At 03:26 PM 1/25/2002 -0500, you wrote:
>Randy Moore <[EMAIL PROTECTED]> wrote:
> > If it would help, I'd be more than happy to give you access to my
> > development server (he says grinning and trying not to beg).
>
>   I'll see... private email is better for this.
>
> > (gdb) p row[0]
> > $2 = 0x0
>
>   That's the problem.
>
> > This is strange, in some of my earlier testing I had put in some extra
> > logging to show the contents of row[0] and test full NULL in
> > password_pair.  At that point, I thought both were OK.
>
>   And if you look around line 350, there's a check: if row[0] is NULL,
>then stop.
>
>   So there's some weird memory corruption going on here.

Hmm,  on lines 340 - 341:
row = (inst->module->sql_fetch_row)(sqlsocket, inst->config);
(inst->module->sql_finish_select_query)(sqlsocket, inst->config);

We fetch the row and then immediately do the mysql 'finish'.  I've never 
programmed with mysql in C, but in Perl, this would wipe out the memory 
that the row reference points to.  I'm guessing that the equivalent in C is 
probably just to free that memory location.  As long as nothing steps on it 
before we use it, the code might work.

Could it be that we need to either copy the contents of 'row' to a local 
variable before doing the 'finish'?  Or possibly, we could postpone the 
'finish' until after all the logic that uses the contents of 'row'.?


> > Hmm,  I don't think I understand you here.  If I take 'sql' out of the
> > authenticate section, radiusd fails to start and I get the following error:
> > /usr/local/freeradius-snapshot-20020125/etc/raddb/users[78]: Parse error
> > (check) for entry DEFAULT: Unknown value Sql for attribute Auth-Type
>
>   Ok.  There as a discussion on the devel list earlier about similar
>topics.
>
>   The idea is that the SQL module should grab the password (or
>crypt-password) from the database during the 'authorize' section, and
>add it to the config items.
>
>   Then, the pap/chap/whatever authentication could be done by another
>module.  This would allow MS-CHAP authentication when using SQL....
>
>   But the code isn't finished yet.

OK, I'll reread the CHAP threads on the devel list.  I'd only skimmed them 
because they seemed to mostly deal with Samba.

Thanks again.

Randy Moore
Axion Information Technologies, Inc.

email     [EMAIL PROTECTED]
phone   301-408-1200
fax        301-445-3947


- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Reply via email to