FreeRADIUS crashes after EAP/PEAP authentication

Nick Larsen larsen.nick at gmail.com
Thu Aug 31 01:07:45 CEST 2006


Hi,

Thanks for the advice. I recompiled FreeRADIUS with --enable-developer after
my original confugure

Here is my gdb output (my first core trace, so not really sure what to look
out for):
I did notice in the output, just before the backtrace: radlog(L_ERR,
"rlm_eap_tls (%s): xlat failed.",
Could this be the problem?

root at radius02 [/usr/sources/freeradius-1.1.1]# gdb /usr/local/sbin/radiusd
/etc/raddb/radiusd.core
GNU gdb 6.1.1 [FreeBSD]
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain
conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "sparc64-marcel-freebsd"...

warning: exec file is newer than core file.
Core was generated by `radiusd'.
Program terminated with signal 11, Segmentation fault.
Reading symbols from /usr/lib/libc_r.so.6...done.
Loaded symbols for /usr/lib/libc_r.so.6
Reading symbols from /usr/local/lib/libradius-1.1.1.so...done.
Loaded symbols for /usr/local/lib/libradius-1.1.1.so
Reading symbols from /lib/libcrypt.so.3...done.
Loaded symbols for /lib/libcrypt.so.3
Reading symbols from /usr/local/lib/libltdl.so.4...done.
Loaded symbols for /usr/local/lib/libltdl.so.4
Reading symbols from /lib/libc.so.6...done.
Loaded symbols for /lib/libc.so.6
Reading symbols from /usr/local/lib/rlm_exec-1.1.1.so...done.
Loaded symbols for /usr/local/lib/rlm_exec-1.1.1.so
Reading symbols from /usr/local/lib/rlm_expr-1.1.1.so...done.
Loaded symbols for /usr/local/lib/rlm_expr-1.1.1.so
Reading symbols from /usr/local/lib/rlm_sqlcounter-1.1.1.so...done.
Loaded symbols for /usr/local/lib/rlm_sqlcounter-1.1.1.so
Reading symbols from /usr/local/lib/rlm_pap-1.1.1.so...done.
Loaded symbols for /usr/local/lib/rlm_pap-1.1.1.so
Reading symbols from /usr/local/lib/rlm_chap-1.1.1.so...done.
Loaded symbols for /usr/local/lib/rlm_chap-1.1.1.so
Reading symbols from /usr/local/lib/rlm_mschap-1.1.1.so...done.
Loaded symbols for /usr/local/lib/rlm_mschap-1.1.1.so
Reading symbols from /usr/local/lib/libeap-1.1.1.so...done.
Loaded symbols for /usr/local/lib/libeap-1.1.1.so
Reading symbols from /usr/local/lib/rlm_eap-1.1.1.so...done.
Loaded symbols for /usr/local/lib/rlm_eap-1.1.1.so
Reading symbols from /usr/local/lib/rlm_eap_md5-1.1.1.so...done.
Loaded symbols for /usr/local/lib/rlm_eap_md5-1.1.1.so
Reading symbols from /usr/local/lib/rlm_eap_leap-1.1.1.so...done.
Loaded symbols for /usr/local/lib/rlm_eap_leap-1.1.1.so
Reading symbols from /usr/local/lib/rlm_eap_gtc-1.1.1.so...done.
Loaded symbols for /usr/local/lib/rlm_eap_gtc-1.1.1.so
Reading symbols from /usr/local/lib/libcrypto.so...done.
Loaded symbols for /usr/local/lib/libcrypto.so
Reading symbols from /usr/local/lib/libssl.so...done.
Loaded symbols for /usr/local/lib/libssl.so
Reading symbols from /usr/local/lib/rlm_eap_tls-1.1.1.so...done.
Loaded symbols for /usr/local/lib/rlm_eap_tls-1.1.1.so
Reading symbols from /usr/local/lib/rlm_eap_peap-1.1.1.so...done.
Loaded symbols for /usr/local/lib/rlm_eap_peap-1.1.1.so
Reading symbols from /usr/local/lib/rlm_eap_mschapv2-1.1.1.so...done.
Loaded symbols for /usr/local/lib/rlm_eap_mschapv2-1.1.1.so
Reading symbols from /usr/local/lib/rlm_preprocess-1.1.1.so...done.
Loaded symbols for /usr/local/lib/rlm_preprocess-1.1.1.so
Reading symbols from /usr/local/lib/rlm_realm-1.1.1.so...done.
Loaded symbols for /usr/local/lib/rlm_realm-1.1.1.so
Reading symbols from /usr/local/lib/rlm_sql-1.1.1.so...done.
Loaded symbols for /usr/local/lib/rlm_sql-1.1.1.so
Reading symbols from /usr/lib/libm.so...done.
Loaded symbols for /usr/lib/libm.so
Reading symbols from /usr/lib/libz.so...done.
Loaded symbols for /usr/lib/libz.so
Reading symbols from /usr/local/lib/mysql/libmysqlclient_r.so.14...done.
Loaded symbols for /usr/local/lib/mysql/libmysqlclient_r.so.14
Reading symbols from /usr/local/lib/rlm_sql_mysql-1.1.1.so...done.
Loaded symbols for /usr/local/lib/rlm_sql_mysql-1.1.1.so
Reading symbols from /usr/local/lib/rlm_acct_unique-1.1.1.so...done.
Loaded symbols for /usr/local/lib/rlm_acct_unique-1.1.1.so
Reading symbols from /usr/local/lib/rlm_detail-1.1.1.so...done.
Loaded symbols for /usr/local/lib/rlm_detail-1.1.1.so
Reading symbols from /usr/local/lib/libgdbm.so.3...done.
Loaded symbols for /usr/local/lib/libgdbm.so.3
Reading symbols from /usr/local/lib/rlm_counter-1.1.1.so...done.
Loaded symbols for /usr/local/lib/rlm_counter-1.1.1.so
Reading symbols from /usr/local/lib/rlm_unix-1.1.1.so...done.
Loaded symbols for /usr/local/lib/rlm_unix-1.1.1.so
Reading symbols from /usr/local/lib/rlm_radutmp-1.1.1.so...done.
Loaded symbols for /usr/local/lib/rlm_radutmp-1.1.1.so
Reading symbols from /libexec/ld-elf.so.1...done.
Loaded symbols for /libexec/ld-elf.so.1
#0  0x0000000040ff374c in cbtls_verify (ok=45044736, ctx=0x2111) at cb.c:158
158                             radlog(L_ERR, "rlm_eap_tls (%s): xlat
failed.",
(gdb) bt
#0  0x0000000040ff374c in cbtls_verify (ok=45044736, ctx=0x2111) at cb.c:158
#1  0x000000004179ea80 in ssl3_get_client_hello () from
/usr/local/lib/libssl.so
#2  0x00000000417a199c in ssl3_accept () from /usr/local/lib/libssl.so
#3  0x00000000417a8adc in ssl3_read_bytes () from /usr/local/lib/libssl.so
#4  0x00000000417a64b4 in ssl3_read_internal () from
/usr/local/lib/libssl.so
#5  0x00000000417b4a0c in SSL_read () from /usr/local/lib/libssl.so
#6  0x0000000040ff4f48 in eaptls_new_session (ssl_ctx=0x2afc000,
client_cert=64) at tls.c:42
#7  0x0000000040ff3e6c in eaptls_process (handler=0x36fe00) at eap_tls.c:475
#8  0x00000000419d5d14 in __do_global_dtors_aux () from
/usr/local/lib/rlm_eap_peap-1.1.1.so
#9  0x00000000410fd228 in eaptype_load (type=0x357bc0, eap_type=3603968,
cs=0x40) at eap.c:127
#10 0x00000000410fd32c in eaptype_call (atype=0x35c800, handler=0x36fe00) at
eap.c:174
#11 0x00000000410fc8d0 in eap_authenticate (instance=0x35c800,
request=0x373200) at rlm_eap.c:208
#12 0x000000000010c374 in compile_action () at modcall.c:165
#13 0x000000000010c8f8 in modcall (component=0, c=0x357d80,
request=0x373200) at modcall.c:545
#14 0x000000000010c498 in modcall (component=0, c=0x235f80,
request=0x373200) at modcall.c:470
#15 0x00000000001050a8 in rad_check_password (request=0x373200) at auth.c
:367
#16 0x0000000000105600 in rad_authenticate (request=0x373200) at auth.c:662
#17 0x000000000010e1f4 in rad_lowerpair (request=0x118c00, vp=0x105380) at
radiusd.c:1495
#18 0x000000000010f690 in main (argc=45056128, argv=0x373200) at radiusd.c
:365

Here's the actual radiusd debugging from radius-XA to the seg fault:

      1 Starting - reading configuration files ...
      2 reread_config:  reading radiusd.conf
      3 Config:   including file: /etc/raddb/clients.conf
      4 Config:   including file: /etc/raddb/snmp.conf
      5 Config:   including file: /etc/raddb/eap.conf
      6 Config:   including file: /etc/raddb/sql.conf
      7  main: prefix = "/usr/local"
      8  main: localstatedir = "/var"
      9  main: logdir = "/var/log/radius"
     10  main: libdir = "/usr/local/lib"
     11  main: radacctdir = "/var/log/radius/radacct"
     12  main: hostname_lookups = no
     13  main: max_request_time = 30
     14  main: cleanup_delay = 5
     15  main: max_requests = 5120
     16  main: delete_blocked_requests = 0
     17  main: port = 0
     18  main: allow_core_dumps = no
     19  main: log_stripped_names = no
     20  main: log_file = "/var/log/radius/radius.log"
     21  main: log_auth = yes
     22  main: log_auth_badpass = no
     23  main: log_auth_goodpass = no
     24  main: pidfile = "/var/run/radiusd/radiusd.pid"
     25  main: bind_address = 10.10.1.18 IP address [10.10.1.18]
     26  main: user = "(null)"
     27  main: group = "(null)"
     28  main: usercollide = no
     29  main: lower_user = "no"
     30  main: lower_pass = "no"
     31  main: nospace_user = "no"
     32  main: nospace_pass = "no"
     33  main: checkrad = "/usr/local/sbin/checkrad"
     34  main: proxy_requests = no
     35  security: max_attributes = 200
     36  security: reject_delay = 1
     37  security: status_server = no
     38  main: debug_level = 0
     39 read_config_files:  reading dictionary
     40 read_config_files:  reading naslist
     41 Using deprecated naslist file.  Support for this will go away soon.
     42 read_config_files:  reading clients
     43 read_config_files:  reading realms
     44 radiusd:  entering modules setup
     45 Module: Library search path is /usr/local/lib
     46 Module: Loaded exec
     47  exec: wait = yes
     48  exec: program = "(null)"
     49  exec: input_pairs = "request"
     50  exec: output_pairs = "(null)"
     51  exec: packet_type = "(null)"
     52 rlm_exec: Wait=yes but no output defined. Did you mean output=none?
     53 Module: Instantiated exec (exec)
     54 Module: Loaded expr
     55 Module: Instantiated expr (expr)
     56 Module: Loaded SQL Counter
     57  sqlcounter: counter-name = "Daily-Session-Time"
     58  sqlcounter: check-name = "Max-Daily-Session"
     59  sqlcounter: key = "User-Name"
     60  sqlcounter: sqlmod-inst = "sql"
     61  sqlcounter: query = "SELECT SUM(AcctSessionTime -
GREATEST((%b - UNIX_TIMESTAMP(AcctStartTime)), 0))                  FROM
radacct WHERE UserName='%{%k}' AND
UNIX_TIMESTAMP(AcctStartTime) + AcctSessionTime > '%b'"
     62  sqlcounter: reset = "daily"
     63  sqlcounter: safe-characters =
"@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_: /"
     64 rlm_sqlcounter: Counter attribute Daily-Session-Time is number 1830
     65 rlm_sqlcounter: Check attribute Max-Daily-Session is number 1831
     66 rlm_sqlcounter: Current Time: 1156978569 [2006-08-31 10:56:09], Next
reset 1157025600 [2006-09-01 00:00:00]
     67 rlm_sqlcounter: Current Time: 1156978569 [2006-08-31 10:56:09], Prev
reset 1156939200 [2006-08-31 00:00:00]
     68 Module: Instantiated sqlcounter (dailycounter)
     69  sqlcounter: counter-name = "Monthly-Session-Time"
     70  sqlcounter: check-name = "Max-Monthly-Session"
     71  sqlcounter: key = "User-Name"
     72  sqlcounter: sqlmod-inst = "sql"
     73  sqlcounter: query = "SELECT SUM(AcctSessionTime -
GREATEST((%b - UNIX_TIMESTAMP(AcctStartTime)), 0))                  FROM
radacct WHERE UserName='%{%k}' AND
UNIX_TIMESTAMP(AcctStartTime) + AcctSessionTime > '%b'"
     74  sqlcounter: reset = "monthly"
     75  sqlcounter: safe-characters =
"@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_: /"
     76 rlm_sqlcounter: Counter attribute Monthly-Session-Time is number
1832
     77 rlm_sqlcounter: Check attribute Max-Monthly-Session is number 1833
     78 rlm_sqlcounter: Current Time: 1156978569 [2006-08-31 10:56:09], Next
reset 1157025600 [2006-09-01 00:00:00]
     79 rlm_sqlcounter: Current Time: 1156978569 [2006-08-31 10:56:09], Prev
reset 1154347200 [2006-08-01 00:00:00]
     80 Module: Instantiated sqlcounter (monthlycounter)
     81 Module: Loaded PAP
     82  pap: encryption_scheme = "crypt"
     83 Module: Instantiated pap (pap)
     84 Module: Loaded CHAP
     85 Module: Instantiated chap (chap)
     86 Module: Loaded MS-CHAP
     87  mschap: use_mppe = yes
     88  mschap: require_encryption = yes
     89  mschap: require_strong = yes
     90  mschap: with_ntdomain_hack = no
     91  mschap: passwd = "(null)"
     92  mschap: authtype = "MS-CHAP"
     93  mschap: ntlm_auth = "(null)"
     94 Module: Instantiated mschap (mschap)
     95 Module: Loaded eap
     96  eap: default_eap_type = "peap"
     97  eap: timer_expire = 60
     98  eap: ignore_unknown_eap_types = no
     99  eap: cisco_accounting_username_bug = no
    100 rlm_eap: Loaded and initialized type md5
    101 rlm_eap: Loaded and initialized type leap
    102  gtc: challenge = "Password: "
    103  gtc: auth_type = "PAP"
    104 rlm_eap: Loaded and initialized type gtc
    105  tls: rsa_key_exchange = no
    106  tls: dh_key_exchange = yes
    107  tls: rsa_key_length = 512
    108  tls: dh_key_length = 512
    109  tls: verify_depth = 0
    110  tls: CA_path = "(null)"
    111  tls: pem_file_type = yes
    112  tls: private_key_file = "/etc/raddb/certs/cert-srv.pem"
    113  tls: certificate_file = "/etc/raddb/certs/cert-srv.pem"
    114  tls: CA_file = "/etc/raddb/certs/root.pem"
    115  tls: private_key_password = "*******"
    116  tls: dh_file = "/etc/raddb/certs/dh"
    117  tls: random_file = "/etc/raddb/certs/random"
    118  tls: fragment_size = 1024
    119  tls: include_length = yes
    120  tls: check_crl = no
    121  tls: check_cert_cn = "(null)"
    122 rlm_eap_tls: Loading the certificate file as a chain
    123 rlm_eap: Loaded and initialized type tls
    124  peap: default_eap_type = "mschapv2"
    125  peap: copy_request_to_tunnel = no
    126  peap: use_tunneled_reply = no
    127  peap: proxy_tunneled_request_as_eap = yes
    128 rlm_eap: Loaded and initialized type peap
    129  mschapv2: with_ntdomain_hack = no
    130 rlm_eap: Loaded and initialized type mschapv2
    131 Module: Instantiated eap (eap)
    132 Module: Loaded preprocess
    133  preprocess: huntgroups = "/etc/raddb/huntgroups"
    134  preprocess: hints = "/etc/raddb/hints"
    135  preprocess: with_ascend_hack = no
    136  preprocess: ascend_channels_per_line = 23
    137  preprocess: with_ntdomain_hack = no
    138  preprocess: with_specialix_jetstream_hack = no
    139  preprocess: with_cisco_vsa_hack = no
    140 Module: Instantiated preprocess (preprocess)
    141 Module: Loaded realm
    142  realm: format = "suffix"
    143  realm: delimiter = "@"
    144  realm: ignore_default = no
    145  realm: ignore_null = no
    146 Module: Instantiated realm (suffix)
    147 Module: Loaded SQL
    148  sql: driver = "rlm_sql_mysql"
    149  sql: server = "localhost"
    150  sql: port = ""
    151  sql: login = "radius"
    152  sql: password = "p4p3r08"
    153  sql: radius_db = "radius"
    154  sql: acct_table = "radacct"
    155  sql: acct_table2 = "radacct"
    156  sql: authcheck_table = "radcheck"
    157  sql: authreply_table = "radreply"
    158  sql: groupcheck_table = "radgroupcheck"
    159  sql: groupreply_table = "radgroupreply"
    160  sql: usergroup_table = "usergroup"
    161  sql: nas_table = "nas"
    162  sql: dict_table = "dictionary"
    163  sql: sqltrace = no
    164  sql: sqltracefile = "/var/log/radius/sqltrace.sql"
    165  sql: readclients = no
    166  sql: deletestalesessions = yes
    167  sql: num_sql_socks = 5
    168  sql: sql_user_name = "%{User-Name}"
    169  sql: default_user_profile = ""
    170  sql: query_on_not_found = no
    171  sql: authorize_check_query = "SELECT id, UserName, Attribute,
Value, op           FROM radcheck           WHERE Username =
'%{SQL-User-Name}'   ORDER BY id"
    172  sql: authorize_reply_query = "SELECT id, UserName, Attribute,
Value, op           FROM radreply           WHERE Username =
'%{SQL-User-Name}'   ORDER BY id"
    173  sql: authorize_group_check_query = "SELECT radgroupcheck.id,
radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,
radgroupcheck.op  FROM radgroupcheck,usergroup WHERE usergroup.Username =
'%{SQL-User-Name}' AND usergroup.GroupName = radgroupcheck.GroupName ORDER
BY radgroupcheck.id"
    174  sql: authorize_group_reply_query = "SELECT radgroupreply.id,
radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,
radgroupreply.op  FROM radgroupreply,usergroup WHERE usergroup.Username =
'%{SQL-User-Name}' AND usergroup.GroupName = radgroupreply.GroupName ORDER
BY radgroupreply.id"
    175  sql: accounting_onoff_query = "UPDATE radacct SET
AcctStopTime='%S', AcctSessionTime=unix_timestamp('%S') -
unix_timestamp(AcctStartTime), AcctTerminateCause='%{Acct-Terminate-Cause}',
AcctStopDelay = '%{Acct-Delay-Time}' WHERE AcctSessionTime=0 AND
AcctStopTime=0 AND NASIPAddress= '%{NAS-IP-Address}' ANDAcctStartTime <=
'%S'"
    176  sql: accounting_update_query = "UPDATE radacct           SET
FramedIPAddress = '%{Framed-IP-Address}',           AcctSessionTime =
'%{Acct-Session-Time}',           AcctInputOctets =
'%{Acct-Input-Octets}',           AcctOutputOctets =
'%{Acct-Output-Octets}'           WHERE AcctSessionId =
'%{Acct-Session-Id}'           AND UserName = '%{SQL-User-Name}'
AND NASIPAddress= '%{NAS-IP-Address}'"
    177  sql: accounting_update_query_alt = "INSERT into radacct
(AcctSessionId, AcctUniqueId, UserName, Realm, NASIPAddress, NASPortId,
NASPortType, AcctStartTime, AcctSessionTime, AcctAuthentic,
ConnectInfo_start, AcctInputOctets, AcctOutputOctets, CalledStationId,
CallingStationId, ServiceType, FramedProtocol, FramedIPAddress,
AcctStartDelay) values('%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}',
'%{SQL-User-Name}', '%{Realm}', '%{NAS-IP-Address}',
'%{NAS-Port}','%{NAS-Port-Type}', DATE_SUB('%S',INTERVAL
(%{Acct-Session-Time:-0} + %{Acct-Delay-Time:-0}) SECOND),
'%{Acct-Session-Time}', '%{Acct-Authentic}', '', '%{Acct-Input-Octets}',
'%{Acct-Output-Octets}', '%{Called-Station-Id}', '%{Calling-Station-Id}',
'%{Service-Type}', '%{Framed-Protocol}', '%{Framed-IP-Address}', '0')"
    178  sql: accounting_start_query = "INSERT into radacct (AcctSessionId,
AcctUniqueId, UserName, Realm, NASIPAddress, NASPortId, NASPortType,
AcctStartTime, AcctStopTime, AcctSessionTime, AcctAuthentic,
ConnectInfo_start, ConnectInfo_stop, AcctInputOctets, AcctOutputOctets,
CalledStationId, CallingStationId, AcctTerminateCause, ServiceType,
FramedProtocol, FramedIPAddress, AcctStartDelay, AcctStopDelay)
values('%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}',
'%{SQL-User-Name}', '%{Realm}', '%{NAS-IP-Address}', '%{NAS-Port}',
'%{NAS-Port-Type}', '%S', '0', '0', '%{Acct-Authentic}', '%{Connect-Info}',
'', '0', '0', '%{Called-Station-Id}', '%{Calling-Station-Id}', '',
'%{Service-Type}', '%{Framed-Protocol}', '%{Framed-IP-Address}',
'%{Acct-Delay-Time}', '0')"
    179  sql: accounting_start_query_alt = "UPDATE radacct SET AcctStartTime
= '%S', AcctStartDelay = '%{Acct-Delay-Time}', ConnectInfo_start =
'%{Connect-Info}' WHERE AcctSessionId = '%{Acct-Session-Id}' AND UserName =
'%{SQL-User-Name}' AND NASIPAddress = '%{NAS-IP-Address}'"
    180  sql: accounting_stop_query = "UPDATE radacct SET AcctStopTime =
'%S', AcctSessionTime = '%{Acct-Session-Time}', AcctInputOctets =
'%{Acct-Input-Octets}', AcctOutputOctets = '%{Acct-Output-Octets}',
AcctTerminateCause = '%{Acct-Terminate-Cause}', AcctStopDelay =
'%{Acct-Delay-Time}', ConnectInfo_stop = '%{Connect-Info}' WHERE
AcctSessionId = '%{Acct-Session-Id}' AND UserName = '%{SQL-User-Name}' AND
NASIPAddress = '%{NAS-IP-Address}'"
    181  sql: accounting_stop_query_alt = "INSERT into radacct
(AcctSessionId, AcctUniqueId, UserName, Realm, NASIPAddress, NASPortId,
NASPortType, AcctStartTime, AcctStopTime, AcctSessionTime, AcctAuthentic,
ConnectInfo_start, ConnectInfo_stop, AcctInputOctets, AcctOutputOctets,
CalledStationId, CallingStationId,AcctTerminateCause, ServiceType,
FramedProtocol, FramedIPAddress, AcctStartDelay, AcctStopDelay)
values('%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}',
'%{SQL-User-Name}', '%{Realm}', '%{NAS-IP-Address}', '%{NAS-Port}',
'%{NAS-Port-Type}', DATE_SUB('%S', INTERVAL (%{Acct-Session-Time:-0} +
%{Acct-Delay-Time:-0}) SECOND), '%S', '%{Acct-Session-Time}',
'%{Acct-Authentic}', '', '%{Connect-Info}', '%{Acct-Input-Octets}',
'%{Acct-Output-Octets}', '%{Called-Station-Id}', '%{Calling-Station-Id}',
'%{Acct-Terminate-Cause}', '%{Service-Type}', '%{Framed-Protocol}',
'%{Framed-IP-Address}', '0', '%{Acct-Delay-Time}')"
    182  sql: group_membership_query = "SELECT GroupName FROM usergroup
WHERE UserName='%{SQL-User-Name}'"
    183  sql: connect_failure_retry_delay = 60
    184  sql: simul_count_query = ""
    185  sql: simul_verify_query = "SELECT RadAcctId, AcctSessionId,
UserName, NASIPAddress, NASPortId, FramedIPAddress, CallingStationId,
FramedProtocol FROM radacct WHERE UserName='%{SQL-User-Name}' AND
AcctStopTime = 0"
    186  sql: postauth_table = "radpostauth"
    187  sql: postauth_query = "INSERT into radpostauth (id, user, pass,
reply, date) values ('', '%{User-Name}', '%{User-Password:-Chap-Password}',
'%{reply:Packet-Type}', NOW())"
    188  sql: safe-characters =
"@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_: /"
    189 rlm_sql (sql): Driver rlm_sql_mysql (module rlm_sql_mysql) loaded
and linked
    190 rlm_sql (sql): Attempting to connect to radius at localhost:/radius
    191 rlm_sql (sql): starting 0
    192 rlm_sql (sql): Attempting to connect rlm_sql_mysql #0
    193 rlm_sql_mysql: Starting connect to MySQL server for #0
    194 rlm_sql (sql): Connected new DB handle, #0
    195 rlm_sql (sql): starting 1
    196 rlm_sql (sql): Attempting to connect rlm_sql_mysql #1
    197 rlm_sql_mysql: Starting connect to MySQL server for #1
    198 rlm_sql (sql): Connected new DB handle, #1
    199 rlm_sql (sql): starting 2
    200 rlm_sql (sql): Attempting to connect rlm_sql_mysql #2
    201 rlm_sql_mysql: Starting connect to MySQL server for #2
    202 rlm_sql (sql): Connected new DB handle, #2
    203 rlm_sql (sql): starting 3
    204 rlm_sql (sql): Attempting to connect rlm_sql_mysql #3
    205 rlm_sql_mysql: Starting connect to MySQL server for #3
    206 rlm_sql (sql): Connected new DB handle, #3
    207 rlm_sql (sql): starting 4
    208 rlm_sql (sql): Attempting to connect rlm_sql_mysql #4
    209 rlm_sql_mysql: Starting connect to MySQL server for #4
    210 rlm_sql (sql): Connected new DB handle, #4
    211 Module: Instantiated sql (sql)
    212 Module: Loaded Acct-Unique-Session-Id
    213  acct_unique: key = "User-Name, Acct-Session-Id, NAS-IP-Address,
Client-IP-Address, NAS-Port"
    214 Module: Instantiated acct_unique (acct_unique)
    215 Module: Loaded detail
    216  detail: detailfile =
"/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d"
    217  detail: detailperm = 384
    218  detail: dirperm = 493
    219  detail: locking = no
    220 Module: Instantiated detail (localdetail)
    221  detail: detailfile = "/var/log/radius/radacct/detail-radrelay"
    222  detail: detailperm = 384
    223  detail: dirperm = 493
    224  detail: locking = yes
    225 Module: Instantiated detail (relaydetail)
    226 Module: Loaded Counter
    227  counter: filename = "/etc/raddb/db.daily"
    228  counter: key = "User-Name"
    229  counter: reset = "daily"
    230  counter: count-attribute = "Acct-Session-Time"
    231  counter: counter-name = "Daily-Session-Time"
    232  counter: check-name = "Max-Daily-Session"
    233  counter: allowed-servicetype = "Framed-User"
    234  counter: cache-size = 5000
    235 rlm_counter: Counter attribute Daily-Session-Time is number 1830
    236 rlm_counter: Current Time: 1156978569 [2006-08-31 10:56:09], Next
reset 1157025600 [2006-09-01 00:00:00]
    237 Module: Instantiated counter (daily)
    238 Module: Loaded System
    239  unix: cache = no
    240  unix: passwd = "(null)"
    241  unix: shadow = "(null)"
    242  unix: group = "(null)"
    243  unix: radwtmp = "/var/log/radius/radwtmp"
    244  unix: usegroup = no
    245  unix: cache_reload = 600
    246 Module: Instantiated unix (unix)
    247 Module: Loaded radutmp
    248  radutmp: filename = "/var/log/radius/radutmp"
    249  radutmp: username = "%{User-Name}"
    250  radutmp: case_sensitive = yes
    251  radutmp: check_with_nas = yes
    252  radutmp: perm = 384
    253  radutmp: callerid = yes
    254 Module: Instantiated radutmp (radutmp)
    255  radutmp: filename = "/var/log/radius/sradutmp"
    256  radutmp: username = "%{User-Name}"
    257  radutmp: case_sensitive = yes
    258  radutmp: check_with_nas = yes
    259  radutmp: perm = 420
    260  radutmp: callerid = no
    261 Module: Instantiated radutmp (sradutmp)
    262 Listening on authentication 10.10.1.18:1812
    263 Listening on accounting 10.10.1.18:1813
    264 Ready to process requests.
    <--- xDSL Successful Access-Request removed for privacy and brevity --->
    340 Nothing to do.  Sleeping until we see a request.
    341 rad_recv: Access-Request packet from host 10.10.1.199:1812, id=15,
length=73
    342         User-Name = "nick"
    343         Framed-MTU = 1400
    344         NAS-Port-Type = Wireless-802.11
    345         EAP-Message = 0x02010009016e69636b
    346         NAS-IP-Address = 10.10.1.199
    347         Message-Authenticator = 0xd93ffad20468e6c71cdb2103d40a6a59
    348   Processing the authorize section of radiusd.conf
    349 modcall: entering group authorize for request 1
    350   modcall[authorize]: module "preprocess" returns ok for request 1
    351   modcall[authorize]: module "chap" returns noop for request 1
    352   modcall[authorize]: module "mschap" returns noop for request 1
    353     rlm_realm: No '@' in User-Name = "nick", looking up realm NULL
    354     rlm_realm: No such realm "NULL"
    355   modcall[authorize]: module "suffix" returns noop for request 1
    356   rlm_eap: EAP packet type response id 1 length 9
    357   rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
    358   modcall[authorize]: module "eap" returns updated for request 1
    359 radius_xlat:  'nick'
    360 rlm_sql (sql): sql_set_user escaped user --> 'nick'
    361 radius_xlat:  'SELECT id, UserName, Attribute, Value, op
FROM radcheck           WHERE Username = 'nick'           ORDER BY id'
    362 rlm_sql (sql): Reserving sql socket id: 3
    363 radius_xlat:  'SELECT radgroupcheck.id,radgroupcheck.GroupName,
radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op  FROM
radgroupcheck,usergroup WHERE usergroup.Username = 'nick' AND
usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id'
    364 radius_xlat:  'SELECT id, UserName, Attribute, Value, op
FROM radreply           WHERE Username = 'nick'           ORDER BY id'
    365 radius_xlat:  'SELECT radgroupreply.id,radgroupreply.GroupName,
radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op  FROM
radgroupreply,usergroup WHERE usergroup.Username = 'nick' AND
usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id'
    366 rlm_sql (sql): Released sql socket id: 3
    367   modcall[authorize]: module "sql" returns ok for request 1
    368 modcall: leaving group authorize (returns updated) for request 1
    369   rad_check_password:  Found Auth-Type EAP
    370 auth: type "EAP"
    371   Processing the authenticate section of radiusd.conf
    372 modcall: entering group authenticate for request 1
    373   rlm_eap: EAP Identity
    374   rlm_eap: processing type tls
    375   rlm_eap_tls: Initiate
    376   rlm_eap_tls: Start returned 1
    377   modcall[authenticate]: module "eap" returns handled for request 1
    378 modcall: leaving group authenticate (returns handled) for request 1
    379 Sending Access-Challenge of id 15 to 10.10.1.199 port 1812
    380         Framed-IP-Address := 10.10.1.197
    381         Service-Type := Framed-User
    382         Framed-Protocol := PPP
    383         Acct-Interim-Interval := 600
    384         Framed-IP-Netmask := 255.255.255.0
    385         EAP-Message = 0x010200061920
    386         Message-Authenticator = 0x00000000000000000000000000000000
    387         State = 0x54a313b5ceb9462a1096b3991cda26fd
    388 Finished request 1
    389 Going to the next request
    390 --- Walking the entire request list ---
    391 Waking up in 6 seconds...
    392 rad_recv: Access-Request packet from host 10.10.1.199:1812, id=16,
length=156
    393         User-Name = "nick"
    394         Framed-MTU = 1400
    395         NAS-Port-Type = Wireless-802.11
    396         EAP-Message =
0x0202004a198000000040160301003b010000370301a335f6db0cf18cee677ebd76dec678bd2d2e42ecddf79aa72c593b822eb7332600001000040005000a000900640062000300060100
    397         State = 0x54a313b5ceb9462a1096b3991cda26fd
    398         NAS-IP-Address = 10.10.1.199
    399         Message-Authenticator = 0xe4e2621145795b028a4691bd5e30275d
    400   Processing the authorize section of radiusd.conf
    401 modcall: entering group authorize for request 2
    402   modcall[authorize]: module "preprocess" returns ok for request 2
    403   modcall[authorize]: module "chap" returns noop for request 2
    404   modcall[authorize]: module "mschap" returns noop for request 2
    405     rlm_realm: No '@' in User-Name = "nick", looking up realm NULL
    406     rlm_realm: No such realm "NULL"
    407   modcall[authorize]: module "suffix" returns noop for request 2
    408   rlm_eap: EAP packet type response id 2 length 74
    409   rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
    410   modcall[authorize]: module "eap" returns updated for request 2
    411 radius_xlat:  'nick'
    412 rlm_sql (sql): sql_set_user escaped user --> 'nick'
    413 radius_xlat:  'SELECT id, UserName, Attribute, Value, op
FROM radcheck           WHERE Username = 'nick'           ORDER BY id'
    414 rlm_sql (sql): Reserving sql socket id: 2
    415 radius_xlat:  'SELECT radgroupcheck.id,radgroupcheck.GroupName,
radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op  FROM
radgroupcheck,usergroup WHERE usergroup.Username = 'nick' AND
usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id'
    416 radius_xlat:  'SELECT id, UserName, Attribute, Value, op
FROM radreply           WHERE Username = 'nick'           ORDER BY id'
    417 radius_xlat:  'SELECT radgroupreply.id,radgroupreply.GroupName,
radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op  FROM
radgroupreply,usergroup WHERE usergroup.Username = 'nick' AND
usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id'
    418 rlm_sql (sql): Released sql socket id: 2
    419   modcall[authorize]: module "sql" returns ok for request 2
    420 modcall: leaving group authorize (returns updated) for request 2
    421   rad_check_password:  Found Auth-Type EAP
    422 auth: type "EAP"
    423   Processing the authenticate section of radiusd.conf
    424 modcall: entering group authenticate for request 2
    425   rlm_eap: Request found, released from the list
    426   rlm_eap: EAP/peap
    427   rlm_eap: processing type peap
    428   rlm_eap_peap: Authenticate
    429   rlm_eap_tls: processing TLS
    430 rlm_eap_tls:  Length Included
    431   eaptls_verify returned 11
    432     (other): before/accept initialization
    433     TLS_accept: before/accept initialization
    434 Segmentation fault: 11 (core dumped)

Hopefully this info will help.

Regards,

Nick Larsen


On 8/31/06, Alan DeKok <aland at deployingradius.com> wrote:
>
> "Nick Larsen" <larsen.nick at gmail.com> wrote:
> > Segmentation fault: 11 (core dumped)
> > root at radius02 [/etc/raddb]#
>
>   See doc/bugs.  It describes exactly what to do when you get a core dump.
>
>   And the contents of the core dump say what's going wrong, too.
>
>   Alan DeKok.
> --
>   http://deployingradius.com       - The web site of the book
>   http://deployingradius.com/blog/ - The blog
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>



-- 
Regards,

Nick Larsen
Wellington
NEW ZEALAND
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20060831/a9e50f2d/attachment.html>


More information about the Freeradius-Users mailing list