More debug info about LDAP?
Hi guys, I am trying to establish a secure connection between freeradius and a Novell eDirectory LDAP server. After configuring LDAP in radiusd.conf it seemed to work, almost: rlm_ldap: ldap_get_conn: Checking Id: 0 rlm_ldap: ldap_get_conn: Got Id: 0 rlm_ldap: attempting LDAP reconnection rlm_ldap: (re)connect to 192.168.1.5:636, authentication 0 rlm_ldap: setting TLS mode to 1 rlm_ldap: setting TLS CACert File to /usr/local/etc/raddb/ldap_ca_cert.pem rlm_ldap: setting TLS Require Cert to demand rlm_ldap: starting TLS rlm_ldap: ldap_start_tls_s() rlm_ldap: could not start TLS Operations error rlm_ldap: (re)connection attempt failed Because I don't know how to get logs from the eDirectory side, I recorded the traffic between both hosts and saw that the TLS handshake had been done, both mashines had exchanged cipher key and begun to send data. After 3 or 4 packets the LDAP server sent a encrypted alert and disconnected. Since these data are encrypted I could not see what happened indeed. My question: is it possible to get more debug info from the freeradius side? If yes, how? Thanks, Rickan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Error while starting radiusd on FreeBSD 6.1
Dear all, I just did a fresh install of freeradius-1.1.5 on a FreeBSD 6.1-RELEASE. Installation was sucessful. Then I tried to start the radiusd with radiusd -X and got following error: radiusd in free(): error: chunk is already free - # /usr/local/sbin/radiusd -X Starting - reading configuration files ... reread_config: reading radiusd.conf Config: including file: /usr/local/etc/raddb/proxy.conf Config: including file: /usr/local/etc/raddb/clients.conf Config: including file: /usr/local/etc/raddb/snmp.conf Config: including file: /usr/local/etc/raddb/eap.conf Config: including file: /usr/local/etc/raddb/sql.conf main: prefix = /usr/local main: localstatedir = /usr/local/var main: logdir = /usr/local/var/log/radius main: libdir = /usr/local/lib main: radacctdir = /usr/local/var/log/radius/radacct main: hostname_lookups = no main: max_request_time = 30 main: cleanup_delay = 5 main: max_requests = 1024 main: delete_blocked_requests = 0 main: port = 0 main: allow_core_dumps = no main: log_stripped_names = no main: log_file = /usr/local/var/log/radius/radius.log main: log_auth = no main: log_auth_badpass = no main: log_auth_goodpass = no main: pidfile = /usr/local/var/run/radiusd/radiusd.pid main: user = (null) main: group = (null) main: usercollide = no main: lower_user = no main: lower_pass = no main: nospace_user = no main: nospace_pass = no main: checkrad = /usr/local/sbin/checkrad main: proxy_requests = yes proxy: retry_delay = 5 proxy: retry_count = 3 proxy: synchronous = no proxy: default_fallback = yes proxy: dead_time = 120 proxy: post_proxy_authorize = no proxy: wake_all_if_all_dead = no security: max_attributes = 200 security: reject_delay = 1 security: status_server = no main: debug_level = 0 read_config_files: reading dictionary read_config_files: reading naslist Using deprecated naslist file. Support for this will go away soon. read_config_files: reading clients read_config_files: reading realms radiusd: entering modules setup Module: Library search path is /usr/local/lib radiusd in free(): error: chunk is already free Abort (core dumped) And output of gdb on Core is as follows: - * 1 LWP 100079 0x282b9363 in kill () from /lib/libc.so.6 Thread 1 (LWP 100079): #0 0x282b9363 in kill () from /lib/libc.so.6 No symbol table info available. #1 0x280941e2 in raise () from /usr/lib/libpthread.so.2 No symbol table info available. #2 0x282b8014 in abort () from /lib/libc.so.6 No symbol table info available. #3 0x2825e4d3 in _UTF8_init () from /lib/libc.so.6 No symbol table info available. #4 0xbfbfee02 in ?? () No symbol table info available. #5 0x282bf4d7 in sys_nsig () from /lib/libc.so.6 No symbol table info available. #6 0x282bf3d7 in sys_nsig () from /lib/libc.so.6 No symbol table info available. #7 0x282bf434 in sys_nsig () from /lib/libc.so.6 No symbol table info available. #8 0x in ?? () No symbol table info available. #9 0x282c9508 in ?? () from /lib/libc.so.6 No symbol table info available. #10 0xbfbfd548 in ?? () No symbol table info available. #11 0x2825e501 in _UTF8_init () from /lib/libc.so.6 No symbol table info available. #12 0x282c9508 in ?? () from /lib/libc.so.6 No symbol table info available. #13 0x282dbf64 in _nsyyin () from /lib/libc.so.6 No symbol table info available. #14 0xbfbfd5f8 in ?? () No symbol table info available. #15 0x2825f261 in _UTF8_init () from /lib/libc.so.6 No symbol table info available. #16 0x0017 in ?? () No symbol table info available. #17 0x08130300 in ?? () No symbol table info available. #18 0x280e56e4 in __JCR_LIST__ () from /usr/local/lib/libltdl.so.4 No symbol table info available. #19 0x280e03cb in rpl_argz_next (argz=0x282bf434 chunk is already free\n, argz_len=135087152, entry=0x0) at ltdl.c:751 No locals. What could be the cause of this error and how to resolve it? Many thanks in advance Ricakn - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Error while starting radiusd on FreeBSD 6.1
Hi Alan, thanks a lot for your hint. Yes, the branch_1_1 is working fine! Best regards Rickan On 3/20/07, Alan DeKok [EMAIL PROTECTED] wrote: rickan wrote: Dear all, I just did a fresh install of freeradius-1.1.5 on a FreeBSD 6.1-RELEASE. Installation was sucessful. Then I tried to start the radiusd with radiusd -X and got following error: radiusd in free(): error: chunk is already free It's been noted already. Grab -r branch_1_1 from CVS, which has a fix. I guess 1.1.6 should be released soon. Alan DeKok. -- http://deployingradius.com - The web site of the book http://deployingradius.com/blog/ - The blog - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
