sql query in post-auth - segmentation fault

Arran Cudbard-Bell a.cudbardb at freeradius.org
Fri Sep 11 14:31:15 CEST 2015 

> On 11 Sep 2015, at 13:24, Mohamed Imran (NBI) <Mohamed.Imran at nbi.ac.uk> wrote:
> 
> Hi,
> 
> Having configured FR to talk to our MS SQL server which appears to work fine
> now (radius -X doesn't complain anymore), I've tried a quick test, a very
> basic condition to lookup a mac and update reply with a particular VLAN tag
> if its exists..  and added the following in the post-auth section of the
> default site.
> - - - - - -
> post-auth {
> 	- - - - -
> 	- - - - -
> 	#
> 	sql
> 	if("%{sql:SELECT COUNT(*) FROM tblwindows WHERE MacAddress
> ='%{Calling-Station-ID}'}" ==1){
> 	update reply {
>        		Tunnel-Type = VLAN
>                	Tunnel-Medium-Type = IEEE-802
>                	Tunnel-Private-Group-Id = 100
>        	}
>        	else {
>        	update reply {
>        		Tunnel-Type = VLAN
>                	Tunnel-Medium-Type = IEEE-802
>                	Tunnel-Private-Group-Id = 101
>              	 }
>        	         }
>       	 }
> 
> 
> radiusd -X reports a segmentation fault:
> 
>  # Instantiating module "sql" from file
> /usr/local/etc/raddb/mods-enabled/sql
> rlm_sql (sql): Attempting to connect to database "Computing"
> rlm_sql (sql): Initialising connection pool
>   pool {
>        start = 5
>        min = 3
>        max = 32
>        spare = 10
>        uses = 0
>        lifetime = 0
>        cleanup_interval = 30
>        idle_timeout = 60
>        retry_delay = 30
>        spread = no
>   }
> rlm_sql (sql): Opening additional connection (0), 1 of 32 pending slots used
> rlm_sql (sql): Opening additional connection (1), 1 of 31 pending slots used
> rlm_sql (sql): Opening additional connection (2), 1 of 30 pending slots used
> rlm_sql (sql): Opening additional connection (3), 1 of 29 pending slots used
> rlm_sql (sql): Opening additional connection (4), 1 of 28 pending slots used
>  # Instantiating module "IPASS" from file
> /usr/local/etc/raddb/mods-enabled/realm
>  # Instantiating module "suffix" from file
> /usr/local/etc/raddb/mods-enabled/realm
>  # Instantiating module "realmpercent" from file
> /usr/local/etc/raddb/mods-enabled/realm
>  # Instantiating module "ntdomain" from file
> /usr/local/etc/raddb/mods-enabled/realm
>  # Instantiating module "auth_log" from file
> /usr/local/etc/raddb/mods-enabled/detail.log
> rlm_detail (auth_log): 'User-Password' suppressed, will not appear in detail
> output
>  # Instantiating module "reply_log" from file
> /usr/local/etc/raddb/mods-enabled/detail.log
>  # Instantiating module "pre_proxy_log" from file
> /usr/local/etc/raddb/mods-enabled/detail.log
>  # Instantiating module "post_proxy_log" from file
> /usr/local/etc/raddb/mods-enabled/detail.log
>  # Instantiating module "pap" from file
> /usr/local/etc/raddb/mods-enabled/pap
>  # Instantiating module "expiration" from file
> /usr/local/etc/raddb/mods-enabled/expiration
>  # Instantiating module "preprocess" from file
> /usr/local/etc/raddb/mods-enabled/preprocess
> reading pairlist file /usr/local/etc/raddb/mods-config/preprocess/huntgroups
> reading pairlist file /usr/local/etc/raddb/mods-config/preprocess/hints
>  # Instantiating module "cache_eap" from file
> /usr/local/etc/raddb/mods-enabled/cache_eap
> rlm_cache (cache_eap): Driver rlm_cache_rbtree (module rlm_cache_rbtree)
> loaded and linked
> } # modules
> radiusd: #### Loading Virtual Servers ####
> server { # from file /usr/local/etc/raddb/radiusd.conf
> } # server
> server inner-tunnel { # from file
> /usr/local/etc/raddb/sites-enabled/inner-tunnel
> # Loading authenticate {...}
> # Loading authorize {...}
> Ignoring "ldap" (see raddb/mods-available/README.rst)
> # Loading session {...}
> # Loading post-proxy {...}
> # Loading post-auth {...}
> } # server inner-tunnel
> server default { # from file /usr/local/etc/raddb/sites-enabled/default
> # Loading authenticate {...}
> # Loading authorize {...}
> # Loading preacct {...}
> # Loading accounting {...}
> # Loading post-proxy {...}
> # Loading post-auth {...}
> Segmentation fault
> 
> This same sql statement worked fine when I was initially playing around with
> this and it worked ok against a MySql DB (FR version 2.2.x).
> 
> Ive also tried the same query against our MSSql server using isql on the
> same server and that works fine.
> 
> What am I missing/doing wroing?

Could you run:

gdb --args /usr/sbin/radiusd -X
bt

-Arran

Arran Cudbard-Bell <a.cudbardb at freeradius.org>
FreeRADIUS development team

FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 872 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20150911/b897ed0d/attachment.sig>

More information about the Freeradius-Users mailing list