Join GitHub today
GitHub is home to over 20 million developers working together to host and review code, manage projects, and build software together.
Fix for bug where originating CoA requests causes segfault if proxying is disabled. #1684
Conversation
alandekok
added a commit
that referenced
this pull request
Aug 23, 2016
|
|
alandekok |
This commit was signed with a verified signature.
alandekok
Alan DeKok
|
ba3113c
|
|
The simpler fix is to disallow Sending CoA packets is proxying. So there's no point in allowing CoA when proxying is disallowed. There is no problem (security, performance, etc.) when allowing |
alandekok
closed this
Aug 23, 2016
paterry
deleted the
unknown repository branch
Aug 24, 2016
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
paterry commentedAug 23, 2016
•
edited
If FreeRADIUS 3.0.11 is configured to originate CoA requests in response to certain packets using the following files:
etc/raddb/sites-enabled/default
etc/raddb/sites-enabled/originate-coa
etc/raddb/clients.conf
it will segfault if the following line is present in etc/raddb/radiusd.conf:
proxy_requests = no
In src/main/process.c request_coa_originate() calls insert_into_proxy_hash(), which expects the global variable proxy_list to be initialised. It is initialised in radius_event_start(), but only if main_config.proxy_requests is true.
The patch adds the following configuration parameter:
originate_coa_requests = yes / no
If it is set to 'yes' the proxy_list global will be initialised if the proxy code hasn't already done so. Otherwise CoA requests will not be originated. It defaults to 'yes'.