[RADIATOR] Radiator dying in SIGSEGV

Mike McCauley mikem at open.com.au
Tue Jun 2 01:26:04 CDT 2009


Hello Matti,

Thanks for your reply. What version of Radiator do you have installed?

Cheers.

On Tuesday 02 June 2009 03:53:51 pm Matti Saarinen wrote:
>  Hello Mike,
>
> Mike McCauley wrote:
> >>  my $session = &Net::SSLeay::get_session($context->{ssl});
> >
> > It seems odd that a TLS session can finish authenticating, but there
> > is no $session available.
>
>  SSL_get_session(3) tells "SSL_get_session() returns a pointer to the
>  SSL_SESSION actually used in ssl. The reference count of the
>  SSL_SESSION is not incremented, so that the pointer can become invalid
>  by other operations." I understand the explanation so that in some
>  cases the function may return undefined value.
>
>  In our case I suppose the culprit lies somewhere behind Radiator.
>  Radiator proxies to requests to other radius backend-server who may
>  relay the request even further radius server. It may be that sometimes
>  this takes so long that something times out resulting in $session
>  becoming null.
>
> > What version of openssl do you have.
>
>  The OS is Debian Lenny and the OpenSSL package is based on OpenSSL
>  0.9.8g.
>
> > Do you have a Trace 4 log of what radiator was doing before the crash?
>
>  Yes, I do. The original request is generated by eapol_test program that
>  comes with wpa_supplicant. We use it to monitor Radiator and especially
>  EAP.
>
> Sun May 31 00:10:05 2009: DEBUG: Packet dump:
> *** Received from x.x.x.x port 35834 ....
> Code:       Access-Request
> Identifier: 0
> Authentic:  <245> <186>@R<227><191><137><21>%<135><162><21><233><229><245>
> Attributes:
>         User-Name = "..."
>         NAS-IP-Address = 127.0.0.1
>         Calling-Station-Id = "02-00-00-00-00-01"
>         Framed-MTU = 1400
>         NAS-Port-Type = Wireless-IEEE-802-11
>         Connect-Info = "CONNECT 11Mbps 802.11b"
>         EAP-Message = <2><0><0><26><1>...
>         Message-Authenticator =
> <246>:<184>E<233>mG(u<177><215><177><8><201>-<18>
>
> Sun May 31 00:10:05 2009: DEBUG: Handling request with Handler
> 'Realm=/helsinki.fi$/i' Sun May 31 00:10:05 2009: DEBUG:  Deleting session
> for ..., 127.0.0.1, Sun May 31 00:10:05 2009: DEBUG: Handling with
> Radius::AuthFILE:
> Sun May 31 00:10:05 2009: DEBUG: Handling with EAP: code 2, 0, 26, 1
> Sun May 31 00:10:05 2009: DEBUG: Response type 1
> Sun May 31 00:10:05 2009: DEBUG: EAP result: 3, EAP TTLS Challenge
> Sun May 31 00:10:05 2009: DEBUG: AuthBy FILE result: CHALLENGE, EAP TTLS
> Challenge Sun May 31 00:10:05 2009: DEBUG: Access challenged for ....: EAP
> TTLS Challenge Sun May 31 00:10:05 2009: DEBUG: Packet dump:
> *** Sending to x.x.x.x port 35834 ....
> Code:       Access-Challenge
> Identifier: 0
> Authentic:  <152><151><253><253><236><171>z<215>?=a$UdT,
> Attributes:
>         EAP-Message = <1><1><0><6><21>
>         Message-Authenticator =
> <0><0><0><0><0><0><0><0><0><0><0><0><0><0><0><0>
>
> Sun May 31 00:10:05 2009: DEBUG: Received reply in AuthRADIUS for req 160
> from y.y.y.y:1645 Sun May 31 00:10:05 2009: DEBUG: Packet dump:
> *** Received from y.y.y.y port 1645 ....
> Code:       Access-Accept
> Identifier: 160
> Authentic:  s<207><197><159><253>,<234>-<172><5><185>L at o"<211>
> Attributes:
>
> Sun May 31 00:10:05 2009: DEBUG: Access accepted for ....
> Sun May 31 00:10:05 2009: DEBUG: Returned TTLS tunnelled Diameter Packet
> dump: Code:       Access-Accept
> Identifier: UNDEF
> Authentic:  m<190><185><192><4><21>^Z<235>R<211><221>bj[<172>
> Attributes:
>
> Segmentation fault (core dumped)
>
>
>  Cheers,



-- 
Mike McCauley                               mikem at open.com.au
Open System Consultants Pty. Ltd
9 Bulbul Place Currumbin Waters QLD 4223 Australia   http://www.open.com.au
Phone +61 7 5598-7474                       Fax   +61 7 5598-7070

Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, 
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, DIAMETER etc. Full source
on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc.



More information about the radiator mailing list