segfault: Re: [ANN] Release 3.0.4 rc0
Polish
pavel.polacek at ujep.cz
Tue May 27 22:36:04 CEST 2014
Hello Arran,
thanks, git version don't segfault, but tls radsec don't work for me.
Incoming tls connection is accepted. Problem is outgoing connection. It
looks like FR don't try to connect to home server:
..
Listening on auth proto tcp address * port 2083 (TLS) as server default
Listening on auth address 127.0.0.1 port 18120 as server inner-tunnel
Listening on auth address * port 1812 as server default
Listening on acct address * port 1813 as server default
Opening new proxy socket 'proxy address * port 0'
Listening on proxy address * port 60960
Ready to process requests
..
Opening new proxy socket 'proxy (0.0.0.0, 0) -> home_server
(195.113.187.22, 2083)'
Waking up in 0.3 seconds.
Trying SSL to port 2083
Requiring Server certificate
Failed starting SSL to 'proxy (0.0.0.0, 0) -> home_server (195.113.187.22,
2083)'
Failed to insert request into the proxy list
..
Suppressing attempt to open socket to 'down' home server
Failed to insert request into the proxy list
..
Could you give me tip for working configuration?
In my sites-enabled/tls is:
listen {
ipaddr = *
port = 2083
type = auth
# For now, only TCP transport is allowed.
proto = tcp
# Send packets to the default virtual server
virtual_server = default
clients = radsec
..
tls {
private_key_file = ${certdir}/radius.key
certificate_file = ${certdir}/radius.crt
dh_file = ${certdir}/dh
ca_path = ${cadir}
..
}
}
clients radsec {
client 127.0.0.1 {
ipaddr = 127.0.0.1
proto = tls
secret = testing123
}
client radius1.eduroam.cz {
ipaddr = 195.113.187.22
proto = tls
secret = radsec
}
}
home_server tls {
ipaddr = 195.113.187.22
port = 2083
type = auth
secret = radsecy
proto = tcp
status_check = none
tls {
private_key_file = ${certdir}/radius.key
certificate_file = ${certdir}/radius.crt
dh_file = ${certdir}/dh
random_file = ${certdir}/random
ca_path = ${cadir}
}
}
home_server_pool tls {
type = fail-over
home_server = tls
}
realm DEFAULT {
auth_pool = tls
nostrip
}
Thank you Pavel Polacek
On Mon, 26 May 2014, Arran Cudbard-Bell wrote:
>
> On 26 May 2014, at 21:54, Polish <pavel.polacek at ujep.cz> wrote:
>
>> cbtls_info
>
> That's better. Fixed in v3.0.x head.
>
> Thanks.
>
> -Arran
>
> Arran Cudbard-Bell <a.cudbardb at freeradius.org>
> FreeRADIUS Development Team
>
> FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2
>
>
More information about the Freeradius-Users
mailing list