AW: server crashes with eap/tls after crl update

[Fiederling, Daniel]

Hi,

it's possible that the radiusd crashes on the next authentication - i only noticed that it runs for a few seconds up to some minutes and then crashes with a seg fault. But I wondering why I don't see any incoming requests when running "radiusd -X" before the seg fault. That would imply that radiusd crashes before it writes the first debug message.

bye
Daniel




-----Ursprüngliche Nachricht-----
Von: freeradius-users-bounces+daniel.fiederling=warema.de at lists.freeradius.org [mailto:freeradius-users-bounces+daniel.fiederling=warema.de at lists.freeradius.org] Im Auftrag von inverse
Gesendet: Freitag, 20. April 2007 10:36
An: FreeRadius users mailing list
Betreff: Re: server crashes with eap/tls after crl update

On 4/20/07, Fiederling, Daniel <daniel.fiederling at warema.de> wrote:

> Hello,
>
> this week I updated to freeradius 1.1.6. We use eap/tls with a crl from a
> Microsoft CA, which is downloaded and converted by a shell script every hour
> or has to be updated manually. If it changes, I have to reload the server
> config, right? Since the update the server crashes with a seg fault about a
> minute after the config reload - but only if the crl changed. For now I
> changed the reload (SIGHUP) to a complete restart as a work around. Before
> we used freeradius 1.1.4.

my test setup is: freeradius 1.1.6 compiled against openssll 0.9.8e.
the system is RedHat EL4 with the latest updates and kernel
2.6.9-22.ELsmp
EAP-TLS is implemented and works fine, so does the CRL.
My problem is as follows: the HUP works but radiusd segfaults at the
first authentication after the HUP.
Now I'm in the process of performance and stability testing. if this
version shows the same outstanding level of performance shown by the
bleeding edge I'll keep it, otherwise I'll consider taking the risk of
CVS.
- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html