Segmentation Fault
Matteo Lazzarini
mlazzarini at crema.unimi.it
Tue May 23 21:40:42 CEST 2006
help me please....
The cause could be my AP D-Link DWL-900AP+?
In the several one tried to you once they are connected to me
A single time is successful to connect to me
The demands from client Win XP leave corrected with certify to you
previously install to you in the client
....
Starting - reading configuration files ...
reread_config: reading radiusd.conf
Config: including file: /usr/local/radius/etc/raddb/clients.conf
Config: including file: /usr/local/radius/etc/raddb/eap.conf
main: prefix = "/usr/local/radius"
main: localstatedir = "/usr/local/radius/var"
main: logdir = "/usr/local/radius/var/log/radius"
main: libdir = "/usr/local/radius/lib"
main: radacctdir = "/usr/local/radius/var/log/radius/radacct"
main: hostname_lookups = no
main: max_request_time = 30
main: cleanup_delay = 5
main: max_requests = 1024
main: delete_blocked_requests = 0
main: port = 0
main: allow_core_dumps = no
main: log_stripped_names = no
main: log_file = "/usr/local/radius/var/log/radius/radius.log"
main: log_auth = yes
main: log_auth_badpass = no
main: log_auth_goodpass = no
main: pidfile = "/usr/local/radius/var/run/radiusd/radiusd.pid"
main: user = "(null)"
main: group = "(null)"
main: usercollide = no
main: lower_user = "no"
main: lower_pass = "no"
main: nospace_user = "no"
main: nospace_pass = "no"
main: checkrad = "/usr/local/radius/sbin/checkrad"
main: proxy_requests = yes
security: max_attributes = 200
security: reject_delay = 1
security: status_server = no
main: debug_level = 0
read_config_files: reading dictionary
read_config_files: reading naslist
Using deprecated naslist file. Support for this will go away soon.
read_config_files: reading clients
read_config_files: reading realms
radiusd: entering modules setup
Module: Library search path is /usr/local/radius/lib
Module: Loaded exec
exec: wait = yes
exec: program = "(null)"
exec: input_pairs = "request"
exec: output_pairs = "(null)"
exec: packet_type = "(null)"
rlm_exec: Wait=yes but no output defined. Did you mean output=none?
Module: Instantiated exec (exec)
Module: Loaded expr
Module: Instantiated expr (expr)
Module: Loaded eap
eap: default_eap_type = "tls"
eap: timer_expire = 60
eap: ignore_unknown_eap_types = no
eap: cisco_accounting_username_bug = no
tls: rsa_key_exchange = no
tls: dh_key_exchange = yes
tls: rsa_key_length = 512
tls: dh_key_length = 512
tls: verify_depth = 0
tls: CA_path = "(null)"
tls: pem_file_type = yes
tls: private_key_file = "/usr/local/radius/etc/1x/cert-srv.pem"
tls: certificate_file = "/usr/local/radius/etc/1x/cert-srv.pem"
tls: CA_file = "/usr/local/radius/etc/1x/root.pem"
tls: private_key_password = "whatever"
tls: dh_file = "/usr/local/radius/etc/1x/dh"
tls: random_file = "/usr/local/radius/etc/1x/random"
tls: fragment_size = 1024
tls: include_length = yes
tls: check_crl = no
tls: check_cert_cn = "(null)"
rlm_eap_tls: Loading the certificate file as a chain
rlm_eap: Loaded and initialized type tls
mschapv2: with_ntdomain_hack = no
rlm_eap: Loaded and initialized type mschapv2
Module: Instantiated eap (eap)
Module: Loaded detail
detail: detailfile =
"/usr/local/radius/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d"
detail: detailperm = 384
detail: dirperm = 493
detail: locking = no
Module: Instantiated detail (auth_log)
Module: Loaded realm
realm: format = "suffix"
realm: delimiter = "@"
realm: ignore_default = no
realm: ignore_null = no
Module: Instantiated realm (suffix)
Module: Loaded files
files: usersfile = "/usr/local/radius/etc/raddb/users"
files: acctusersfile = "/usr/local/radius/etc/raddb/acct_users"
files: preproxy_usersfile = "/usr/local/radius/etc/raddb/preproxy_users"
files: compat = "no"
Module: Instantiated files (files)
Module: Loaded preprocess
preprocess: huntgroups = "/usr/local/radius/etc/raddb/huntgroups"
preprocess: hints = "/usr/local/radius/etc/raddb/hints"
preprocess: with_ascend_hack = no
preprocess: ascend_channels_per_line = 23
preprocess: with_ntdomain_hack = no
preprocess: with_specialix_jetstream_hack = no
preprocess: with_cisco_vsa_hack = no
Module: Instantiated preprocess (preprocess)
Module: Loaded Acct-Unique-Session-Id
acct_unique: key = "User-Name, Acct-Session-Id, NAS-IP-Address,
Client-IP-Address, NAS-Port"
Module: Instantiated acct_unique (acct_unique)
detail: detailfile =
"/usr/local/radius/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d"
detail: detailperm = 384
detail: dirperm = 493
detail: locking = no
Module: Instantiated detail (detail)
Listening on authentication *:1812
Listening on accounting *:1813
Ready to process requests.
rad_recv: Access-Request packet from host 192.168.1.5:1206, id=19,
length=133
User-Name = "matteo"
NAS-IP-Address = 0.0.0.0
NAS-Port = 0
Called-Station-Id = "00-40-05-30-C5-86"
Calling-Station-Id = "00-12-F0-64-6D-8A"
NAS-Identifier = "DWL-900AP+"
Framed-MTU = 1380
NAS-Port-Type = Wireless-802.11
EAP-Message = 0x0201000b016d617474656f
Message-Authenticator = 0x967f88da472270a5df15034140e2040c
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
radius_xlat:
'/usr/local/radius/var/log/radius/radacct//auth-detail-20060523'
rlm_detail:
/usr/local/radius/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d
expands to /usr/local/radius/var/log/radius/radacct//auth-detail-20060523
modcall[authorize]: module "auth_log" returns ok for request 0
rlm_realm: No '@' in User-Name = "matteo", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 0
rlm_eap: EAP packet type response id 1 length 11
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 0
users: Matched entry DEFAULT at line 152
users: Matched entry matteo at line 216
modcall[authorize]: module "files" returns ok for request 0
modcall: leaving group authorize (returns updated) for request 0
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 0
rlm_eap: EAP Identity
rlm_eap: processing type tls
rlm_eap_tls: Requiring client certificate
rlm_eap_tls: Initiate
rlm_eap_tls: Start returned 1
modcall[authenticate]: module "eap" returns handled for request 0
modcall: leaving group authenticate (returns handled) for request 0
Sending Access-Challenge of id 19 to 192.168.1.5 port 1206
EAP-Message = 0x010200060d20
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x5a270abdfa6e2a77ddfe453ad6fc4d54
Finished request 0
Going to the next request
--- Walking the entire request list ---
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 192.168.1.5:1206, id=20,
length=220
User-Name = "matteo"
NAS-IP-Address = 0.0.0.0
NAS-Port = 0
Called-Station-Id = "00-40-05-30-C5-86"
Calling-Station-Id = "00-12-F0-64-6D-8A"
NAS-Identifier = "DWL-900AP+"
Framed-MTU = 1380
NAS-Port-Type = Wireless-802.11
EAP-Message =
0x020200500d800000004616030100410100003d030144734f2af0e9b4731fd9c2d0b4e504ca9ecd1d42ac11c913e9e2774b4179862b00001600040005000a000900640062000300060013001200630100
State = 0x5a270abdfa6e2a77ddfe453ad6fc4d54
Message-Authenticator = 0xffd12a5c648cfc7773dbbd30fd0c3f0a
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 1
radius_xlat:
'/usr/local/radius/var/log/radius/radacct//auth-detail-20060523'
rlm_detail:
/usr/local/radius/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d
expands to /usr/local/radius/var/log/radius/radacct//auth-detail-20060523
modcall[authorize]: module "auth_log" returns ok for request 1
rlm_realm: No '@' in User-Name = "matteo", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 1
rlm_eap: EAP packet type response id 2 length 80
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 1
users: Matched entry DEFAULT at line 152
users: Matched entry matteo at line 216
modcall[authorize]: module "files" returns ok for request 1
modcall: leaving group authorize (returns updated) for request 1
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 1
rlm_eap: Request found, released from the list
rlm_eap: EAP/tls
rlm_eap: processing type tls
rlm_eap_tls: Authenticate
rlm_eap_tls: processing TLS
rlm_eap_tls: Length Included
eaptls_verify returned 11
(other): before/accept initialization
TLS_accept: before/accept initialization
rlm_eap_tls: <<< TLS 1.0 Handshake [length 0041], ClientHello
TLS_accept: SSLv3 read client hello A
rlm_eap_tls: >>> TLS 1.0 Handshake [length 004a], ServerHello
TLS_accept: SSLv3 write server hello A
rlm_eap_tls: >>> TLS 1.0 Handshake [length 04eb], Certificate
TLS_accept: SSLv3 write certificate A
rlm_eap_tls: >>> TLS 1.0 Handshake [length 0051], CertificateRequest
TLS_accept: SSLv3 write certificate request A
TLS_accept: SSLv3 flush data
TLS_accept:error in SSLv3 read client certificate A
In SSL Handshake Phase
In SSL Accept mode
eaptls_process returned 13
modcall[authenticate]: module "eap" returns handled for request 1
modcall: leaving group authenticate (returns handled) for request 1
Sending Access-Challenge of id 20 to 192.168.1.5 port 1206
EAP-Message =
0x0103040a0dc000000595160301004a0200004603014473330a686dcaad963dba557b286c130ae8a2d9b77b43505615b517a28015cb206097502b68ed30dcc00fa7d886e1a545ac9836c60dad6e34ee5f29b12c64b34e00040016030104eb0b0004e70004e4000239308202353082019ea003020102020105300d06092a864886f70d01010505003040310b30090603550406130249543110300e0603550408130742657267616d6f31123010060355040a130947727570706f696d69310b3009060355040313024341301e170d3036303532333039303932345a170d3037303532333039303932345a3068310b30090603550406130249543110300e06
EAP-Message =
0x03550408130742657267616d6f31123010060355040a130947727570706f696d69310f300d060355040313067261646975733122302006092a864886f70d01090116137261646975734067727570706f696d692e697430819f300d06092a864886f70d010101050003818d0030818902818100b9ae0ef1716002d6b034f588e8b8b74bd312a355433aec355c9fe01dba647be21a421e811a37a0ec2a9bb214510f02362db1f19b33d0d6cf5f609379ae6dfe962d34bcc76d71f9d2e8ed0bf6f3000f8eaf3d6f9eaacc9f0930f96c86a7cb4ba8cd8c966984ffda1a822207f7c652e63ce05b14f16081e899960095d4efac221d0203010001a317301530
EAP-Message =
0x130603551d25040c300a06082b06010505070301300d06092a864886f70d010105050003818100aa75b2e1c672de7111c6a480c7e63fb0dd6e2763b581e3926abb51775254de94d1f42f3e9c4e73b35f5e6f6d11b76ab024062eb050d433da7249051388c80d0e2622f5d264b1a1da7e4c60a24fceb2310509cff9e61b0583173d79322c834ade2b99f68b4488c56ba88b27e42820306a74fdb6dbf07020c4c2ae90e9ae7da5890002a5308202a13082020aa003020102020900f65e6a6e4582e65e300d06092a864886f70d01010505003040310b30090603550406130249543110300e0603550408130742657267616d6f31123010060355040a1309
EAP-Message =
0x47727570706f696d69310b3009060355040313024341301e170d3036303532333039303133305a170d3038303532323039303133305a3040310b30090603550406130249543110300e0603550408130742657267616d6f31123010060355040a130947727570706f696d69310b300906035504031302434130819f300d06092a864886f70d010101050003818d0030818902818100b536489b6093a1ee191c95e2ac498564095e182c86e59a82a276a10a1fe1d60d4a4774370e3a31b6d33c18c64c046877fa8d61a1b08644e891e53c1e38ef28ae219919bb7ba7d4d68e3daded7b81c25ae99c6697fb6dcf0d81238390ba28ad73133dd0f3120cff4c
EAP-Message = 0x8782368fd48dd03b12a6847de5340d9035aa1ce1c96f
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x3889b8bcaefc660f73c84ed14247d0d3
Finished request 1
Going to the next request
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 192.168.1.5:1206, id=21,
length=146
User-Name = "matteo"
NAS-IP-Address = 0.0.0.0
NAS-Port = 0
Called-Station-Id = "00-40-05-30-C5-86"
Calling-Station-Id = "00-12-F0-64-6D-8A"
NAS-Identifier = "DWL-900AP+"
Framed-MTU = 1380
NAS-Port-Type = Wireless-802.11
EAP-Message = 0x020300060d00
State = 0x3889b8bcaefc660f73c84ed14247d0d3
Message-Authenticator = 0xd1c04f41b010cf03e62335e3d7009b1d
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 2
radius_xlat:
'/usr/local/radius/var/log/radius/radacct//auth-detail-20060523'
rlm_detail:
/usr/local/radius/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d
expands to /usr/local/radius/var/log/radius/radacct//auth-detail-20060523
modcall[authorize]: module "auth_log" returns ok for request 2
rlm_realm: No '@' in User-Name = "matteo", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 2
rlm_eap: EAP packet type response id 3 length 6
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 2
users: Matched entry DEFAULT at line 152
users: Matched entry matteo at line 216
modcall[authorize]: module "files" returns ok for request 2
modcall: leaving group authorize (returns updated) for request 2
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 2
rlm_eap: Request found, released from the list
rlm_eap: EAP/tls
rlm_eap: processing type tls
rlm_eap_tls: Authenticate
rlm_eap_tls: processing TLS
rlm_eap_tls: Received EAP-TLS ACK message
rlm_eap_tls: ack handshake fragment handler
eaptls_verify returned 1
eaptls_process returned 13
modcall[authenticate]: module "eap" returns handled for request 2
modcall: leaving group authenticate (returns handled) for request 2
Sending Access-Challenge of id 21 to 192.168.1.5 port 1206
EAP-Message =
0x0104019f0d8000000595e1410203010001a381a230819f301d0603551d0e04160414e3fcd11473961d087743bdfc11c2621c1a49650230700603551d23046930678014e3fcd11473961d087743bdfc11c2621c1a496502a144a4423040310b30090603550406130249543110300e0603550408130742657267616d6f31123010060355040a130947727570706f696d69310b3009060355040313024341820900f65e6a6e4582e65e300c0603551d13040530030101ff300d06092a864886f70d01010505000381810048be72b06a1043c8891eb2c03156bda58fe068cc6c9e3d0a5cdee92ee5417dc444a241afef677acb4906b9b3bcd22df060f4c040
EAP-Message =
0x79496b09b06ba334af5e487fbddd87bbba5824707f0b1dbf9b68cb1124d2d79f5f0661c727cd2d95756e2172725b529d701e40cc539457567805dc1cd4d0c3cb4f44291b53d3fce1ffac4bc016030100510d000049020102004400423040310b30090603550406130249543110300e0603550408130742657267616d6f31123010060355040a130947727570706f696d69310b30090603550403130243410e000000
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xf018e32e5012deb51093bbbb11bb8f34
Finished request 2
Going to the next request
--- Walking the entire request list ---
Waking up in 5 seconds...
rad_recv: Access-Request packet from host 192.168.1.5:1206, id=22,
length=1057
User-Name = "matteo"
NAS-IP-Address = 0.0.0.0
NAS-Port = 0
Called-Station-Id = "00-40-05-30-C5-86"
Calling-Station-Id = "00-12-F0-64-6D-8A"
NAS-Identifier = "DWL-900AP+"
Framed-MTU = 1380
NAS-Port-Type = Wireless-802.11
EAP-Message =
0x0204038f0d800000038516030103550b00024500024200023f3082023b308201a4a003020102020104300d06092a864886f70d01010505003040310b30090603550406130249543110300e0603550408130742657267616d6f31123010060355040a130947727570706f696d69310b3009060355040313024341301e170d3036303532333039303134395a170d3037303532333039303134395a306e310b30090603550406130249543110300e0603550408130742657267616d6f31123010060355040a130947727570706f696d69310f300d060355040313066d617474656f3128302606092a864886f70d01090116196d6c617a7a6172696e694063
EAP-Message =
0x72656d612e756e696d692e697430819f300d06092a864886f70d010101050003818d0030818902818100c0493661470a3ca6e9b03253e5961122d87865d8eef1decc61fe4ce1b9b1cbbca4068715290d7503719051add28c6f868716deb07dd07d2472c5e2efd8d19a53e028ae9f9811790e65933fb91dbc77d2378d1b427104f041f24bfa71c33015052530ada0bb655b68f0cc8d3fa3ad38e99bb0dff18524b016abf1f3134f8932d50203010001a317301530130603551d25040c300a06082b06010505070302300d06092a864886f70d01010505000381810047151d2a53dd7159cc78884e60f6534471cfd93aacea842acd0e15417cfb79f96c56
EAP-Message =
0x41e5e613e4b50e25fcd2ad850a177bf4abfd4fa808a042439a421a7362cd153ebdd033f462a6883bed08ebae428db26ad2535a8483c68d259bb8d435a67e8e04cf5edd6d74a9c8968d0cd9ce36fa4ac1f8f82c46dcd1d6f725be1b1c2169100000820080816e81dd3de4c19c4f0cc65f235960bb4b139d2a1e63fa0ba5fd2aa7ea810def29bace7abd216dc9508b1e9bc6fffbe243827fe2f23d0413d6b18a4e83f6d18d8a3c90c6da9cbb2267585de5c19fb5289136724d377190a3d15efcee29f73930358afab3240341505572be07bdac1b58813658468dce9295d9c7dbd345a4b25c0f0000820080ac4e6b0ca0e5a7129d1caabc67cb6b24b8d76f
EAP-Message =
0xae0cfee930105c775db5b351e6d7732b6f7d190524110211ab922fe155da04edf68295a5998212bea5f38688b2aa7ef3156c3383b352222e725ab54508b751dc21aa3d3eceb01e62d2fcee3eea02fa45e741e2265ae0f007f0ef50810f0f4e9c5a3e621c5baceb2bd2026c3aeb14030100010116030100208563ba073afa9603a9511a7a3cfeb68baffe873b38b39075fe211605188b786f
State = 0xf018e32e5012deb51093bbbb11bb8f34
Message-Authenticator = 0x6d1cf151301d9c811944568bccec3380
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 3
radius_xlat:
'/usr/local/radius/var/log/radius/radacct//auth-detail-20060523'
rlm_detail:
/usr/local/radius/var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d
expands to /usr/local/radius/var/log/radius/radacct//auth-detail-20060523
modcall[authorize]: module "auth_log" returns ok for request 3
rlm_realm: No '@' in User-Name = "matteo", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 3
rlm_eap: EAP packet type response id 4 length 253
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 3
users: Matched entry DEFAULT at line 152
users: Matched entry matteo at line 216
modcall[authorize]: module "files" returns ok for request 3
modcall: leaving group authorize (returns updated) for request 3
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 3
rlm_eap: Request found, released from the list
rlm_eap: EAP/tls
rlm_eap: processing type tls
rlm_eap_tls: Authenticate
rlm_eap_tls: processing TLS
rlm_eap_tls: Length Included
eaptls_verify returned 11
rlm_eap_tls: <<< TLS 1.0 Handshake [length 0249], Certificate
chain-depth=1,
error=0
--> User-Name = matteo
--> BUF-Name = CA
--> subject = /C=IT/ST=Bergamo/O=Gruppoimi/CN=CA
--> issuer = /C=IT/ST=Bergamo/O=Gruppoimi/CN=CA
--> verify return:1
chain-depth=0,
error=0
--> User-Name = matteo
--> BUF-Name = matteo
--> subject =
/C=IT/ST=Bergamo/O=Gruppoimi/CN=matteo/emailAddress=mlazzarini at crema.unimi.it
--> issuer = /C=IT/ST=Bergamo/O=Gruppoimi/CN=CA
--> verify return:1
TLS_accept: SSLv3 read client certificate A
rlm_eap_tls: <<< TLS 1.0 Handshake [length 0086], ClientKeyExchange
./run-radius: line 9: 7283 Segmentation fault
More information about the Freeradius-Users
mailing list