Ubuntu
freeradius package

DEP8: test more auth algorithms

Bug #1962046 reported by Andreas Hasenack
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
freeradius (Ubuntu)
Fix Released
Undecided
Andreas Hasenack

Bug Description

While testing freeradius 3.0.26git-snapshot (head of v3.0.x) with openssl3, I came across a core dump while trying an authentication using mschap:

$ radtest -t mschap bob hello 127.0.0.1:18120 0 testing123
Segmentation fault (core dumped)

I checked the existing DEP8 tests and the python ones does test authentication, but without specifying the mechanism. It uses radclient, and maybe it doesn't know other mechanisms. But the above shows we could benefit from more coverage in this area.

See original description
Tags: server-todo

Related branches

~ahasenack/ubuntu/+source/freeradius:jammy-freeradius-mschap-client-fix
Utkarsh Gupta (community): Approve
Canonical Server: Pending requested
Diff: 264 lines (+188/-18)
5 files modified
debian/changelog (+11/-0)
debian/patches/fix-mschap-client-crash-1.patch (+93/-0)
debian/patches/fix-mschap-client-crash-2.patch (+46/-0)
debian/patches/series (+2/-0)
debian/tests/test-freeradius.py (+36/-18)
Revision history for this message
Alan DeKok (aland-freeradius) wrote :

3.0.26 isn't released. But if the git "head" of v3.0.x crashes, that's bad.

Perhaps you could include back trace from gdb?

FreeRADIUS also includes tests for various authentication types, but it doesn't include tests with radclient for MS-CHAP

Revision history for this message
Andreas Hasenack (ahasenack) wrote :

I just filed an usptream issue: https://github.com/FreeRADIUS/freeradius-server/issues/4403

It was with HEAD of v3.0.x indeed.

Revision history for this message
Andreas Hasenack (ahasenack) wrote :

Note it's a client-side crash

description: updated
Revision history for this message
Alan DeKok (aland-freeradius) wrote :

Fix pushed https://github.com/FreeRADIUS/freeradius-server/commit/beb1351d682ab6f1170cc60ce7ca05f597e5d7d6

Revision history for this message
Andreas Hasenack (ahasenack) wrote :

Thanks a lot, Alan!

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package freeradius - 3.0.26~dfsg~git20220223.1.00ed0241fa-0ubuntu2

---------------
freeradius (3.0.26~dfsg~git20220223.1.00ed0241fa-0ubuntu2) jammy; urgency=medium

  * Fix radtest client crash when using mschap auth (LP: #1962046):
    - d/p/fix-mschap-client-crash-1.patch: load the OpenSSL legacy
      providers
    - d/p/fix-mschap-client-crash-2.patch: need OpenSSL3 init for
      MD5 too
    - d/t/test-freeradius.py: test more authentication mechanisms

 -- Andreas Hasenack <email address hidden> Fri, 25 Feb 2022 10:19:18 -0300

Changed in freeradius (Ubuntu):
status: Triaged → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.