191724 – radiusd die when remote server is unreachable and compiled with -fPIC

Bug 191724 - radiusd die when remote server is unreachable and compiled with -fPIC

Summary: radiusd die when remote server is unreachable and compiled with -fPIC

Keywords:
Status:	CLOSED INSUFFICIENT_DATA
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	freeradius
Sub Component:
Version:	5
Hardware:	i386
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	John Dennis
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2006-05-15 14:29 UTC by Petr Vokac
Modified:	2008-03-12 05:51 UTC (History)
CC List:	0 users
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2008-03-12 05:51:17 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Description Petr Vokac 2006-05-15 14:29:10 UTC

Description of problem:

We use IPSec to secure communication between our RADIUS servers. In case of
problems with IPSec connection - e.g. racoon on remote server die, connection
can't be established and ping shows something like

sh-3.1$ ping remote.radius.server.com
connect: Resource temporarily unavailable

then radiusd became unstable. If in this situation tryes to contact
remote.radius.server.com (e.g. forward proxyed requests), than it dies with
following message:

Error: Assertion failed in request_list.c, line 1079



Version-Release number of selected component (if applicable):

I try FreeRadius 1.0.1 (on RHEL4), 1.0.5 (on FC5) with same results



How reproducible:


Steps to Reproduce:
1. setup IPSec from local.radius.server to remote.radius.server
2. on local.radius.server start IPSec (ifup ipsec1), don't start/setup IPSec on
remote.radius.server, because we need to simulate problems with IPSec connection
3. start radius server on local.radius.server (configured to proxy "unknown"
realms to remote.radius.server)
4. make request to local.radius.server, that has to be proxyed to
remote.radius.server
  


Actual results:

radiusd die



Additional info:

When I recompiled FreeRadius without freeradius-1.0.0-pie.patch and without
export CFLAGS="$RPM_OPT_FLAGS -fpic", then it doesn't die in described situation.

Comment 1 Petr Vokac 2006-05-26 00:34:47 UTC

After further investigation it seems that this problem is not directly related
to the compilation options. It has same behavior when I compile FreeRadius
without -fpic option (may be it take longer time before radius server die)

Comment 2 Thomas Woerner 2007-08-29 09:08:23 UTC

Please verify this with a package from FC-6 or newer. In the FC-6 and FC-7
testing trees, there are new packages: freeradius-1.1.7-2

Comment 3 Red Hat Bugzilla 2007-09-17 05:19:08 UTC

transferred from Thomas Woerner to John Dennis, requested by Steve Grubb.

Comment 4 petrosyan 2008-03-12 05:51:17 UTC

The information we've requested above is required in order
to review this problem report further and diagnose/fix the
issue if it is still present.  Since there have not been any
updates to the report since thirty (30) days or more since we
requested additional information, we're assuming the problem
is either no longer present in the current Fedora release, or
that there is no longer any interest in tracking the problem.

Setting status to "INSUFFICIENT_DATA".  If you still
experience this problem after updating to our latest Fedora
release and can provide the information previously requested, 
please feel free to reopen the bug report.

Thank you in advance.

Note You need to log in before you can comment on or make changes to this bug.