ocserv crashed when use certificate authentication with session-control

George Panda vzerda at gmail.com
Fri Oct 10 17:02:48 PDT 2014


Hello, I am using ocserv 0.8.6 with GnuTLS 3.2.18.

Let's say we use certificate as the only auth method, with
session-control = true (which is enabled by default in
doc/sample.config file).
The ocserv will crash when client trying to connect.

Here is the log, I have removed unnecessary entries.

ocserv[32190]: sec-mod: cmd [size=43] sm: auth init
ocserv[32190]: sec-mod: auth init for user 'user' (group: 'admins')
from '135.35.236.173'
ocserv[32200]: worker: 135.35.236.173:41714 received auth reply
message (value: 1)
ocserv[32200]: worker: 135.35.236.173:41714 user 'user' obtained cookie
ocserv[32189]: main: 135.35.236.173:41714 main-misc.c:423: command socket closed
ocserv[32189]: main: 135.35.236.173:41714 removing client '' with id '32200'
ocserv[32189]: main: main.c:492: ocserv-secmod died unexpectedly

Sec-mod crashed at line "module->open_session == NULL" in function
"handle_sec_auth_res", file "src/sec-mod-auth.c".
I think the reason should be when "sec_auth_init" is called, but
"config->auth_types" is "certificate", which make module not
initialized.

It would be better if we give an friendly error message for this
situation when ocserv is starting.
Thanks.

Best regards
George.P



More information about the openconnect-devel mailing list