<!DOCTYPE html><html><head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body>
<p>Hi,</p>
We've tested with freeradius 3.2.6 in preproduction enviroment. <br>
We've installed these packages from bookworm-backports target
release (*).<br>
In debug mode (freeradius -X) we could see several warnings like
this (**). <br>
Authentication EAP-TTLS-PAP seems to work fine.<br>
<span class="Y2IQFc" lang="en">We could make an effort and test in
production next week.</span><br>
The memory issue manifests after several weeks; we need a guarantee
of proper functionality during this time.<br>
<span class="Y2IQFc" lang="en">The warning seems serious. </span>Could
you give us any advice about this?
<p>Thanks<br>
</p>
<p>(*) <br>
</p>
<p> ii freeradius
3.2.6+dfsg-2~bpo12+1 amd64 high-performance and
highly configurable RADIUS server<br>
ii freeradius-common
3.2.6+dfsg-2~bpo12+1 all FreeRADIUS common
files<br>
ii freeradius-config
3.2.6+dfsg-2~bpo12+1 amd64 FreeRADIUS default
config files<br>
ii freeradius-ldap
3.2.6+dfsg-2~bpo12+1 amd64 LDAP module for
FreeRADIUS server<br>
ii freeradius-utils
3.2.6+dfsg-2~bpo12+1 amd64 FreeRADIUS client
utilities<br>
ii libfreeradius3
3.2.6+dfsg-2~bpo12+1 amd64 FreeRADIUS shared
library<br>
<br>
</p>
<p>(**)<br>
</p>
<p>!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!<br>
!! libldap is using GnuTLS, while FreeRADIUS is using OpenSSL<br>
!! There may be random issues with TLS connections due to this
conflict.<br>
!! The server may also crash.<br>
!! See <a class="moz-txt-link-freetext" href="https://wiki.freeradius.org/modules/Rlm_ldap">https://wiki.freeradius.org/modules/Rlm_ldap</a> for more
information.<br>
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!<br>
</p>
<p><br>
</p>
<div class="moz-cite-prefix">El 6/1/25 a las 15:58, Bernhard Schmidt
escribió:<br>
</div>
<blockquote type="cite" cite="mid:1d9d480e-a07c-41f4-bdd2-ea4c506f5587@debian.org">[No
suele recibir correo electrónico de <a class="moz-txt-link-abbreviated" href="mailto:berni@debian.org">berni@debian.org</a>. Descubra por
qué esto es importante en
<a class="moz-txt-link-freetext" href="https://aka.ms/LearnAboutSenderIdentification">https://aka.ms/LearnAboutSenderIdentification</a> ]
<br>
<br>
Hi,
<br>
<br>
>
<br>
<blockquote type="cite">Our RADIUS service primarily provides
authentication for a Wi-Fi network
<br>
that uses the EAP-TTLS-PAP method.
<br>
Used modules include, among others, eap, ldap, linelog, pap, and
sql_log.
<br>
Over 13K different users are authenticated daily.
<br>
In Debian 11, freeradius service had stable memory consumption.
<br>
After performing a dist-upgrade to Debian 12, freeradius
consumes memory
<br>
without limit.
<br>
</blockquote>
<br>
You are the first to report it, but that does not make it wrong.
<br>
<br>
Could you test with the 3.2.6 upstream version in
bookworm-backports as
<br>
well? This is the current upstream version, if it happens there as
well
<br>
we might have a change of upstream taking care of it.
<br>
<br>
Bernhard
<br>
</blockquote>
<pre class="moz-signature" cols="150">--
Subdirección de Infraestruturas - Sistemas de rede
Área de Tecnoloxías da Información e Comunicacións
Universidade de Santiago de Compostela
15782 Santiago de Compostela
<a class="moz-txt-link-freetext" href="http://www.usc.es/atic/sistemas">http://www.usc.es/atic/sistemas</a></pre>
</body>
</html>