Bug 191724 – radiusd die when remote server is unreachable and compiled with -fPIC

Bug 191724 - radiusd die when remote server is unreachable and compiled with -fPIC

Summary:	radiusd die when remote server is unreachable and compiled with -fPIC

Status:	CLOSED INSUFFICIENT_DATA

Aliases:	None

Product:	Fedora
Classification:	Fedora
Component:	freeradius (Show other bugs)
Sub Component:
Version:	5
Hardware:	i386 Linux

Priority	medium Severity medium
Target Milestone:	---
Target Release:	---
Assigned To:	John Dennis
QA Contact:
Docs Contact:

URL:
Whiteboard:
Keywords:

Depends On:
Blocks:
	Show dependency tree / graph

Reported:	2006-05-15 10:29 EDT by Petr Vokac
Modified:	2008-03-12 01:51 EDT (History)
CC List:	0 users

See Also:
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Story Points:	---
Clone Of:
Environment:
Last Closed:	2008-03-12 01:51:17 EDT
Type:	---
Regression:	---
Mount Type:	---
Documentation:	---
CRM:
Verified Versions:
Category:	---
oVirt Team:	---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Groups: None (edit)

Description Petr Vokac 2006-05-15 10:29:10 EDT

Description of problem:

We use IPSec to secure communication between our RADIUS servers. In case of
problems with IPSec connection - e.g. racoon on remote server die, connection
can't be established and ping shows something like

sh-3.1$ ping remote.radius.server.com
connect: Resource temporarily unavailable

then radiusd became unstable. If in this situation tryes to contact
remote.radius.server.com (e.g. forward proxyed requests), than it dies with
following message:

Error: Assertion failed in request_list.c, line 1079



Version-Release number of selected component (if applicable):

I try FreeRadius 1.0.1 (on RHEL4), 1.0.5 (on FC5) with same results



How reproducible:


Steps to Reproduce:
1. setup IPSec from local.radius.server to remote.radius.server
2. on local.radius.server start IPSec (ifup ipsec1), don't start/setup IPSec on
remote.radius.server, because we need to simulate problems with IPSec connection
3. start radius server on local.radius.server (configured to proxy "unknown"
realms to remote.radius.server)
4. make request to local.radius.server, that has to be proxyed to
remote.radius.server
  


Actual results:

radiusd die



Additional info:

When I recompiled FreeRadius without freeradius-1.0.0-pie.patch and without
export CFLAGS="$RPM_OPT_FLAGS -fpic", then it doesn't die in described situation.

Comment 1 Petr Vokac 2006-05-25 20:34:47 EDT

After further investigation it seems that this problem is not directly related
to the compilation options. It has same behavior when I compile FreeRadius
without -fpic option (may be it take longer time before radius server die)

Comment 2 Thomas Woerner 2007-08-29 05:08:23 EDT

Please verify this with a package from FC-6 or newer. In the FC-6 and FC-7
testing trees, there are new packages: freeradius-1.1.7-2

Comment 3 Red Hat Bugzilla 2007-09-17 01:19:08 EDT

transferred from Thomas Woerner to John Dennis, requested by Steve Grubb.

Comment 4 petrosyan 2008-03-12 01:51:17 EDT

The information we've requested above is required in order
to review this problem report further and diagnose/fix the
issue if it is still present.  Since there have not been any
updates to the report since thirty (30) days or more since we
requested additional information, we're assuming the problem
is either no longer present in the current Fedora release, or
that there is no longer any interest in tracking the problem.

Setting status to "INSUFFICIENT_DATA".  If you still
experience this problem after updating to our latest Fedora
release and can provide the information previously requested, 
please feel free to reopen the bug report.

Thank you in advance.

Note You need to log in before you can comment on or make changes to this bug.