Fwd: Upgraded freeradius to 2.1.12 with openssl 0.9.8n - Error: No SSL info available. Waiting for more SSL data.
Winson Fernandes
winsonfernandes at gmail.com
Sun Apr 8 05:44:13 CEST 2012
Hi,
I upgraded freeradius version from 2.0.2 to 2.1.12 and also the openssl
version from 0.9.7 to 0.9.8n.
The issue I am facing now is with peap mschapv2 windows client not able to
authenticate with my radius server.
The error is [peap] No SSL info available. Waiting for more SSL data.
I added few more logs and I could see the callback function cbtls_msg
returning due to the arg (state) being NULL
in freeradius-server-2.1.12/src/modules/rlm_eap/libeap/cb.c
void cbtls_msg
/*
* Work around bug #298, where we may be called with a NULL
* argument. We should really log a serious error
*/
if (!arg) return;
Not sure what the bug298 is all about and also what could be the possible
reason for the arg (state) to be NULL?
Regards,
Winson
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-devel/attachments/20120408/ead3f6c5/attachment-0001.html>
-------------- next part --------------
# /usr/sbin/radiusd -X
FreeRADIUS Version 2.1.12, for host i686-pc-linux-gnu, built on Apr 5 2012 at 16:46:31
Copyright (C) 1999-2009 The FreeRADIUS server project and contributors.
There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE.
You may redistribute copies of FreeRADIUS under the terms of the
GNU General Public License v2.
Starting - reading configuration files ...
including configuration file /usr/etc/raddb/radiusd.conf
including configuration file /usr/etc/raddb/proxy.conf
including configuration file /usr/etc/raddb/clients.conf
including configuration file /usr/etc/raddb/snmp.conf
including configuration file /usr/etc/raddb/eap.conf
including dictionary file /usr/etc/raddb/dictionary
main {
name = "radiusd"
prefix = "/usr"
localstatedir = "/usr/var"
sbindir = "/usr/sbin"
logdir = "syslog"
run_dir = "/usr/var/run/radiusd"
libdir = "/usr/lib"
radacctdir = "/var/log/radacct"
hostname_lookups = no
max_request_time = 30
cleanup_delay = 5
max_requests = 1024
pidfile = "/usr/var/run/radiusd/radiusd.pid"
checkrad = "/usr/sbin/checkrad"
debug_level = 0
proxy_requests = yes
log {
stripped_names = yes
auth = yes
auth_badpass = yes
auth_goodpass = no
}
security {
max_attributes = 200
reject_delay = 1
status_server = no
}
}
radiusd: #### Loading Realms and Home Servers ####
proxy server {
retry_delay = 5
retry_count = 3
default_fallback = yes
dead_time = 120
wake_all_if_all_dead = no
}
radiusd: #### Loading Clients ####
client 127.0.0.1 {
require_message_authenticator = no
secret = "motorola"
shortname = "localhost"
}
client 192.168.0.1/24 {
require_message_authenticator = no
secret = "symbol123"
shortname = "trion0"
}
radiusd: #### Instantiating modules ####
instantiate {
Module: Linked to module rlm_logintime
Module: Instantiating module "logintime" from file /usr/etc/raddb/radiusd.conf
logintime {
reply-message = "Outside"
minimum-timeout = 60
}
}
radiusd: #### Loading Virtual Servers ####
server { # from file /usr/etc/raddb/radiusd.conf
modules {
Module: Checking authenticate {...} for more modules to load
Module: Linked to module rlm_pap
Module: Instantiating module "pap" from file /usr/etc/raddb/radiusd.conf
pap {
encryption_scheme = "clear"
auto_header = no
}
Module: Linked to module rlm_chap
Module: Instantiating module "chap" from file /usr/etc/raddb/radiusd.conf
Module: Linked to module rlm_mschap
Module: Instantiating module "mschap" from file /usr/etc/raddb/radiusd.conf
mschap {
use_mppe = yes
require_encryption = no
require_strong = no
with_ntdomain_hack = no
allow_retry = yes
}
Module: Linked to module rlm_eap
Module: Instantiating module "eap" from file /usr/etc/raddb/eap.conf
eap {
default_eap_type = "peap"
timer_expire = 60
ignore_unknown_eap_types = no
cisco_accounting_username_bug = no
max_sessions = 2048
}
Module: Linked to sub-module rlm_eap_md5
Module: Instantiating eap-md5
Module: Linked to sub-module rlm_eap_gtc
Module: Instantiating eap-gtc
gtc {
challenge = "Password: "
auth_type = "Local"
}
Module: Linked to sub-module rlm_eap_tls
Module: Instantiating eap-tls
tls {
rsa_key_exchange = no
dh_key_exchange = yes
rsa_key_length = 512
dh_key_length = 512
verify_depth = 0
pem_file_type = yes
private_key_file = "/usr/etc/rad/privkey.pem"
certificate_file = "/usr/etc/rad/servcert.pem"
CA_file = "/usr/etc/rad/cacrlcert.pem"
dh_file = "/usr/etc/rad/dh"
random_file = "/usr/etc/rad/random"
fragment_size = 1024
include_length = yes
check_crl = no
}
Module: Linked to sub-module rlm_eap_ttls
Module: Instantiating eap-ttls
ttls {
default_eap_type = "md5"
copy_request_to_tunnel = yes
use_tunneled_reply = yes
include_length = yes
}
Module: Linked to sub-module rlm_eap_peap
Module: Instantiating eap-peap
peap {
default_eap_type = "mschapv2"
copy_request_to_tunnel = yes
use_tunneled_reply = yes
proxy_tunneled_request_as_eap = yes
soh = no
}
Module: Linked to sub-module rlm_eap_mschapv2
Module: Instantiating eap-mschapv2
mschapv2 {
with_ntdomain_hack = no
send_error = no
}
Module: Checking authorize {...} for more modules to load
Module: Linked to module rlm_preprocess
Module: Instantiating module "preprocess" from file /usr/etc/raddb/radiusd.conf
preprocess {
huntgroups = "/usr/etc/raddb/huntgroups"
hints = "/usr/etc/raddb/hints"
with_ascend_hack = no
ascend_channels_per_line = 23
with_ntdomain_hack = no
with_specialix_jetstream_hack = no
with_cisco_vsa_hack = no
with_alvarion_vsa_hack = no
}
Module: Linked to module rlm_passwd
Module: Instantiating module "etc_passwd" from file /usr/etc/raddb/radiusd.conf
passwd etc_passwd {
filename = "/usr/etc/passwd"
format = "*User-Name::User-Password"
delimiter = ":"
ignorenislike = yes
ignoreempty = yes
allowmultiplekeys = no
hashsize = 100
}
rlm_passwd: nfields: 3 keyfield 0(User-Name) listable: no
Module: Instantiating module "etc_group" from file /usr/etc/raddb/radiusd.conf
passwd etc_group {
filename = "/usr/etc/group"
format = "~Group-Name::*,User-Name"
delimiter = ":"
ignorenislike = yes
ignoreempty = yes
allowmultiplekeys = no
hashsize = 100
}
rlm_passwd: nfields: 3 keyfield 2(User-Name) listable: yes
Module: Linked to module rlm_realm
Module: Instantiating module "suffix_oblic" from file /usr/etc/raddb/radiusd.conf
realm suffix_oblic {
format = "suffix"
delimiter = "/"
ignore_default = no
ignore_null = no
}
Module: Instantiating module "prefix_oblic" from file /usr/etc/raddb/radiusd.conf
realm prefix_oblic {
format = "prefix"
delimiter = "/"
ignore_default = no
ignore_null = no
}
Module: Instantiating module "suffix_at" from file /usr/etc/raddb/radiusd.conf
realm suffix_at {
format = "suffix"
delimiter = "@"
ignore_default = no
ignore_null = no
}
Module: Instantiating module "prefix_at" from file /usr/etc/raddb/radiusd.conf
realm prefix_at {
format = "prefix"
delimiter = "@"
ignore_default = no
ignore_null = no
}
Module: Instantiating module "suffix_percent" from file /usr/etc/raddb/radiusd.conf
realm suffix_percent {
format = "suffix"
delimiter = "%"
ignore_default = no
ignore_null = no
}
Module: Instantiating module "prefix_percent" from file /usr/etc/raddb/radiusd.conf
realm prefix_percent {
format = "prefix"
delimiter = "%"
ignore_default = no
ignore_null = no
}
Module: Linked to module rlm_files
Module: Instantiating module "files" from file /usr/etc/raddb/radiusd.conf
files {
usersfile = "/usr/etc/raddb/users"
acctusersfile = "/usr/etc/raddb/acct_users"
compat = "no"
}
Module: Checking preacct {...} for more modules to load
Module: Linked to module rlm_acct_unique
Module: Instantiating module "acct_unique" from file /usr/etc/raddb/radiusd.conf
acct_unique {
key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port"
}
Module: Checking accounting {...} for more modules to load
Module: Linked to module rlm_detail
Module: Instantiating module "detail" from file /usr/etc/raddb/radiusd.conf
detail {
detailfile = "/var/log/radacct/%{Client-IP-Address}/acct-%Y%m%d"
header = "%t"
detailperm = 438
dirperm = 493
locking = no
log_packet_header = no
}
} # modules
} # server
radiusd: #### Opening IP addresses and Ports ####
bind_address = *
WARNING: The directive 'bind_address' is deprecated, and will be removed in future versions of FreeRADIUS. Please edit the configuration files to use the directive 'listen'.
Listening on authentication address * port 1812
Listening on accounting address * port 1813
Listening on proxy address * port 1814
Ready to process requests.
rad_recv: Access-Request packet from host 127.0.0.1 port 10115, id=159, length=143
User-Name = "usr1"
Called-Station-Id = "00:15:70:01:4b:30"
Calling-Station-Id = "00:13:ce:7b:b9:48"
NAS-Port = 1
NAS-Port-Type = Wireless-802.11
Framed-MTU = 1400
NAS-IP-Address = 192.168.0.1
NAS-Identifier = "AP-51xx"
Symbol-Wlan-Index = "peap_test"
EAP-Message = 0x020000090175737231
Message-Authenticator = 0xb9b0f513cbedc78aa9ff3df8a7b6a942
# Executing section authorize from file /usr/etc/raddb/radiusd.conf
+- entering group authorize {...}
++[preprocess] returns ok
[etc_passwd] Added User-Password: 'usr1' to config_items
++[etc_passwd] returns ok
[etc_group] Added Group-Name: 'grp1' to request_items
++[etc_group] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix_oblic] No '/' in User-Name = "usr1", looking up realm NULL
[suffix_oblic] No such realm "NULL"
++[suffix_oblic] returns noop
[prefix_oblic] No '/' in User-Name = "usr1", looking up realm NULL
[prefix_oblic] No such realm "NULL"
++[prefix_oblic] returns noop
[suffix_at] No '@' in User-Name = "usr1", looking up realm NULL
[suffix_at] No such realm "NULL"
++[suffix_at] returns noop
[prefix_at] No '@' in User-Name = "usr1", looking up realm NULL
[prefix_at] No such realm "NULL"
++[prefix_at] returns noop
[suffix_percent] No '%' in User-Name = "usr1", looking up realm NULL
[suffix_percent] No such realm "NULL"
++[suffix_percent] returns noop
[prefix_percent] No '%' in User-Name = "usr1", looking up realm NULL
[prefix_percent] No such realm "NULL"
++[prefix_percent] returns noop
[files] expand: %{Symbol-Wlan-Index} -> peap_test
[files] users: Matched entry DEFAULT at line 2
++[files] returns ok
[eap] EAP packet type response id 0 length 9
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
rlm_logintime: Checking Login-Time: 'Any0000-2359,'
rlm_logintime: timestr returned unlimited
++[logintime] returns ok
Found Auth-Type = EAP
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!! Replacing User-Password in config items with Cleartext-Password. !!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!! Please update your configuration so that the "known good" !!!
!!! clear text password is in Cleartext-Password, and not in User-Password. !!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
# Executing group from file /usr/etc/raddb/radiusd.conf
+- entering group authenticate {...}
[eap] EAP Identity
Requested EAP type by the user is = peap
[eap] processing type tls
[tls] ***** eaptls_new_session
***** start eaptls_new_session
***** set callback eaptls_new_session
***** end eaptls_new_session
[tls] Initiate
[tls] Start returned 1
++[eap] returns handled
rad_encode Sending Access-Challenge of id 159 to 127.0.0.1 port 10115
EAP-Message = 0x010100061920
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x4581256345803cb49b6e122cd29e8e42
Finished request 0.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 127.0.0.1 port 10115, id=160, length=232
User-Name = "usr1"
Called-Station-Id = "00:15:70:01:4b:30"
Calling-Station-Id = "00:13:ce:7b:b9:48"
NAS-Port = 1
NAS-Port-Type = Wireless-802.11
Framed-MTU = 1400
NAS-IP-Address = 192.168.0.1
NAS-Identifier = "AP-51xx"
Symbol-Wlan-Index = "peap_test"
State = 0x4581256345803cb49b6e122cd29e8e42
EAP-Message = 0x0201005019800000004616030100410100003d03014f7d84ce35a8b582475b1f9d0f090a2b9e46873c38c4558dd63b1ddd93988d4000001600040005000a000900640062000300060013001200630100
Message-Authenticator = 0xdd70594133a57be41b6d1860a114055b
# Executing section authorize from file /usr/etc/raddb/radiusd.conf
+- entering group authorize {...}
++[preprocess] returns ok
[etc_passwd] Added User-Password: 'usr1' to config_items
++[etc_passwd] returns ok
[etc_group] Added Group-Name: 'grp1' to request_items
++[etc_group] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix_oblic] No '/' in User-Name = "usr1", looking up realm NULL
[suffix_oblic] No such realm "NULL"
++[suffix_oblic] returns noop
[prefix_oblic] No '/' in User-Name = "usr1", looking up realm NULL
[prefix_oblic] No such realm "NULL"
++[prefix_oblic] returns noop
[suffix_at] No '@' in User-Name = "usr1", looking up realm NULL
[suffix_at] No such realm "NULL"
++[suffix_at] returns noop
[prefix_at] No '@' in User-Name = "usr1", looking up realm NULL
[prefix_at] No such realm "NULL"
++[prefix_at] returns noop
[suffix_percent] No '%' in User-Name = "usr1", looking up realm NULL
[suffix_percent] No such realm "NULL"
++[suffix_percent] returns noop
[prefix_percent] No '%' in User-Name = "usr1", looking up realm NULL
[prefix_percent] No such realm "NULL"
++[prefix_percent] returns noop
[files] expand: %{Symbol-Wlan-Index} -> peap_test
[files] users: Matched entry DEFAULT at line 2
++[files] returns ok
[eap] EAP packet type response id 1 length 80
[eap] Continuing tunnel setup.
++[eap] returns ok
rlm_logintime: Checking Login-Time: 'Any0000-2359,'
rlm_logintime: timestr returned unlimited
++[logintime] returns ok
Found Auth-Type = EAP
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!! Replacing User-Password in config items with Cleartext-Password. !!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!! Please update your configuration so that the "known good" !!!
!!! clear text password is in Cleartext-Password, and not in User-Password. !!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
# Executing group from file /usr/etc/raddb/radiusd.conf
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/peap
[eap] processing type peap
[peap] processing EAP-TLS
TLS Length 70
[peap] Length Included
[peap] eaptls_verify returned 11
[peap] (other): before/accept initialization
[peap] TLS_accept: before/accept initialization
[peap] TLS_accept: SSLv3 read client hello A
[peap] TLS_accept: SSLv3 write server hello A
[peap] TLS_accept: SSLv3 write certificate A
[peap] TLS_accept: SSLv3 write server done A
[peap] TLS_accept: SSLv3 flush data
[peap] TLS_accept: Need to read more data: SSLv3 read client certificate A
In SSL Handshake Phase
In SSL Accept mode
SSL done with dirty_in, reinitialize it
debug TLS dirty_out.used
[peap] peap eaptls_process returned 13
[peap] EAPTLS_HANDLED
++[eap] returns handled
rad_encode Sending Access-Challenge of id 160 to 127.0.0.1 port 10115
EAP-Message = 0x010202bb1900160301002a020000260301000132506d539df091461a9ade53601fe3e6a18cc4f1de9ef105daeb1602250d0000040016030102780b00027400027100026e3082026a308201d3a003020102020202b8300d06092a864886f70d0101050500306e310b3009060355040613025553310b30090603550408130243413111300f0603550407130853616e204a6f7365311c301a060355040a1313456e7465727072697365204d6f62696c697479310e300c060355040b130545574c414e3111300f060355040313084d6f746f726f6c61301e170d3132303332393137353131385a170d3133303332393137353131385a306e310b3009060355
EAP-Message = 0x040613025553310b30090603550408130243413111300f0603550407130853616e204a6f7365311c301a060355040a1313456e7465727072697365204d6f62696c697479310e300c060355040b130545574c414e3111300f060355040313084d6f746f726f6c6130819f300d06092a864886f70d010101050003818d0030818902818100c6e63e6b4e1c743590b9381649b599fd0a6ffca9e54f671d6101938d7dd43fdaae4a8478b2b0663148f187399747a1598a6d240826f1fb704d43474e87932baf47710cc386f96025f5028dfcea8d4911d7bb121b4c5356f38ee56d75a2afba80aaebc737e9192cf7713df15ccc36de8f3923234c106ca12520
EAP-Message = 0x17e87fa1c370c10203010001a317301530130603551d25040c300a06082b06010505070301300d06092a864886f70d01010505000381810087ca4b19dc6cade48bbec4e069a9a68a9441658bc0319f954f5683ba4504c0c23bdda4994f6a3a139cf18160d1ea45120faf02199ab0e4af4a9b4c97b0d0c0c800d803112b1e0088e08ba4e7ef1bece56be62f5d78b80f6815906f4c8fcac6dbe21da41f1dfa25dc9be8c5d3f50a94485212a39eee477c7c92009cb65524101b16030100040e000000
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x4581256344833cb49b6e122cd29e8e42
Finished request 1.
Going to the next request
Waking up in 4.8 seconds.
rad_recv: Access-Request packet from host 127.0.0.1 port 10115, id=161, length=344
User-Name = "usr1"
Called-Station-Id = "00:15:70:01:4b:30"
Calling-Station-Id = "00:13:ce:7b:b9:48"
NAS-Port = 1
NAS-Port-Type = Wireless-802.11
Framed-MTU = 1400
NAS-IP-Address = 192.168.0.1
NAS-Identifier = "AP-51xx"
Symbol-Wlan-Index = "peap_test"
State = 0x4581256344833cb49b6e122cd29e8e42
EAP-Message = 0x020200c01980000000b61603010086100000820080147e7115e8dbc9d95cb24fd3dc77e988bc86f7b358a1869956d813b91524988a2a4e5bf0e66d38df0c860249f9724d82a25559358900b04903209def8b45ec12e1715ddefb6ce393f582e78dfcf2f686a99b6aa20279bc38a3f4f69b9406aad212c91174667cb3eb61902384dce8c6e9f24bba42c260d4823521dbf617070c1e1403010001011603010020b5f0364aa92f29d2f20d48fe55e45e2315bf60c788a385bd6d9d61589de1d3e8
Message-Authenticator = 0x6e4412e78bddb682dbd8fe963e219fdb
# Executing section authorize from file /usr/etc/raddb/radiusd.conf
+- entering group authorize {...}
++[preprocess] returns ok
[etc_passwd] Added User-Password: 'usr1' to config_items
++[etc_passwd] returns ok
[etc_group] Added Group-Name: 'grp1' to request_items
++[etc_group] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix_oblic] No '/' in User-Name = "usr1", looking up realm NULL
[suffix_oblic] No such realm "NULL"
++[suffix_oblic] returns noop
[prefix_oblic] No '/' in User-Name = "usr1", looking up realm NULL
[prefix_oblic] No such realm "NULL"
++[prefix_oblic] returns noop
[suffix_at] No '@' in User-Name = "usr1", looking up realm NULL
[suffix_at] No such realm "NULL"
++[suffix_at] returns noop
[prefix_at] No '@' in User-Name = "usr1", looking up realm NULL
[prefix_at] No such realm "NULL"
++[prefix_at] returns noop
[suffix_percent] No '%' in User-Name = "usr1", looking up realm NULL
[suffix_percent] No such realm "NULL"
++[suffix_percent] returns noop
[prefix_percent] No '%' in User-Name = "usr1", looking up realm NULL
[prefix_percent] No such realm "NULL"
++[prefix_percent] returns noop
[files] expand: %{Symbol-Wlan-Index} -> peap_test
[files] users: Matched entry DEFAULT at line 2
++[files] returns ok
[eap] EAP packet type response id 2 length 192
[eap] Continuing tunnel setup.
++[eap] returns ok
rlm_logintime: Checking Login-Time: 'Any0000-2359,'
rlm_logintime: timestr returned unlimited
++[logintime] returns ok
Found Auth-Type = EAP
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!! Replacing User-Password in config items with Cleartext-Password. !!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!! Please update your configuration so that the "known good" !!!
!!! clear text password is in Cleartext-Password, and not in User-Password. !!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
# Executing group from file /usr/etc/raddb/radiusd.conf
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/peap
[eap] processing type peap
[peap] processing EAP-TLS
TLS Length 182
[peap] Length Included
[peap] eaptls_verify returned 11
[peap] TLS_accept: SSLv3 read client key exchange A
[peap] TLS_accept: SSLv3 read finished A
[peap] TLS_accept: SSLv3 write change cipher spec A
[peap] TLS_accept: SSLv3 write finished A
[peap] TLS_accept: SSLv3 flush data
[peap] (other): SSL negotiation finished successfully
SSL Connection Established
SSL done with dirty_in, reinitialize it
debug TLS dirty_out.used
[peap] peap eaptls_process returned 13
[peap] EAPTLS_HANDLED
++[eap] returns handled
rad_encode Sending Access-Challenge of id 161 to 127.0.0.1 port 10115
EAP-Message = 0x010300311900140301000101160301002048edff39f15fd6df5b8e32f6ed2583f99295cfd01c897a5aa90c99b898f71245
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x4581256347823cb49b6e122cd29e8e42
Finished request 2.
Going to the next request
Waking up in 4.5 seconds.
rad_recv: Access-Request packet from host 127.0.0.1 port 10115, id=162, length=158
User-Name = "usr1"
Called-Station-Id = "00:15:70:01:4b:30"
Calling-Station-Id = "00:13:ce:7b:b9:48"
NAS-Port = 1
NAS-Port-Type = Wireless-802.11
Framed-MTU = 1400
NAS-IP-Address = 192.168.0.1
NAS-Identifier = "AP-51xx"
Symbol-Wlan-Index = "peap_test"
State = 0x4581256347823cb49b6e122cd29e8e42
EAP-Message = 0x020300061900
Message-Authenticator = 0x7dfcc4f1f49f71175b5c35a44a007ccf
# Executing section authorize from file /usr/etc/raddb/radiusd.conf
+- entering group authorize {...}
++[preprocess] returns ok
[etc_passwd] Added User-Password: 'usr1' to config_items
++[etc_passwd] returns ok
[etc_group] Added Group-Name: 'grp1' to request_items
++[etc_group] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix_oblic] No '/' in User-Name = "usr1", looking up realm NULL
[suffix_oblic] No such realm "NULL"
++[suffix_oblic] returns noop
[prefix_oblic] No '/' in User-Name = "usr1", looking up realm NULL
[prefix_oblic] No such realm "NULL"
++[prefix_oblic] returns noop
[suffix_at] No '@' in User-Name = "usr1", looking up realm NULL
[suffix_at] No such realm "NULL"
++[suffix_at] returns noop
[prefix_at] No '@' in User-Name = "usr1", looking up realm NULL
[prefix_at] No such realm "NULL"
++[prefix_at] returns noop
[suffix_percent] No '%' in User-Name = "usr1", looking up realm NULL
[suffix_percent] No such realm "NULL"
++[suffix_percent] returns noop
[prefix_percent] No '%' in User-Name = "usr1", looking up realm NULL
[prefix_percent] No such realm "NULL"
++[prefix_percent] returns noop
[files] expand: %{Symbol-Wlan-Index} -> peap_test
[files] users: Matched entry DEFAULT at line 2
++[files] returns ok
[eap] EAP packet type response id 3 length 6
[eap] Continuing tunnel setup.
++[eap] returns ok
rlm_logintime: Checking Login-Time: 'Any0000-2359,'
rlm_logintime: timestr returned unlimited
++[logintime] returns ok
Found Auth-Type = EAP
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!! Replacing User-Password in config items with Cleartext-Password. !!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!! Please update your configuration so that the "known good" !!!
!!! clear text password is in Cleartext-Password, and not in User-Password. !!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
# Executing group from file /usr/etc/raddb/radiusd.conf
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/peap
[eap] processing type peap
[peap] processing EAP-TLS
[peap] Received TLS ACK
[peap] No SSL info available. Waiting for more SSL data.
[peap] eaptls_verify returned 1
[peap] EAPTLS_REQUEST is done
[peap] peap eaptls_process returned 13
[peap] EAPTLS_HANDLED
++[eap] returns handled
rad_encode Sending Access-Challenge of id 162 to 127.0.0.1 port 10115
EAP-Message = 0x010400061900
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x4581256346853cb49b6e122cd29e8e42
Finished request 3.
Going to the next request
Waking up in 4.4 seconds.
Cleaning up request 0 ID 159 with timestamp +20
Waking up in 0.1 seconds.
Cleaning up request 1 ID 160 with timestamp +21
Waking up in 0.2 seconds.
Cleaning up request 2 ID 161 with timestamp +21
Waking up in 0.1 seconds.
Cleaning up request 3 ID 162 with timestamp +21
WARNING: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
WARNING: !! EAP session for state 0x4581256346853cb4 did not finish!
WARNING: !! Please read http://wiki.freeradius.org/Certificate_Compatibility
WARNING: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Ready to process requests.
rad_recv: Access-Request packet from host 127.0.0.1 port 10116, id=164, length=143
User-Name = "usr1"
Called-Station-Id = "00:15:70:01:4b:30"
Calling-Station-Id = "00:13:ce:7b:b9:48"
NAS-Port = 1
NAS-Port-Type = Wireless-802.11
Framed-MTU = 1400
NAS-IP-Address = 192.168.0.1
NAS-Identifier = "AP-51xx"
Symbol-Wlan-Index = "peap_test"
EAP-Message = 0x020000090175737231
Message-Authenticator = 0xa1eb27fae77c79a2e8797159d9652f47
# Executing section authorize from file /usr/etc/raddb/radiusd.conf
+- entering group authorize {...}
++[preprocess] returns ok
[etc_passwd] Added User-Password: 'usr1' to config_items
++[etc_passwd] returns ok
[etc_group] Added Group-Name: 'grp1' to request_items
++[etc_group] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix_oblic] No '/' in User-Name = "usr1", looking up realm NULL
[suffix_oblic] No such realm "NULL"
++[suffix_oblic] returns noop
[prefix_oblic] No '/' in User-Name = "usr1", looking up realm NULL
[prefix_oblic] No such realm "NULL"
++[prefix_oblic] returns noop
[suffix_at] No '@' in User-Name = "usr1", looking up realm NULL
[suffix_at] No such realm "NULL"
++[suffix_at] returns noop
[prefix_at] No '@' in User-Name = "usr1", looking up realm NULL
[prefix_at] No such realm "NULL"
++[prefix_at] returns noop
[suffix_percent] No '%' in User-Name = "usr1", looking up realm NULL
[suffix_percent] No such realm "NULL"
++[suffix_percent] returns noop
[prefix_percent] No '%' in User-Name = "usr1", looking up realm NULL
[prefix_percent] No such realm "NULL"
++[prefix_percent] returns noop
[files] expand: %{Symbol-Wlan-Index} -> peap_test
[files] users: Matched entry DEFAULT at line 2
++[files] returns ok
[eap] EAP packet type response id 0 length 9
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
rlm_logintime: Checking Login-Time: 'Any0000-2359,'
rlm_logintime: timestr returned unlimited
++[logintime] returns ok
Found Auth-Type = EAP
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!! Replacing User-Password in config items with Cleartext-Password. !!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!! Please update your configuration so that the "known good" !!!
!!! clear text password is in Cleartext-Password, and not in User-Password. !!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
# Executing group from file /usr/etc/raddb/radiusd.conf
+- entering group authenticate {...}
[eap] EAP Identity
Requested EAP type by the user is = peap
[eap] processing type tls
[tls] ***** eaptls_new_session
***** start eaptls_new_session
***** set callback eaptls_new_session
***** end eaptls_new_session
[tls] Initiate
[tls] Start returned 1
++[eap] returns handled
rad_encode Sending Access-Challenge of id 164 to 127.0.0.1 port 10116
EAP-Message = 0x010100061920
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xff294d2dff28543fc42fdc6290e05c86
Finished request 4.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 127.0.0.1 port 10116, id=165, length=161
User-Name = "usr1"
Called-Station-Id = "00:15:70:01:4b:30"
Calling-Station-Id = "00:13:ce:7b:b9:48"
NAS-Port = 1
NAS-Port-Type = Wireless-802.11
Framed-MTU = 1400
NAS-IP-Address = 192.168.0.1
NAS-Identifier = "AP-51xx"
Symbol-Wlan-Index = "peap_test"
State = 0xff294d2dff28543fc42fdc6290e05c86
EAP-Message = 0x020100090175737231
Message-Authenticator = 0xb06029c7f280cfa400ce08db943fc46e
# Executing section authorize from file /usr/etc/raddb/radiusd.conf
+- entering group authorize {...}
++[preprocess] returns ok
[etc_passwd] Added User-Password: 'usr1' to config_items
++[etc_passwd] returns ok
[etc_group] Added Group-Name: 'grp1' to request_items
++[etc_group] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix_oblic] No '/' in User-Name = "usr1", looking up realm NULL
[suffix_oblic] No such realm "NULL"
++[suffix_oblic] returns noop
[prefix_oblic] No '/' in User-Name = "usr1", looking up realm NULL
[prefix_oblic] No such realm "NULL"
++[prefix_oblic] returns noop
[suffix_at] No '@' in User-Name = "usr1", looking up realm NULL
[suffix_at] No such realm "NULL"
++[suffix_at] returns noop
[prefix_at] No '@' in User-Name = "usr1", looking up realm NULL
[prefix_at] No such realm "NULL"
++[prefix_at] returns noop
[suffix_percent] No '%' in User-Name = "usr1", looking up realm NULL
[suffix_percent] No such realm "NULL"
++[suffix_percent] returns noop
[prefix_percent] No '%' in User-Name = "usr1", looking up realm NULL
[prefix_percent] No such realm "NULL"
++[prefix_percent] returns noop
[files] expand: %{Symbol-Wlan-Index} -> peap_test
[files] users: Matched entry DEFAULT at line 2
++[files] returns ok
[eap] EAP packet type response id 1 length 9
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
rlm_logintime: Checking Login-Time: 'Any0000-2359,'
rlm_logintime: timestr returned unlimited
++[logintime] returns ok
Found Auth-Type = EAP
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!! Replacing User-Password in config items with Cleartext-Password. !!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!! Please update your configuration so that the "known good" !!!
!!! clear text password is in Cleartext-Password, and not in User-Password. !!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
# Executing group from file /usr/etc/raddb/radiusd.conf
+- entering group authenticate {...}
[eap] EAP Identity
Requested EAP type by the user is = peap
[eap] processing type tls
[tls] ***** eaptls_new_session
***** start eaptls_new_session
***** set callback eaptls_new_session
***** end eaptls_new_session
[tls] Initiate
[tls] Start returned 1
++[eap] returns handled
rad_encode Sending Access-Challenge of id 165 to 127.0.0.1 port 10116
EAP-Message = 0x010200061920
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x99b2ff3299b0e6149246046de3d95fdb
Finished request 5.
Going to the next request
Waking up in 4.6 seconds.
rad_recv: Access-Request packet from host 127.0.0.1 port 10116, id=166, length=232
User-Name = "usr1"
Called-Station-Id = "00:15:70:01:4b:30"
Calling-Station-Id = "00:13:ce:7b:b9:48"
NAS-Port = 1
NAS-Port-Type = Wireless-802.11
Framed-MTU = 1400
NAS-IP-Address = 192.168.0.1
NAS-Identifier = "AP-51xx"
Symbol-Wlan-Index = "peap_test"
State = 0x99b2ff3299b0e6149246046de3d95fdb
EAP-Message = 0x0202005019800000004616030100410100003d03014f7d84ed31ca22f3a94ee3017b5356bb1f7f441f28fb750856d5336a28d4e45200001600040005000a000900640062000300060013001200630100
Message-Authenticator = 0x7263676d9e65efee4c6d718e870332bd
# Executing section authorize from file /usr/etc/raddb/radiusd.conf
+- entering group authorize {...}
++[preprocess] returns ok
[etc_passwd] Added User-Password: 'usr1' to config_items
++[etc_passwd] returns ok
[etc_group] Added Group-Name: 'grp1' to request_items
++[etc_group] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix_oblic] No '/' in User-Name = "usr1", looking up realm NULL
[suffix_oblic] No such realm "NULL"
++[suffix_oblic] returns noop
[prefix_oblic] No '/' in User-Name = "usr1", looking up realm NULL
[prefix_oblic] No such realm "NULL"
++[prefix_oblic] returns noop
[suffix_at] No '@' in User-Name = "usr1", looking up realm NULL
[suffix_at] No such realm "NULL"
++[suffix_at] returns noop
[prefix_at] No '@' in User-Name = "usr1", looking up realm NULL
[prefix_at] No such realm "NULL"
++[prefix_at] returns noop
[suffix_percent] No '%' in User-Name = "usr1", looking up realm NULL
[suffix_percent] No such realm "NULL"
++[suffix_percent] returns noop
[prefix_percent] No '%' in User-Name = "usr1", looking up realm NULL
[prefix_percent] No such realm "NULL"
++[prefix_percent] returns noop
[files] expand: %{Symbol-Wlan-Index} -> peap_test
[files] users: Matched entry DEFAULT at line 2
++[files] returns ok
[eap] EAP packet type response id 2 length 80
[eap] Continuing tunnel setup.
++[eap] returns ok
rlm_logintime: Checking Login-Time: 'Any0000-2359,'
rlm_logintime: timestr returned unlimited
++[logintime] returns ok
Found Auth-Type = EAP
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!! Replacing User-Password in config items with Cleartext-Password. !!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!! Please update your configuration so that the "known good" !!!
!!! clear text password is in Cleartext-Password, and not in User-Password. !!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
# Executing group from file /usr/etc/raddb/radiusd.conf
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/peap
[eap] processing type peap
[peap] processing EAP-TLS
TLS Length 70
[peap] Length Included
[peap] eaptls_verify returned 11
[peap] (other): before/accept initialization
[peap] TLS_accept: before/accept initialization
[peap] TLS_accept: SSLv3 read client hello A
[peap] TLS_accept: SSLv3 write server hello A
[peap] TLS_accept: SSLv3 write certificate A
[peap] TLS_accept: SSLv3 write server done A
[peap] TLS_accept: SSLv3 flush data
[peap] TLS_accept: Need to read more data: SSLv3 read client certificate A
In SSL Handshake Phase
In SSL Accept mode
SSL done with dirty_in, reinitialize it
debug TLS dirty_out.used
[peap] peap eaptls_process returned 13
[peap] EAPTLS_HANDLED
++[eap] returns handled
rad_encode Sending Access-Challenge of id 166 to 127.0.0.1 port 10116
EAP-Message = 0x010302bb1900160301002a0200002603010001326ec97435e90e358fc448599269dc3045709cd610f568b8efd3b5c3816f0000040016030102780b00027400027100026e3082026a308201d3a003020102020202b8300d06092a864886f70d0101050500306e310b3009060355040613025553310b30090603550408130243413111300f0603550407130853616e204a6f7365311c301a060355040a1313456e7465727072697365204d6f62696c697479310e300c060355040b130545574c414e3111300f060355040313084d6f746f726f6c61301e170d3132303332393137353131385a170d3133303332393137353131385a306e310b3009060355
EAP-Message = 0x040613025553310b30090603550408130243413111300f0603550407130853616e204a6f7365311c301a060355040a1313456e7465727072697365204d6f62696c697479310e300c060355040b130545574c414e3111300f060355040313084d6f746f726f6c6130819f300d06092a864886f70d010101050003818d0030818902818100c6e63e6b4e1c743590b9381649b599fd0a6ffca9e54f671d6101938d7dd43fdaae4a8478b2b0663148f187399747a1598a6d240826f1fb704d43474e87932baf47710cc386f96025f5028dfcea8d4911d7bb121b4c5356f38ee56d75a2afba80aaebc737e9192cf7713df15ccc36de8f3923234c106ca12520
EAP-Message = 0x17e87fa1c370c10203010001a317301530130603551d25040c300a06082b06010505070301300d06092a864886f70d01010505000381810087ca4b19dc6cade48bbec4e069a9a68a9441658bc0319f954f5683ba4504c0c23bdda4994f6a3a139cf18160d1ea45120faf02199ab0e4af4a9b4c97b0d0c0c800d803112b1e0088e08ba4e7ef1bece56be62f5d78b80f6815906f4c8fcac6dbe21da41f1dfa25dc9be8c5d3f50a94485212a39eee477c7c92009cb65524101b16030100040e000000
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x99b2ff3298b1e6149246046de3d95fdb
Finished request 6.
Going to the next request
Waking up in 4.6 seconds.
rad_recv: Access-Request packet from host 127.0.0.1 port 10116, id=167, length=344
User-Name = "usr1"
Called-Station-Id = "00:15:70:01:4b:30"
Calling-Station-Id = "00:13:ce:7b:b9:48"
NAS-Port = 1
NAS-Port-Type = Wireless-802.11
Framed-MTU = 1400
NAS-IP-Address = 192.168.0.1
NAS-Identifier = "AP-51xx"
Symbol-Wlan-Index = "peap_test"
State = 0x99b2ff3298b1e6149246046de3d95fdb
EAP-Message = 0x020300c01980000000b6160301008610000082008075d9e06ebeba69faa53414d0ccdb26ab65007dd3a1af88b8795f14dbe8046a561b6a9b0fe733706d27b6f458e13777eb60686ce3c747f8e9cd3fecd0372450b4d2afbe01521c99c61843e3515ea68ce2747579d5f5efa055d7d797a6f069b2bc55d70dfaf8337893e86e72782ec4310003d3e574f637611798d3c29b909289a71403010001011603010020cc3c635dd13724810554b405a2808946d91dd26838cad338e4ad55ddd812a342
Message-Authenticator = 0xc936d1d8009d8c85d7db1a2cfe37bc3e
# Executing section authorize from file /usr/etc/raddb/radiusd.conf
+- entering group authorize {...}
++[preprocess] returns ok
[etc_passwd] Added User-Password: 'usr1' to config_items
++[etc_passwd] returns ok
[etc_group] Added Group-Name: 'grp1' to request_items
++[etc_group] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix_oblic] No '/' in User-Name = "usr1", looking up realm NULL
[suffix_oblic] No such realm "NULL"
++[suffix_oblic] returns noop
[prefix_oblic] No '/' in User-Name = "usr1", looking up realm NULL
[prefix_oblic] No such realm "NULL"
++[prefix_oblic] returns noop
[suffix_at] No '@' in User-Name = "usr1", looking up realm NULL
[suffix_at] No such realm "NULL"
++[suffix_at] returns noop
[prefix_at] No '@' in User-Name = "usr1", looking up realm NULL
[prefix_at] No such realm "NULL"
++[prefix_at] returns noop
[suffix_percent] No '%' in User-Name = "usr1", looking up realm NULL
[suffix_percent] No such realm "NULL"
++[suffix_percent] returns noop
[prefix_percent] No '%' in User-Name = "usr1", looking up realm NULL
[prefix_percent] No such realm "NULL"
++[prefix_percent] returns noop
[files] expand: %{Symbol-Wlan-Index} -> peap_test
[files] users: Matched entry DEFAULT at line 2
++[files] returns ok
[eap] EAP packet type response id 3 length 192
[eap] Continuing tunnel setup.
++[eap] returns ok
rlm_logintime: Checking Login-Time: 'Any0000-2359,'
rlm_logintime: timestr returned unlimited
++[logintime] returns ok
Found Auth-Type = EAP
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!! Replacing User-Password in config items with Cleartext-Password. !!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!! Please update your configuration so that the "known good" !!!
!!! clear text password is in Cleartext-Password, and not in User-Password. !!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
# Executing group from file /usr/etc/raddb/radiusd.conf
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/peap
[eap] processing type peap
[peap] processing EAP-TLS
TLS Length 182
[peap] Length Included
[peap] eaptls_verify returned 11
[peap] TLS_accept: SSLv3 read client key exchange A
[peap] TLS_accept: SSLv3 read finished A
[peap] TLS_accept: SSLv3 write change cipher spec A
[peap] TLS_accept: SSLv3 write finished A
[peap] TLS_accept: SSLv3 flush data
[peap] (other): SSL negotiation finished successfully
SSL Connection Established
SSL done with dirty_in, reinitialize it
debug TLS dirty_out.used
[peap] peap eaptls_process returned 13
[peap] EAPTLS_HANDLED
++[eap] returns handled
rad_encode Sending Access-Challenge of id 167 to 127.0.0.1 port 10116
EAP-Message = 0x010400311900140301000101160301002036ec0236d823801cf7fa4423bb4891fc4bdd1c0a57d01dda9cf980f3d8e276a6
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x99b2ff329bb6e6149246046de3d95fdb
Finished request 7.
Going to the next request
Waking up in 4.4 seconds.
rad_recv: Access-Request packet from host 127.0.0.1 port 10116, id=168, length=158
User-Name = "usr1"
Called-Station-Id = "00:15:70:01:4b:30"
Calling-Station-Id = "00:13:ce:7b:b9:48"
NAS-Port = 1
NAS-Port-Type = Wireless-802.11
Framed-MTU = 1400
NAS-IP-Address = 192.168.0.1
NAS-Identifier = "AP-51xx"
Symbol-Wlan-Index = "peap_test"
State = 0x99b2ff329bb6e6149246046de3d95fdb
EAP-Message = 0x020400061900
Message-Authenticator = 0xac8fde635d06396e2a39b68dcd750834
# Executing section authorize from file /usr/etc/raddb/radiusd.conf
+- entering group authorize {...}
++[preprocess] returns ok
[etc_passwd] Added User-Password: 'usr1' to config_items
++[etc_passwd] returns ok
[etc_group] Added Group-Name: 'grp1' to request_items
++[etc_group] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix_oblic] No '/' in User-Name = "usr1", looking up realm NULL
[suffix_oblic] No such realm "NULL"
++[suffix_oblic] returns noop
[prefix_oblic] No '/' in User-Name = "usr1", looking up realm NULL
[prefix_oblic] No such realm "NULL"
++[prefix_oblic] returns noop
[suffix_at] No '@' in User-Name = "usr1", looking up realm NULL
[suffix_at] No such realm "NULL"
++[suffix_at] returns noop
[prefix_at] No '@' in User-Name = "usr1", looking up realm NULL
[prefix_at] No such realm "NULL"
++[prefix_at] returns noop
[suffix_percent] No '%' in User-Name = "usr1", looking up realm NULL
[suffix_percent] No such realm "NULL"
++[suffix_percent] returns noop
[prefix_percent] No '%' in User-Name = "usr1", looking up realm NULL
[prefix_percent] No such realm "NULL"
++[prefix_percent] returns noop
[files] expand: %{Symbol-Wlan-Index} -> peap_test
[files] users: Matched entry DEFAULT at line 2
++[files] returns ok
[eap] EAP packet type response id 4 length 6
[eap] Continuing tunnel setup.
++[eap] returns ok
rlm_logintime: Checking Login-Time: 'Any0000-2359,'
rlm_logintime: timestr returned unlimited
++[logintime] returns ok
Found Auth-Type = EAP
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!! Replacing User-Password in config items with Cleartext-Password. !!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!! Please update your configuration so that the "known good" !!!
!!! clear text password is in Cleartext-Password, and not in User-Password. !!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
# Executing group from file /usr/etc/raddb/radiusd.conf
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/peap
[eap] processing type peap
[peap] processing EAP-TLS
[peap] Received TLS ACK
[peap] No SSL info available. Waiting for more SSL data.
[peap] eaptls_verify returned 1
[peap] EAPTLS_REQUEST is done
[peap] peap eaptls_process returned 13
[peap] EAPTLS_HANDLED
++[eap] returns handled
rad_encode Sending Access-Challenge of id 168 to 127.0.0.1 port 10116
EAP-Message = 0x010500061900
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x99b2ff329ab7e6149246046de3d95fdb
Finished request 8.
Going to the next request
Waking up in 4.3 seconds.
Cleaning up request 4 ID 164 with timestamp +51
WARNING: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
WARNING: !! EAP session for state 0xff294d2dff28543f did not finish!
WARNING: !! Please read http://wiki.freeradius.org/Certificate_Compatibility
WARNING: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Waking up in 0.3 seconds.
Cleaning up request 5 ID 165 with timestamp +51
Cleaning up request 6 ID 166 with timestamp +51
Waking up in 0.1 seconds.
Cleaning up request 7 ID 167 with timestamp +51
Cleaning up request 8 ID 168 with timestamp +52
WARNING: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
WARNING: !! EAP session for state 0x99b2ff329ab7e614 did not finish!
WARNING: !! Please read http://wiki.freeradius.org/Certificate_Compatibility
WARNING: !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Ready to process requests.
More information about the Freeradius-Devel
mailing list