1 (edited by Gemini 2008-03-29 14:05:02)

Topic: segfault at 0000000000000002

I use Chillispot 1.0-4 on Debian Etch on AMD64 system with FreeRadius, MySQL and Apache.
When client insert login and password in hotspotlogin.cgi page the browser redirct to:

http://<server>:3990/logon?username=<username>&password=<password>

and the page is blank and pop-up show this message:

Logging in to ChilliSpot
Please wait

But not work!

In "/var/log/message/", whene client try to login I read:

Mar 28 18:44:23 gemini kernel: chilli[3266]: segfault at 0000000000000002 rip 0000000000412b41 rsp 00007fff0b8b84c0 error 6

Why my configuration not work?

Please help me...

p.s.: FreeRadius and MySQL work fine, I try with "radtest utente pass4utente 127.0.0.1 0 pass4localhost" and it's all ok!

My chilli.conf:

debug
pidfile /var/run/chilli.pid
dns1 208.67.220.220
dns2 208.67.222.222
domain hs.ideafactory.it
radiusserver1 127.0.0.1
radiusserver2 127.0.0.1
radiussecret pass4localhost
dhcpif eth2
uamserver https://192.168.182.1/cgi-bin/hotspotlogin.cgi
uamhomepage http://192.168.1.254/home.html
uamsecret ideafactoryhotspot
uamallowed 192.168.182.1,192.168.1.254,www.google.it


My radiusd.conf:

prefix = /usr
exec_prefix = /usr
sysconfdir = /etc
localstatedir = /var
sbindir = ${exec_prefix}/sbin
logdir = /var/log/freeradius
raddbdir = /etc/freeradius
radacctdir = ${logdir}/radacct
confdir = ${raddbdir}
run_dir = ${localstatedir}/run/freeradius
log_file = ${logdir}/radius.log
libdir = /usr/lib/freeradius
pidfile = ${run_dir}/freeradius.pid
user = freerad
group = freerad
max_request_time = 30
delete_blocked_requests = no
cleanup_delay = 5
max_requests = 1024
bind_address = 127.0.0.1
port = 0
hostname_lookups = no
allow_core_dumps = no
regular_expressions    = yes
extended_expressions    = yes
log_stripped_names = no
log_auth = yes
log_auth_badpass = yes
log_auth_goodpass = yes
usercollide = no
lower_user = before
lower_pass = before
nospace_user = before
nospace_pass = before
checkrad = ${sbindir}/checkrad
security {
    max_attributes = 200
    reject_delay = 1
    status_server = no
}
proxy_requests  = no
INCLUDE  ${confdir}/proxy.conf
$INCLUDE  ${confdir}/clients.conf
snmp    = no
$INCLUDE  ${confdir}/snmp.conf
thread pool {
    start_servers = 5
    max_servers = 32
    min_spare_servers = 3
    max_spare_servers = 10
    max_requests_per_server = 0
}
modules {
    pap {
        encryption_scheme = crypt
    }
    chap {
        authtype = CHAP
    }
$INCLUDE ${confdir}/eap.conf
    mschap {
        use_mppe = no
    }
    realm suffix {
        format = suffix
        delimiter = "@"
        ignore_default = no
        ignore_null = no
    }
    realm realmpercent {
        format = suffix
        delimiter = "%"
        ignore_default = no
        ignore_null = no
    }
    realm ntdomain {
        format = prefix
        delimiter = "\\"
        ignore_default = no
        ignore_null = no
    }   
    checkval {
        item-name = Calling-Station-Id
        check-name = Calling-Station-Id
        data-type = string
    }
    preprocess {
        huntgroups = ${confdir}/huntgroups
        hints = ${confdir}/hints
        with_ascend_hack = no
        ascend_channels_per_line = 23
        with_ntdomain_hack = no
        with_specialix_jetstream_hack = no
        with_cisco_vsa_hack = no
    }
    files {
        usersfile = ${confdir}/users
        acctusersfile = ${confdir}/acct_users
        preproxy_usersfile = ${confdir}/preproxy_users
        compat = no
    }
    detail {
        detailfile = ${radacctdir}/%{Client-IP-Address}/detail-%Y%m%d
        detailperm = 0600
    }
    acct_unique {
        key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port"
    }
    $INCLUDE  ${confdir}/sql.conf
   
    radutmp {
        filename = ${logdir}/radutmp
        username = %{User-Name}
        case_sensitive = yes
        check_with_nas = yes       
        perm = 0600
        callerid = "yes"
    }
    radutmp sradutmp {
        filename = ${logdir}/sradutmp
        perm = 0644
        callerid = "no"
    }
    attr_filter {
        attrsfile = ${confdir}/attrs
    }
    counter daily {
        filename = ${raddbdir}/db.daily
        key = User-Name
        count-attribute = Acct-Session-Time
        reset = daily
        counter-name = Daily-Session-Time
        check-name = Max-Daily-Session
        allowed-servicetype = Framed-User
        cache-size = 5000
    }
    sqlcounter dailycounter {
        counter-name = Daily-Session-Time
        check-name = Max-Daily-Session
        sqlmod-inst = sql
        key = User-Name
        reset = daily
        query = "SELECT SUM(AcctSessionTime - \
                 GREATEST((%b - UNIX_TIMESTAMP(AcctStartTime)), 0)) \
                 FROM radacct WHERE UserName='%{%k}' AND \
                 UNIX_TIMESTAMP(AcctStartTime) + AcctSessionTime > '%b'"
    }
    sqlcounter monthlycounter {
        counter-name = Monthly-Session-Time
        check-name = Max-Monthly-Session
        sqlmod-inst = sql
        key = User-Name
        reset = monthly
        query = "SELECT SUM(AcctSessionTime - \
                 GREATEST((%b - UNIX_TIMESTAMP(AcctStartTime)), 0)) \
                 FROM radacct WHERE UserName='%{%k}' AND \
                 UNIX_TIMESTAMP(AcctStartTime) + AcctSessionTime > '%b'"
    }
    always fail {
        rcode = fail
    }
    always reject {
        rcode = reject
    }
    always ok {
        rcode = ok
        simulcount = 0
        mpp = no
    }
    expr {
    }
    digest {
    }
    exec {
        wait = yes
        input_pairs = request
    }
    exec echo {
        wait = yes
        program = "/bin/echo %{User-Name}"
        input_pairs = request
        output_pairs = reply
    }
    ippool main_pool {
        range-start = 192.168.1.1
        range-stop = 192.168.3.254
        netmask = 255.255.255.0
        cache-size = 800
        session-db = ${raddbdir}/db.ippool
        ip-index = ${raddbdir}/db.ipindex
        override = no
        maximum-timeout = 0
    }
}
instantiate {
    expr
}
authorize {
    preprocess
   
    chap
    mschap
    suffix
    eap
    sql
}
authenticate {
    Auth-Type PAP {
        pap
    }
    Auth-Type CHAP {
        chap
    }
    Auth-Type MS-CHAP {
        mschap
    }
    eap
}
preacct {
    preprocess
    acct_unique
}
accounting {
    detail
    radutmp
    sql
}
session {
    radutmp
    sql
}
post-auth {
    sql
}
pre-proxy {
}
post-proxy {
}

My ifconfig output:

eth0      Link encap:Ethernet  HWaddr 00:13:49:25:55:5A 
          inet addr:192.168.1.254  Bcast:192.168.1.255  Mask:255.255.255.0
          inet6 addr: fe80::213:49ff:fe25:555a/64 Scope:Link
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:23964 errors:0 dropped:0 overruns:0 frame:0
          TX packets:12203 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:1966207 (1.8 MiB)  TX bytes:1429701 (1.3 MiB)
          Interrupt:106 Base address:0x800

eth2      Link encap:Ethernet  HWaddr 00:13:49:AA:62:99 
          UP BROADCAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)
          Interrupt:98 Base address:0xec00

lo        Link encap:Local Loopback 
          inet addr:127.0.0.1  Mask:255.0.0.0
          inet6 addr: ::1/128 Scope:Host
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)

tun0      Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 
          inet addr:192.168.182.1  P-t-P:192.168.182.1  Mask:255.255.255.0
          UP POINTOPOINT RUNNING  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:500
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)

tun1      Link encap:UNSPEC  HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 
          inet addr:10.0.0.46  P-t-P:10.0.0.45  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP MULTICAST  MTU:1500  Metric:1
          RX packets:0 errors:0 dropped:0 overruns:0 frame:0
          TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:0 (0.0 b)  TX bytes:0 (0.0 b)

tun1 is OpenVPN connection

My virtualhost configuration:

<VirtualHost 192.168.182.1:443>
    ServerAdmin info@ideafactory.it
    ServerName 192.168.182.1:443
   
        SSLEngine on
    SSLCertificateFile    /etc/apache2/apache.pem
    SSLCertificateKeyFile /etc/apache2/apache.pem

    DocumentRoot "/var/www/hotspot"
    <Directory "/var/www/hotspot/">
        Options Indexes FollowSymLinks MultiViews
        AllowOverride None
        Order allow,deny
        allow from all
    </Directory>

    ScriptAlias /cgi-bin/ /var/www/hotspot/cgi-bin/
    <Directory "/var/www/hotspot/cgi-bin/">
        AllowOverride None
        Options ExecCGI -MultiViews +SymLinksIfOwnerMatch
        Order allow,deny
        Allow from all
    </Directory>

    ErrorLog /var/log/apache2/hotspot_error.log

    # Possible values include: debug, info, notice, warn, error, crit,
    # alert, emerg.
    LogLevel warn

    CustomLog /var/log/apache2/hotspot_access.log combined
    ServerSignature On
</VirtualHost>


Please help me!:(

Thanks

Gianluca

Re: segfault at 0000000000000002

"kernel: chilli[3266]: segfault" doesn't look very good..
Try the debian package on sid or try to compile it from source...Maybe there is some bug in the 64-bit version..i dunno

If it is not the package's fault check the following:

1) Have you checked/configured the hotspotlogin.cgi??

2) Look the syslog when you are trying to login.Or post any errors from the syslog.
(Before trying yo login run:   tail -f /var/log/syslog and watch the output as you try to login)

3) Check your apache log to see if there is an error at the cgi script in case you modified it and you forgot something

Re: segfault at 0000000000000002

In my syslog:

Mar 28 18:43:59 gemini chillispot[3255]: chilli.c: 3082: New DHCP request from MAC=00-0D-93-78-00-F4
Mar 28 18:43:59 gemini chillispot[3255]: chilli.c: 3052: Client MAC=00-0D-93-78-00-F4 assigned IP 192.168.182.20
Mar 28 18:44:23 gemini kernel: chilli[3266]: segfault at 0000000000000002 rip 0000000000412b41 rsp 00007fff0b8b84c0 error 6
Mar 28 18:47:54 gemini chillispot[2840]: ChilliSpot 1.0. Copyright 2002-2005 Mondru AB. Licensed under GPL. See http://www.chillispot.org for credits.
Mar 28 19:47:54 gemini chillispot[2840]: chilli.c: 863: Rereading configuration file and doing DNS lookup

Apache access_log is ok, in error_log is present only warning for CA certificate...

My part of hotspotlogin.cgi:

# Shared secret used to encrypt challenge with. Prevents dictionary attacks.
# You should change this to your own shared secret.
$uamsecret = "ideafactoryhotspot";

# Uncomment the following line if you want to use ordinary user-password
# for radius authentication. Must be used together with $uamsecret.
$userpassword=1;

# Our own path
$loginpath = "/cgi-bin/hotspotlogin.cgi";


The problem is Debian Package or not?

Thanks
Gianluca

Re: segfault at 0000000000000002

Yeah I think it is debian package because as you can see chillispot is running with PID [3255] and then crashes [segfault] and after that restarts (PID 2840). Try installing from source or try the 'sid' version of the debian package.

By the way I don't see in your chilli.conf the parameter : radiusathport - the port chilli uses to authenticate with freeradius

Re: segfault at 0000000000000002

I have sent my problem at Debian Bug and package's owner: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=473485.

In my chilli.conf the "radiusauthport" has commented becose my FreeRadius configuration use standard port...it's ok?

Thanks,
Gianluca

Re: segfault at 0000000000000002

With "2.6.18-6-486" kernel version Chillispot work fine...