Windows Vista doing PEAP
King, Michael
MKing at bridgew.edu
Thu Oct 19 23:55:53 CEST 2006
-----Original Message-----
>>Again, I have no idea why it's core dumping. It shouldn't be.
>>I don't have Vista, and I can't debug this issue myself. It's up to
you.
Should this line be like this?
DEBUG2("VISTA[%s:%s]: here", __FUNCTION__, __LINE__);
I have not coded in C (or C++) for 5 years.
I did some reading, and __LINE__ returns an integer (%d). Would that
cause a segfault, I figured it would just cause a compile error.
I changed __FUNCTION__ to __func__ and the second %s to %d, and the last
line in the patch, I removed the two %s%s which had no varibles.
I got this.. (The Patch worked)
=~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2006.10.19 17:52:44
=~=~=~=~=~=~=~=~=~=~=~=
clear/usr/sbin/freeradius -X
Starting - reading configuration files ...
reread_config: reading radiusd.conf
Config: including file: /etc/freeradius/proxy.conf
Config: including file: /etc/freeradius/clients.conf
Config: including file: /etc/freeradius/snmp.conf
Config: including file: /etc/freeradius/eap.conf
Config: including file: /etc/freeradius/sql.conf
main: prefix = "/usr"
main: localstatedir = "/var"
main: logdir = "/var/log/freeradius"
main: libdir = "/usr/lib/freeradius"
main: radacctdir = "/var/log/freeradius/radacct"
main: hostname_lookups = no
main: snmp = no
main: max_request_time = 30
main: cleanup_delay = 5
main: max_requests = 1280000
main: delete_blocked_requests = 0
main: port = 0
main: allow_core_dumps = no
main: log_stripped_names = no
main: log_file = "/var/log/freeradius/radius.log"
main: log_auth = yes
main: log_auth_badpass = no
main: log_auth_goodpass = no
main: pidfile = "/var/run/freeradius/freeradius.pid"
main: user = "freerad"
main: group = "freerad"
main: usercollide = no
main: lower_user = "no"
main: lower_pass = "no"
main: nospace_user = "no"
main: nospace_pass = "no"
main: checkrad = "/usr/sbin/checkrad"
main: proxy_requests = yes
proxy: retry_delay = 5
proxy: retry_count = 3
proxy: synchronous = no
proxy: default_fallback = yes
proxy: dead_time = 120
proxy: post_proxy_authorize = no
proxy: wake_all_if_all_dead = no
security: max_attributes = 200
security: reject_delay = 1
security: status_server = no
main: debug_level = 0
read_config_files: reading dictionary
read_config_files: reading naslist
Using deprecated naslist file. Support for this will go away soon.
read_config_files: reading clients
read_config_files: reading realms
radiusd: entering modules setup
Module: Library search path is /usr/lib/freeradius
Module: Loaded exec
exec: wait = yes
exec: program = "(null)"
exec: input_pairs = "request"
exec: output_pairs = "(null)"
exec: packet_type = "(null)"
rlm_exec: Wait=yes but no output defined. Did you mean output=none?
Module: Instantiated exec (exec)
Module: Loaded expr
Module: Instantiated expr (expr)
Module: Loaded PAP
pap: encryption_scheme = "crypt"
Module: Instantiated pap (pap)
Module: Loaded CHAP
Module: Instantiated chap (chap)
Module: Loaded MS-CHAP
mschap: use_mppe = yes
mschap: require_encryption = no
mschap: require_strong = no
mschap: with_ntdomain_hack = yes
mschap: passwd = "(null)"
mschap: ntlm_auth = "/usr/bin/ntlm_auth --request-nt-key
--username=%{mschap:User-Name} --challenge=%{mschap:Challenge}
--nt-response=%{mschap:NT-Response} "
Module: Instantiated mschap (mschap)
Module: Loaded System
unix: cache = no
unix: passwd = "(null)"
unix: shadow = "(null)"
unix: group = "(null)"
unix: radwtmp = "/var/log/freeradius/radwtmp"
unix: usegroup = no
unix: cache_reload = 600
Module: Instantiated unix (unix)
Module: Loaded eap
eap: default_eap_type = "peap"
eap: timer_expire = 60
eap: ignore_unknown_eap_types = no
eap: cisco_accounting_username_bug = no
rlm_eap: Loaded and initialized type md5
rlm_eap: Loaded and initialized type leap
gtc: challenge = "Password: "
gtc: auth_type = "PAP"
rlm_eap: Loaded and initialized type gtc
tls: rsa_key_exchange = no
tls: dh_key_exchange = yes
tls: rsa_key_length = 512
tls: dh_key_length = 512
tls: verify_depth = 0
tls: CA_path = "(null)"
tls: pem_file_type = yes
tls: private_key_file =
"/etc/freeradius/certs/rad2.campus.bridgew.edu.privkey.pem"
tls: certificate_file =
"/etc/freeradius/certs/rad2.campus.bridgew.edu.cer"
tls: CA_file = "/etc/freeradius/certs/IPS-IPSCABUNDLE.CRT"
tls: private_key_password = "(null)"
tls: dh_file = "/etc/freeradius/certs/dh"
tls: random_file = "/etc/freeradius/certs/random"
tls: fragment_size = 1024
tls: include_length = yes
tls: check_crl = no
tls: check_cert_cn = "(null)"
tls: cipher_list = "(null)"
tls: check_cert_issuer = "(null)"
rlm_eap_tls: Loading the certificate file as a chain
rlm_eap: Loaded and initialized type tls
ttls: default_eap_type = "md5"
ttls: copy_request_to_tunnel = no
ttls: use_tunneled_reply = no
rlm_eap: Loaded and initialized type ttls
peap: default_eap_type = "mschapv2"
peap: copy_request_to_tunnel = no
peap: use_tunneled_reply = no
peap: proxy_tunneled_request_as_eap = yes
rlm_eap: Loaded and initialized type peap
mschapv2: with_ntdomain_hack = no
rlm_eap: Loaded and initialized type mschapv2
Module: Instantiated eap (eap)
Module: Loaded preprocess
preprocess: huntgroups = "/etc/freeradius/huntgroups"
preprocess: hints = "/etc/freeradius/hints"
preprocess: with_ascend_hack = no
preprocess: ascend_channels_per_line = 23
preprocess: with_ntdomain_hack = no
preprocess: with_specialix_jetstream_hack = no
preprocess: with_cisco_vsa_hack = no
preprocess: with_alvarion_vsa_hack = no
Module: Instantiated preprocess (preprocess)
Module: Loaded realm
realm: format = "suffix"
realm: delimiter = "@"
realm: ignore_default = no
realm: ignore_null = no
Module: Instantiated realm (suffix)
Module: Loaded files
files: usersfile = "/etc/freeradius/users"
files: acctusersfile = "/etc/freeradius/acct_users"
files: preproxy_usersfile = "/etc/freeradius/preproxy_users"
files: compat = "no"
Module: Instantiated files (files)
Module: Loaded Acct-Unique-Session-Id
acct_unique: key = "User-Name, Acct-Session-Id, NAS-IP-Address,
Client-IP-Address, NAS-Port"
Module: Instantiated acct_unique (acct_unique)
Module: Loaded detail
detail: detailfile =
"/var/log/freeradius/radacct/%{Client-IP-Address}/detail-%Y%m%d"
detail: detailperm = 384
detail: dirperm = 493
detail: locking = no
Module: Instantiated detail (detail)
Module: Loaded radutmp
radutmp: filename = "/var/log/freeradius/radutmp"
radutmp: username = "%{User-Name}"
radutmp: case_sensitive = yes
radutmp: check_with_nas = yes
radutmp: perm = 384
radutmp: callerid = yes
Module: Instantiated radutmp (radutmp)
Listening on authentication *:1812
Listening on accounting *:1813
Ready to process requests.
rad_recv: Access-Request packet from host 10.0.1.12:32769, id=190,
length=179
User-Name = "BSC\\mking"
Calling-Station-Id = "00-13-02-1B-4F-01"
Called-Station-Id = "00-0B-85-5B-55-A0:test"
NAS-Port = 29
NAS-IP-Address = 10.0.1.12
NAS-Identifier = "BUWISM1-2"
Airespace-Wlan-Id = 7
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "4000"
EAP-Message = 0x0205000e014253435c6d6b696e67
Message-Authenticator = 0xe8ef97a7540606cbd99f433e66af4f2d
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
modcall[authorize]: module "preprocess" returns ok for request 0
modcall[authorize]: module "chap" returns noop for request 0
modcall[authorize]: module "mschap" returns noop for request 0
rlm_realm: No '@' in User-Name = "BSC\mking", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 0
rlm_eap: EAP packet type response id 5 length 14
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 0
users: Matched entry DEFAULT at line 152
users: Matched entry DEFAULT at line 171
modcall[authorize]: module "files" returns ok for request 0
modcall: leaving group authorize (returns updated) for request 0
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 0
rlm_eap: EAP Identity
rlm_eap: processing type tls
rlm_eap_tls: Initiate
rlm_eap_tls: Start returned 1
VISTA[eap_authenticate:341]: here
VISTA[eap_compose:475]: reply->id 5
VISTA[eap_compose:476]: reply->code 1
VISTA[eap_compose:514]: eap->request->code 1
VISTA[eap_compose:515]: eap->request->type.type 0
VISTA[eap_compose:516]: handler->eap_type 25
VISTA[eap_compose:523]: Setting EAP type
VISTA]: rcode 3
modcall[authenticate]: module "eap" returns handled for request 0
modcall: leaving group authenticate (returns handled) for request 0
Sending Access-Challenge of id 190 to 10.0.1.12 port 32769
Framed-IP-Address = 255.255.255.254
Framed-MTU = 576
Service-Type = Framed-User
EAP-Message = 0x010600061920
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x6a58879f717b5616d92188ef0508bf15
Finished request 0
Going to the next request
--- Walking the entire request list ---
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 10.0.1.12:32769, id=191,
length=303
User-Name = "BSC\\mking"
Calling-Station-Id = "00-13-02-1B-4F-01"
Called-Station-Id = "00-0B-85-5B-55-A0:test"
NAS-Port = 29
NAS-IP-Address = 10.0.1.12
NAS-Identifier = "BUWISM1-2"
Airespace-Wlan-Id = 7
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "4000"
EAP-Message =
0x0206007819800000006e16030100690100006503014537f3e34070df7f383882e6da6c
989a8dfdfc864b8d598806640919f33d4ed1000018002f00350005000ac009c00ac013c0
140032003800130004010000240000000e000c0000096273635c6d6b696e67000a000800
06001700180019000b00020100
State = 0x6a58879f717b5616d92188ef0508bf15
Message-Authenticator = 0x1152ca164579e5ab619574036ee4f556
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 1
modcall[authorize]: module "preprocess" returns ok for request 1
modcall[authorize]: module "chap" returns noop for request 1
modcall[authorize]: module "mschap" returns noop for request 1
rlm_realm: No '@' in User-Name = "BSC\mking", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 1
rlm_eap: EAP packet type response id 6 length 120
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 1
users: Matched entry DEFAULT at line 152
users: Matched entry DEFAULT at line 171
modcall[authorize]: module "files" returns ok for request 1
modcall: leaving group authorize (returns updated) for request 1
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 1
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
rlm_eap_tls: Length Included
eaptls_verify returned 11
(other): before/accept initialization
TLS_accept: before/accept initialization
rlm_eap_tls: <<< TLS 1.0 Handshake [length 0069], ClientHello
TLS_accept: SSLv3 read client hello A
rlm_eap_tls: >>> TLS 1.0 Handshake [length 004a], ServerHello
TLS_accept: SSLv3 write server hello A
rlm_eap_tls: >>> TLS 1.0 Handshake [length 0f42], Certificate
TLS_accept: SSLv3 write certificate A
rlm_eap_tls: >>> TLS 1.0 Handshake [length 0004], ServerHelloDone
TLS_accept: SSLv3 write server done A
TLS_accept: SSLv3 flush data
TLS_accept:error in SSLv3 read client certificate A
rlm_eap: SSL error error:00000000:lib(0):func(0):reason(0)
In SSL Handshake Phase
In SSL Accept mode
eaptls_process returned 13
rlm_eap_peap: EAPTLS_HANDLED
VISTA[eap_authenticate:341]: here
VISTA[eap_compose:475]: reply->id 6
VISTA[eap_compose:476]: reply->code 1
VISTA[eap_compose:514]: eap->request->code 1
VISTA[eap_compose:515]: eap->request->type.type 0
VISTA[eap_compose:516]: handler->eap_type 25
VISTA[eap_compose:523]: Setting EAP type
VISTA]: rcode 3
modcall[authenticate]: module "eap" returns handled for request 1
modcall: leaving group authenticate (returns handled) for request 1
Sending Access-Challenge of id 191 to 10.0.1.12 port 32769
Framed-IP-Address = 255.255.255.254
Framed-MTU = 576
Service-Type = Framed-User
EAP-Message =
0x0107040a19c000000f9f160301004a0200004603014537f3e3454e6e5b0a00defd26c0
8739c97c3e2459f7f87ec363cd62dae679ca20a832eea17a17b98b7f63304706f5837ced
53e36c6c701cc8bcabb9628ddf7bcd002f001603010f420b000f3e000f3b00068d308206
89308205f2a0030201020203009187300d06092a864886f70d010105050030820112310b
3009060355040613024553311230100603550408130942617263656c6f6e613112301006
03550407130942617263656c6f6e6131293027060355040a132049505320436572746966
69636174696f6e20417574686f7269747920732e6c2e312e302c060355040a142567656e
6572
EAP-Message =
0x616c4069707363612e636f6d20432e492e462e2020422d423632323130363935312e30
2c060355040b1325697073434120434c41534541312043657274696669636174696f6e20
417574686f72697479312e302c06035504031325697073434120434c4153454131204365
7274696669636174696f6e20417574686f726974793120301e06092a864886f70d010901
161167656e6572616c4069707363612e636f6d301e170d3036303530343232313331345a
170d3038303530333232313331345a3081c3310b30090603550406130255533116301406
03550408130d4d617373616368757365747473311430120603550407130b427269646765
7761
EAP-Message =
0x74657231223020060355040a1319427269646765776174657220537461746520436f6c
6c656765311b3019060355040b131254656c65636f6d6d756e69636174696f6e73312030
1e06035504031317726164322e63616d7075732e627269646765772e6564753123302106
092a864886f70d010901161474656c65636f6d6d40627269646765772e65647530819f30
0d06092a864886f70d010101050003818d0030818902818100bafacc8f16e6686769b809
7698e2aeef926367d3d91ab2eb0110ca80f484c9c0ca3ce4eb11e92ffc968e9b585444c9
557738f9ae5839a7b1d10ece940548abb5def53f18be41dc5a5c83a0011481450cfeafcd
7a7e
EAP-Message =
0xd7ff87eb7e1ca346ee2a361e8093b98ba19c272f43d213c7d3f58847e6709ef86714eb
f0736a01d0f4c44d0203010001a38203373082033330090603551d130402300030110609
6086480186f8420101040403020640300b0603551d0f0404030203f830130603551d2504
0c300a06082b06010505070301301d0603551d0e04160414788bb22abb6e8a41d4a35b01
66a8047f0746d9b7301f0603551d230418301680140e0760d439c91b5b5d907b23c8d234
9d4a9a4639301f0603551d1104183016811474656c65636f6d6d40627269646765772e65
6475301c0603551d1204153013811167656e6572616c4069707363612e636f6d30720609
6086
EAP-Message = 0x480186f842010d046516634f7267616e697a6174696f
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x399395fb535f7b5376b204e0c52f389b
Finished request 1
Going to the next request
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 10.0.1.12:32769, id=192,
length=189
User-Name = "BSC\\mking"
Calling-Station-Id = "00-13-02-1B-4F-01"
Called-Station-Id = "00-0B-85-5B-55-A0:test"
NAS-Port = 29
NAS-IP-Address = 10.0.1.12
NAS-Identifier = "BUWISM1-2"
Airespace-Wlan-Id = 7
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "4000"
EAP-Message = 0x020700061900
State = 0x399395fb535f7b5376b204e0c52f389b
Message-Authenticator = 0x379f503b31ccc665f1cad05a000d91b0
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 2
modcall[authorize]: module "preprocess" returns ok for request 2
modcall[authorize]: module "chap" returns noop for request 2
modcall[authorize]: module "mschap" returns noop for request 2
rlm_realm: No '@' in User-Name = "BSC\mking", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 2
rlm_eap: EAP packet type response id 7 length 6
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 2
users: Matched entry DEFAULT at line 152
users: Matched entry DEFAULT at line 171
modcall[authorize]: module "files" returns ok for request 2
modcall: leaving group authorize (returns updated) for request 2
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 2
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
rlm_eap_tls: Received EAP-TLS ACK message
rlm_eap_tls: ack handshake fragment handler
eaptls_verify returned 1
eaptls_process returned 13
rlm_eap_peap: EAPTLS_HANDLED
VISTA[eap_authenticate:341]: here
VISTA[eap_compose:475]: reply->id 7
VISTA[eap_compose:476]: reply->code 1
VISTA[eap_compose:514]: eap->request->code 1
VISTA[eap_compose:515]: eap->request->type.type 0
VISTA[eap_compose:516]: handler->eap_type 25
VISTA[eap_compose:523]: Setting EAP type
VISTA]: rcode 3
modcall[authenticate]: module "eap" returns handled for request 2
modcall: leaving group authenticate (returns handled) for request 2
Sending Access-Challenge of id 192 to 10.0.1.12 port 32769
Framed-IP-Address = 255.255.255.254
Framed-MTU = 576
Service-Type = Framed-User
EAP-Message =
0x0108040619406e20496e666f726d6174696f6e204e4f542056414c4944415445442e20
434c41534541312053657276657220436572746966696361746520697373756564206279
2068747470733a2f2f7777772e69707363612e636f6d2f302f06096086480186f8420102
0422162068747470733a2f2f7777772e69707363612e636f6d2f6970736361323030322f
304306096086480186f84201040436163468747470733a2f2f7777772e69707363612e63
6f6d2f6970736361323030322f697073636132303032434c41534541312e63726c304606
096086480186f84201030439163768747470733a2f2f7777772e69707363612e636f6d2f
6970
EAP-Message =
0x736361323030322f7265766f636174696f6e434c41534541312e68746d6c3f30430609
6086480186f84201070436163468747470733a2f2f7777772e69707363612e636f6d2f69
70736361323030322f72656e6577616c434c41534541312e68746d6c3f30410609608648
0186f84201080434163268747470733a2f2f7777772e69707363612e636f6d2f69707363
61323030322f706f6c696379434c41534541312e68746d6c3081830603551d1f047c307a
3039a037a0358633687474703a2f2f7777772e69707363612e636f6d2f69707363613230
30322f697073636132303032434c41534541312e63726c303da03ba0398637687474703a
2f2f
EAP-Message =
0x7777776261636b2e69707363612e636f6d2f6970736361323030322f69707363613230
3032434c41534541312e63726c303206082b0601050507010104263024302206082b0601
05050730018616687474703a2f2f6f6373702e69707363612e636f6d2f300d06092a8648
86f70d0101050500038181002f3dd42c1e10181bdd0c69894e19e045c958fd430fc2fd52
9a6c0c19db08b7df43ee5b948d26f7dbcfe04d0ae488f7ecee9dbedc296722a33c0d0291
c1244aa67c913c4e2fe2cae9087971f71e42f5da2fb52f5288ed6d4ed3e5b47165d4ba89
fd3a37d2fd6de04ad2ac3bb0873f97626c50338a20d91ea129be3539037cf4e80005ea30
8205
EAP-Message =
0xe63082054fa0030201020203009018300d06092a864886f70d01010505003081a3310b
3009060355040613024553311230100603550408130942415243454c4f4e413112301006
03550407130942415243454c4f4e4131193017060355040a131049505320536567757269
64616420434131183016060355040b130f43657274696669636163696f6e657331173015
0603550403130e495053205345525649444f524553311e301c06092a864886f70d010901
160f697073406d61696c2e6970732e6573301e170d3031313233303133333631315a170d
3235313232393133333631315a30820112310b3009060355040613024553311230100603
5504
EAP-Message = 0x08130942617263656c6f6e61311230100603
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xc5baca98753fda4ad09de51d30999b60
Finished request 2
Going to the next request
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 10.0.1.12:32769, id=193,
length=189
User-Name = "BSC\\mking"
Calling-Station-Id = "00-13-02-1B-4F-01"
Called-Station-Id = "00-0B-85-5B-55-A0:test"
NAS-Port = 29
NAS-IP-Address = 10.0.1.12
NAS-Identifier = "BUWISM1-2"
Airespace-Wlan-Id = 7
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "4000"
EAP-Message = 0x020800061900
State = 0xc5baca98753fda4ad09de51d30999b60
Message-Authenticator = 0xe8f5fd61f9f1a9b0425cd24066c046f2
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 3
modcall[authorize]: module "preprocess" returns ok for request 3
modcall[authorize]: module "chap" returns noop for request 3
modcall[authorize]: module "mschap" returns noop for request 3
rlm_realm: No '@' in User-Name = "BSC\mking", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 3
rlm_eap: EAP packet type response id 8 length 6
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 3
users: Matched entry DEFAULT at line 152
users: Matched entry DEFAULT at line 171
modcall[authorize]: module "files" returns ok for request 3
modcall: leaving group authorize (returns updated) for request 3
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 3
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
rlm_eap_tls: Received EAP-TLS ACK message
rlm_eap_tls: ack handshake fragment handler
eaptls_verify returned 1
eaptls_process returned 13
rlm_eap_peap: EAPTLS_HANDLED
VISTA[eap_authenticate:341]: here
VISTA[eap_compose:475]: reply->id 8
VISTA[eap_compose:476]: reply->code 1
VISTA[eap_compose:514]: eap->request->code 1
VISTA[eap_compose:515]: eap->request->type.type 0
VISTA[eap_compose:516]: handler->eap_type 25
VISTA[eap_compose:523]: Setting EAP type
VISTA]: rcode 3
modcall[authenticate]: module "eap" returns handled for request 3
modcall: leaving group authenticate (returns handled) for request 3
Sending Access-Challenge of id 193 to 10.0.1.12 port 32769
Framed-IP-Address = 255.255.255.254
Framed-MTU = 576
Service-Type = Framed-User
EAP-Message =
0x010904061940550407130942617263656c6f6e6131293027060355040a132049505320
43657274696669636174696f6e20417574686f7269747920732e6c2e312e302c06035504
0a142567656e6572616c4069707363612e636f6d20432e492e462e2020422d4236323231
30363935312e302c060355040b1325697073434120434c41534541312043657274696669
636174696f6e20417574686f72697479312e302c06035504031325697073434120434c41
534541312043657274696669636174696f6e20417574686f726974793120301e06092a86
4886f70d010901161167656e6572616c4069707363612e636f6d30819f300d06092a8648
86f7
EAP-Message =
0x0d010101050003818d0030818902818100a6f57366361da32f4fad2ad8ef0ca64befa7
1bacf7f246171bb202ab3e11898c6aa80fd8631499d71fbcb22768026ef43089ebadeb41
dcb44206fa481f138c64df872dc714d4a783e4723b32ead34d793165050933812b6ee636
ad211133362b68cabe432c37b73d69163be59dbe32a7d5df4a80fcda7370aad928822f68
bbb10203010001a38202b4308202b0300c0603551d13040530030101ff30110609608648
0186f8420101040403020007300c0603551d0f0405030307ff80306b0603551d25046430
6206082b0601050507030106082b0601050507030206082b0601050507030306082b0601
0505
EAP-Message =
0x07030406082b06010505070308060a2b060104018237020115060a2b06010401823702
0116060a2b0601040182370a0301060a2b0601040182370a0304301d0603551d0e041604
140e0760d439c91b5b5d907b23c8d2349d4a9a46393081ba0603551d230481b23081afa1
81a9a481a63081a3310b3009060355040613024553311230100603550408130942415243
454c4f4e41311230100603550407130942415243454c4f4e4131193017060355040a1310
4950532053656775726964616420434131183016060355040b130f436572746966696361
63696f6e6573311730150603550403130e495053205345525649444f524553311e301c06
092a
EAP-Message =
0x864886f70d010901160f697073406d61696c2e6970732e6573820100301c0603551d11
04153013811167656e6572616c4069707363612e636f6d30090603551d12040230003043
06096086480186f842010d04361634434c41534541312043412043657274696669636174
65206973737565642062792068747470733a2f2f7777772e6970732e65732f3022060960
86480186f84201020415161368747470733a2f2f7777772e6970732e65732f3073060355
1d1f046c306a3031a02fa02d862b68747470733a2f2f7777772e6970732e65732f63726c
2f6970735345525649444f52455363726c2e63726c3035a033a031862f68747470733a2f
2f77
EAP-Message = 0x77776261636b2e6970732e65732f63726c2f
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x8e4448f009c6178344b4f186125a3a4c
Finished request 3
Going to the next request
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 10.0.1.12:32769, id=194,
length=189
User-Name = "BSC\\mking"
Calling-Station-Id = "00-13-02-1B-4F-01"
Called-Station-Id = "00-0B-85-5B-55-A0:test"
NAS-Port = 29
NAS-IP-Address = 10.0.1.12
NAS-Identifier = "BUWISM1-2"
Airespace-Wlan-Id = 7
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "4000"
EAP-Message = 0x020900061900
State = 0x8e4448f009c6178344b4f186125a3a4c
Message-Authenticator = 0xe452b64d08b70a932153d982511e0d12
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 4
modcall[authorize]: module "preprocess" returns ok for request 4
modcall[authorize]: module "chap" returns noop for request 4
modcall[authorize]: module "mschap" returns noop for request 4
rlm_realm: No '@' in User-Name = "BSC\mking", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 4
rlm_eap: EAP packet type response id 9 length 6
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 4
users: Matched entry DEFAULT at line 152
users: Matched entry DEFAULT at line 171
modcall[authorize]: module "files" returns ok for request 4
modcall: leaving group authorize (returns updated) for request 4
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 4
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
rlm_eap_tls: Received EAP-TLS ACK message
rlm_eap_tls: ack handshake fragment handler
eaptls_verify returned 1
eaptls_process returned 13
rlm_eap_peap: EAPTLS_HANDLED
VISTA[eap_authenticate:341]: here
VISTA[eap_compose:475]: reply->id 9
VISTA[eap_compose:476]: reply->code 1
VISTA[eap_compose:514]: eap->request->code 1
VISTA[eap_compose:515]: eap->request->type.type 0
VISTA[eap_compose:516]: handler->eap_type 25
VISTA[eap_compose:523]: Setting EAP type
VISTA]: rcode 3
modcall[authenticate]: module "eap" returns handled for request 4
modcall: leaving group authenticate (returns handled) for request 4
Sending Access-Challenge of id 194 to 10.0.1.12 port 32769
Framed-IP-Address = 255.255.255.254
Framed-MTU = 576
Service-Type = Framed-User
EAP-Message =
0x010a03a519006970735345525649444f52455363726c2e63726c302f06082b06010505
07010104233021301f06082b060105050730018613687474703a2f2f6f6373702e697073
2e45532f300d06092a864886f70d01010505000381810027054a0c74c9145dc875c8deee
890c631e1f0184c702cb19d791c8dd3ecfb0c8f3f592b5548254621f32eb80a17d56f1e4
e7285926a47df0ca2d31c6c9f3709dc1cf5e26a4efb212e788e81985ed80e43902688763
a9133c6cf5456a22ce9656075fa6a3ee370a6e928b9e40de143019289390b7f3fcb54ef2
f7960ebb1094d40002bb308202b730820220020100300d06092a864886f70d0101040500
3081
EAP-Message =
0xa3310b3009060355040613024553311230100603550408130942415243454c4f4e4131
1230100603550407130942415243454c4f4e4131193017060355040a1310495053205365
6775726964616420434131183016060355040b130f43657274696669636163696f6e6573
311730150603550403130e495053205345525649444f524553311e301c06092a864886f7
0d010901160f697073406d61696c2e6970732e6573301e170d3938303130313233323130
375a170d3039313232393233323130375a3081a3310b3009060355040613024553311230
100603550408130942415243454c4f4e41311230100603550407130942415243454c4f4e
4131
EAP-Message =
0x193017060355040a13104950532053656775726964616420434131183016060355040b
130f43657274696669636163696f6e6573311730150603550403130e4950532053455256
49444f524553311e301c06092a864886f70d010901160f697073406d61696c2e6970732e
657330819f300d06092a864886f70d010101050003818d0030818902818100ac4f52749f
39ea8edc25c4bc985d986424093c21b3cc19b58e948e87d1f8373ea1c82d58a480355ba1
756c1d450c1f61636a5e6f9b0a4cc1c8b861233581fffeac78702d68e13a0798950254dd
cd23b78053d7c8374572062412ba1361218a6e7528e0c50f34fd36d8457fe1b836efb3e1
c620
EAP-Message =
0x8ee8b438bce13ef611de8c9d010203010001300d06092a864886f70d01010405000381
81002cf3c3795824dec63bd1e04269b8ee64b33d6201b9b384df237ddd98cf10a9fe00d8
22960513075457c5a7decbd9b88842f699db14771fb6fe253de1a23e03a981d22d6c47f5
96468c22abc8cc0d0e975e8b41b43bc40a06401ddd46f401ddba822e3c3d78709e7c18d0
abf8b877074671f1ca0b635c6af97294d5014fa0db4216030100040e000000
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x0259cf5b7108504dc773820306112957
Finished request 4
Going to the next request
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 10.0.1.12:32769, id=195,
length=391
User-Name = "BSC\\mking"
Calling-Station-Id = "00-13-02-1B-4F-01"
Called-Station-Id = "00-0B-85-5B-55-A0:test"
NAS-Port = 29
NAS-IP-Address = 10.0.1.12
NAS-Identifier = "BUWISM1-2"
Airespace-Wlan-Id = 7
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "4000"
EAP-Message =
0x020a00d01980000000c616030100861000008200800c7a24a3d7f670a56ae0b1bfdee8
6f18da2f6dee934bc3c311bb4d49b40ae399b8238aaa42031231dd81d16fa2d80c8a7c87
74147ebd1d9e06921938f4da10e830bedadc4c3c9b998e599da0007c71def67db2756ec4
6ee55ed7996565e41c3e663fb5a23f4ae4cd4a95a51fb1e22e4126d537df741195717728
cbe240b422ff14030100010116030100305d5ade80b1d7bdeba4be62be65b74a255f625c
75630efce8a2ed9c07a596eb49c770536e996c0dbeeec10cd1d2ee30dc
State = 0x0259cf5b7108504dc773820306112957
Message-Authenticator = 0x374248fb2c533feb42110fae8d52493f
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 5
modcall[authorize]: module "preprocess" returns ok for request 5
modcall[authorize]: module "chap" returns noop for request 5
modcall[authorize]: module "mschap" returns noop for request 5
rlm_realm: No '@' in User-Name = "BSC\mking", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 5
rlm_eap: EAP packet type response id 10 length 208
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 5
users: Matched entry DEFAULT at line 152
users: Matched entry DEFAULT at line 171
modcall[authorize]: module "files" returns ok for request 5
modcall: leaving group authorize (returns updated) for request 5
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 5
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
rlm_eap_tls: Length Included
eaptls_verify returned 11
rlm_eap_tls: <<< TLS 1.0 Handshake [length 0086], ClientKeyExchange
TLS_accept: SSLv3 read client key exchange A
rlm_eap_tls: <<< TLS 1.0 ChangeCipherSpec [length 0001]
rlm_eap_tls: <<< TLS 1.0 Handshake [length 0010], Finished
TLS_accept: SSLv3 read finished A
rlm_eap_tls: >>> TLS 1.0 ChangeCipherSpec [length 0001]
TLS_accept: SSLv3 write change cipher spec A
rlm_eap_tls: >>> TLS 1.0 Handshake [length 0010], Finished
TLS_accept: SSLv3 write finished A
TLS_accept: SSLv3 flush data
(other): SSL negotiation finished successfully
rlm_eap: SSL error error:00000000:lib(0):func(0):reason(0)
SSL Connection Established
eaptls_process returned 13
rlm_eap_peap: EAPTLS_HANDLED
VISTA[eap_authenticate:341]: here
VISTA[eap_compose:475]: reply->id 10
VISTA[eap_compose:476]: reply->code 1
VISTA[eap_compose:514]: eap->request->code 1
VISTA[eap_compose:515]: eap->request->type.type 0
VISTA[eap_compose:516]: handler->eap_type 25
VISTA[eap_compose:523]: Setting EAP type
VISTA]: rcode 3
modcall[authenticate]: module "eap" returns handled for request 5
modcall: leaving group authenticate (returns handled) for request 5
Sending Access-Challenge of id 195 to 10.0.1.12 port 32769
Framed-IP-Address = 255.255.255.254
Framed-MTU = 576
Service-Type = Framed-User
EAP-Message =
0x010b004119001403010001011603010030263cf9a0d40f3916cc2875a89475bba2943f
4e7aff9be5f0a89ed96e17ce1bd7e03ca1801ff9f39856b8012ea86741c3
Message-Authenticator = 0x00000000000000000000000000000000
State = 0xde18ef11757232719579055a046a93a6
Finished request 5
Going to the next request
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 10.0.1.12:32769, id=196,
length=189
User-Name = "BSC\\mking"
Calling-Station-Id = "00-13-02-1B-4F-01"
Called-Station-Id = "00-0B-85-5B-55-A0:test"
NAS-Port = 29
NAS-IP-Address = 10.0.1.12
NAS-Identifier = "BUWISM1-2"
Airespace-Wlan-Id = 7
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "4000"
EAP-Message = 0x020b00061900
State = 0xde18ef11757232719579055a046a93a6
Message-Authenticator = 0xa8695b4f4d3b92922083d0d694b7ea3a
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 6
modcall[authorize]: module "preprocess" returns ok for request 6
modcall[authorize]: module "chap" returns noop for request 6
modcall[authorize]: module "mschap" returns noop for request 6
rlm_realm: No '@' in User-Name = "BSC\mking", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 6
rlm_eap: EAP packet type response id 11 length 6
rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
modcall[authorize]: module "eap" returns updated for request 6
users: Matched entry DEFAULT at line 152
users: Matched entry DEFAULT at line 171
modcall[authorize]: module "files" returns ok for request 6
modcall: leaving group authorize (returns updated) for request 6
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 6
rlm_eap: Request found, released from the list
rlm_eap: EAP/peap
rlm_eap: processing type peap
rlm_eap_peap: Authenticate
rlm_eap_tls: processing TLS
rlm_eap_tls: Received EAP-TLS ACK message
rlm_eap_tls: ack handshake is finished
eaptls_verify returned 3
eaptls_process returned 3
rlm_eap_peap: EAPTLS_SUCCESS
VISTA[eap_authenticate:341]: here
VISTA[eap_compose:475]: reply->id 11
VISTA[eap_compose:476]: reply->code 1
VISTA[eap_compose:514]: eap->request->code 1
VISTA[eap_compose:515]: eap->request->type.type 0
VISTA[eap_compose:516]: handler->eap_type 25
VISTA[eap_compose:523]: Setting EAP type
VISTA]: rcode 3
modcall[authenticate]: module "eap" returns handled for request 6
modcall: leaving group authenticate (returns handled) for request 6
Sending Access-Challenge of id 196 to 10.0.1.12 port 32769
Framed-IP-Address = 255.255.255.254
Framed-MTU = 576
Service-Type = Framed-User
EAP-Message =
0x010c005019001703010020388d4e0c86f5e81f5a3a12f8825aec1acbee45a540b156f7
9f8efebe31feed55170301002068620450a5430daa5f41ec40e12ab73f37589158a5fcce
083d35319c3915097f
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x536badba63aaca35ec5cdf3002f3b1fb
Finished request 6
Going to the next request
Waking up in 6 seconds...
--- Walking the entire request list ---
Cleaning up request 0 ID 190 with timestamp 4537f3e3
Cleaning up request 1 ID 191 with timestamp 4537f3e3
Cleaning up request 2 ID 192 with timestamp 4537f3e3
Cleaning up request 3 ID 193 with timestamp 4537f3e3
Cleaning up request 4 ID 194 with timestamp 4537f3e3
Cleaning up request 5 ID 195 with timestamp 4537f3e3
Cleaning up request 6 ID 196 with timestamp 4537f3e3
Nothing to do. Sleeping until we see a request.
rad2:/home/mking#
More information about the Freeradius-Users
mailing list