jimdigriz / freeradius-oauth2-perl

FreeRADIUS OAuth2 (OpenID Connect) using rlm_perl
GNU Affero General Public License v3.0
127 stars 35 forks source link

segfault when unable to fetch token #18

Open jimdigriz opened 3 years ago

jimdigriz commented 3 years ago

One user reported the following (though it looks like they are using old/unknown distro provided packaging):

  # Instantiating module "userlock" from file /etc/freeradius/3.0/mods-enabled/always
  # Instantiating module "notfound" from file /etc/freeradius/3.0/mods-enabled/always
  # Instantiating module "noop" from file /etc/freeradius/3.0/mods-enabled/always
  # Instantiating module "updated" from file /etc/freeradius/3.0/mods-enabled/always
  # Instantiating module "detail" from file /etc/freeradius/3.0/mods-enabled/detail
  # Instantiating module "IPASS" from file /etc/freeradius/3.0/mods-enabled/realm
  # Instantiating module "suffix" from file /etc/freeradius/3.0/mods-enabled/realm
  # Instantiating module "realmpercent" from file /etc/freeradius/3.0/mods-enabled/realm
  # Instantiating module "ntdomain" from file /etc/freeradius/3.0/mods-enabled/realm
  # Instantiating module "pap" from file /etc/freeradius/3.0/mods-enabled/pap
[snipped]
rlm_perl: oauth2 worker (domain.com): supervisor started (tid=1)
rlm_perl: oauth2 worker (domain.com): fetching discovery document
rlm_perl: oauth2 worker (domain.com): started (tid=2)
rlm_perl: oauth2 worker (domain.com): sync
rlm_perl: oauth2 worker (domain.com): sync users
rlm_perl: oauth2 worker (domain.com): users page
rlm_perl: oauth2 worker (domain.com): fetching token
rlm_perl: oauth2 worker (domain.com): users page
... many times ...
rlm_perl: oauth2 worker (domain.com): groups page
... many times ...
rlm_perl: oauth2 worker (domain.com): users failed: 500 read timeout
Thread 4 terminated abnormally: token (domain.com): 500 read timeout at /opt/freeradius-oauth2-perl/main.pm line 179.
rlm_perl: oauth2 worker (domain.com): died, sleeping for 4 seconds
rlm_perl: oauth2 worker (domain.com): started (tid=5)
rlm_perl: oauth2 worker (domain.com): sync
rlm_perl: oauth2 worker (domain.com): sync users
rlm_perl: oauth2 worker (domain.com): users page
rlm_perl: oauth2 worker (domain.com): fetching token
Segmentation fault (core dumped)

Need to see if I can replicate this in 3.0.22...I suspect I need to drop network packets mid-flight to do this.

nateATcanarchy commented 2 years ago

i have the same issue - looks like it has a 500 error then the next attempt dumps a segfaut.