3.0.0 detail: suppress now works, but found a SEGV elsewhere

Arran Cudbard-Bell a.cudbardb at freeradius.org
Tue Jan 7 12:52:13 CET 2014 

On 7 Jan 2014, at 11:16, Arran Cudbard-Bell <a.cudbardb at freeradius.org> wrote:

> 
> On 7 Jan 2014, at 07:51, Stefan Winter <stefan.winter at restena.lu> wrote:
> 
>> Hi,
>> 
>>>>> And the log files do contain the User-Password attribute.
>>>> 
>>>> That shouldn't happen
>>> 
>>> Fixed.
>> 
>> Umm. In a way, yes. With current SVN (v3.0.x from a few minutes ago), 
>> the logs don't contain the User-Password.
>> 
>> Unfortunately, shortly after detail is done (it logs the packet,
>> omits the User-Password), the server crashes with a SEGV.
>> 
>> Here's the -X log of the moment:
>> 
>> (0) auth_log_silent : /var/log/radius/radacct/%Y%m%d/%{RESTENA-Service-Type}-service/auth-detail expands to /var/log/radius/radacct/20140107/Staff-IMAP-service/auth-detail
>> (0) auth_log_silent :   expand: "%t" -> 'Tue Jan  7 08:43:27 2014'
>> (0)   [auth_log_silent] = ok
>> (0)   ? if ( "%{RESTENA-Service-Type}" == "Staff-IMAP" && "%{strlen:%{User-Password}}" == "96" ) 
>> (0)     expand: "Staff-IMAP" -> 'Staff-IMAP'
>> (0)     expand: "%{RESTENA-Service-Type}" -> 'Staff-IMAP'
>> (0)     expand: "96" -> '96'
>> (0)     expand: "%{strlen:%{User-Password}}" -> '96'
>> (0)   ? if ( "%{RESTENA-Service-Type}" == "Staff-IMAP" && "%{strlen:%{User-Password}}" == "96" )  -> TRUE
>> (0)   if ( "%{RESTENA-Service-Type}" == "Staff-IMAP" && "%{strlen:%{User-Password}}" == "96" )  {
>> Segmentation fault
>> 
>> My config for this states:
>> 
>>       auth_log_silent
>>       if ( "%{RESTENA-Service-Type}" == "Staff-IMAP" && "%{strlen:%{User-Password}}" == "96" ) {
>>               sql-webmailsso
>>       }
>> 
>> So it crashed before invoking an sql instance? The same worked on 3.0.0.
> 
> Yes that doesn't exactly mean much it being C.
> 
> I can't reproduce it by calling strlen, could you maybe provide a backtrace?
> 
> (1) # Executing section authorize from file /usr/local/freeradius/etc/raddb/sites-enabled/default
> (1)   authorize {
> (1) detail : 	expand: "/usr/local/freeradius/var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/detail-%Y%m%d" -> '/usr/local/freeradius/var/log/radius/radacct/127.0.0.1/detail-20140107'
> (1) detail : /usr/local/freeradius/var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/detail-%Y%m%d expands to /usr/local/freeradius/var/log/radius/radacct/127.0.0.1/detail-20140107
> (1) detail : 	expand: "%t" -> 'Tue Jan  7 11:14:32 2014'
> (1)   [detail] = ok
> (1)   update control {
> (1) 	expand: "%{strlen:%{User-Password}}" -> '3'
> (1) 		Tmp-Integer-0 := 3
> (1)   } # update control = noop
> (1)   ? if ("%{strlen:%{User-Password}}" == "3") 
> (1) 	expand: "3" -> '3'
> (1) 	expand: "%{strlen:%{User-Password}}" -> '3'
> (1)   ? if ("%{strlen:%{User-Password}}" == "3")  -> TRUE
> (1)   if ("%{strlen:%{User-Password}}" == "3")  {
> (1)    [reject] = reject
> (1)   } # if ("%{strlen:%{User-Password}}" == "3")  = reject
> (1)  } #  authorize = reject
> (1) Using Post-Auth-Type Reject

(1) # Executing section authorize from file /usr/local/freeradius/etc/raddb/sites-enabled/default
(1)   authorize {
(1) detail : 	expand: "/usr/local/freeradius/var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/detail-%Y%m%d" -> '/usr/local/freeradius/var/log/radius/radacct/127.0.0.1/detail-20140107'
(1) detail : /usr/local/freeradius/var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/detail-%Y%m%d expands to /usr/local/freeradius/var/log/radius/radacct/127.0.0.1/detail-20140107
(1) detail : 	expand: "%t" -> 'Tue Jan  7 11:51:32 2014'
(1)   [detail] = ok
(1)   update control {
(1) 	expand: "%{strlen:%{User-Password}}" -> '3'
(1) 		Tmp-Integer-0 := 3
(1)   } # update control = noop
(1)   ? if ("%{strlen:%{User-Password}}" == "3") 
(1) 	expand: "3" -> '3'
(1) 	expand: "%{strlen:%{User-Password}}" -> '3'
(1)   ? if ("%{strlen:%{User-Password}}" == "3")  -> TRUE
(1)   if ("%{strlen:%{User-Password}}" == "3")  {
(1) sql : 	expand: "%{User-Name}" -> 'foo'
(1) sql : SQL-User-Name set to 'foo'
rlm_sql (sql): Reserved connection (4)
(1) sql : 	expand: "SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id" -> 'SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'foo' ORDER BY id'
rlm_sql (sql): Executing query: 'SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'foo' ORDER BY id'
(1) sql : 	expand: "SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority" -> 'SELECT groupname FROM radusergroup WHERE username = 'foo' ORDER BY priority'
rlm_sql (sql): Executing query: 'SELECT groupname FROM radusergroup WHERE username = 'foo' ORDER BY priority'
rlm_sql (sql): Released connection (4)
rlm_sql (sql): Closing connection (1): Too many free connections (4 > 3)
rlm_sql_sqlite: Socket destructor called, closing socket
(1)    [sql] = notfound

Still can't reproduce it...

Arran Cudbard-Bell <a.cudbardb at freeradius.org>
FreeRADIUS Development Team

FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 881 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140107/197f0b56/attachment.pgp>

More information about the Freeradius-Users mailing list