FreeRadius 1.1.0-pre0 on OpenBSD
Vincent Bernat
bernat at luffy.cx
Thu Dec 29 01:15:07 CET 2005
Hi !
I succeed in compiling cleanly Freeradius 1.1.0-pre0 on OpenBSD 3.8
with the following configure :
./configure --with-rlm_ldap --without-rlm_krb5 \
--without-rlm_acct_unique --without-rlm_otp \
--without-rlm_perl --enable-shared=no --enable-debug
Freeradius starts fine. I try to do PEAP authentication but then
Freeradius segfaults :
[...]
rad_recv: Access-Request packet from host 138.231.141.222:2050, id=0, length=173
User-Name = "steve"
NAS-IP-Address = 138.231.141.222
Called-Station-Id = "0014bf2f3eb5"
Calling-Station-Id = "00306526e4e0"
NAS-Identifier = "0014bf2f3eb5"
NAS-Port = 34
Framed-MTU = 1400
State = 0x5d72cc5f52f81774f1e5bf1a75d99195
NAS-Port-Type = Wireless-802.11
EAP-Message = 0x0208002a1900170301001fa547984d5e50c6234839710cb5afe897a3033acdcf0d198a5b8b2cee149bdf
Message-Authenticator = 0xd21e950adad5ec474294ff09906adf03
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 8
modcall[authorize]: module "preprocess" returns ok for request 8
modcall[authorize]: module "chap" returns noop for request 8
modcall[authorize]: module "mschap" returns noop for request 8
rlm_realm: No '@' in User-Name = "steve", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 8
rlm_eap: EAP packet type response id 8 length 42
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 8
users: Matched entry steve at line 5
modcall[authorize]: module "files" returns ok for request 8
modcall: leaving group authorize (returns updated) for request 8
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 8
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
eaptls_verify returned 7
rlm_eap_tls: Done initial handshake
eaptls_process returned 7
rlm_eap_peap: EAPTLS_OK
rlm_eap_peap: Session established. Decoding tunneled attributes.
rlm_eap_peap: Received EAP-TLV response.
rlm_eap_peap: Tunneled data is valid.
rlm_eap_peap: Success
rlm_eap: Freeing handler
modcall[authenticate]: module "eap" returns ok for request 8
modcall: leaving group authenticate (returns ok) for request 8
Sending Access-Accept of id 0 to 138.231.141.222 port 2050
MS-MPPE-Recv-Key = 0x07903df33fbfac78c62a677bd381cda4a3e33adb7c7bbab591f1f7b54e78f16d
zsh: segmentation fault (core dumped) HISTFILE=$HISTFILE-root ZDOTDIR=~ sudo /usr/local/sbin/radiusd -X -A
I have the original configuration files with EAP defaulting to PEAP
and TLS enabled. Here is the backtrace from gdb :
(gdb) bt
#0 0x06fdcbb6 in memset () from /usr/lib/libc.so.38.2
#1 0x80601740 in ?? ()
#2 0x1c03c33f in make_tunnel_passwd (
output=0xf5bdcac1, outlen=0x0,
input=0x0, inlen=32, secret=0x0, vector=0x0) at radius.c:256
#3 0x00000000 in ?? ()
If I look at line 256, I see this :
memset(passwd + 3 + inlen, 0, sizeof(passwd) - 3 - inlen);
However, passwd is defined as :
uint8_t passwd[AUTH_VECTOR_LEN + AUTH_PASS_LEN];
It is 16 + 16 = 32 bytes long. passwd + 3 + inlen is then outside
passwd. I have tried to make passwd 259 bytes long to avoid
segmentation fault but I get this :
Sending Access-Accept of id 0 to 138.231.141.222 port 2050
MS-MPPE-Recv-Key = 0x64ab77b394aac0e36fec6b33df71b9cdd2d93356d7574cd548026938b21240af
MS-MPPE-Send-Key = 0xddb31798589e6c89b3e60a428483012bb867fd2182aeb0375b36637998cf239f
EAP-Message = 0x031a0004
Message-Authenticator = 0x00000000000000000000000000000000
User-Name = "steve"
The NAS seems unhappy with such an answer, maybe because of the
Message-Authenticator which is empty. I have also tried to only uses
16 first bytes of input with no change...
--
/*
* Hash table gook..
*/
2.4.0-test2 /usr/src/linux/fs/buffer.c
More information about the Freeradius-Users
mailing list