Looks like radiusd crashes when a CHAP request comes in before the cleanup_delay.
Seems that Randy Moore has found the problem and I verified it with my server. Here is our exchange: Ah, THANK YOU! That is exactly what I'm seeing. Regular 'radtest' tests don't use CHAP passwords, so they don't cause the crash. My test uses radclient (for which 'radtest' is just a simpler front-end), to send CHAP passwords (like many NAS's do). I've been finding that any time I get 2 CHAP requests in less than "cleanup_delay" seconds causes a crash. I don't seem to be having any luck raising concern about this on the list. Would you mind adding a post about it? At 10:10 AM 1/16/2002 -0500, you wrote: >Hmmm... > >Dialing in and having our access server authenticate works just fine. Using >radtest over and over, like 10 times in a couple of seconds worked just >fine. > >But your test makes ther server crash the FIRST time if nothing else >authenticated after starting up the server, but crashes the SECOND time if >something else successfully authenticates first. > >lm_sql: Reserving sql socket id: 4 >radius_xlat: 'nastest' >sql_escape in: 'nastest' >sql_escape out: 'nastest' >sql_set_user: escaped user --> 'nastest' >radius_xlat: 'SELECT Value,Attribute FROM radcheck WHERE UserName = >'nastest' AND ( Attribute = 'Password' OR Attribute = 'Crypt-Password' ) >ORDER BY Attribute DESC' >SELECT Value,Attribute FROM radcheck WHERE UserName = 'nastest' AND ( >Attribute = 'Password' OR Attribute = 'Crypt-Password' ) ORDER BY Attribute >DESC >rlm_sql: Released sql socket id: 4 >Segmentation fault > >-----Original Message----- >From: Randy Moore [mailto:[EMAIL PROTECTED]] >Sent: Tuesday, January 15, 2002 5:31 PM >To: Jeremy Kusnetz >Subject: Re: sql failover > > >At 05:09 PM 1/15/2002 -0500, you wrote: > >Ahh.. I made the changes to the radiusd.conf file that Randy suggested and > >the failover works correctly now. > > > >Thanks for the help. I assume the patch will be in 0.5? Any idea when >that > >will be coming out? > >Hi Jeremy, > >I've attached the patch below. It is pretty trivial. The diff should be >applied to "rlm_sql.c" in "src/modules/rlm_sql". > >Would you mind running a quick test for me. I'm investigating a seq fault >crash on my system and no one else has confirmed or denied seeing it. > >The test is very easy. > >1) In radiusd.conf, set cleanup_delay = 45 >2) start radiusd in -X mode. >3) run the following command twice in a row, quickly (second one should run >before cleanup timer from the first command expires (45 seconds). > >echo "User-Name = \"userinsql\", CHAP-Password = \"userinsqlpw\"" | >radclient <radiusserver> auth <yoursecret> > >This should be all on one line. And, obviously, you'll need to pick an >account and password for someone that is in your SQL database and >substitute in your radius server and your secret. > >If the problem is in the code and not just my setup, radiusd will crash >after the second time you run the command (within the 45 second >window). If you wait more than the cleanup_delay time, it will not crash. > >I'd really appreciate hearing what happens on your system. > > >--- rlm_sql.c.orig Fri Dec 14 11:05:16 2001 >+++ rlm_sql.c Tue Jan 15 00:31:54 2002 >@@ -333,7 +333,7 @@ >if ((inst->module->sql_select_query)(sqlsocket, inst->config, querystr) < 0) >{ >radlog(L_ERR, "rlm_sql_authenticate: database query error"); >- retval = RLM_MODULE_REJECT; >+ retval = RLM_MODULE_FAIL; >goto release_and_return; >} - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
