[prev in list] [next in list] [prev in thread] [next in thread]
List: freeradius-devel
Subject: EAP-TTLS: eaptls_gen_mppe_keys(), SIGSEGV, better to use RAND_xxx
From: <rok.papez () arnes ! si>
Date: 2004-02-12 17:27:50
Message-ID: 402BB796.1090608 () arnes ! si
[Download RAW message or body]
Hello!
(Today CVS version)
I'm currently debugging a segfault in eaptls_gen_mpppe_keys().
Pointer to SSL3 structure s->s3 is NULL and when dereferenced to
retrieve client_random and server_random fields for key seeds it segfaults.
It would be probably better to get the seed for mpppe keys from
OpenSSL random engine using RAND_add() to add some data to the random
pool and RAND_bytes() to retreive the needed amount of random data.
What is the general opinion on OpenSSL RAND_xxx functions ?
--------------------------------------
Stack trace follows:
auth: user supplied User-Password matches local User-Password
Login OK: [student5/123456] (from client localhost port 0)
TTLS: Got tunneled reply RADIUS code 2
TTLS: Got tunneled Access-Accept
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 16384 (LWP 4111)]
0x401f48a9 in eaptls_gen_mppe_keys (reply_vps=0x818f260, s=0x817e5d8,
prf_label=0x401f985e "ttls keying material") at mppe_keys.c:146
146 memcpy(p, s->s3->client_random, SSL3_RANDOM_SIZE);
(gdb) bt
#0 0x401f48a9 in eaptls_gen_mppe_keys (reply_vps=0x818f260,
s=0x817e5d8, prf_label=0x401f985e "ttls keying material") at mppe_keys.c:146
#1 0x401f8429 in eapttls_authenticate (arg=0x8175f58,
handler=0x817e530) at rlm_eap_ttls.c:253
#2 0x401eb495 in eaptype_call (atype=0x8177098, handler=0x817e530) at
eap.c:170
#3 0x401eb5fd in eaptype_select (inst=0x81349d8, handler=0x817e530) at
eap.c:352
#4 0x401eac85 in eap_authenticate (instance=0x81349d8,
request=0x81a1ee8) at rlm_eap.c:269
#5 0x08054f7e in call_modsingle (component=0, sp=0x8134398,
request=0x81a1ee8, default_result=0) at modcall.c:212
#6 0x0805509e in modcall (component=0, c=0x8134398, request=0x81a1ee8)
at modcall.c:323
#7 0x08055029 in call_modgroup (component=0, g=0x0, request=0x81a1ee8,
default_result=0) at modcall.c:237
#8 0x08055115 in modcall (component=0, c=0x8175930, request=0x81a1ee8)
at modcall.c:314
#9 0x08054c93 in module_authenticate (auth_type=6, request=0x81a1ee8)
at modules.c:893
#10 0x08051990 in rad_check_password (request=0x81a1ee8) at auth.c:353
#11 0x08051dc6 in rad_authenticate (request=0x81a1ee8) at auth.c:601
#12 0x0804d7b6 in rad_respond (request=0x81a1ee8, fun=0x8051cbc
<rad_authenticate>) at radiusd.c:1764
#13 0x0804d257 in main (argc=0, argv=0x81a1ee8) at radiusd.c:1552
#14 0x420158f7 in __libc_start_main () from /lib/i686/libc.so.6
-----
s = 0x817e5d8
s->s3 = 0x0
--
Lep pozdrav,
Rok Papez.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/devel.html
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic