Windows Vista doing PEAP
King, Michael
MKing at bridgew.edu
Wed Oct 11 19:55:58 CEST 2006
Alan, here is your requested capture.
This was with RC1
I will be reattempting with RC2 in a little bit.
rad2:~# gdb /usr/sbin/freeradius
GNU gdb 6.4.90-debian
Copyright (C) 2006 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for details.
This GDB was configured as "i486-linux-gnu"...Using host libthread_db library "/lib/tls/libthread_db.so.1".
(gdb) set logging file gdb-radiusd.log
(gdb) set logging on
Copying output to gdb-radiusd.log.
(gdb) set args -X
(gdb) run
Starting program: /usr/sbin/freeradius -X
[Thread debugging using libthread_db enabled]
[New Thread 1077729984 (LWP 5747)]
Starting - reading configuration files ...
reread_config: reading radiusd.conf
Config: including file: /etc/freeradius/proxy.conf
Config: including file: /etc/freeradius/clients.conf
Config: including file: /etc/freeradius/snmp.conf
Config: including file: /etc/freeradius/eap.conf
Config: including file: /etc/freeradius/sql.conf
main: prefix = "/usr"
main: localstatedir = "/var"
main: logdir = "/var/log/freeradius"
main: libdir = "/usr/lib/freeradius"
main: radacctdir = "/var/log/freeradius/radacct"
main: hostname_lookups = no
main: snmp = no
main: max_request_time = 30
main: cleanup_delay = 5
main: max_requests = 1280000
main: delete_blocked_requests = 0
main: port = 0
main: allow_core_dumps = no
main: log_stripped_names = no
main: log_file = "/var/log/freeradius/radius.log"
main: log_auth = yes
main: log_auth_badpass = no
main: log_auth_goodpass = no
main: pidfile = "/var/run/freeradius/freeradius.pid"
main: user = "freerad"
main: group = "freerad"
main: usercollide = no
main: lower_user = "no"
main: lower_pass = "no"
main: nospace_user = "no"
main: nospace_pass = "no"
main: checkrad = "/usr/sbin/checkrad"
main: proxy_requests = yes
proxy: retry_delay = 5
proxy: retry_count = 3
proxy: synchronous = no
proxy: default_fallback = yes
proxy: dead_time = 120
proxy: post_proxy_authorize = no
proxy: wake_all_if_all_dead = no
security: max_attributes = 200
security: reject_delay = 1
security: status_server = no
main: debug_level = 0
read_config_files: reading dictionary
read_config_files: reading naslist
Using deprecated naslist file. Support for this will go away soon.
read_config_files: reading clients
read_config_files: reading realms
radiusd: entering modules setup
Module: Library search path is /usr/lib/freeradius
Module: Loaded exec
exec: wait = yes
exec: program = "(null)"
exec: input_pairs = "request"
exec: output_pairs = "(null)"
exec: packet_type = "(null)"
rlm_exec: Wait=yes but no output defined. Did you mean output=none?
Module: Instantiated exec (exec)
Module: Loaded expr
Module: Instantiated expr (expr)
Module: Loaded PAP
pap: encryption_scheme = "crypt"
Module: Instantiated pap (pap)
Module: Loaded CHAP
Module: Instantiated chap (chap)
Module: Loaded MS-CHAP
mschap: use_mppe = yes
mschap: require_encryption = no
mschap: require_strong = no
mschap: with_ntdomain_hack = yes
mschap: passwd = "(null)"
mschap: ntlm_auth = "/usr/bin/ntlm_auth --request-nt-key --username=%{mschap:User-Name} --challenge=%{mschap:Challenge} --nt-response=%{mschap:NT-Response} "
Module: Instantiated mschap (mschap)
Module: Loaded System
unix: cache = no
unix: passwd = "(null)"
unix: shadow = "(null)"
unix: group = "(null)"
unix: radwtmp = "/var/log/freeradius/radwtmp"
unix: usegroup = no
unix: cache_reload = 600
Module: Instantiated unix (unix)
Module: Loaded eap
eap: default_eap_type = "peap"
eap: timer_expire = 60
eap: ignore_unknown_eap_types = no
eap: cisco_accounting_username_bug = no
rlm_eap: Loaded and initialized type md5
rlm_eap: Loaded and initialized type leap
gtc: challenge = "Password: "
gtc: auth_type = "PAP"
rlm_eap: Loaded and initialized type gtc
tls: rsa_key_exchange = no
tls: dh_key_exchange = yes
tls: rsa_key_length = 512
tls: dh_key_length = 512
tls: verify_depth = 0
tls: CA_path = "(null)"
tls: pem_file_type = yes
tls: private_key_file = "/etc/freeradius/certs/rad2.campus.bridgew.edu.privkey.pem"
tls: certificate_file = "/etc/freeradius/certs/rad2.campus.bridgew.edu.cer"
tls: CA_file = "/etc/freeradius/certs/IPS-IPSCABUNDLE.CRT"
tls: private_key_password = "(null)"
tls: dh_file = "/etc/freeradius/certs/dh"
tls: random_file = "/etc/freeradius/certs/random"
tls: fragment_size = 1024
tls: include_length = yes
tls: check_crl = no
tls: check_cert_cn = "(null)"
tls: cipher_list = "(null)"
tls: check_cert_issuer = "(null)"
rlm_eap_tls: Loading the certificate file as a chain
rlm_eap: Loaded and initialized type tls
ttls: default_eap_type = "md5"
ttls: copy_request_to_tunnel = no
ttls: use_tunneled_reply = no
rlm_eap: Loaded and initialized type ttls
peap: default_eap_type = "mschapv2"
peap: copy_request_to_tunnel = no
peap: use_tunneled_reply = no
peap: proxy_tunneled_request_as_eap = yes
rlm_eap: Loaded and initialized type peap
mschapv2: with_ntdomain_hack = no
rlm_eap: Loaded and initialized type mschapv2
Module: Instantiated eap (eap)
Module: Loaded preprocess
preprocess: huntgroups = "/etc/freeradius/huntgroups"
preprocess: hints = "/etc/freeradius/hints"
preprocess: with_ascend_hack = no
preprocess: ascend_channels_per_line = 23
preprocess: with_ntdomain_hack = no
preprocess: with_specialix_jetstream_hack = no
preprocess: with_cisco_vsa_hack = no
preprocess: with_alvarion_vsa_hack = no
Module: Instantiated preprocess (preprocess)
Module: Loaded realm
realm: format = "suffix"
realm: delimiter = "@"
realm: ignore_default = no
realm: ignore_null = no
Module: Instantiated realm (suffix)
Module: Loaded files
files: usersfile = "/etc/freeradius/users"
files: acctusersfile = "/etc/freeradius/acct_users"
files: preproxy_usersfile = "/etc/freeradius/preproxy_users"
files: compat = "no"
Module: Instantiated files (files)
Module: Loaded Acct-Unique-Session-Id
acct_unique: key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port"
Module: Instantiated acct_unique (acct_unique)
Module: Loaded detail
detail: detailfile = "/var/log/freeradius/radacct/%{Client-IP-Address}/detail-%Y%m%d"
detail: detailperm = 384
detail: dirperm = 493
detail: locking = no
Module: Instantiated detail (detail)
Module: Loaded radutmp
radutmp: filename = "/var/log/freeradius/radutmp"
radutmp: username = "%{User-Name}"
radutmp: case_sensitive = yes
radutmp: check_with_nas = yes
radutmp: perm = 384
radutmp: callerid = yes
Module: Instantiated radutmp (radutmp)
Listening on authentication *:1812
Listening on accounting *:1813
Ready to process requests.
rad_recv: Access-Request packet from host 10.0.1.12:32769, id=5, length=179
User-Name = "BSC\\mking"
Calling-Station-Id = "00-13-02-1B-4F-01"
Called-Station-Id = "00-0B-85-5B-55-A0:test"
NAS-Port = 29
NAS-IP-Address = 10.0.1.12
NAS-Identifier = "BUWISM1-2"
Airespace-Wlan-Id = 7
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "4000"
EAP-Message = 0x0207000e014253435c6d6b696e67
Message-Authenticator = 0x18f6d0ae922dccd017b54b43a311261e
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
modcall[authorize]: module "preprocess" returns ok for request 0
modcall[authorize]: module "chap" returns noop for request 0
modcall[authorize]: module "mschap" returns noop for request 0
rlm_realm: No '@' in User-Name = "BSC\mking", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 0
rlm_eap: EAP packet type response id 7 length 14
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 0
users: Matched entry DEFAULT at line 152
users: Matched entry DEFAULT at line 171
modcall[authorize]: module "files" returns ok for request 0
modcall: leaving group authorize (returns updated) for request 0
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 0
rlm_eap: EAP Identity
rlm_eap: processing type tls
rlm_eap_tls: Initiate
rlm_eap_tls: Start returned 1
VISTA[eap_authenticate:341]: here
VISTA[eap_compose:475]: reply->id 7
VISTA[eap_compose:476]: reply->code 1
VISTA[eap_compose:514]: eap->request->code 1
VISTA[eap_compose:515]: eap->request->type.type 0
VISTA[eap_compose:516]: handler->eap_type 25
VISTA[eap_compose:523]: Setting EAP type
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 1077729984 (LWP 5747)]
0x4018675b in strlen () from /lib/tls/libc.so.6
(gdb) Quit
(gdb) info threads
* 1 Thread 1077729984 (LWP 5747) 0x4018675b in strlen () from /lib/tls/libc.so.6
(gdb) thread apply all bt full
Thread 1 (Thread 1077729984 (LWP 5747)):
#0 0x4018675b in strlen () from /lib/tls/libc.so.6
No symbol table info available.
#1 0x4015a064 in vfprintf () from /lib/tls/libc.so.6
No symbol table info available.
#2 0x40178161 in vsnprintf () from /lib/tls/libc.so.6
No symbol table info available.
#3 0x08051805 in vradlog (lvl=-1073760262, fmt=0x40405cdf "VISTA[%s:%d]: rcode %d", ap=0xbfffd824 "\003") at log.c:132
s = <value optimized out>
timeval = 1160589116
msgfd = (FILE *) 0xbfffb6ac
p = <value optimized out>
buffer = "Wed Oct 11 13:51:56 2006\n: Debug: VISTA[eap_compose:523]: Setting EAP type\n\00025\n\000e 0\n\000ct 11 13:51:56 2006 : Debug: VISTA[eap_authenticate:341]: here\n\000\200\001@=¹ÿ¿4¯\027@ô\217$@ \223$@ÀÚ<@¨¸ÿ¿ô\217$@ \223$@¨¸ÿ¿\002\005\027@ \223$@È\204\006\b"...
#4 0x08051a4f in log_debug (msg=0x40405cdf "VISTA[%s:%d]: rcode %d") at log.c:205
ap = 0xbfffd824 "\003"
r = 3
#5 0x40403a08 in eap_compose (handler=0x8165ee0) at eap.c:610
eap_len = 0
len = <value optimized out>
eap_msg = <value optimized out>
vp = <value optimized out>
eap_packet = <value optimized out>
ptr = (unsigned char *) 0x8176758 "\001\b"
request = (REQUEST *) 0x81641a8
eap_ds = <value optimized out>
reply = (EAP_PACKET *) 0x8165f60
rcode = 3
__FUNCTION__ = "eap_compose"
#6 0x40402cbc in eap_authenticate (instance=0x814ddd8, request=0x81641a8) at rlm_eap.c:342
vp = <value optimized out>
handler = (EAP_HANDLER *) 0x8165ee0
eap_packet = (eap_packet_t *) 0x0
rcode = <value optimized out>
__FUNCTION__ = "eap_authenticate"
#7 0x08055ad8 in modcall (component=0, c=0x815ea00, request=0x81641a8) at modcall.c:236
myresult = 0
#8 0x0805617c in call_one (component=3, p=0x40157393, request=0x3, priority=0xbfffd974, result=0xbfffd978) at modcall.c:269
r = <value optimized out>
#9 0x08055cca in modcall (component=0, c=0x815e6a8, request=0x81641a8) at modcall.c:324
g = (modgroup *) 0x815e6a8
myresult = 0
#10 0x08053d2e in indexed_modcall (comp=0, idx=1075147667, request=0x81641a8) at modules.c:469
this = (indexed_modcallable *) 0x8159710
#11 0x0804ce93 in rad_check_password (request=0x81641a8) at auth.c:367
dval = (DICT_VALUE *) 0x3
auth_type_pair = <value optimized out>
cur_config_item = <value optimized out>
password_pair = (VALUE_PAIR *) 0x0
auth_item = <value optimized out>
string = "\005\bðP\006\b\005@\006\b at w\a\bàL\006\b\000\000\000\000ô_\001@¡º\022@\000\000\000\000¨b\004@\002\000\000\000\aVF@ `\001@ô_\001@¡º\022@</-EÈ\204\006\b\nM\006\bÐu\a\bXÚÿ¿O\032\005\b\001\000\000\000PP\006\bdÚÿ¿|a\005\b\001\000\000\000H\025\026\b¨A\026\bÈ\204\006\bdÚÿ¿È\204\006\b¸Úÿ¿\\]\005\bPP\006\bk6\006\bÐu\a\b\nM\006\b\000\000\000\000|f\000@</-E¨Úÿ¿¤Úÿ¿\b\000\000\000¸Úÿ¿\220\221\025\b\001\000\000\000,H\006\b\000\000\000\000ô_\001@`m\004@\004\000"...
auth_type = 6
result = <value optimized out>
---Type <return> to continue, or q <return> to quit---
auth_type_count = 1
#12 0x0804d3bf in rad_authenticate (request=0x81641a8) at auth.c:662
check_item = <value optimized out>
vp = (VALUE_PAIR *) 0x40157393
namepair = (VALUE_PAIR *) 0x8164298
check_item = <value optimized out>
reply_item = <value optimized out>
auth_item = (VALUE_PAIR *) 0x0
module_msg = <value optimized out>
tmp = (VALUE_PAIR *) 0x0
result = 3
r = <value optimized out>
umsg = "çÿ¿çz\000@ çÿ¿Pf\001@\004\000\000\000\000\000\000\000\001\000\000\000\000\000\000\000\001\000\000\000ô\217$@<\000\000\000 \223$@´æÿ¿\037¨\027@\n\000\000\000Øæÿ¿(±\027@ \223$@`çÿ¿ød\001@ ¡\004\b$É\b\b \227$\000\000\000\000\000\bçÿ¿-2\006@ð@\026\b\024\000\000\000hï\006@ \223$@\bçÿ¿9|\027@ \223$@hï\006@ \227$@\210T\026\b\210çÿ¿¶a\006@ð@\026\b\024\000\000\000\020\000\000\000\002\000\000\000D\232\005@¨b\004@ô_\001@ød\001@\001\000\000\000pçÿ¿é²\000@¤f\001@\000"...
user_msg = <value optimized out>
exec_program = <value optimized out>
exec_wait = <value optimized out>
seen_callback_id = <value optimized out>
buf = "äúÿ¿\002\000\000\000\000\000\000\000ô_\001@üÿÿÿ\b\000\000\000¨ßÿ¿%¹\000@ðúÿ¿ÀgG@\000\000\000\000`m\004@äúÿ¿\002\000\000\000`;\026\b¨hG@äd\001@\b\000\000\000\213¸\000@ô\217$@À\\\001@`;\026\b\030àÿ¿\a¿!@ðúÿ¿\f=\026\b\001\000\000\000\000\000\000\000\b\211t$°´\000@\000\000\000\000ð\210\000@\223Ñ\027@¸:\026\b\001\000\000\200Nò\026@`åÿ¿`åÿ¿\000\000\000\000ô\217$@:È\006@\000\000\000\000ôåÿ¿\037o\025@\020æÿ¿:È\006@", '\0' <repeats 12 times>, " `\001@èj"...
logstr = "`;\026\b\203fG@\000ãÿ¿\025\000\000\000\214Ûÿ¿\223Ñ\027@\000ãÿ¿\210T\026\bNò\026@¼È\006@¼È\006@\000\000\000\000ô\217$@»È\006@\001\000\000\000\210áÿ¿\037o\025@¬áÿ¿»È\006@\001\000\000\000\000\000\000\000\004\000\000\000`;\026\bèj\025@ø¨$@\020:\026\b`áÿ¿)\000\000\000ø¤$@ôàÿ¿@\"\000\000dÛ\000@\000\000\000\000\005\000\000\000\0000\000\000\000@\000\000\000\000\000\000Ð4\000\000@âÿ¿(\216$@â?\026\b-\000\000\000$Üÿ¿\223Ñ\027@â?\026\b\000\000\000\000ÿÿÿÿ\030\000\000\000¼È\006@¶È\006@"...
autz_retry = 0 '\0'
autz_type = <value optimized out>
#13 0x08057347 in rad_respond (request=0x81641a8, fun=0x804d150 <rad_authenticate>) at radiusd.c:1653
rcode = <value optimized out>
packet = <value optimized out>
original = <value optimized out>
secret = 0x81641cc "d0wnh1ll"
finished = <value optimized out>
reprocess = <value optimized out>
#14 0x080591f6 in main (argc=2, argv=0xbffffae4) at radiusd.c:1427
cl = <value optimized out>
fun = (RAD_REQUEST_FUNP) 0x804d150 <rad_authenticate>
request = (REQUEST *) 0x81641a8
packet = (RADIUS_PACKET *) 0x81640b0
secret = (u_char *) 0x81454c0 "d0wnh1ll"
buffer = "*", '\0' <repeats 651 times>, "\221ü\000@", '\0' <repeats 12 times>, "\221ü\000@\000\000\000\000\000\220;@èëÿ¿0Î<@,íÿ¿åQ\000@,Î<@\000\000\000\000\004\000\000\000\022\b\000\000\a\000\000\000\000 \001\000\001\000\000\000ød\001@øëÿ¿û\206\000@ ¸'@°µ'@\023\000\000\000\001\000\000\000\\Ù)@°µ'@\000\000\000\000\0000\001\000d+\001\000d+\001\000\000\000\000\000\005\000\000\000\0000\001\000\000@\001\000,>\001\0000>\001\000,íÿ\000¨l\004@\034ìÿ¿YÀ\000@\211\233;@´l\004@ô_\001 at hj\004 at lH\021@\234îÿ¿|f\000"...
readfds = {fds_bits = {128, 0 <repeats 31 times>}}
argval = <value optimized out>
pid = <value optimized out>
max_fd = <value optimized out>
status = <value optimized out>
tv = (struct timeval *) 0x0
act = {__sigaction_handler = {sa_handler = 0x8057100 <sig_fatal>, sa_sigaction = 0x8057100 <sig_fatal>}, sa_mask = {__val = {
0 <repeats 32 times>}}, sa_flags = 0, sa_restorer = 0}
listener = <value optimized out>
More information about the Freeradius-Users
mailing list