sql query in post-auth - segmentation fault
Mohamed Imran (NBI)
Mohamed.Imran at nbi.ac.uk
Fri Sep 11 14:24:29 CEST 2015
Hi,
Having configured FR to talk to our MS SQL server which appears to work fine
now (radius -X doesn't complain anymore), I've tried a quick test, a very
basic condition to lookup a mac and update reply with a particular VLAN tag
if its exists.. and added the following in the post-auth section of the
default site.
- - - - - -
post-auth {
- - - - -
- - - - -
#
sql
if("%{sql:SELECT COUNT(*) FROM tblwindows WHERE MacAddress
='%{Calling-Station-ID}'}" ==1){
update reply {
Tunnel-Type = VLAN
Tunnel-Medium-Type = IEEE-802
Tunnel-Private-Group-Id = 100
}
else {
update reply {
Tunnel-Type = VLAN
Tunnel-Medium-Type = IEEE-802
Tunnel-Private-Group-Id = 101
}
}
}
radiusd -X reports a segmentation fault:
# Instantiating module "sql" from file
/usr/local/etc/raddb/mods-enabled/sql
rlm_sql (sql): Attempting to connect to database "Computing"
rlm_sql (sql): Initialising connection pool
pool {
start = 5
min = 3
max = 32
spare = 10
uses = 0
lifetime = 0
cleanup_interval = 30
idle_timeout = 60
retry_delay = 30
spread = no
}
rlm_sql (sql): Opening additional connection (0), 1 of 32 pending slots used
rlm_sql (sql): Opening additional connection (1), 1 of 31 pending slots used
rlm_sql (sql): Opening additional connection (2), 1 of 30 pending slots used
rlm_sql (sql): Opening additional connection (3), 1 of 29 pending slots used
rlm_sql (sql): Opening additional connection (4), 1 of 28 pending slots used
# Instantiating module "IPASS" from file
/usr/local/etc/raddb/mods-enabled/realm
# Instantiating module "suffix" from file
/usr/local/etc/raddb/mods-enabled/realm
# Instantiating module "realmpercent" from file
/usr/local/etc/raddb/mods-enabled/realm
# Instantiating module "ntdomain" from file
/usr/local/etc/raddb/mods-enabled/realm
# Instantiating module "auth_log" from file
/usr/local/etc/raddb/mods-enabled/detail.log
rlm_detail (auth_log): 'User-Password' suppressed, will not appear in detail
output
# Instantiating module "reply_log" from file
/usr/local/etc/raddb/mods-enabled/detail.log
# Instantiating module "pre_proxy_log" from file
/usr/local/etc/raddb/mods-enabled/detail.log
# Instantiating module "post_proxy_log" from file
/usr/local/etc/raddb/mods-enabled/detail.log
# Instantiating module "pap" from file
/usr/local/etc/raddb/mods-enabled/pap
# Instantiating module "expiration" from file
/usr/local/etc/raddb/mods-enabled/expiration
# Instantiating module "preprocess" from file
/usr/local/etc/raddb/mods-enabled/preprocess
reading pairlist file /usr/local/etc/raddb/mods-config/preprocess/huntgroups
reading pairlist file /usr/local/etc/raddb/mods-config/preprocess/hints
# Instantiating module "cache_eap" from file
/usr/local/etc/raddb/mods-enabled/cache_eap
rlm_cache (cache_eap): Driver rlm_cache_rbtree (module rlm_cache_rbtree)
loaded and linked
} # modules
radiusd: #### Loading Virtual Servers ####
server { # from file /usr/local/etc/raddb/radiusd.conf
} # server
server inner-tunnel { # from file
/usr/local/etc/raddb/sites-enabled/inner-tunnel
# Loading authenticate {...}
# Loading authorize {...}
Ignoring "ldap" (see raddb/mods-available/README.rst)
# Loading session {...}
# Loading post-proxy {...}
# Loading post-auth {...}
} # server inner-tunnel
server default { # from file /usr/local/etc/raddb/sites-enabled/default
# Loading authenticate {...}
# Loading authorize {...}
# Loading preacct {...}
# Loading accounting {...}
# Loading post-proxy {...}
# Loading post-auth {...}
Segmentation fault
This same sql statement worked fine when I was initially playing around with
this and it worked ok against a MySql DB (FR version 2.2.x).
Ive also tried the same query against our MSSql server using isql on the
same server and that works fine.
What am I missing/doing wroing?
Regards,
Mohamed
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5522 bytes
Desc: not available
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20150911/006d04a0/attachment-0001.bin>
More information about the Freeradius-Users
mailing list