(RADIATOR) Random crashes with RadSec
Jan Tomasek
jan at tomasek.cz
Fri Nov 18 09:46:01 CST 2005
I've found 100% way how to crash institution level radiuses. My setup is
this:
radsec1.eduroam.cz (czech level radius)
/ \
/ \
radsec1.cesnet.cz \
(institution with realm cesnet.cz) \
\
semik3.cesnet.cz
(institution with realm tomasek.cz)
Configurations of boxes radsec1.cesnet.cz and semik3.cesnet.cz are
identical so only radsec1.ces is attached and of course radsec1.edu is
there too.
Scenario is simple.
Start all servers. Send request by ordinary radius protocol to czech
level radius with realm cesnet.cz and with realm tomasek.cz. Terminate
czech level radius (16:33:39). Observe how inistitution level radiuses
are trying connect to non runing master.. than start master (16:33:59)
and ;) Both crashes :))
Fri Nov 18 16:33:39 2005: ERR: Stream sysread failed: . Peer probably
disconnected.
Fri Nov 18 16:33:39 2005: DEBUG: Stream disconnected from
radsec1.eduroam.cz:2083
Fri Nov 18 16:33:39 2005: ERR: Stream sysread failed: . Peer probably
disconnected.
Fri Nov 18 16:33:39 2005: DEBUG: Stream disconnected from
195.113.144.248:35011
Fri Nov 18 16:33:39 2005: DEBUG: Stream attempting tcp connection to
radsec1.eduroam.cz:2083
Fri Nov 18 16:33:39 2005: DEBUG: Stream connection in progress to
radsec1.eduroam.cz:2083
Fri Nov 18 16:33:39 2005: DEBUG: Stream connection to
radsec1.eduroam.cz:2083 failed: Connection refused
Fri Nov 18 16:33:39 2005: DEBUG: Stream disconnected from
radsec1.eduroam.cz:2083
Fri Nov 18 16:33:44 2005: DEBUG: Stream attempting tcp connection to
radsec1.eduroam.cz:2083
Fri Nov 18 16:33:44 2005: DEBUG: Stream connection in progress to
radsec1.eduroam.cz:2083
Fri Nov 18 16:33:44 2005: DEBUG: Stream connection to
radsec1.eduroam.cz:2083 failed: Connection refused
Fri Nov 18 16:33:44 2005: DEBUG: Stream disconnected from
radsec1.eduroam.cz:2083
Fri Nov 18 16:33:49 2005: DEBUG: Stream attempting tcp connection to
radsec1.eduroam.cz:2083
Fri Nov 18 16:33:49 2005: DEBUG: Stream connection in progress to
radsec1.eduroam.cz:2083
Fri Nov 18 16:33:49 2005: DEBUG: Stream connection to
radsec1.eduroam.cz:2083 failed: Connection refused
Fri Nov 18 16:33:49 2005: DEBUG: Stream disconnected from
radsec1.eduroam.cz:2083
Fri Nov 18 16:33:54 2005: DEBUG: Stream attempting tcp connection to
radsec1.eduroam.cz:2083
Fri Nov 18 16:33:54 2005: DEBUG: Stream connection in progress to
radsec1.eduroam.cz:2083
Fri Nov 18 16:33:54 2005: DEBUG: Stream connected to radsec1.eduroam.cz:2083
Fri Nov 18 16:33:54 2005: DEBUG: TLS sessionInit for radsec1.eduroam.cz
Fri Nov 18 16:33:54 2005: DEBUG: TLS SSL_connect result: -1, 2, 4384
Fri Nov 18 16:33:54 2005: DEBUG: TLS Client Started for
radsec1.eduroam.cz:2083
Undefined subroutine &main::0 called at
/usr/share/perl5/Radius/StreamTLS.pm line 480, <DATA> line 283.
Still running on same systems as yesterday but with Radiator 3.13 and
patch 1.597.
I hope this will help you fix that, at this moment it isn't much usable:))
Best regards
--
--------------------------------------------------------------
Jan Tomasek aka Semik work: CESNET, z.s.p.o.
http://www.tomasek.cz/ Zikova 4, 160 00 Praha 6
Czech Republic
phone(work): +420 2 2435 5279 http://www.cesnet.cz/
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: radsec1.eduroam.cz.cfg
URL: <http://www.open.com.au/pipermail/radiator/attachments/20051118/98ebd8fb/attachment.ksh>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: radsec1.cesnet.cz.cfg
URL: <http://www.open.com.au/pipermail/radiator/attachments/20051118/98ebd8fb/attachment-0001.ksh>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: OpenPGP digital signature
URL: <http://www.open.com.au/pipermail/radiator/attachments/20051118/98ebd8fb/attachment.bin>
More information about the radiator
mailing list