EAP-TLS problem
shantanu choudhary
shantanu_843 at yahoo.co.in
Mon Jun 11 10:17:50 CEST 2007
hello all,
earlier i was having problem of segmentation fault for wpa supplicant, that i have resolved(at least i think so, it was because i was not using xauth module of ath card). but now i am having a problem of validating CA, i am not able to validate server certificate.
i am sending u my wpa_supplicant result i hope u can help me out.
EAP-TLS: Requesting private key passphrase
CTRL-REQ-PASSPHRASE-0:Private key passphrase needed for SSID ATH183
CTRL_IFACE monitor send - hexdump(len=21): 2f 74 6d 70 2f 77 70 61 5f 63 74 72 6c 5f 37 30 39 36 2d 31 00
EAP: Failed to initialize EAP method: vendor 0 method 13 (TLS)
CTRL_IFACE monitor send - hexdump(len=21): 2f 74 6d 70 2f 77 70 61 5f 63 74 72 6c 5f 37 30 39 36 2d 31 00
EAP: Pending PIN/passphrase request - skip Nak
EAP: EAP entering state SEND_RESPONSE
EAP: EAP entering state IDLE
RX ctrl_iface - hexdump_ascii(len=4):
50 49 4e 47 PING
RX ctrl_iface - hexdump_ascii(len=6):
53 54 41 54 55 53 STATUS
ioctl[SIOCGIFADDR]: Cannot assign requested address
RX ctrl_iface - hexdump_ascii(len=13):
4c 49 53 54 5f 4e 45 54 57 4f 52 4b 53 LIST_NETWORKS
RX ctrl_iface - hexdump_ascii(len=4):
50 49 4e 47 PING
RX ctrl_iface - hexdump_ascii(len=4):
50 49 4e 47 PING
EAPOL: startWhen --> 0
RX ctrl_iface - hexdump_ascii(len=4):
50 49 4e 47 PING
RX ctrl_iface - hexdump_ascii(len=4):
50 49 4e 47 PING
RX ctrl_iface - hexdump_ascii(len=30): [REMOVED]
CTRL_IFACE: field=PASSPHRASE id=0
CTRL_IFACE: value - hexdump_ascii(len=8): [REMOVED]
EAPOL: received control response (user input) notification - retrying pending EAP Request
EAP: EAP entering state RECEIVED
EAP: Received EAP-Request id=1 method=13 vendor=0 vendorMethod=0
EAP: EAP entering state GET_METHOD
EAP: Initialize selected EAP method: vendor 0 method 13 (TLS)
TLS: Trusted root certificate(s) loaded
TLS - SSL error: error:0B07C065:x509 certificate routines:X509_STORE_add_cert:cert already in hash table
OpenSSL: tls_connection_client_cert - SSL_use_certificate_file (DER) failed error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
OpenSSL: pending error: error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error
OpenSSL: pending error: error:140C800D:SSL routines:SSL_use_certificate_file:ASN1 lib
OpenSSL: SSL_use_certificate_file (PEM) --> OK
OpenSSL: tls_connection_private_key - SSL_use_PrivateKey_File (DER) failed error:0D094065:asn1 encoding routines:d2i_ASN1_SET:bad class
OpenSSL: pending error: error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
OpenSSL: pending error: error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error
OpenSSL: pending error: error:0D09A00D:asn1 encoding routines:d2i_PrivateKey:ASN1 lib
OpenSSL: pending error: error:140CB00D:SSL routines:SSL_use_PrivateKey_file:ASN1 lib
OpenSSL: SSL_use_PrivateKey_File (PEM) --> OK
SSL: Private key loaded successfully
CTRL-EVENT-EAP-METHOD EAP vendor 0 method 13 (TLS) selected
CTRL_IFACE monitor send - hexdump(len=21): 2f 74 6d 70 2f 77 70 61 5f 63 74 72 6c 5f 37 30 39 36 2d 31 00
EAP: EAP entering state METHOD
SSL: Received packet(len=6) - Flags 0x20
EAP-TLS: Start
SSL: SSL_connect - want more data
SSL: 101 bytes pending from ssl_out
SSL: 101 bytes left to be sent out (of total 101 bytes)
EAP: method process -> ignore=FALSE methodState=MAY_CONT decision=FAIL
EAP: EAP entering state SEND_RESPONSE
EAP: EAP entering state IDLE
EAPOL: SUPP_BE entering state RESPONSE
EAPOL: txSuppRsp
TX EAPOL - hexdump(len=111): 01 00 00 6b 02 01 00 6b 0d 00 16 03 01 00 60 01 00 00 5c 03 01 46 6d 06 4b cc 4f b2 ae eb 76 1c 1a ab 4f 82 ee 2f bd fd 8e 83 a6 c6 cd da 79 43 cb b4 07 97 13 00 00 34 00 39 00 38 00 35 00 16 00 13 00 0a 00 33 00 32 00 2f 00 66 00 05 00 04 00 63 00 62 00 61 00 15 00 12 00 09 00 65 00 64 00 60 00 14 00 11 00 08 00 06 00 03 02 01 00
EAPOL: SUPP_BE entering state RECEIVE
RX EAPOL from 00:03:7f:09:60:7e
RX EAPOL - hexdump(len=1038): 01 00 04 0a 01 02 04 0a 0d c0 00 00 07 9e 16 03 01 00 4a 02 00 00 46 03 01 46 6d 03 13 c3 0c 81 a0 fe 19 5b 81 0d fd af 94 0e 8c 1d 58 53 16 d8 50 c1 56 81 a8 f0 5f 9b 79 20 1e 0e 1c b8 b7 1d d9 94 7b 65 46 61 7a 9c 22 74 cd 58 6c 80 b9 86 75 a0 21 a5 a4 bf a7 7c 3d b4 00 35 00 16 03 01 06 94 0b 00 06 90 00 06 8d 00 02 cd 30 82 02 c9 30 82 02 32 a0 03 02 01 02 02 01 02 30 0d 06 09 2a 86 48 86 f7 0d 01 01 04 05 00 30 81 9f 31 0b 30 09 06 03 55 04 06 13 02 43 41 31 11 30 0f 06 03 55 04 08 13 08 50 72 6f 76 69 6e 63 65 31 12 30 10 06 03 55 04 07 13 09 53 6f 6d 65 20 43 69 74 79 31 15 30 13 06 03 55 04 0a 13 0c 4f 72 67 61 6e 69 7a 61 74 69 6f 6e 31 12 30 10 06 03 55 04 0b 13 09 6c 6f 63 61 6c 68 6f 73 74 31 1b 30 19 06 03 55 04 03 13 12 43 6c 69 65 6e 74 20 63 65 72 74 69 66 69 63 61 74 65 31 21 30 1f 06 09 2a 86 48 86 f7 0d 01 09 01 16 12 63 6c 69 65 6e 74 40 65 78 61 6d 70 6c 65 2e 63 6f 6d 30 1e 17 0d 30 34 30 31 32 35 31 33 32 36 31 30 5a 17
0d 30 35 30 31 32 34 31 33 32 36 31 30 5a 30 81 9b 31 0b 30 09 06 03 55 04 06 13 02 43 41 31 11 30 0f 06 03 55 04 08 13 08 50 72 6f 76 69 6e 63 65 31 12 30 10 06 03 55 04 07 13 09 53 6f 6d 65 20 43 69 74 79 31 15 30 13 06 03 55 04 0a 13 0c 4f 72 67 61 6e 69 7a 61 74 69 6f 6e 31 12 30 10 06 03 55 04 0b 13 09 6c 6f 63 61 6c 68 6f 73 74 31 19 30 17 06 03 55 04 03 13 10 52 6f 6f 74 20 63 65 72 74 69 66 69 63 61 74 65 31 1f 30 1d 06 09 2a 86 48 86 f7 0d 01 09 01 16 10 72 6f 6f 74 40 65 78 61 6d 70 6c 65 2e 63 6f 6d 30 81 9f 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 81 8d 00 30 81 89 02 81 81 00 da c5 25 42 2b fe db 08 26 29 a2 cb a4 4b 34 49 c9 0d 0a b4 62 fb 72 c8 43 4a 78 20 98 86 3d 7e b7 d7 e7 00 28 c2 b7 ad 55 5a 51 cc 75 6c f4 fa 1d 70 91 61 5a b4 50 d5 28 95 53 ae 66 16 af f0 14 a5 50 85 d6 b8 fb 4a ee 98 63 8e 42 61 75 cd d3 6c 66 5c 63 cd a1 77 d3 49 20 eb 30 58 5e dc 87 73 99 9c 29 80 f8 1a d4 63 8b bb ea 1c 82 d0 54 02 3d b7 ef 24 a3 ec 1c 3f 62 41 a9 03 d7 f3
02 03 01 00 01 a3 17 30 15 30 13 06 03 55 1d 25 04 0c 30 0a 06 08 2b 06 01 05 05 07 03 01 30 0d 06 09 2a 86 48 86 f7 0d 01 01 04 05 00 03 81 81 00 7a 2d 92 1b 1c f1 3b f2 98 2a 91 78 ec 9e de 6d 88 ed c1 78 a2 e8 bd 40 a0 a0 6f b6 f0 76 99 57 88 4c d7 08 45 37 08 34 96 fd 18 41 65 29 3f 58 3c 8e 82 40 eb 68 e0 42 c9 4b 15 75 2e 4c 07 e8 0d 09 77 9a fa 3d d5 5c 24 fa 54 ac 29 2d 77 20 5d 1c 24 77 ed 30 d5 9f 57 ca f9 bd 21 ff 2a 8d 16 cc 09 11 c5 0e 4f 29 57 63 fc b6 0e fa 3c 3d 2d 0e 43 85 0f 6e 6f be 28 49 02 f6 e8 35 03 65 00 03 ba 30 82 03 b6 30 82 03 1f a0 03 02 01 02 02 01 00 30 0d 06 09 2a 86 48 86 f7 0d 01 01 04 05 00 30 81 9f 31 0b 30 09 06 03 55 04 06 13 02 43 41 31 11 30 0f 06 03 55 04 08 13 08 50 72 6f 76 69 6e 63 65 31 12 30 10 06 03 55 04 07 13 09 53 6f 6d 65 20 43 69 74 79 31 15 30 13 06 03 55 04 0a 13 0c 4f 72 67 61 6e 69 7a 61 74 69 6f 6e 31 12 30 10 06 03 55 04 0b 13 09 6c 6f 63 61 6c 68 6f 73 74 31 1b 30 19 06 03 55 04 03 13 12 43 6c 69 65 6e 74 20 63 65
72 74 69 66 69 63 61 74 65 31 21 30 1f 06 09 2a 86 48 86 f7 0d 01 09 01 16 12 63 6c 69 65 6e 74 40 65 78 61 6d 70 6c 65 2e 63 6f 6d 30 1e 17 0d 30 34 30 31 32 35 31 33 32 36 30 37 5a
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Request id=2 method=13 vendor=0 vendorMethod=0
EAP: EAP entering state METHOD
SSL: Received packet(len=1034) - Flags 0xc0
SSL: TLS Message Length: 1950
SSL: Need 926 bytes more input data
SSL: Building ACK
EAP: method process -> ignore=FALSE methodState=MAY_CONT decision=FAIL
EAP: EAP entering state SEND_RESPONSE
EAP: EAP entering state IDLE
EAPOL: SUPP_BE entering state RESPONSE
EAPOL: txSuppRsp
TX EAPOL - hexdump(len=10): 01 00 00 06 02 02 00 06 0d 00
EAPOL: SUPP_BE entering state RECEIVE
RX EAPOL from 00:03:7f:09:60:7e
RX EAPOL - hexdump(len=940): 01 00 03 a8 01 03 03 a8 0d 80 00 00 07 9e 17 0d 30 36 30 31 32 34 31 33 32 36 30 37 5a 30 81 9f 31 0b 30 09 06 03 55 04 06 13 02 43 41 31 11 30 0f 06 03 55 04 08 13 08 50 72 6f 76 69 6e 63 65 31 12 30 10 06 03 55 04 07 13 09 53 6f 6d 65 20 43 69 74 79 31 15 30 13 06 03 55 04 0a 13 0c 4f 72 67 61 6e 69 7a 61 74 69 6f 6e 31 12 30 10 06 03 55 04 0b 13 09 6c 6f 63 61 6c 68 6f 73 74 31 1b 30 19 06 03 55 04 03 13 12 43 6c 69 65 6e 74 20 63 65 72 74 69 66 69 63 61 74 65 31 21 30 1f 06 09 2a 86 48 86 f7 0d 01 09 01 16 12 63 6c 69 65 6e 74 40 65 78 61 6d 70 6c 65 2e 63 6f 6d 30 81 9f 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 81 8d 00 30 81 89 02 81 81 00 d4 c5 b1 97 24 f1 64 ac f1 ff b1 89 db 1c 8f bf f4 f1 43 96 ea 7c b1 e9 0f 78 d6 94 51 72 53 77 89 5d fe 52 cc b9 9b 41 e8 0d de b5 8b 12 7a 94 3f 4f 58 cb c5 62 87 81 92 fb dc 6f ec e9 f8 71 e7 c1 30 d3 5c f5 18 88 17 e9 b1 33 24 9e dd 2a 1c 75 d3 10 43 ae 87 55 3c ec 7a 77 ef 26 aa 7d 74 28 1d b9
b7 7e 17 c6 44 6c 5d d9 b1 88 b4 32 50 ca 02 29 96 37 22 a1 23 a7 26 b0 0b 40 27 fd 02 03 01 00 01 a3 81 ff 30 81 fc 30 1d 06 03 55 1d 0e 04 16 04 14 68 d3 6d 3e 1e e7 bc 9d 5a 05 70 21 c3 63 da 13 65 d1 ad e3 30 81 cc 06 03 55 1d 23 04 81 c4 30 81 c1 80 14 68 d3 6d 3e 1e e7 bc 9d 5a 05 70 21 c3 63 da 13 65 d1 ad e3 a1 81 a5 a4 81 a2 30 81 9f 31 0b 30 09 06 03 55 04 06 13 02 43 41 31 11 30 0f 06 03 55 04 08 13 08 50 72 6f 76 69 6e 63 65 31 12 30 10 06 03 55 04 07 13 09 53 6f 6d 65 20 43 69 74 79 31 15 30 13 06 03 55 04 0a 13 0c 4f 72 67 61 6e 69 7a 61 74 69 6f 6e 31 12 30 10 06 03 55 04 0b 13 09 6c 6f 63 61 6c 68 6f 73 74 31 1b 30 19 06 03 55 04 03 13 12 43 6c 69 65 6e 74 20 63 65 72 74 69 66 69 63 61 74 65 31 21 30 1f 06 09 2a 86 48 86 f7 0d 01 09 01 16 12 63 6c 69 65 6e 74 40 65 78 61 6d 70 6c 65 2e 63 6f 6d 82 01 00 30 0c 06 03 55 1d 13 04 05 30 03 01 01 ff 30 0d 06 09 2a 86 48 86 f7 0d 01 01 04 05 00 03 81 81 00 33 c0 0b 66 b1 e5 79 ef 73 a0 67 98 25 2d ab 8d 5e 55 11
fc 00 fd 27 6d 80 d1 2f 83 47 77 c6 74 3f dc 27 43 fc a1 50 77 04 e4 bc 09 79 e4 f6 0a c3 ad 9e e8 3e 6f 34 73 69 22 9d 1f 77 22 9b a2 e9 82 35 9d a5 63 02 4a 00 16 3d ba 6d 6c 98 6c 0b ad 28 af 85 13 2f f8 f0 d7 65 01 bf 1b 7c 2d ff 65 8c e1 e6 2c 01 99 7b 6e 64 e3 e8 d4 37 33 54 ce 99 12 84 76 51 53 90 63 b8 5b bc 54 85 c5 16 03 01 00 b1 0d 00 00 a9 02 01 02 00 a4 00 a2 30 81 9f 31 0b 30 09 06 03 55 04 06 13 02 43 41 31 11 30 0f 06 03 55 04 08 13 08 50 72 6f 76 69 6e 63 65 31 12 30 10 06 03 55 04 07 13 09 53 6f 6d 65 20 43 69 74 79 31 15 30 13 06 03 55 04 0a 13 0c 4f 72 67 61 6e 69 7a 61 74 69 6f 6e 31 12 30 10 06 03 55 04 0b 13 09 6c 6f 63 61 6c 68 6f 73 74 31 1b 30 19 06 03 55 04 03 13 12 43 6c 69 65 6e 74 20 63 65 72 74 69 66 69 63 61 74 65 31 21 30 1f 06 09 2a 86 48 86 f7 0d 01 09 01 16 12 63 6c 69 65 6e 74 40 65 78 61 6d 70 6c 65 2e 63 6f 6d 0e 00 00 00
EAPOL: Received EAP-Packet frame
EAPOL: SUPP_BE entering state REQUEST
EAPOL: getSuppRsp
EAP: EAP entering state RECEIVED
EAP: Received EAP-Request id=3 method=13 vendor=0 vendorMethod=0
EAP: EAP entering state METHOD
SSL: Received packet(len=936) - Flags 0x80
SSL: TLS Message Length: 1950
TLS: Certificate verification failed, error 19 (self signed certificate in certificate chain) depth 1 for '/C=CA/ST=Province/L=Some City/O=Organization/OU=localhost/CN=Client certificate/emailAddress=client at example.com'
OpenSSL: tls_connection_handshake - SSL_connect error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
SSL: 7 bytes pending from ssl_out
SSL: Failed - tls_out available to report error
SSL: 7 bytes left to be sent out (of total 7 bytes)
EAP-TLS: TLS processing failed
EAP: method process -> ignore=FALSE methodState=DONE decision=FAIL
EAP: EAP entering state SEND_RESPONSE
EAP: EAP entering state IDLE
EAPOL: SUPP_BE entering state RESPONSE
EAPOL: txSuppRsp
TX EAPOL - hexdump(len=17): 01 00 00 0d 02 03 00 0d 0d 00 15 03 01 00 02 02 30
EAPOL: SUPP_BE entering state RECEIVE
regards
shantanu
Did you know? You can CHAT without downloading messenger. Click here http://in.messenger.yahoo.com/webmessengerpromo.php
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20070611/25650dfd/attachment.html>
More information about the Freeradius-Users
mailing list