Bug 210912

Summary: freeradius segfaults when attempting LDAP lookup
Product: [Fedora] Fedora Reporter: Matt Bernstein <mb--redhat>
Component: freeradiusAssignee: Thomas Woerner <twoerner>
Status: CLOSED ERRATA QA Contact:
Severity: high Docs Contact:
Priority: medium    
Version: 6   
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2006-12-13 11:30:52 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
output of "radiusd -X"
none
strace output of "radiusd -X"
none
gzipped core file
none
gdb output none

Description Matt Bernstein 2006-10-16 15:11:12 UTC 
Description of problem:

freeradius immediately segfaults when attempting an LDAP lookup.

Version-Release number of selected component (if applicable):

FC5 current and FC6 rawhide

How reproducible:
always

Steps to Reproduce:
1. configure freeradius to "Auth-Type LDAP"
2. start radiusd
3. run radtest
  
Actual results:

segfault

Expected results:

rad_recv: Access-Accept packet (or similar)

Additional info:

Apparently this used to work in FC4. It works in Debian stable, but not in FC5
or FC6.

Googling around suggests similar problems have been caused by .so collisions (eg
radiusd linked against libsasl.so and libldap.so, the latter being linked
against libsasl2.so..). I don't know if this is useful, though.
Comment 1 Matt Bernstein 2006-10-16 15:14:11 UTC 
The sasl thing I mentioned was bug 126507.
Comment 2 Matt Bernstein 2006-10-25 16:53:45 UTC 
I now can't use the FC4 one as I will need client cert-based EAP-TLS to work and
that causes it to segfault. Will report that against FC6 if the bug persists,
but I can't use any of them now.

It's rather quiet in here--perhaps there's another channel I should be using to
report this bug?
Comment 3 Thomas Woerner 2006-10-25 17:14:39 UTC 
Please start the radius server in debug mode (option "-X") and attach the log to
this bugzilla.

Please also get a core dump from the server.
Comment 4 Matt Bernstein 2006-10-27 09:54:37 UTC 
gdb says:

Program terminated with signal 11, Segmentation fault.
#0  ldap_set_option (ld=0x558b9640, option=20485, invalue=0x5555558adb80)
    at options.c:358
358                     assert( LDAP_VALID( ld ) );

Attachments to follow..
Comment 5 Matt Bernstein 2006-10-27 09:55:50 UTC 
Created attachment 139562 [details]
output of "radiusd -X"
Comment 6 Matt Bernstein 2006-10-27 09:56:45 UTC 
Created attachment 139563 [details]
strace output of "radiusd -X"
Comment 7 Matt Bernstein 2006-10-27 09:57:49 UTC 
Created attachment 139564 [details]
gzipped core file 

This is on FC6 x86_64.
Comment 8 Matt Bernstein 2006-10-27 09:59:47 UTC 
Created attachment 139565 [details]
gdb output

gdb-radiusd.log as suggested in /usr/share/doc/freeradius-1.1.3/bugs. I only
installed the debuginfo RPMs for freeradius and openldap.
Comment 9 Matt Bernstein 2006-11-09 16:52:31 UTC 
It's now been quiet for almost two weeks. Is anyone working on this bug?
Comment 10 Thomas Woerner 2006-11-09 18:45:14 UTC 
Maybe there is a interim solution: Rebuild freeradius without PIE support.
Disable pie patch for this.

Is this solving your problem?
Comment 11 Matt Bernstein 2006-11-13 10:03:34 UTC 
Yes it is under FC6, thanks very much.

I've also built the FC6 SRPM for FC5, though I'm using a modified openldap
install, since we suffer the symptoms of bug 209496 (which has been completely
unanswered, despite a patch from upstream having been supplied). So that works
too, although it's more FC6 than FC5.
Comment 12 Thomas Woerner 2006-11-21 17:53:39 UTC 
Please have a look at http://people.redhat.com/twoerner/BZ/210912/

This package should fix your problem.
Comment 13 Matt Bernstein 2006-11-22 16:19:49 UTC 
Yes, it does. Thanks! :)
Comment 14 Matt Bernstein 2006-12-08 13:00:00 UTC 
More weeks pass.. what happens now?
Comment 15 Thomas Woerner 2006-12-13 11:30:52 UTC 
Fixed in updates in package freeradius-1.1.3-1.1.