On Thu, 29 May 2003, Oliver Graf wrote: > On Tue, May 27, 2003 at 05:33:37PM +0200, Oliver Graf wrote: > > On Tue, May 27, 2003 at 09:27:53AM -0400, Alan DeKok wrote: > > > Oliver Graf <[EMAIL PROTECTED]> wrote: > > > > My test showed that the Crypt-Password is the problem. The test users > > > > with User-Password and auth-type Local work as before, test user (and > > > > normal users) with Crypt-Password and Crypt-Local are rejected (auth > > > > failed). > > > > > > OK. See src/modules/rlm_pap/rlm_pap.c for examples of wrapping a > > > pthread mutex around calls to crypt(), which isn't thread-safe. I'll > > > take a look at fixing it in the CVS head. > > > > Hmmm... sort of weird that it takes that long for the bug to > > manifest. But you're right, crypt is not thread safe. > > > > I think I'll wait for your update, cause doing the lock for a module > > is easy cause I have the instance, but (without diving to much into > > the source) I don't see where I get to the thread mutex from only a > > REQUEST *... > > After some fruitless attemps to use PAP, I did patch auth.c a bit. > > It now locks while using crypt. This is only good, if this is the only > use of crypt. If pap (for example) is also used, it should use the > same mutex to lock while doing an crypt (as should do any other > freeradius code using crypt). > > The server seems running und is responsive :) the next hours will show > if the problem is fixed with this.
OK, then declare a new function radius_crypt() with a mutex in it, put it somewhere in src/lib and change all calls to crypt() to call radius_crypt() instead. > > Oliver. > > -- Kostas Kalevras Network Operations Center [EMAIL PROTECTED] National Technical University of Athens, Greece Work Phone: +30 210 7721861 'Go back to the shadow' Gandalf - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
