Freeradius-Users Digest, Vol 17, Issue 8

Peter Nixon listuser at peternixon.net
Mon Sep 4 12:46:24 CEST 2006


There have not been any problems posting to the list for the last couple of 
weeks that I know of..

-Peter

On Mon 04 Sep 2006 04:24, Ravi S M wrote:
> Hi Alan DeKok
>
> Thanks for Answers, actually I was replied for your questions but those
> were bouncing back. So you have mistaken. Any how sorry for that.
>
> Thanks & Regards
>
> Ravi
>
> -----Original Message-----
> From:
> freeradius-users-bounces+smravi=techmahindra.com at lists.freeradius.or.g
> [mailto:freeradius-users-bounces+smravi=techmahindra.com at lists.freeradius.o
>r.g] On Behalf Of freeradius-users-request at lists.freeradius.org Sent:
> Saturday, September 02, 2006 10:08 PM
> To: freeradius-users at lists.freeradius.org
> Subject: Freeradius-Users Digest, Vol 17, Issue 8
>
> Send Freeradius-Users mailing list submissions to
> 	freeradius-users at lists.freeradius.org
>
> To subscribe or unsubscribe via the World Wide Web, visit
> 	http://lists.freeradius.org/mailman/listinfo/freeradius-users
> or, via email, send a message with subject or body 'help' to
> 	freeradius-users-request at lists.freeradius.org
>
> You can reach the person managing the list at
> 	freeradius-users-owner at lists.freeradius.org
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of Freeradius-Users digest..."
>
>
> Today's Topics:
>
>    1. Re: Everything lookslike it works, but PC is not authentified
>       (Alexandros Gougousoudis)
>    2. Re: Everything lookslike it works, but PC is not authentified
>       (Alexandros Gougousoudis)
>    3. Regarding handling of threads (Ravi S M)
>    4. Re: Everything lookslike it works, but PC is not authentified
>       (Alan DeKok)
>    5. Re: Regarding handling of threads  (Alan DeKok)
>    6. Proxy IP Address (Doug Hardie)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Sat, 02 Sep 2006 12:58:48 +0200
> From: Alexandros Gougousoudis <gougousoudis at kh-berlin.de>
> Subject: Re: Everything lookslike it works, but PC is not authentified
> To: FreeRadius users mailing list
> 	<freeradius-users at lists.freeradius.org>
> Message-ID: <44F963E8.6060803 at kh-berlin.de>
> Content-Type: text/plain; charset=ISO-8859-15; format=flowed
>
> Hi,
>
> Stefan Winter schrieb:
> > this list, is that the server cert doesn't have the MS TLS Web Server
> > Authentication OID in the cert. Please read the various documentation
> > about
>
> Nope, the cert has this extension. I checked that again and again.
> Server is in DNS and the CN of the cert is the FQDN of the server. The
> CN of the PC is the netbios-name. Both certs have their extenstion
> (Webserver and Client). Maybe it's something else?
>
> TIA
>   Alex
>
>
> --
> ServiceCenter IT - Alexandros Gougousoudis (Leiter)
>
> Gemeinsame Einrichtung der Kunsthochschule Berlin-Weissensee, Hochschule
> für Musik "Hanns Eisler" und der Hochschule für Schauspielkunst "Ernst
> Busch".
>
> Tel.: 030 / 477 05 - 444 * Fax.: 030 / 477 05 - 445
>
>
>
> ------------------------------
>
> Message: 2
> Date: Sat, 02 Sep 2006 13:03:29 +0200
> From: Alexandros Gougousoudis <gougousoudis at kh-berlin.de>
> Subject: Re: Everything lookslike it works, but PC is not authentified
> To: FreeRadius users mailing list
> 	<freeradius-users at lists.freeradius.org>
> Message-ID: <44F96501.5070700 at kh-berlin.de>
> Content-Type: text/plain; charset=ISO-8859-1; format=flowed
>
> Hi,
>
> K. Hoercher schrieb:
> > 1. Don't set Auth-Type. See
> > http://deployingradius.com/documents/configuration/auth_type.html
>
> Thanks to your reply. The problem is, there are now a lot of partial
> howtos in the net, but not even one covers all. I did that, because it
> was in an howto... I'll try something else.
>
> and finally what the supplicant sends. What is "host/vinfo-t1"
>
> > supposed to be?
>
> vinfo-t1 is the netbiosname of the client, the realm(?) host/ comes from
> Windows or the AP, I don't know. Probably it breaks the cert, because
> the name differs and this bothers EAP/TLS. But I don't know how to
> handle or shorten this. Maybe somebody has a good idea to handle that.
>
> TIA Alex
>
> --
> ServiceCenter IT - Alexandros Gougousoudis (Leiter)
>
> Gemeinsame Einrichtung der Kunsthochschule Berlin-Weissensee, Hochschule
> für Musik "Hanns Eisler" und der Hochschule für Schauspielkunst "Ernst
> Busch".
>
> Tel.: 030 / 477 05 - 444 * Fax.: 030 / 477 05 - 445
>
>
>
> ------------------------------
>
> Message: 3
> Date: Sat, 2 Sep 2006 16:53:32 +0530
> From: "Ravi S M" <smravi at TechMahindra.com>
> Subject: Regarding handling of threads
> To: <freeradius-users at lists.freeradius.org>
> Cc: aland at deployingradius.com
> Message-ID:
> 	<1BC030D8DE6BC042B3F33EE14CA2B8FA03158BD9 at SINPUNEX002.TechMahindra.com>
>
> Content-Type: text/plain; charset="us-ascii"
>
>
> Hi
>
>
>
> I have some doubts regarding free radius server.
>
>
>
> 1)       When we run server parent exits by spawning a child to handle
> client's requests, so during this time purify also exits but shows 95
> leaks. (leak report shows from "src/main/modules.c" from line num "207")
>
>
>
> *         My doubt is whether these leaks which are shown with purify
> are freed in child or how these leaks get rid off??
>
> *         Or when parents calls exit(0), do all memory are freed ??
>
>
>
> 2)       For handling multiple requests, is threads implemented? If so
> how?
>
> 3)       If threads are not implemented how multiple requests are
> handled?
>
>
>
>
>
> Please I am grateful if you can provide some information.
>
>
>
> Thanks & Regards
>
>
>
> Ravi.S.M
>
>
>
>
>
>
>
>
>
> ===========================================================================
>=================================================
>
> Tech Mahindra, formerly Mahindra-British Telecom.
>
> Disclaimer:
>
> This message and the information contained herein is proprietary and
> confidential and subject to the Tech Mahindra policy statement, you may
> review at <a
> href="http://www.techmahindra.com/Disclaimer.html">http://www.techmahindra.
>com/Disclaimer.html</a> externally and <a
> href="http://tim.techmahindra.com/Disclaimer.html">http://tim.techmahindra.
>com/Disclaimer.html</a> internally within Tech Mahindra.
>
> ===========================================================================
>================================================= -------------- next part
> --------------
> An HTML attachment was scrubbed...
> URL:
> https://list.xs4all.nl/pipermail/freeradius-users/attachments/20060902/ca7a
>e9fa/attachment-0001.html
>
> ------------------------------
>
> Message: 4
> Date: Sat, 02 Sep 2006 10:11:42 -0400
> From: "Alan DeKok" <aland at deployingradius.com>
> Subject: Re: Everything lookslike it works, but PC is not authentified
>
> To: FreeRadius users mailing list
> 	<freeradius-users at lists.freeradius.org>
> Message-ID: <20060902141143.1412716CBC at mail.nitros9.org>
>
> Alexandros Gougousoudis <gougousoudis at kh-berlin.de> wrote:
> > vinfo-t1 is the netbiosname of the client, the realm(?) host/ comes from
> > Windows or the AP, I don't know. Probably it breaks the cert, because
> > the name differs and this bothers EAP/TLS. But I don't know how to
> > handle or shorten this. Maybe somebody has a good idea to handle that.
>
>   It looks like it is doing machine authentication, in which case the
> certs (both client and server) need the machine authentication OIDs,
> and not the normal user OIDs.  From the CVS head version of
> 'xpextensions':
>
> #
> #  Add this to the PKCS#7 keybag attributes holding the client's private
> key #  for machine authentication.
> #
> #  the presence of this OID tells Windows XP that the cert is intended
> #  for use by the computer itself, and not by an end-user.
> #
> #  The other solution is to use Microsoft's web certificate server
> #  to generate these certs.
> #
> # 1.3.6.1.4.1.311.17.2
>
>
>   Alan DeKok.
> --
>   http://deployingradius.com       - The web site of the book
>   http://deployingradius.com/blog/ - The blog
>
>
> ------------------------------
>
> Message: 5
> Date: Sat, 02 Sep 2006 10:14:09 -0400
> From: "Alan DeKok" <aland at deployingradius.com>
> Subject: Re: Regarding handling of threads
> To: FreeRadius users mailing list
> 	<freeradius-users at lists.freeradius.org>
> Message-ID: <20060902141409.7F04016CBC at mail.nitros9.org>
>
> "Ravi S M" <smravi at TechMahindra.com> wrote:
> > 1)       When we run server parent exits by spawning a child to handle
> > client's requests, so during this time purify also exits but shows 95
> > leaks. (leak report shows from "src/main/modules.c" from line num "207")
>
>   If the "leaks" happen when the program exits, they are not really
> leaks.
>
> > *         My doubt is whether these leaks which are shown with purify
> > are freed in child or how these leaks get rid off??
>
>   They are not leaked in the child, because the child is still using
> that memory.
>
> > *         Or when parents calls exit(0), do all memory are freed ??
>
>   That's how operating systems work.
>
> > 2)       For handling multiple requests, is threads implemented? If so
> > how?
>
>   Uh... go read the source code.
>
> > Please I am grateful if you can provide some information.
>
>   I think I'll stop responding to your messages.  You haven't
> responded to any of my questions, so there's no point in me continuing.
>
>   Alan DeKok.
> --
>   http://deployingradius.com       - The web site of the book
>   http://deployingradius.com/blog/ - The blog
>
>
> ------------------------------
>
> Message: 6
> Date: Sat, 2 Sep 2006 09:18:53 -0700
> From: Doug Hardie <bc979 at lafn.org>
> Subject: Proxy IP Address
> To: FreeRadius users mailing list
> 	<freeradius-users at lists.freeradius.org>
> Message-ID: <0CEF26E0-5062-4809-907E-C8BA3C5A6571 at lafn.org>
> Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed
>
> I have a situation where all my authentication requests are proxied
> to me.  I have 4 different groups of users that require unique local
> polieies and have been using a fairly complicated parsing of the
> Called ID phone number and a couple other fields to figure out which
> group a request is in.  However, I just found out that each of the 4
> groups is being proxied through different proxy servers.  It would be
> real easy to distinguish the group from the IP address that the proxy
> request is being sent from.  However, I have not been able to find a
> variable that contains that information.  Have I missed it?
>
>
> ------------------------------
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
>
> End of Freeradius-Users Digest, Vol 17, Issue 8
> ***********************************************
>
> ===========================================================================
>=================================================
>
> Tech Mahindra, formerly Mahindra-British Telecom.
>
> Disclaimer:
>
> This message and the information contained herein is proprietary and
> confidential and subject to the Tech Mahindra policy statement, you may
> review at <a
> href="http://www.techmahindra.com/Disclaimer.html">http://www.techmahindra.
>com/Disclaimer.html</a> externally and <a
> href="http://tim.techmahindra.com/Disclaimer.html">http://tim.techmahindra.
>com/Disclaimer.html</a> internally within Tech Mahindra.
>
> ===========================================================================
>=================================================
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html

-- 

Peter Nixon
http://www.peternixon.net/
PGP Key: http://www.peternixon.net/public.asc
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20060904/0bfb6c9a/attachment.pgp>


More information about the Freeradius-Users mailing list