terminating EAP tunnels, proxy and realms

Arran Cudbard-Bell A.Cudbard-Bell at sussex.ac.uk
Sun Jun 24 13:52:33 CEST 2007 

Alan DeKok wrote:
> Arran Cudbard-Bell wrote:
>   
>> So the eap module extracts the attributes encoded in the eap message ? I 
>> can see that working for EAP GTC and EAP PAP but not MschapV2 ?
>>     
>
>   It works for GTC, PAP, and MS-CHAPv2.  The server can terminate PEAP,
> and proxy the inner EAP-MSCHAPv2 session as plain MS-CHAPv2.
>
>   With the new virtual server support, it's now possible to have the
> inner tunnel session run through it's own virtual server, independent of
> the outer tunnel session.  Just set "Virtual-Server = foo" via "update
> control", and the inner tunnel session will be run through "server foo".
>
>   30 lines of code changed: incredible new flexibility.
>   
>   Alan DeKok.
> - 
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>   

Yes :)

I was just looking at the protocol filters, they look interesting and 
will make a lot of people on the list happy ...

Just finished building on my 32bit machine and ..

++? if ("%{NAS-IP-Address}" == "127.0.0.1") -> TRUE
++- entering if ("%{NAS-IP-Address}" == "127.0.0.1")
        expand: %{Packet-Src-IP-Address} -> 139.184.14.161
Segmentation fault

*sigh*

bt

radius_update_attrlist (request=0x80280840, cs=0x8004c798, 
input_vps=0x8016bc60, name=0x8004c7f0 "request")
    at evaluate.c:854
854                             if ((from_list[i]->operator == T_OP_EQ) ||
(gdb) bt
#0  radius_update_attrlist (request=0x80280840, cs=0x8004c798, 
input_vps=0x8016bc60, name=0x8004c7f0 "request")
    at evaluate.c:854
#1  0x80014afa in modcall (component=1, c=0x8016bdb0, 
request=0x80280840) at modcall.c:396
#2  0x8001141a in indexed_modcall (space=<value optimized out>, comp=1, 
idx=0, request=0x80280840) at modules.c:413
#3  0x80006c30 in rad_authenticate (request=0x80280840) at auth.c:540
#4  0x8001f096 in radius_handle_request (request=0x80280840, 
fun=0x80006b10 <rad_authenticate>) at event.c:2174
#5  0x80019fe6 in thread_pool_addrequest (request=0x80280840, 
fun=0x80006b10 <rad_authenticate>) at threads.c:836
#6  0x80015c5f in main (argc=2, argv=0xbfb42524) at radiusd.c:716

Same as on the apples !!!

Are you compiling with GCC ?

If you are compiling on GCC with the default configuration options ... 
then it can only be my config ... it's the only constant... and a bug in 
a source *somewhere*, just in a very obscure place. :\

Would you like the core dumps from the 32bit machine ?

---
Arran

More information about the Freeradius-Users mailing list