Michael You haven't indicated which operating system you encountered this on. I have experienced this problem on both Fedora Core 2 and Red Hat Enterprise 3 ES. The problem (at least with the former OS distro) is due to the differing verions of SASL used by the OpenLDAP libraries and FreeRadius' rlm_ldap. I saw that Redhat appears to have fixed the FC2 version of FreeRadius - the source/binary RPMs are available on Rawhide. RHEL3 still appears to have the problem, AFAIK. BTW, there is an existing Bug Report for this - see FreeRadius bug #73.
Tarun -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Michael Hare Sent: Thursday, 22 July 2004 12:35 AM To: [EMAIL PROTECTED] Subject: Segmentation Fault, 1.0 pre3, ldap w/ssl Hello- I was using FreeRadius 0.8.1 successfully with LDAP. I am investigating upgrading to 1.0.0pre3 because I am moving the server to a different machine. I am unable to authenticate users at this point due to seg faults. I'll be the first to admit that I am fairly ignorant when it comes to troubleshooting problems of this nature. Does anyone have links to a good FAQ where I can find out how to create a core file for submissions (assuming this problem is interesting for a developer to look at)? Thanks- -Michael ------------------------------------------------------------ (debug output) TLS trace: SSL_connect:SSLv3 read server certificate A TLS trace: SSL_connect:SSLv3 read server certificate request A TLS trace: SSL_connect:SSLv3 read server done A TLS trace: SSL_connect:SSLv3 write client certificate A TLS trace: SSL_connect:SSLv3 write client key exchange A TLS trace: SSL_connect:SSLv3 write certificate verify A TLS trace: SSL_connect:SSLv3 write change cipher spec A TLS trace: SSL_connect:SSLv3 write finished A TLS trace: SSL_connect:SSLv3 flush data TLS trace: SSL_connect:SSLv3 read finished A Segmentation fault Some related config ldap { server = "NOT SHOWN" identity = "uid=radius,ou=Apps,o=isp" password = NOT SHOWN basedn = "NOT SHOWN" port = 636 filter = "(&(uid=%u)(%{Huntgroup-Name}=Y))" start_tls = no tls_cacertfile = "/etc/certs/cacertfile.pem" tls_certfile = "/etc/certs/certfile.pem" tls_keyfile = "/etc/certs/key_file.pem" tls_require_cert = demand dictionary_mapping = ${raddbdir}/ldap.attrmap ldap_connections_number = 5 timeout = 4 timelimit = 3 net_timeout = 1 } ============================W========= Michael Hare UW-Madison/WiscNet Network Engineering Desk: (608) 262-5236 24 Hr Noc: (608) 263-4188 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html NOTICE This e-mail and any attachments are confidential and may contain copyright material of Macquarie Bank or third parties. If you are not the intended recipient of this email you should not read, print, re-transmit, store or act in reliance on this e-mail or any attachments, and should destroy all copies of them. Macquarie Bank does not guarantee the integrity of any emails or any attached files. The views or opinions expressed are the author's own and may not reflect the views or opinions of Macquarie Bank. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
