_window = 20.000000
response_timeouts = 1
max_outstanding = 65536
zombie_period = 40
status_check = "status-server"
ping_interval = 30
check_interval = 30
check_timeout = 4
num_answers_to_alive = 3
revive_interval = 120
limit {
max_connections = 16
max_requests = 0
lifetime = 0
idle_timeout = 0
}
coa {
irt = 2
mrt = 16
mrc = 5
mrd = 30
}
}
home_server main-idp65x64_localdomain {
ipaddr = 192.168.213.24
port = 2083
type = "auth"
proto = "tcp"
secret = <<< secret >>>
response_window = 30.000000
response_timeouts = 1
max_outstanding = 65536
zombie_period = 40
status_check = "none"
ping_interval = 30
check_timeout = 4
num_answers_to_alive = 3
revive_interval = 300
limit {
max_connections = 16
max_requests = 0
lifetime = 0
idle_timeout = 0
}
coa {
irt = 2
mrt = 16
mrc = 5
mrd = 30
}
}
tls {
rsa_key_exchange = no
dh_key_exchange = yes
rsa_key_length = 512
dh_key_length = 512
verify_depth = 0
ca_path = "/etc/raddb/certs"
pem_file_type = yes
private_key_file = "/etc/raddb/certs/client.pem"
certificate_file = "/etc/raddb/certs/client.pem"
ca_file = "/etc/raddb/certs/ca.pem"
private_key_password = <<< secret >>>
dh_file = "/etc/raddb/certs/dh"
random_file = "/etc/raddb/certs/random"
fragment_size = 8192
include_length = yes
check_crl = no
cipher_list = "DEFAULT"
ecdh_curve = "prime256v1"
}
realm main-rp65x64.localdomain {
}
realm LOCAL {
}
realm main-idp65x64.localdomain {
/etc/raddb/proxy.conf[754]: No shared secret supplied for realm:
main-idp65x64.localdomain
} # realm main-idp65x64.localdomain
*** glibc detected *** radiusd: free(): invalid pointer:
0x00000000013a70c0 ***
======= Backtrace: =========
/lib64/libc.so.6[0x3075475e66]
radiusd(realms_init+0x82c)[0x437b0c]
radiusd(main_config_init+0x77b)[0x41c80b]
radiusd(main+0x399)[0x4253c9]
/lib64/libc.so.6(__libc_start_main+0xfd)[0x307541ed5d]
radiusd[0x40e0e9]
======= Memory map: ========
00400000-0045d000 r-xp 00000000 fd:00 552232
/usr/sbin/radiusd
0065d000-00663000 rw-p 0005d000 fd:00 552232
/usr/sbin/radiusd
00663000-00664000 rw-p 00000000 00:00 0
00862000-00869000 rw-p 00062000 fd:00 552232
/usr/sbin/radiusd
01157000-013c3000 rw-p 00000000 00:00 0
[heap]
3075000000-3075020000 r-xp 00000000 fd:00 651116
/lib64/ld-2.12.so
307521f000-3075220000 r--p 0001f000 fd:00 651116
/lib64/ld-2.12.so
3075220000-3075221000 rw-p 00020000 fd:00 651116
/lib64/ld-2.12.so
3075221000-3075222000 rw-p 00000000 00:00 0
3075400000-307558a000 r-xp 00000000 fd:00 651150
/lib64/libc-2.12.so
307558a000-307578a000 ---p 0018a000 fd:00 651150
/lib64/libc-2.12.so
307578a000-307578e000 r--p 0018a000 fd:00 651150
/lib64/libc-2.12.so
307578e000-307578f000 rw-p 0018e000 fd:00 651150
/lib64/libc-2.12.so
307578f000-3075794000 rw-p 00000000 00:00 0
3075800000-3075817000 r-xp 00000000 fd:00 651155
/lib64/libpthread-2.12.so
3075817000-3075a17000 ---p 00017000 fd:00 651155
/lib64/libpthread-2.12.so
3075a17000-3075a18000 r--p 00017000 fd:00 651155
/lib64/libpthread-2.12.so
3075a18000-3075a19000 rw-p 00018000 fd:00 651155
/lib64/libpthread-2.12.so
3075a19000-3075a1d000 rw-p 00000000 00:00 0
3075c00000-3075c02000 r-xp 00000000 fd:00 651305
/lib64/libdl-2.12.so
3075c02000-3075e02000 ---p 00002000 fd:00 651305
/lib64/libdl-2.12.so
3075e02000-3075e03000 r--p 00002000 fd:00 651305
/lib64/libdl-2.12.so
3075e03000-3075e04000 rw-p 00003000 fd:00 651305
/lib64/libdl-2.12.so
3076000000-3076007000 r-xp 00000000 fd:00 651820
/lib64/librt-2.12.so
3076007000-3076206000 ---p 00007000 fd:00 651820
/lib64/librt-2.12.so
3076206000-3076207000 r--p 00006000 fd:00 651820
/lib64/librt-2.12.so
3076207000-3076208000 rw-p 00007000 fd:00 651820
/lib64/librt-2.12.so
3076400000-3076415000 r-xp 00000000 fd:00 653421
/lib64/libz.so.1.2.3
3076415000-3076614000 ---p 00015000 fd:00 653421
/lib64/libz.so.1.2.3
3076614000-3076615000 r--p 00014000 fd:00 653421
/lib64/libz.so.1.2.3
3076615000-3076616000 rw-p 00015000 fd:00 653421
/lib64/libz.so.1.2.3
3076c00000-3076c3a000 r-xp 00000000 fd:00 663661
/lib64/libreadline.so.6.0
3076c3a000-3076e3a000 ---p 0003a000 fd:00 663661
/lib64/libreadline.so.6.0
3076e3a000-3076e42000 rw-p 0003a000 fd:00 663661
/lib64/libreadline.so.6.0
3076e42000-3076e43000 rw-p 00000000 00:00 0
3077000000-307701d000 r-xp 00000000 fd:00 653423
/lib64/libselinux.so.1
307701d000-307721c000 ---p 0001d000 fd:00 653423
/lib64/libselinux.so.1
307721c000-307721d000 r--p 0001c000 fd:00 653423
/lib64/libselinux.so.1
307721d000-307721e000 rw-p 0001d000 fd:00 653423
/lib64/libselinux.so.1
307721e000-307721f000 rw-p 00000000 00:00 0
3077400000-3077416000 r-xp 00000000 fd:00 653411
/lib64/libresolv-2.12.so
3077416000-3077616000 ---p 00016000 fd:00 653411
/lib64/libresolv-2.12.so
3077616000-3077617000 r--p 00016000 fd:00 653411
/lib64/libresolv-2.12.so
3077617000-3077618000 rw-p 00017000 fd:00 653411
/lib64/libresolv-2.12.so
3077618000-307761a000 rw-p 00000000 00:00 0
3077800000-307783d000 r-xp 00000000 fd:00 538624
/usr/lib64/libpcap.so.1.4.0
307783d000-3077a3d000 ---p 0003d000 fd:00 538624
/usr/lib64/libpcap.so.1.4.0
3077a3d000-3077a3f000 rw-p 0003d000 fd:00 538624
/usr/lib64/libpcap.so.1.4.0
3077a3f000-3077a40000 rw-p 00000000 00:00 0
3077c00000-3077c2c000 r-xp 00000000 fd:00 663714
/lib64/libpcre.so.0.0.1
3077c2c000-3077e2b000 ---p 0002c000 fd:00 663714
/lib64/libpcre.so.0.0.1
3077e2b000-3077e2c000 rw-p 0002b000 fd:00 663714
/lib64/libpcre.so.0.0.1
3078c00000-3078c0a000 r-xp 00000000 fd:00 538616
/usr/lib64/libtalloc.so.2.0.7
3078c0a000-3078e09000 ---p 0000a000 fd:00 538616
/usr/lib64/libtalloc.so.2.0.7
3078e09000-3078e0a000 rw-p 00009000 fd:00 538616
/usr/lib64/libtalloc.so.2.0.7
307f000000-307f002000 r-xp 00000000 fd:00 653740
/lib64/libfreebl3.so
307f002000-307f201000 ---p 00002000 fd:00 653740
/lib64/libfreebl3.so
307f201000-307f202000 r--p 00001000 fd:00 653740
/lib64/libfreebl3.so
307f202000-307f203000 rw-p 00002000 fd:00 653740
/lib64/libfreebl3.so
3080000000-3080007000 r-xp 00000000 fd:00 659526
/lib64/libcrypt-2.12.so
3080007000-3080207000 ---p 00007000 fd:00 659526
/lib64/libcrypt-2.12.so
3080207000-3080208000 r--p 00007000 fd:00 659526
/lib64/libcrypt-2.12.so
3080208000-3080209000 rw-p 00008000 fd:00 659526
/lib64/libcrypt-2.12.so
3080209000-3080237000 rw-p 00000000 00:00 0
3080c00000-3080c1d000 r-xp 00000000 fd:00 661285
/lib64/libtinfo.so.5.7
3080c1d000-3080e1d000 ---p 0001d000 fd:00 661285
/lib64/libtinfo.so.5.7
3080e1d000-3080e21000 rw-p 0001d000 fd:00 661285
/lib64/libtinfo.so.5.7
3081000000-3081003000 r-xp 00000000 fd:00 663711
/lib64/libcom_err.so.2.1
3081003000-3081202000 ---p 00003000 fd:00 663711
/lib64/libcom_err.so.2Aborted (core dumped)
Stefan Paetow
Moonshot Industry & Research Liaison Coordinator
t: +44 (0)1235 822 125
gpg: 0x3FCE5142
xmpp: stefanp at jabber.dev.ja.net
skype: stefan.paetow.janet
jisc.ac.uk
Jisc is a registered charity (number 1149740) and a company limited by
guarantee which is registered in England under Company No. 5747339, VAT
No. GB 197 0632 86. JiscĀ¹s registered office is: One Castlepark, Tower
Hill, Bristol, BS2 0JA. T 0203 697 5800.
Jisc Collections and Janet Ltd. is a wholly owned Jisc subsidiary and a
company limited by guarantee which is registered in England under Company
No. number 2881024, VAT No. GB 197 0632 86. The registered office is:
Lumen House, Library Avenue, Harwell, Didcot, Oxfordshire, OX11 0SG. T
01235 822200.
More information about the Freeradius-Devel
mailing list