Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

segfault unixodbc #455

Closed
michael-mri opened this issue Oct 23, 2013 · 0 comments
Closed

segfault unixodbc #455

michael-mri opened this issue Oct 23, 2013 · 0 comments

Comments

@michael-mri
Copy link
Contributor

The server is RHEL5 : Linux dev1 2.6.18-238.el5 #1 SMP Sun Dec 19 14:22:44 EST 2010 x86_64 x86_64 x86_64 GNU/Linux

SQL is configured to use unixODBC driver, the segfault occurs in the sql module (does not segfault if I comment it out of the configuration):
(0) sql :     expand: "%{User-Name}" -> 'JustAtest'
(0) sql : SQL-User-Name set to "JustAtest"
rlm_sql (sql): Reserved connection (4)
(0) sql :     expand: "SELECT id,UserName,Attribute,Value,op                  FROM radcheck                  WHERE Username = '%{SQL-User-Name}'                  ORDER BY id" -> 'SELECT id,UserName,Attribute,Value,op                  FROM radcheck                  WHERE Username = 'JustAtest'                  ORDER BY id'
rlm_sql (sql): Executing query: 'SELECT id,UserName,Attribute,Value,op                  FROM radcheck                  WHERE Username = 'JustAtest'                  ORDER BY id'
Segmentation fault (core dumped)

gdb Info:

* 1 Thread 6536  0x00002b2d689d5bb0 in sql_userparse (ctx=0xf1d86f0, head=0x7fff149a5518, row=0xefd1400) at src/modules/rlm_sql/sql.c:174

Thread 1 (Thread 6536):
#0  0x00002b2d689d5bb0 in sql_userparse (ctx=0xf1d86f0, head=0x7fff149a5518, row=0xefd1400) at src/modules/rlm_sql/sql.c:174
        vp = 0x7fff149a5520
        ptr = 0xeff05b0 "Ж\371\016"
        value = 0xf05f300 "SELECT id,UserName,Attribute,Value,op \t\t\t\t FROM radcheck \t\t\t\t WHERE Username = 'JustAtest' \t\t\t\t ORDER BY id"
        buf = "\320S\232\024\377\177\000\000\340\071\365(7\000\000\000\320S\232\024\377\177\000\000\b\000\000\000\000\000\000\000\340r\232\024\377\177", '\000' <repeats 18 times>, ".N\307(7\000\000\000\260k\375\016\000\000\000\000\320S\232\024\377\177\000\000\000\000\000\000\000\000\000\000\243\224\325f-+\000\000\000\363\005\017\000\000\000\000\b\000\000\000\000\000\000\000@d\023\017\000\000\000\000\000տ\000\000\200\347ʰk\375\016\000\000\000\000@T\232\024\377\177\000\000\000\000\000\000\000\000\000\000@d\023\017\000\000\000\000@T\232\024\377\177\000\000\060\264\275h-+\000\000\320c\023\017\000\000\000\000\220T\232\024\000\000\000\000\260\005\377\016\000\000\000\000\320c\023\017", '\000' <repeats 12 times>, "@d\023\017\000\000\000\000\376\377\377\377\377\377\377\377\227b\235h\000\000\000\000\200T\232\024\377\177\000\000\334_\235h-+"
        do_xlat = 0 '\000'
        token = 251703296
        operator = T_EOL
#1  0x00002b2d689d63d9 in sql_getvpdata (inst=0xeff05b0, handle=0x7fff149a5520, ctx=0xf1d86f0, pair=0x7fff149a5518, 
    query=0xf05f300 "SELECT id,UserName,Attribute,Value,op \t\t\t\t FROM radcheck \t\t\t\t WHERE Username = 'JustAtest' \t\t\t\t ORDER BY id") at src/modules/rlm_sql/sql.c:424
        row = 0xefd1400
        rows = 0
#2  0x00002b2d689d45c5 in mod_authorize (instance=0xeff05b0, request=0xf1d86f0) at src/modules/rlm_sql/rlm_sql.c:942
        rcode = 6
        inst = 0xeff05b0
        handle = 0xf1363d0
        check_tmp = 0x0
        reply_tmp = 0x0
        user_profile = 0x0
        dofallthrough = 1
        rows = 0
        expanded = 0xf05f300 "SELECT id,UserName,Attribute,Value,op \t\t\t\t FROM radcheck \t\t\t\t WHERE Username = 'JustAtest' \t\t\t\t ORDER BY id"
#3  0x00000000004217ca in call_modsingle (component=RLM_COMPONENT_AUTZ, sp=0xf1be0c0, request=0xf1d86f0) at src/main/modcall.c:311
        myresult = 253485248
        blocked = 0
#4  0x0000000000422011 in modcall_recurse (request=0xf1d86f0, component=RLM_COMPONENT_AUTZ, depth=1, entry=0x7fff149a6490) at src/main/modcall.c:568
        sp = 0xf1be0c0
        if_taken = false
        was_if = false
        c = 0xf1be0c0
        result = 7
        priority = -1
#5  0x000000000042199a in modcall_child (request=0xf1d86f0, component=RLM_COMPONENT_AUTZ, depth=1, entry=0x7fff149a6480, c=0xf1bd9d0, result=0x7fff149a6368) at src/main/modcall.c:412
        next = 0x7fff149a6490
#6  0x0000000000422e80 in modcall_recurse (request=0xf1d86f0, component=RLM_COMPONENT_AUTZ, depth=0, entry=0x7fff149a6480) at src/main/modcall.c:756
        g = 0xf1bdad0
        if_taken = false
        was_if = false
        c = 0xf1bdad0
        result = 10
        priority = -1
#7  0x0000000000423c21 in modcall (component=RLM_COMPONENT_AUTZ, c=0xf1bdad0, request=0xf1d86f0) at src/main/modcall.c:1000
        stack = {{result = 6, priority = 0, c = 0xf1bdad0}, {result = 2, priority = 3, c = 0xf1be0c0}, {result = 345662640, priority = 32767, c = 0x3728c699da}, {result = -72515583, priority = 32767, c = 0x7fff149a6751}, {
            result = 345663313, priority = 32767, c = 0x7fff149a6751}, {result = 345663313, priority = 32767, c = 0x7fff149a675d}, {result = 345664335, priority = 32767, c = 0x7fff149a6751}, {result = 345664335, priority = 32767, 
            c = 0x0}, {result = 0, priority = 0, c = 0x0}, {result = 0, priority = 0, c = 0x0}, {result = -1885478060, priority = 0, c = 0x3728808f64}, {result = 0, priority = 0, c = 0x0}, {result = -1885478060, priority = 0, 
            c = 0x7fff149a66f0}, {result = 345663240, priority = 32767, c = 0x0}, {result = 0, priority = 0, c = 0x0}, {result = 48, priority = 48, c = 0x7fff149a6690}, {result = 345662912, priority = 32767, c = 0x3728f51460}, {
            result = 0, priority = 0, c = 0x0}, {result = 0, priority = 0, c = 0x2b2d66f65360}, {result = 1725304383, priority = 11053, c = 0x7fff149a66f0}, {result = -1885478060, priority = 0, c = 0x7fff149a6708}, {result = 0, 
            priority = 0, c = 0x3728809162}, {result = 4508903, priority = 0, c = 0xefd3ce0}, {result = 0, priority = 0, c = 0x7fff149a72e0}, {result = 0, priority = 0, c = 0xefd3ee7}, {result = 40, priority = 48, 
            c = 0x2ea8fb98149a66f0}, {result = 345663056, priority = 32767, c = 0x41e6ae}, {result = 4, priority = 152, c = 0xefd3ee0}, {result = 1727419232, priority = 11053, c = 0x2ea8fb9852e0276b}, {result = 345663104, 
            priority = 32767, c = 0x41e72d}, {result = 345663120, priority = 32767, c = 0xefd3ee0}, {result = 345666272, priority = 152, c = 0x2b2d66d58750}}
#8  0x000000000041f6b8 in indexed_modcall (comp=RLM_COMPONENT_AUTZ, idx=0, request=0xf1d86f0) at src/main/modules.c:747
        rcode = 128
        list = 0xf1bdad0
        server = 0xf1bd170
#9  0x00000000004210df in process_authorize (autz_type=0, request=0xf1d86f0) at src/main/modules.c:1643
No locals.
#10 0x000000000040caca in rad_authenticate (request=0xf1d86f0) at src/main/auth.c:409
        check_item = 0x7fff149a6c58
        module_msg = 0x0
        tmp = 0x0
        result = 0
        autz_retry = 0 '\000'
        autz_type = 0
#11 0x0000000000431188 in request_running (request=0xf1d86f0, action=1) at src/main/process.c:1210
        __FUNCTION__ = "request_running"
#12 0x0000000000430498 in request_queue_or_run (request=0xf1d86f0, process=0x4310c7 <request_running>) at src/main/process.c:849
        when = {tv_sec = 1382542364, tv_usec = 421386}
#13 0x0000000000431851 in request_receive (listener=0xf1d6f20, packet=0xf1d8550, client=0xefb2be0, fun=0x40c90a <rad_authenticate>) at src/main/process.c:1409
        count = 0
        packet_p = 0x0
        request = 0xf1d86f0
        now = {tv_sec = 1382542364, tv_usec = 88034}
        sock = 0xf1d7050
#14 0x0000000000413f8f in auth_socket_recv (listener=0xf1d6f20) at src/main/listen.c:1492
        rcode = 92
        code = 1
        src_port = 43790
        packet = 0xf1d8550
        fun = 0x40c90a <rad_authenticate>
        client = 0xefb2be0
        src_ipaddr = {af = 2, ipaddr = {ip4addr = {s_addr = 94109823}, ip6addr = {in6_u = {u6_addr8 = "\177\000\234\005\362\233\366f-+\000\000\000\000\000", u6_addr16 = {127, 1436, 39922, 26358, 11053, 0, 0, 0}, u6_addr32 = {94109823, 
                  1727437810, 11053, 0}}}}, scope = 0}
#15 0x0000000000436f74 in event_socket_handler (xel=0xf1c1410, fd=9, ctx=0xf1d6f20) at src/main/process.c:3494
        listener = 0xf1d6f20
#16 0x00002b2d66f8e298 in fr_event_loop (el=0xf1c1410) at src/lib/event.c:417
        ef = 0xf1c1440
        i = 0
        rcode = 1
        maxfd = 12
        when = {tv_sec = 0, tv_usec = 0}
        wake = 0x0
        read_fds = {fds_bits = {512, 0 <repeats 15 times>}}
        master_fds = {fds_bits = {7680, 0 <repeats 15 times>}}
#17 0x0000000000438070 in radius_event_process () at src/main/process.c:4211
No locals.
#18 0x0000000000426d4a in main (argc=4, argv=0x7fff149a72e8) at src/main/radiusd.c:473
        rcode = 0
        status = 681688000
        argval = -1
        spawn_flag = 0
        dont_fork = 1
        write_pid = 0
        flag = 0
        act = {__sigaction_handler = {sa_handler = 0x427070 <sig_fatal>, sa_sigaction = 0x427070 <sig_fatal>}, sa_mask = {__val = {0 <repeats 16 times>}}, sa_flags = 0, sa_restorer = 0}
quit

Radiusd DEBUG:

# /usr/local/sbin/radiusd -X -d /usr/local/etc/raddb
radiusd: FreeRADIUS Version 3.0.1 (git #4c389d4), for host x86_64-unknown-linux-gnu, built on Oct 23 2013 at 11:27:40
Copyright (C) 1999-2013 The FreeRADIUS server project and contributors.
There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE.
You may redistribute copies of FreeRADIUS under the terms of the
GNU General Public License.
For more information about these matters, see the file named COPYRIGHT.
Starting - reading configuration files ...
including dictionary file /usr/local/etc/raddb/dictionary
including configuration file /usr/local/etc/raddb/radiusd.conf
including configuration file /usr/local/etc/raddb/proxy.conf
including configuration file /usr/local/etc/raddb/clients.conf
including files in directory /usr/local/etc/raddb/mods-enabled/
including configuration file /usr/local/etc/raddb/mods-enabled/sradutmp
including configuration file /usr/local/etc/raddb/mods-enabled/unix
including configuration file /usr/local/etc/raddb/mods-enabled/utf8
including configuration file /usr/local/etc/raddb/mods-enabled/ntlm_auth
including configuration file /usr/local/etc/raddb/mods-enabled/attr_filter
including configuration file /usr/local/etc/raddb/mods-enabled/always
including configuration file /usr/local/etc/raddb/mods-enabled/linelog
including configuration file /usr/local/etc/raddb/mods-enabled/realm
including configuration file /usr/local/etc/raddb/mods-enabled/soh
including configuration file /usr/local/etc/raddb/mods-enabled/dynamic_clients
including configuration file /usr/local/etc/raddb/mods-enabled/detail.log
including configuration file /usr/local/etc/raddb/mods-enabled/sql
including configuration file /usr/local/etc/raddb/mods-config/sql/main/mssql/queries.conf
including configuration file /usr/local/etc/raddb/mods-enabled/echo
including configuration file /usr/local/etc/raddb/mods-enabled/passwd
including configuration file /usr/local/etc/raddb/mods-enabled/expr
including configuration file /usr/local/etc/raddb/mods-enabled/chap
including configuration file /usr/local/etc/raddb/mods-enabled/replicate
including configuration file /usr/local/etc/raddb/mods-enabled/digest
including configuration file /usr/local/etc/raddb/mods-enabled/detail
including configuration file /usr/local/etc/raddb/mods-enabled/preprocess
including configuration file /usr/local/etc/raddb/mods-enabled/cache_eap
including configuration file /usr/local/etc/raddb/mods-enabled/logintime
including configuration file /usr/local/etc/raddb/mods-enabled/dhcp
including configuration file /usr/local/etc/raddb/mods-enabled/eap
including configuration file /usr/local/etc/raddb/mods-enabled/files
including configuration file /usr/local/etc/raddb/mods-enabled/pap
including configuration file /usr/local/etc/raddb/mods-enabled/radutmp
including configuration file /usr/local/etc/raddb/mods-enabled/exec
including configuration file /usr/local/etc/raddb/mods-enabled/mschap
including configuration file /usr/local/etc/raddb/mods-enabled/expiration
including files in directory /usr/local/etc/raddb/policy.d/
including configuration file /usr/local/etc/raddb/policy.d/canonicalization
including configuration file /usr/local/etc/raddb/policy.d/control
including configuration file /usr/local/etc/raddb/policy.d/operator-name
including configuration file /usr/local/etc/raddb/policy.d/filter
including configuration file /usr/local/etc/raddb/policy.d/accounting
including configuration file /usr/local/etc/raddb/policy.d/dhcp
including configuration file /usr/local/etc/raddb/policy.d/eap
including configuration file /usr/local/etc/raddb/policy.d/cui
including files in directory /usr/local/etc/raddb/sites-enabled/
including configuration file /usr/local/etc/raddb/sites-enabled/default
including configuration file /usr/local/etc/raddb/sites-enabled/inner-tunnel
main {
 security {
    allow_core_dumps = yes
 }
}
Core dumps are enabled.
main {
    name = "radiusd"
    prefix = "/usr/local"
    localstatedir = "/usr/local/var"
    sbindir = "/usr/local/sbin"
    logdir = "/usr/local/var/log/radius"
    run_dir = "/usr/local/var/run/radiusd"
    libdir = "/usr/local/lib"
    radacctdir = "/usr/local/var/log/radius/radacct"
    hostname_lookups = no
    max_request_time = 30
    cleanup_delay = 5
    max_requests = 1024
    pidfile = "/usr/local/var/run/radiusd/radiusd.pid"
    checkrad = "/usr/local/sbin/checkrad"
    debug_level = 0
    proxy_requests = yes
 log {
    stripped_names = no
    auth = no
    auth_badpass = no
    auth_goodpass = no
    colourise = yes
 }
 security {
    max_attributes = 200
    reject_delay = 1
    status_server = yes
 }
}
radiusd: #### Loading Realms and Home Servers ####
 proxy server {
    retry_delay = 5
    retry_count = 3
    default_fallback = no
    dead_time = 120
    wake_all_if_all_dead = no
 }
 home_server localhost {
    ipaddr = 127.0.0.1
    port = 1812
    type = "auth"
    secret = "testing123"
    response_window = 20
    max_outstanding = 65536
    zombie_period = 40
    status_check = "status-server"
    ping_interval = 30
    check_interval = 30
    num_answers_to_alive = 3
    revive_interval = 120
    status_check_timeout = 4
  coa {
    irt = 2
    mrt = 16
    mrc = 5
    mrd = 30
  }
  limit {
    max_connections = 16
    max_requests = 0
    lifetime = 0
    idle_timeout = 0
  }
 }
 home_server_pool my_auth_failover {
    type = fail-over
    home_server = localhost
 }
 realm example.com {
    auth_pool = my_auth_failover
 }
 realm LOCAL {
 }
radiusd: #### Loading Clients ####
 client localhost {
    ipaddr = 127.0.0.1
    require_message_authenticator = no
    secret = "testing123"
    nas_type = "other"
    proto = "*"
  limit {
    max_connections = 16
    lifetime = 0
    idle_timeout = 30
  }
 }
 client 127.0.156.5 {
    require_message_authenticator = no
    secret = "acsSecret"
    shortname = "ACS-test"
  limit {
    max_connections = 16
    lifetime = 0
    idle_timeout = 30
  }
 }
radiusd: #### Instantiating modules ####
 instantiate {
 }
 modules {
  # Loaded module rlm_radutmp
  # Instantiating module "sradutmp" from file /usr/local/etc/raddb/mods-enabled/sradutmp
  radutmp sradutmp {
    filename = "/usr/local/var/log/radius/sradutmp"
    username = "%{User-Name}"
    case_sensitive = yes
    check_with_nas = yes
    permissions = 420
    caller_id = no
  }
  # Loaded module rlm_unix
  # Instantiating module "unix" from file /usr/local/etc/raddb/mods-enabled/unix
  unix {
    radwtmp = "/usr/local/var/log/radius/radwtmp"
  }
  # Loaded module rlm_utf8
  # Instantiating module "utf8" from file /usr/local/etc/raddb/mods-enabled/utf8
  # Loaded module rlm_exec
  # Instantiating module "ntlm_auth" from file /usr/local/etc/raddb/mods-enabled/ntlm_auth
  exec ntlm_auth {
    wait = yes
    program = "/path/to/ntlm_auth --request-nt-key --domain=MYDOMAIN --username=%{mschap:User-Name} --password=%{User-Password}"
    shell_escape = yes
  }
  # Loaded module rlm_attr_filter
  # Instantiating module "attr_filter.post-proxy" from file /usr/local/etc/raddb/mods-enabled/attr_filter
  attr_filter attr_filter.post-proxy {
    filename = "/usr/local/etc/raddb/mods-config/attr_filter/post-proxy"
    key = "%{Realm}"
    relaxed = no
  }
reading pairlist file /usr/local/etc/raddb/mods-config/attr_filter/post-proxy
  # Instantiating module "attr_filter.pre-proxy" from file /usr/local/etc/raddb/mods-enabled/attr_filter
  attr_filter attr_filter.pre-proxy {
    filename = "/usr/local/etc/raddb/mods-config/attr_filter/pre-proxy"
    key = "%{Realm}"
    relaxed = no
  }
reading pairlist file /usr/local/etc/raddb/mods-config/attr_filter/pre-proxy
  # Instantiating module "attr_filter.access_reject" from file /usr/local/etc/raddb/mods-enabled/attr_filter
  attr_filter attr_filter.access_reject {
    filename = "/usr/local/etc/raddb/mods-config/attr_filter/access_reject"
    key = "%{User-Name}"
    relaxed = no
  }
reading pairlist file /usr/local/etc/raddb/mods-config/attr_filter/access_reject
  # Instantiating module "attr_filter.access_challenge" from file /usr/local/etc/raddb/mods-enabled/attr_filter
  attr_filter attr_filter.access_challenge {
    filename = "/usr/local/etc/raddb/mods-config/attr_filter/access_challenge"
    key = "%{User-Name}"
    relaxed = no
  }
reading pairlist file /usr/local/etc/raddb/mods-config/attr_filter/access_challenge
  # Instantiating module "attr_filter.accounting_response" from file /usr/local/etc/raddb/mods-enabled/attr_filter
  attr_filter attr_filter.accounting_response {
    filename = "/usr/local/etc/raddb/mods-config/attr_filter/accounting_response"
    key = "%{User-Name}"
    relaxed = no
  }
reading pairlist file /usr/local/etc/raddb/mods-config/attr_filter/accounting_response
  # Loaded module rlm_always
  # Instantiating module "fail" from file /usr/local/etc/raddb/mods-enabled/always
  always fail {
    rcode = "fail"
    simulcount = 0
    mpp = no
  }
  # Instantiating module "reject" from file /usr/local/etc/raddb/mods-enabled/always
  always reject {
    rcode = "reject"
    simulcount = 0
    mpp = no
  }
  # Instantiating module "noop" from file /usr/local/etc/raddb/mods-enabled/always
  always noop {
    rcode = "noop"
    simulcount = 0
    mpp = no
  }
  # Instantiating module "handled" from file /usr/local/etc/raddb/mods-enabled/always
  always handled {
    rcode = "handled"
    simulcount = 0
    mpp = no
  }
  # Instantiating module "updated" from file /usr/local/etc/raddb/mods-enabled/always
  always updated {
    rcode = "updated"
    simulcount = 0
    mpp = no
  }
  # Instantiating module "notfound" from file /usr/local/etc/raddb/mods-enabled/always
  always notfound {
    rcode = "notfound"
    simulcount = 0
    mpp = no
  }
  # Instantiating module "ok" from file /usr/local/etc/raddb/mods-enabled/always
  always ok {
    rcode = "ok"
    simulcount = 0
    mpp = no
  }
  # Loaded module rlm_linelog
  # Instantiating module "linelog" from file /usr/local/etc/raddb/mods-enabled/linelog
  linelog {
    filename = "/usr/local/var/log/radius/linelog"
    permissions = 384
    format = "This is a log message for %{User-Name}"
    reference = "%{%{Packet-Type}:-format}"
  }
  # Loaded module rlm_realm
  # Instantiating module "IPASS" from file /usr/local/etc/raddb/mods-enabled/realm
  realm IPASS {
    format = "prefix"
    delimiter = "/"
    ignore_default = no
    ignore_null = no
  }
  # Instantiating module "suffix" from file /usr/local/etc/raddb/mods-enabled/realm
  realm suffix {
    format = "suffix"
    delimiter = "@"
    ignore_default = no
    ignore_null = no
  }
  # Instantiating module "realmpercent" from file /usr/local/etc/raddb/mods-enabled/realm
  realm realmpercent {
    format = "suffix"
    delimiter = "%"
    ignore_default = no
    ignore_null = no
  }
  # Instantiating module "ntdomain" from file /usr/local/etc/raddb/mods-enabled/realm
  realm ntdomain {
    format = "prefix"
    delimiter = "\"
    ignore_default = no
    ignore_null = no
  }
  # Loaded module rlm_soh
  # Instantiating module "soh" from file /usr/local/etc/raddb/mods-enabled/soh
  soh {
    dhcp = yes
  }
  # Loaded module rlm_dynamic_clients
  # Instantiating module "dynamic_clients" from file /usr/local/etc/raddb/mods-enabled/dynamic_clients
  # Loaded module rlm_detail
  # Instantiating module "auth_log" from file /usr/local/etc/raddb/mods-enabled/detail.log
  detail auth_log {
    filename = "/usr/local/var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d"
    header = "%t"
    permissions = 384
    dir_permissions = 493
    locking = no
    log_packet_header = no
  }
  # Instantiating module "reply_log" from file /usr/local/etc/raddb/mods-enabled/detail.log
  detail reply_log {
    filename = "/usr/local/var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/reply-detail-%Y%m%d"
    header = "%t"
    permissions = 384
    dir_permissions = 493
    locking = no
    log_packet_header = no
  }
  # Instantiating module "pre_proxy_log" from file /usr/local/etc/raddb/mods-enabled/detail.log
  detail pre_proxy_log {
    filename = "/usr/local/var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/pre-proxy-detail-%Y%m%d"
    header = "%t"
    permissions = 384
    dir_permissions = 493
    locking = no
    log_packet_header = no
  }
  # Instantiating module "post_proxy_log" from file /usr/local/etc/raddb/mods-enabled/detail.log
  detail post_proxy_log {
    filename = "/usr/local/var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/post-proxy-detail-%Y%m%d"
    header = "%t"
    permissions = 384
    dir_permissions = 493
    locking = no
    log_packet_header = no
  }
  # Loaded module rlm_sql
  # Instantiating module "sql" from file /usr/local/etc/raddb/mods-enabled/sql
  sql {
    driver = "rlm_sql_unixodbc"
    server = "prodDB"
    port = ""
    login = "test"
    password = "test"
    radius_db = "radius"
    read_groups = yes
    read_clients = no
    delete_stale_sessions = yes
    sql_user_name = "%{User-Name}"
    default_user_profile = ""
    client_query = "SELECT id,nasname,shortname,type,secret FROM nas"
    authorize_check_query = "SELECT id,UserName,Attribute,Value,op               FROM radcheck               WHERE Username = '%{SQL-User-Name}'                 ORDER BY id"
    authorize_reply_query = "SELECT id,UserName,Attribute,Value,op               FROM radreply               WHERE Username = '%{SQL-User-Name}'                 ORDER BY id"
    authorize_group_check_query = "SELECT radgroupcheck.id,radgroupcheck.GroupName,                         radgroupcheck.Attribute,radgroupcheck.Value,                        radgroupcheck.op                       FROM radgroupcheck,radusergroup                     WHERE radusergroup.Username = '%{SQL-User-Name}'                        AND radusergroup.GroupName = radgroupcheck.GroupName                        ORDER BY radgroupcheck.id"
    authorize_group_reply_query = "SELECT radgroupreply.id,radgroupreply.GroupName,                         radgroupreply.Attribute,radgroupreply.Value,                        radgroupreply.op                       FROM radgroupreply,radusergroup                     WHERE radusergroup.Username = '%{SQL-User-Name}'                        AND radusergroup.GroupName = radgroupreply.GroupName                        ORDER BY radgroupreply.id"
    group_membership_query = "SELECT groupname           FROM radusergroup           WHERE username = '%{SQL-User-Name}'           ORDER BY priority"
    simul_count_query = ""
    simul_verify_query = ""
    safe_characters = "@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_: /"
  }
   accounting {
    reference = "%{tolower:type.%{Acct-Status-Type}.query}"
   }
   post-auth {
    reference = ".query"
   }
rlm_sql (sql): Driver rlm_sql_unixodbc (module rlm_sql_unixodbc) loaded and linked
rlm_sql (sql): Attempting to connect to database "radius"
rlm_sql (sql): Initialising connection pool
   pool {
    start = 5
    min = 4
    max = 10
    spare = 3
    uses = 0
    lifetime = 0
    cleanup_delay = 5
    idle_timeout = 60
    spread = no
   }
rlm_sql (sql): Opening additional connection (0)
rlm_sql (sql): Opening additional connection (1)
rlm_sql (sql): Opening additional connection (2)
rlm_sql (sql): Opening additional connection (3)
rlm_sql (sql): Opening additional connection (4)
  # Instantiating module "echo" from file /usr/local/etc/raddb/mods-enabled/echo
  exec echo {
    wait = yes
    program = "/bin/echo %{User-Name}"
    input_pairs = "request"
    output_pairs = "reply"
    shell_escape = yes
  }
  # Loaded module rlm_passwd
  # Instantiating module "etc_passwd" from file /usr/local/etc/raddb/mods-enabled/passwd
  passwd etc_passwd {
    filename = "/etc/passwd"
    format = "*User-Name:Crypt-Password:"
    delimiter = ":"
    ignore_nislike = no
    ignore_empty = yes
    allow_multiple_keys = no
    hash_size = 100
  }
rlm_passwd: nfields: 3 keyfield 0(User-Name) listable: no
  # Loaded module rlm_expr
  # Instantiating module "expr" from file /usr/local/etc/raddb/mods-enabled/expr
  expr {
    safe_characters = "@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_: /"
  }
  # Loaded module rlm_chap
  # Instantiating module "chap" from file /usr/local/etc/raddb/mods-enabled/chap
  # Loaded module rlm_replicate
  # Instantiating module "replicate" from file /usr/local/etc/raddb/mods-enabled/replicate
  # Loaded module rlm_digest
  # Instantiating module "digest" from file /usr/local/etc/raddb/mods-enabled/digest
  # Instantiating module "detail" from file /usr/local/etc/raddb/mods-enabled/detail
  detail {
    filename = "/usr/local/var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/detail-%Y%m%d"
    header = "%t"
    permissions = 384
    dir_permissions = 493
    locking = no
    log_packet_header = no
  }
  # Loaded module rlm_preprocess
  # Instantiating module "preprocess" from file /usr/local/etc/raddb/mods-enabled/preprocess
  preprocess {
    huntgroups = "/usr/local/etc/raddb/mods-config/preprocess/huntgroups"
    hints = "/usr/local/etc/raddb/mods-config/preprocess/hints"
    with_ascend_hack = no
    ascend_channels_per_line = 23
    with_ntdomain_hack = no
    with_specialix_jetstream_hack = no
    with_cisco_vsa_hack = no
    with_alvarion_vsa_hack = no
  }
reading pairlist file /usr/local/etc/raddb/mods-config/preprocess/huntgroups
reading pairlist file /usr/local/etc/raddb/mods-config/preprocess/hints
  # Loaded module rlm_cache
  # Instantiating module "cache_eap" from file /usr/local/etc/raddb/mods-enabled/cache_eap
  cache cache_eap {
    key = "%{%{control:State}:-%{%{reply:State}:-%{State}}}"
    ttl = 15
    max_entries = 16384
    epoch = 0
    add_stats = no
  }
  # Loaded module rlm_logintime
  # Instantiating module "logintime" from file /usr/local/etc/raddb/mods-enabled/logintime
  logintime {
    minimum_timeout = 60
  }
  # Loaded module rlm_dhcp
  # Instantiating module "dhcp" from file /usr/local/etc/raddb/mods-enabled/dhcp
  # Loaded module rlm_eap
  # Instantiating module "eap" from file /usr/local/etc/raddb/mods-enabled/eap
  eap {
    default_eap_type = "md5"
    timer_expire = 60
    ignore_unknown_eap_types = no
    mod_accounting_username_bug = no
    max_sessions = 4096
  }
   # Linked to sub-module rlm_eap_md5
   # Linked to sub-module rlm_eap_leap
   # Linked to sub-module rlm_eap_gtc
   gtc {
    challenge = "Password: "
    auth_type = "PAP"
   }
   # Linked to sub-module rlm_eap_tls
   tls {
    tls = "tls-common"
   }
   tls-config tls-common {
    rsa_key_exchange = no
    dh_key_exchange = yes
    rsa_key_length = 512
    dh_key_length = 512
    verify_depth = 0
    ca_path = "/usr/local/etc/raddb/certs"
    pem_file_type = yes
    private_key_file = "/usr/local/etc/raddb/certs/server.pem"
    certificate_file = "/usr/local/etc/raddb/certs/server.pem"
    ca_file = "/usr/local/etc/raddb/certs/ca.pem"
    private_key_password = "whatever"
    dh_file = "/usr/local/etc/raddb/certs/dh"
    fragment_size = 1024
    include_length = yes
    check_crl = no
    cipher_list = "DEFAULT"
    cache {
        enable = yes
        lifetime = 24
        max_entries = 255
    }
    verify {
    }
    ocsp {
        enable = no
        override_cert_url = yes
        url = "http://127.0.0.1/ocsp/"
        use_nonce = yes
        timeout = 0
        softfail = yes
    }
   }
   # Linked to sub-module rlm_eap_ttls
   ttls {
    tls = "tls-common"
    default_eap_type = "md5"
    copy_request_to_tunnel = no
    use_tunneled_reply = no
    virtual_server = "inner-tunnel"
    include_length = yes
    require_client_cert = no
   }
Using cached TLS configuration from previous invocation
   # Linked to sub-module rlm_eap_peap
   peap {
    tls = "tls-common"
    default_method = "mschapv2"
    copy_request_to_tunnel = no
    use_tunneled_reply = no
    proxy_tunneled_request_as_eap = yes
    virtual_server = "inner-tunnel"
    soh = no
    require_client_cert = no
   }
Using cached TLS configuration from previous invocation
   # Linked to sub-module rlm_eap_mschapv2
   mschapv2 {
    with_ntdomain_hack = no
    send_error = no
   }
  # Loaded module rlm_files
  # Instantiating module "files" from file /usr/local/etc/raddb/mods-enabled/files
  files {
    filename = "/usr/local/etc/raddb/mods-config/files/authorize"
    usersfile = "/usr/local/etc/raddb/mods-config/files/authorize"
    acctusersfile = "/usr/local/etc/raddb/mods-config/files/accounting"
    preproxy_usersfile = "/usr/local/etc/raddb/mods-config/files/pre-proxy"
    compat = "no"
  }
reading pairlist file /usr/local/etc/raddb/mods-config/files/authorize
reading pairlist file /usr/local/etc/raddb/mods-config/files/authorize
reading pairlist file /usr/local/etc/raddb/mods-config/files/accounting
reading pairlist file /usr/local/etc/raddb/mods-config/files/pre-proxy
  # Loaded module rlm_pap
  # Instantiating module "pap" from file /usr/local/etc/raddb/mods-enabled/pap
  pap {
    auto_header = no
    normalise = yes
  }
  # Instantiating module "radutmp" from file /usr/local/etc/raddb/mods-enabled/radutmp
  radutmp {
    filename = "/usr/local/var/log/radius/radutmp"
    username = "%{User-Name}"
    case_sensitive = yes
    check_with_nas = yes
    permissions = 384
    caller_id = yes
  }
  # Instantiating module "exec" from file /usr/local/etc/raddb/mods-enabled/exec
  exec {
    wait = no
    input_pairs = "request"
    shell_escape = yes
  }
  # Loaded module rlm_mschap
  # Instantiating module "mschap" from file /usr/local/etc/raddb/mods-enabled/mschap
  mschap {
    use_mppe = yes
    require_encryption = no
    require_strong = no
    with_ntdomain_hack = yes
   passchange {
   }
    allow_retry = yes
  }
  # Loaded module rlm_expiration
  # Instantiating module "expiration" from file /usr/local/etc/raddb/mods-enabled/expiration
 } # modules
radiusd: #### Loading Virtual Servers ####
server { # from file /usr/local/etc/raddb/radiusd.conf
} # server
server default { # from file /usr/local/etc/raddb/sites-enabled/default
 # Creating Auth-Type = digest
 # Loading authenticate {...}
 # Loading authorize {...}
WARNING: Ignoring "ldap" (see raddb/mods-available/README.rst)
 # Loading preacct {...}
 # Loading virtual module acct_unique
 # Loading accounting {...}
 # Loading post-proxy {...}
 # Loading post-auth {...}
 # Loading virtual module remove_reply_message_if_eap
 # Loading virtual module remove_reply_message_if_eap
} # server
server inner-tunnel { # from file /usr/local/etc/raddb/sites-enabled/inner-tunnel
 # Loading authenticate {...}
 # Loading authorize {...}
WARNING: Ignoring "ldap" (see raddb/mods-available/README.rst)
 # Loading session {...}
 # Loading post-proxy {...}
 # Loading post-auth {...}
} # server
radiusd: #### Opening IP addresses and Ports ####
listen {
    type = "auth"
    ipaddr = *
    port = 0
   limit {
    max_connections = 16
    lifetime = 0
    idle_timeout = 30
   }
}
listen {
    type = "acct"
    ipaddr = *
    port = 0
   limit {
    max_connections = 16
    lifetime = 0
    idle_timeout = 30
   }
}
listen {
    type = "auth"
    ipaddr = 127.0.0.1
    port = 18120
}
Listening on auth address * port 1812 as server default
Listening on acct address * port 1813 as server default
Listening on auth address 127.0.0.1 port 18120 as server inner-tunnel
Opening new proxy address * port 1814
Listening on proxy address * port 1814
Ready to process requests.





















rad_recv: Access-Request packet from host 127.0.156.5 port 43790, id=153, length=92
    Acct-Session-Id = 'TEST-20131023-113244-6537-1'
    User-Password = 'guessme'
    Calling-Station-Id = 'FFFFFFFFFFF0'
    User-Name = 'JustAtest'
(0) # Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default
(0)   authorize {
(0)   [preprocess] = ok
(0)   update reply {
(0)     expand: "%{User-Name}" -> 'JustAtest'
(0) SQL-User-Name set to "JustAtest"
rlm_sql (sql): Reserved connection (4)
rlm_sql (sql): Executing query: 'SELECT username from mytest WHERE csid = 'FFFFFFFFFFF0''
(0) sql_xlat finished
rlm_sql (sql): Released connection (4)
rlm_sql (sql): Closing connection (0): Too many free connections (5 > 3)
rlm_sql_unixodbc: Socket destructor called, closing socket
(0)     expand: "%{sql:SELECT username from mytest WHERE csid = '%{Calling-Station-Id}'}" -> 'test'
(0)         Tmp-String-0 := "test"
(0)   } # update reply = noop
(0)   [chap] = noop
(0)   [mschap] = noop
(0)   [digest] = noop
(0) suffix : No '@' in User-Name = "JustAtest", looking up realm NULL
(0) suffix : No such realm "NULL"
(0)   [suffix] = noop
(0) eap : No EAP-Message, not doing EAP
(0)   [eap] = noop
(0)   [files] = noop
(0) sql :   expand: "%{User-Name}" -> 'JustAtest'
(0) sql : SQL-User-Name set to "JustAtest"
rlm_sql (sql): Reserved connection (4)
(0) sql :   expand: "SELECT id,UserName,Attribute,Value,op               FROM radcheck               WHERE Username = '%{SQL-User-Name}'                 ORDER BY id" -> 'SELECT id,UserName,Attribute,Value,op                  FROM radcheck               WHERE Username = 'JustAtest'                ORDER BY id'
rlm_sql (sql): Executing query: 'SELECT id,UserName,Attribute,Value,op               FROM radcheck               WHERE Username = 'JustAtest'                ORDER BY id'
Segmentation fault (core dumped)
arr2036 added a commit that referenced this issue Oct 25, 2013
@arr2036
Use talloc for results
8734470 
Remove trailing \n

Don't set statement field to NULL. Closes #455
@arr2036 arr2036 mentioned this issue Oct 25, 2013
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@michael-mri