Talloc sanity error (3.0 release branch, reproxying from PEAP inner tunnel)

A.L.M.Buxey at lboro.ac.uk A.L.M.Buxey at lboro.ac.uk
Wed Aug 7 21:06:47 CEST 2013


Hi,

>    peap {
>      default_eap_type = mschapv2
>      proxy_tunneled_request_as_eap = yes
>      copy_request_to_tunnel = no
>      use_tunneled_reply = yes
>      tls = eduroam-eap-tls
>    }

okay


>  Any request that tries to go to the proxy causes this to happen:
>  Wed Aug  7 11:57:35 2013 : Debug: (5)   - entering if ("%{FreeRADIUS-Proxied-To}" == 127.0.0.1)  {...}
>  Wed Aug  7 11:57:35 2013 : Debug: (5)    update control {
>  Wed Aug  7 11:57:35 2013 : Debug: (5)           Proxy-To-Realm := "idpi"
>  Wed Aug  7 11:57:35 2013 : Debug: (5)    } # update control = ok
>  Wed Aug  7 11:57:35 2013 : Debug: (5)   - if ("%{FreeRADIUS-Proxied-To}" == 127.0.0.1)  returns ok
>  Wed Aug  7 11:57:35 2013 : Debug: (5)    ... skipping else for request 5: Preceding "if" was taken
>  } # server eduroam_idp
>  Wed Aug  7 11:57:35 2013 : Debug: (5) eap_peap : Got tunneled reply code 0
>  Wed Aug  7 11:57:35 2013 : Debug:   PEAP: Tunneled authentication will be proxied to idpi
>  Wed Aug  7 11:57:35 2013 : Info: talloc: access after free error - first free may be at src/main/util.c:230
>  Wed Aug  7 11:57:35 2013 : Info: Bad talloc magic value - access after free

this sample doesnt show enough of the process..

how did you configure the server...from scratch or copy pasting bits over from a 2.x ? 
does this 'eap' module use its own virtual_server or does it inherit the virtual_server that
instigated it (you have no 'virtual_server = "blah"' line in your peap{} section...so i assume
its using eduroam_idp VS for the unwrapping?) 


alan


More information about the Freeradius-Users mailing list