[Issues] [mod_auth_xradius 0000043]: Unable to configure multiple servers in one directory context

Mantis Bug Tracker issues at outoforder.cc
Mon Feb 20 12:26:33 EST 2012 

A NOTE has been added to this issue. 
====================================================================== 
http://issues.outoforder.cc/view.php?id=43 
====================================================================== 
Reported By:                richshaffer
Assigned To:                
====================================================================== 
Project:                    mod_auth_xradius
Issue ID:                   43
Category:                   Apache Integration
Reproducibility:            always
Severity:                   major
Priority:                   normal
Status:                     new
Apache Version:             2.0.46 
====================================================================== 
Date Submitted:             2005-09-12 19:20 EST
Last Modified:              2012-02-20 12:26 EST
====================================================================== 
Summary:                    Unable to configure multiple servers in one
directory context
Description: 
When configuring multiple RADIUS servers in one directory context, the
configuration stored in memory appears to become corrupt.  The RADIUS server
hostname string will show up as garbage or empty strings in the Apache logs,
like so:

[error] [client x.x.x.x] xradius: Failed to add server '!!s!!:1812': (-1) !!s!!:
host not found
[error] [client x.x.x.x] xradius: Failed to add server 'anguage:1812': (-1)
anguage: host not found
[error] [client x.x.x.x] xradius: Failed to add server ':1812': (-1) : host not
found

When configuring only one RADIUS server, the configuration works as expected.

Additional Information: 
This is with the most recent version of httpd release for Red Hat Enterprise
Linux ES release 3.

'rpm -q httpd' reports httpd-2.0.46-46.3.ent.

'httpd -V' reports the following:
Server version: Apache/2.0.46
Server built:   Aug 31 2005 10:57:04
Server's Module Magic Number: 20020903:4
Architecture:   32-bit
Server compiled with....
 -D APACHE_MPM_DIR="server/mpm/prefork"
 -D APR_HAS_SENDFILE
 -D APR_HAS_MMAP
 -D APR_HAVE_IPV6 (IPv4-mapped addresses disabled)
 -D APR_USE_SYSVSEM_SERIALIZE
 -D APR_USE_PTHREAD_SERIALIZE
 -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
 -D APR_HAS_OTHER_CHILD
 -D AP_HAVE_RELIABLE_PIPED_LOGS
 -D HTTPD_ROOT="/etc/httpd"
 -D SUEXEC_BIN="/usr/sbin/suexec"
 -D DEFAULT_PIDLOG="logs/httpd.pid"
 -D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
 -D DEFAULT_LOCKFILE="logs/accept.lock"
 -D DEFAULT_ERRORLOG="logs/error_log"
 -D AP_TYPES_CONFIG_FILE="conf/mime.types"
 -D SERVER_CONFIG_FILE="conf/httpd.conf"

'apr-config --version' reports 0.9.4.

This is (a slightly truncated version) of my virtual hosts's configuration file
in /etc/httpd/conf.d:
<VirtualHost *:443>
  ServerName myserver.mydomain
  DocumentRoot /var/www/html
  <Directory /var/www/html>
    SSLRequireSSL
    AuthType Basic
    AuthName "SuperSecretSite"
    AuthXRadiusAddServer "x.x.x.x:1812" "SuperSecret"
    AuthXRadiusAddServer "x.x.x.x:1812" "SuperSecret"
    Require valid-user
  </Directory>
  SSLEngine on
  SSLCertificateFile /etc/httpd/conf/ssl.crt/server.com.crt
  SSLCertificateKeyFile /etc/httpd/conf/ssl.key/server.com.key
</VirtualHost>

This is a copy of another config file in /etc/httpd/conf.d that holds generic
mod_auth_xradius config info (comments removed for brevity):
LoadModule auth_xradius_module modules/mod_auth_xradius.so
AuthXRadiusCache dbm /var/cache/mod_auth_xradius/auth_xradius_cache
AuthXRadiusCacheTimeout 300

Other info, such as a copy of the config.log or compiler output, can be
provided.  Debug httpd logs may be a possibility also.
====================================================================== 
Total Sponsorship = US$ 10

2006-02-28 05:07: TeeSee (US$ 10) 
====================================================================== 

---------------------------------------------------------------------- 
 (0000062) TeeSee (reporter) - 2006-02-28 05:06
 http://issues.outoforder.cc/view.php?id=43#c62 
---------------------------------------------------------------------- 
The same problem occurs with debian stable and apache2.0.54

nexus:/var/log/apache2# apache2 -V
Server version: Apache/2.0.54
Server built:   Sep  5 2005 11:11:08
Server's Module Magic Number: 20020903:9
Architecture:   32-bit
Server compiled with....
 -D APACHE_MPM_DIR="server/mpm/worker"
 -D APR_HAS_SENDFILE
 -D APR_HAS_MMAP
 -D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
 -D APR_USE_SYSVSEM_SERIALIZE
 -D APR_USE_PTHREAD_SERIALIZE
 -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
 -D APR_HAS_OTHER_CHILD
 -D AP_HAVE_RELIABLE_PIPED_LOGS
 -D HTTPD_ROOT=""
 -D SUEXEC_BIN="/usr/lib/apache2/suexec2"
 -D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
 -D DEFAULT_ERRORLOG="logs/error_log"
 -D AP_TYPES_CONFIG_FILE="/etc/apache2/mime.types"
 -D SERVER_CONFIG_FILE="/etc/apache2/apache2.conf" 

---------------------------------------------------------------------- 
 (0000119) master (reporter) - 2008-09-06 10:18
 http://issues.outoforder.cc/view.php?id=43#c119 
---------------------------------------------------------------------- 
Patch attached (patch-mod_auth_xradius.c). Please take a look and try it out. 

---------------------------------------------------------------------- 
 (0000177) Joost Bekkers (reporter) - 2009-08-27 09:00
 http://issues.outoforder.cc/view.php?id=43#c177 
---------------------------------------------------------------------- 
I ran into the same problem, the patch fixed it for me. 

---------------------------------------------------------------------- 
 (0000295) istein001 (reporter) - 2012-02-20 12:26
 http://issues.outoforder.cc/view.php?id=43#c295 
---------------------------------------------------------------------- 
Fixes bug with adding multiple servers, but doesn't work as redundancy feature. 
With this patch, all servers *must* respond in order for user to authenticate. 
If 2 configured, and one is down... user is denied. 

Issue History 
Date Modified    Username       Field                    Change               
====================================================================== 
2005-09-12 19:20 richshaffer    New Issue                                    
2005-09-12 19:20 richshaffer    Apache Version            => 2.0.46          
2006-02-28 05:06 TeeSee         Note Added: 0000062                          
2006-02-28 05:07 TeeSee         Sponsorship Added        TeeSee: US$ 10      
2006-02-28 05:07 TeeSee         Sponsorship Total        0 => 10             
2008-09-06 10:18 master         File Added: patch-mod_auth_xradius.c            
       
2008-09-06 10:18 master         Note Added: 0000119                          
2009-08-27 09:00 Joost Bekkers  Note Added: 0000177                          
2012-02-20 12:26 istein001      Note Added: 0000295                          
======================================================================

More information about the Issues mailing list