FreeRADIUS segmentation fault after recieving key
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Project Moonshot |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
After recieving a key from the TIDC client, FreeRADIUS segfaults. I can reproduce this if more debugging is needed, but the backtrace looks ok.
tidc_fwd_request: Response Received (1316 bytes).
{"msg_type": "tid_response", "msg_body": {"result": "success", "comm": "apc.moonshot.
tr_msg_
tr_msg_
construct_tls: Client key generated (key name = key-224497):
812dc13fa4c0ee0
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 0xb6db8b70 (LWP 13443)]
#0 0xb7da01c3 in cf_log_err_cs (cs=cs@entry=0x0, fmt=0x808d77c "Duplicate home server name %s.") at src/main/
ap = 0xb6db7338 "\020\363P\b\030"
buffer = "Duplicate home server name blah.\000\
#1 0x08074234 in realms_
parent = 0x0
name2 = 0x850f310 "blah"
#2 0xb7a9229b in tr_response_func (inst=0x8204b88, req=0x8231ff8, resp=0x84e5460, cookie=0x845c3e0) at src/modules/
i = <optimized out>
hs = 0x850f1c0
server = 0x850f470
pool = 0x84e5070
nr = 0x0
pool_added = 0
opaque = 0x845c3e0
num_servers = <optimized out>
#3 0xb7a78bf8 in tidc_fwd_request () from /usr/lib/
No symbol table info available.
#4 0xb7a78dac in tidc_send_request () from /usr/lib/
No symbol table info available.
#5 0xb7a924c6 in tr_query_realm (q_realm=
conn = <optimized out>
rc = <optimized out>
gssctx = 0x83a2e40
cookie = 0x845c3e0
#6 0xb7a918ea in check_for_realm (returnrealm=
username = <optimized out>
vp = <optimized out>
realm = 0x0
namebuf = 0x845c3d0 ""
realmname = <optimized out>
ptr = <optimized out>
#7 check_for_realm (instance=
inst = 0x820bfa8
#8 0xb7a91a80 in mod_authorize (instance=
rcode = <optimized out>
realm = 0x0
#9 0x08065a7a in call_modsingle (request=0x83a29f8, component=1, sp=<optimized out>) at src/main/
myresult = <optimized out>
blocked = <optimized out>
#10 modcall (component=
cursor = {first = 0xb7d8da9a, found = 0x1, last = 0x73, current = 0xb7d9054c, next = 0xb6db7ae0}
myresult = 1
mypriority = 2
stack = {pointer = 1, priority = {<optimized out> <repeats 32 times>}, result = {<optimized out> <repeats 32 times>}, children = {<optimized out> <repeats 32 times>}, start = {<optimized out> <repeats 32 times>}}
parent = 0x8288700
child = 0x8288850
if_taken = 0
was_if = 0
#11 0x08063749 in indexed_modcall (comp=comp@entry=1, idx=idx@entry=0, request=
rcode = <optimized out>
list = 0x8288700
server = <optimized out>
#12 0x0806429b in process_authorize (autz_type=
No locals.
#13 0x08053da0 in rad_authenticate (request=0x83a29f8) at src/main/auth.c:426
namepair = <optimized out>
check_item = <optimized out>
auth_item = 0x0
module_msg = <optimized out>
tmp = <optimized out>
result = <optimized out>
autz_retry = 0 '\000'
autz_type = 0
#14 0x0807270d in request_running (action=1, request=0x83a29f8) at src/main/
No locals.
#15 request_running (request=0x83a29f8, action=1) at src/main/
---Type <return> to continue, or q <return> to quit---
No locals.
#16 0x0806cd3a in request_
self = 0x829e178
#17 0xb7cd0c39 in start_thread () from /lib/i386-
No symbol table info available.
#18 0xb7bcc78e in clone () from /lib/i386-
No symbol table info available.
Changed in moonshot: | |
status: | Fix Committed → Fix Released |
Debian packages in wheezy-proposed. Also I've reproduced the issue in our tests and this appears to fix it