Freeradius crash during EAP-TTLS authentication

Thomas Fagart tfagart at brozs.net
Sun Mar 25 13:07:52 CEST 2012 

Hello,

Here's the debug output this happens specialy when we add a virtual 
server as a fallback server.



Finished request 75.
Going to the next request
Waking up in 0.1 seconds.
rad_recv: Access-Request packet from host X.Y.Z.W port 34405, id=225, 
length=389
# Executing section post-proxy from file 
/usr/local/etc/raddb/sites-enabled/proxy_alu_huawei
+- entering group post-proxy {...}
[eap_alu_huawei] Doing post-proxy callback
[eap_alu_huawei] Passing reply from proxy back into the tunnel.

Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 8011021c0 (LWP 100073)]
0x00000008036e05dd in eapttls_postproxy (handler=0x802964800, 
data=0x804017000) at ttls.c:816
816             if (fake && (handler->request->proxy_reply->code == 
PW_AUTHENTICATION_ACK)) {
(gdb) where
#0  0x00000008036e05dd in eapttls_postproxy (handler=0x802964800, 
data=0x804017000) at ttls.c:816
#1  0x00000008031c66e7 in eap_post_proxy (inst=0x802940200, 
request=0x801137200) at rlm_eap.c:607
#2  0x000000000041b4eb in modcall (component=6, c=Variable "c" is not 
available.
) at modcall.c:297
#3  0x000000000041869e in indexed_modcall (comp=4284416, idx=0, 
request=0x801137200) at modules.c:737
#4  0x00000000004234f2 in process_proxy_reply (request=0x801137200) at 
event.c:1734
#5  0x000000000042361b in request_pre_handler (request=0x801137200) at 
event.c:1859
#6  0x000000000042670b in radius_handle_request (request=0x801137200, 
fun=0x426ac0 <virtual_server_handler>) at event.c:3773
#7  0x000000000041ed34 in thread_pool_addrequest (request=0x801137200, 
fun=0x426ac0 <virtual_server_handler>) at threads.c:886
#8  0x0000000000428e80 in received_request (listener=0x802963a80, 
packet=0x80297e800, prequest=0x7fffffffe470, client=0x801170cc0) at 
event.c:917
#9  0x0000000000414a33 in auth_socket_recv (listener=0x802963a80, 
pfun=0x7fffffffe478, prequest=0x7fffffffe470) at listen.c:857
#10 0x000000000042397e in event_socket_handler (xel=Variable "xel" is 
not available.
) at event.c:3423
#11 0x000000080069aa42 in fr_event_loop (el=0x802971000) at event.c:415
#12 0x000000000041bf7a in main (argc=Variable "argc" is not available.
) at radiusd.c:408
(gdb) info threads
* 2 Thread 8011021c0 (LWP 100073)  0x00000008036e05dd in 
eapttls_postproxy (handler=0x802964800, data=0x804017000) at ttls.c:816
(gdb) thread apply all bt full

Thread 2 (Thread 8011021c0 (LWP 100073)):
#0  0x00000008036e05dd in eapttls_postproxy (handler=0x802964800, 
data=0x804017000) at ttls.c:816
         rcode = Variable "rcode" is not available.


Hope that help

Regards

Thomas


Le 06/03/2012 10:29, Alan DeKok a écrit :
> Thomas Fagart wrote:
>> Last week we've migrate Motorola authentication on freeradius. (no more
>> radiator :-) ).
>    Nice.
>
>> But then we've experienced freeradius crash.
>    Not so nice.
>
>> The crash usually happen when home servers (ISP radius) does not
>> respond, then the radius load goes up to 50/60 requests per second and
>> after 40/50 minutes the radius crash.
>    That kind of situation is hard to test.
>
>> It seems this is more related to SSL issue ?
>    Maybe.  It's hard to know.
>
>> Could you confirm this idea is correct ?
>>
>> I can compile the radius in gdb to get more information if this is usefull.
>    Yes.  See doc/bugs for complete instructions.
>
>    Also, try compiking with debugging flags, and using valgrind.
>
>    Alan DeKok.
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

More information about the Freeradius-Users mailing list