Segmentation fault when linking 2.2.0 against openSSL 1.0.1c

Stefan Winter stefan.winter at restena.lu
Mon Sep 17 09:11:58 CEST 2012 

Hi,

until today, I have been running FreeRADIUS 2.2.0 successfully with a
system-supplied openSSL.

Today, I compiled with

--with-openssl
--with-openssl-includes=/usr/local/freeradius/openssl-1.0.1c/include/openssl

--with-openssl-libraries=/usr/local/freeradius/openssl-1.0.1c/lib

the path is in ld.so.conf, and ldd shows that linking against this new
version works.

However, when running PEAP on this version, I get a segmentation fault now:

[eap] Request found, released from the list
[eap] EAP/peap
[eap] processing type peap
[peap] processing EAP-TLS
[peap] eaptls_verify returned 7
[peap] Done initial handshake
[peap] eaptls_process returned 7
[peap] EAPTLS_OK
[peap] Session established.  Decoding tunneled attributes.
[peap] Peap state send tlv success
[peap] Received EAP-TLV response.
[peap] Success
[peap] Using saved attributes from the original Access-Accept
        User-Name = "test.eduroam at education.lu"
        Reply-Message = "What shall we do with the drunken sailor? What
shall we do with the drunken sailor? What shall we do with the drunken
sailor - early in the morning? Give him eduroam."
        Reply-Message = "What shall we do with the drunken sailor? What
shall we do with the drunken sailor? What shall we do with the drunken
sailor - early in the morning? Give him eduroam."
        Reply-Message = "What shall we do with the drunken sailor? What
shall we do with the drunken sailor? What shall we do with the drunken
sailor - early in the morning? Give him eduroam."
        Reply-Message = "What shall we do with the drunken sailor? What
shall we do with the drunken sailor? What shall we do with the drunken
sailor - early in the morning? Give him eduroam."
        Reply-Message = "What shall we do with the drunken sailor? What
shall we do with the drunken sailor? What shall we do with the drunken
sailor - early in the morning? Give him eduroam."
        Reply-Message = "What shall we do with the drunken sailor? What
shall we do with the drunken sailor? What shall we do with the drunken
sailor - early in the morning? Give him eduroam."
        Reply-Message = "What shall we do with the drunken sailor? What
shall we do with the drunken sailor? What shall we do with the drunken
sailor - early in the morning? Give him eduroam."
        Reply-Message = "What shall we do with the drunken sailor? What
shall we do with the drunken sailor? What shall we do with the drunken
sailor - early in the morning? Give him eduroam."
        Reply-Message = "What shall we do with the drunken sailor? What
shall we do with the drunken sailor? What shall we do with the drunken
sailor - early in the morning? Give him eduroam."
        Reply-Message = "What shall we do with the drunken sailor? What
shall we do with the drunken sailor? What shall we do with the drunken
sailor - early in the morning? Give him eduroam."
Segmentation fault

The repetition of that attribute is NOT an error; it's there to inflate
the packet beyond 1500 bytes to trigger UDP fragmentation (this is our
Nagios testing).

In 2.2.0 against the old openSSL version, everything works fine -
Access-Accept. Any hints?

Greetings,

Stefan winter

-- 
Stefan WINTER
Ingenieur de Recherche
Fondation RESTENA - Réseau Téléinformatique de l'Education Nationale et
de la Recherche
6, rue Richard Coudenhove-Kalergi
L-1359 Luxembourg

Tel: +352 424409 1
Fax: +352 422473

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 259 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20120917/eaa1bc4e/attachment-0001.pgp>

More information about the Freeradius-Users mailing list