3.0.3 segmentation fault
Polish
pavel.polacek at ujep.cz
Tue Apr 22 14:39:46 CEST 2014
Hello,
I tried test FR 3.0.3. During parsing configuration files FR goes down
with segmentation fault. I'm using radsec tunnels. Used configuration
files are from previous git version.
/usr/sbin/freeradius -C
Segmentation fault
(gdb) run
Starting program: /usr/sbin/freeradius
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
Program received signal SIGSEGV, Segmentation fault.
0x00007ffff71f5133 in CRYPTO_set_ex_data () from
/usr/lib/x86_64-linux-gnu/libcrypto.so.1.0.0
(gdb) bt
#0 0x00007ffff71f5133 in CRYPTO_set_ex_data () from
/usr/lib/x86_64-linux-gnu/libcrypto.so.1.0.0
#1 0x00000000004331ae in init_tls_ctx (conf=conf at entry=0x821700,
client=client at entry=1) at src/main/tls.c:2009
#2 0x0000000000436ef7 in tls_client_conf_parse (cs=cs at entry=0x846dd0) at
src/main/tls.c:2484
#3 0x000000000042ef68 in home_server_add (rc=rc at entry=0x81d4a0,
cs=cs at entry=0x845ec0) at src/main/realms.c:663
#4 0x0000000000430cbb in realms_init (config=config at entry=0x65eb00) at
src/main/realms.c:1885
#5 0x000000000041b841 in mainconfig_init () at src/main/mainconfig.c:919
#6 0x000000000040e6ec in main (argc=1, argv=0x7fffffffec88) at
src/main/radiusd.c:331
/usr/sbin/freeradius -X
freeradius: FreeRADIUS Version 3.0.3 (git #8a79342), for host
x86_64-pc-linux-gnu, built on Apr 22 2014 at 13:10:22
Copyright (C) 1999-2014 The FreeRADIUS server project and contributors
There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE
You may redistribute copies of FreeRADIUS under the terms of the
GNU General Public License
For more information about these matters, see the file named COPYRIGHT
Starting - reading configuration files ...
including dictionary file /usr/share/freeradius/dictionary
including dictionary file /etc/freeradius/dictionary
including configuration file /etc/freeradius/radiusd.conf
including configuration file /etc/freeradius/proxy.conf
including configuration file /etc/freeradius/clients.conf
including files in directory /etc/freeradius/mods-enabled/
including configuration file /etc/freeradius/mods-enabled/sradutmp
including configuration file /etc/freeradius/mods-enabled/passwd
including configuration file /etc/freeradius/mods-enabled/logintime
including configuration file /etc/freeradius/mods-enabled/digest
including configuration file /etc/freeradius/mods-enabled/pap
including configuration file /etc/freeradius/mods-enabled/dhcp
including configuration file /etc/freeradius/mods-enabled/preprocess
including configuration file /etc/freeradius/mods-enabled/ldap
including configuration file /etc/freeradius/mods-enabled/linelog
including configuration file /etc/freeradius/mods-enabled/utf8
including configuration file /etc/freeradius/mods-enabled/replicate
including configuration file /etc/freeradius/mods-enabled/attr_filter
including configuration file /etc/freeradius/mods-enabled/unix
including configuration file /etc/freeradius/mods-enabled/files
including configuration file /etc/freeradius/mods-enabled/exec
including configuration file /etc/freeradius/mods-enabled/expr
including configuration file /etc/freeradius/mods-enabled/detail.log
including configuration file /etc/freeradius/mods-enabled/mschap
including configuration file /etc/freeradius/mods-enabled/expiration
including configuration file /etc/freeradius/mods-enabled/chap
including configuration file /etc/freeradius/mods-enabled/realm
including configuration file /etc/freeradius/mods-enabled/detail
including configuration file /etc/freeradius/mods-enabled/radutmp
including configuration file /etc/freeradius/mods-enabled/soh
including configuration file /etc/freeradius/mods-enabled/cache_eap
including configuration file /etc/freeradius/mods-enabled/dynamic_clients
including configuration file /etc/freeradius/mods-enabled/unpack
including configuration file /etc/freeradius/mods-enabled/always
including configuration file /etc/freeradius/mods-enabled/echo
including configuration file /etc/freeradius/mods-enabled/eap
including configuration file /etc/freeradius/mods-enabled/ntlm_auth
including files in directory /etc/freeradius/policy.d/
including configuration file /etc/freeradius/policy.d/control
including configuration file /etc/freeradius/policy.d/dhcp
including configuration file /etc/freeradius/policy.d/operator-name
including configuration file /etc/freeradius/policy.d/canonicalization
including configuration file /etc/freeradius/policy.d/filter
including configuration file /etc/freeradius/policy.d/accounting
including configuration file /etc/freeradius/policy.d/cui
including configuration file /etc/freeradius/policy.d/eap
including files in directory /etc/freeradius/sites-enabled/
including configuration file /etc/freeradius/sites-enabled/tls
including configuration file /etc/freeradius/sites-enabled/inner-tunnel
including configuration file /etc/freeradius/sites-enabled/default
main {
security {
user = "freerad"
group = "freerad"
allow_core_dumps = no
}
}
main {
name = "freeradius"
prefix = "/usr"
localstatedir = "/var"
sbindir = "/usr/sbin"
logdir = "/var/log/freeradius"
run_dir = "/var/run/freeradius"
libdir = "/usr/lib/freeradius"
radacctdir = "/var/log/freeradius/radacct"
hostname_lookups = no
max_request_time = 30
cleanup_delay = 5
max_requests = 1024
pidfile = "/var/run/freeradius/freeradius.pid"
checkrad = "/usr/sbin/checkrad"
debug_level = 0
proxy_requests = yes
log {
stripped_names = no
auth = yes
auth_badpass = yes
auth_goodpass = yes
msg_badpass = "bad_pass: "
msg_goodpass = "good_pass: "
colourise = no
msg_denied = "You are already logged in - access denied"
}
security {
max_attributes = 200
reject_delay = 1
status_server = yes
allow_vulnerable_openssl = "no"
}
}
radiusd: #### Loading Realms and Home Servers ####
proxy server {
retry_delay = 5
retry_count = 3
default_fallback = no
dead_time = 120
wake_all_if_all_dead = no
}
home_server localhost {
ipaddr = 127.0.0.1
port = 1812
type = "auth"
secret = <<< secret >>>
response_window = 20
max_outstanding = 65536
zombie_period = 40
status_check = "status-server"
ping_interval = 30
check_interval = 30
num_answers_to_alive = 3
revive_interval = 120
status_check_timeout = 4
coa {
irt = 2
mrt = 16
mrc = 5
mrd = 30
}
limit {
max_connections = 16
max_requests = 0
lifetime = 0
idle_timeout = 0
}
}
home_server tls {
ipaddr = radius1.eduroam.cz IP address [195.113.187.22]
port = 2083
type = "auth"
proto = "tcp"
secret = <<< secret >>>
response_window = 30
max_outstanding = 65536
zombie_period = 40
status_check = "none"
ping_interval = 30
check_interval = 30
num_answers_to_alive = 3
revive_interval = 300
status_check_timeout = 4
coa {
irt = 2
mrt = 16
mrc = 5
mrd = 30
}
limit {
max_connections = 16
max_requests = 0
lifetime = 0
idle_timeout = 0
}
}
tls {
rsa_key_exchange = no
dh_key_exchange = yes
rsa_key_length = 512
dh_key_length = 512
verify_depth = 0
ca_path = "/etc/freeradius/certs"
pem_file_type = yes
private_key_file = "/etc/freeradius/certs/radius.key"
certificate_file = "/etc/freeradius/certs/radius.crt"
dh_file = "/etc/freeradius/certs/dh"
random_file = "/etc/freeradius/certs/random"
fragment_size = 8192
include_length = yes
check_crl = no
cipher_list = "DEFAULT"
ecdh_curve = "prime256v1"
}
Segmentation fault
Previous version works almost well.
Thanks for tips Pavel Polacek
--
Pavel Polacek tel: +420 47 528 6253
Oddeleni spravy site email: pavel.polacek at ujep.cz
Centrum Informatiky
Pasteurova 1
400 01 Usti nad Labem
**********************************************************
* starnem a porad nic, rozum jako kdyby se nam vyhybal *
**********************************************************
More information about the Freeradius-Users
mailing list