Miika Räisänen wrote: > and gdb after core dump: > http://cc.oulu.fi/~mraisane/tmp/gdb-radiusd.1st-patch.log
Please try the following patch. I believe it will fix the problem. If so, I'll commit it to CVS. Alan DeKok. -- http://deployingradius.com - The web site of the book http://deployingradius.com/blog/ - The blog
? eap.patch ? radeapclient Index: libeap/tls.c =================================================================== RCS file: /source/radiusd/src/modules/rlm_eap/libeap/tls.c,v retrieving revision 1.1.2.3 diff -u -r1.1.2.3 tls.c --- libeap/tls.c 27 Apr 2006 18:53:23 -0000 1.1.2.3 +++ libeap/tls.c 24 Jan 2007 09:00:27 -0000 @@ -92,7 +92,7 @@ /* * Print out some text describing the error. */ -static void int_ssl_check(SSL *s, int ret, const char *text) +static int int_ssl_check(SSL *s, int ret, const char *text) { int e; @@ -117,7 +117,7 @@ case SSL_ERROR_WANT_WRITE: case SSL_ERROR_WANT_X509_LOOKUP: case SSL_ERROR_ZERO_RETURN: - return; + break; /* * These seem to be indications of a genuine @@ -127,14 +127,12 @@ case SSL_ERROR_SYSCALL: radlog(L_ERR, "rlm_eap_tls: %s failed in a system call (%d), TLS session fails.", text, ret); - SSL_set_app_data(s, (char *)1); - return; + return 0; case SSL_ERROR_SSL: radlog(L_ERR, "rlm_eap_tls: %s failed inside of TLS (%d), TLS session fails.", text, ret); - SSL_set_app_data(s, (char *)1); - return; + return 0; default: /* @@ -144,8 +142,10 @@ * the code needs updating here. */ radlog(L_ERR, "rlm_eap_tls: FATAL SSL error ..... %d\n", e); - break; + return 0; } + + return 1; } /* @@ -170,8 +170,8 @@ sizeof(ssn->clean_out.data)); if (err > 0) { ssn->clean_out.used = err; - } else { - int_ssl_check(ssn->ssl, err, "SSL_read"); + } else if (!int_ssl_check(ssn->ssl, err, "SSL_read")) { + return 0; } /* Some Extra STATE information for easy debugging */
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html