Freeradius-Users Digest, Vol 40, Issue 68

Venkat venkatlkmula at gmail.com
Sat Aug 16 00:12:07 CEST 2008


What is in this entry:

users: Matched entry test100 at line 172

we are using the 'users' file to authenticate the clients and in the file
'users' we are defining the clients.

please find the attached 'users' file which is at "/usr/local/etc/raddb/".

regards,
Venkat
SAI Technology Inc.,
408.727.1560

2008/8/15 <freeradius-users-request at lists.freeradius.org>

> Send Freeradius-Users mailing list submissions to
>        freeradius-users at lists.freeradius.org
>
> To subscribe or unsubscribe via the World Wide Web, visit
>        http://lists.freeradius.org/mailman/listinfo/freeradius-users
> or, via email, send a message with subject or body 'help' to
>        freeradius-users-request at lists.freeradius.org
>
> You can reach the person managing the list at
>        freeradius-users-owner at lists.freeradius.org
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of Freeradius-Users digest..."
>
>
> Today's Topics:
>
>   1. RE: Freeradius in an AD environment on opensuse server
>      (Murray, Elizabeth [DNR])
>   2. Re: 2.0.5 on Solaris with openssl 0.9.8h (Andrew Hood)
>   3. Re: Freeradius in an AD environment on opensuse server
>      (Maurizio Cimaschi)
>   4. RE: Freeradius in an AD environment on opensuse server
>      (Murray, Elizabeth [DNR])
>   5. Re: Crash on x64? (Alex Balashov)
>   6. RE: FreeRadius 2.0.5 AD PEAP (Brooks, Kyle)
>   7. Re: Failing to authenticate using FreeRadius(in OpenBSD) + XP
>      as a      client+Linksys AP (WRT54v2.2) using peap (Ivan Kalik)
>   8. what are the intended semantics of paircompare()? (John Dennis)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Fri, 15 Aug 2008 08:45:24 -0500
> From: "Murray, Elizabeth [DNR]" <Elizabeth.Murray at dnr.iowa.gov>
> Subject: RE: Freeradius in an AD environment on opensuse server
> To: FreeRadius users mailing list
>        <freeradius-users at lists.freeradius.org>
> Message-ID:
>        <
> 19B6CF3C6982234BB7AD5E01E70F5AF8037F0194B9 at iowadsmex104.iowa.gov.state.ia.us
> >
>
> Content-Type: text/plain; charset="us-ascii"
>
> Sorry.  I'm really new at this and I took this as a good suggestion.  I was
> just trying to follow the instructions.  I will begin again and leave that
> out.  I do appreciate having the ability to communicate with everyone on the
> list and will try to be more exact.
>
> Right now I have installed 11.0 opensuse.  Radius -X does not load error
> message is
> First error I found says
> "/etc/raddb/certs/bootstrap: line 15: make: command not found"
>
>
>
> -----Original Message-----
> From: freeradius-users-bounces+elizabeth.murray=dnr.iowa.gov@
> lists.freeradius.org [mailto:freeradius-users-bounces+elizabeth.murray<freeradius-users-bounces%2Belizabeth.murray>
> =dnr.iowa.gov at lists.freeradius.org] On Behalf Of Maurizio Cimaschi
> Sent: Thursday, August 14, 2008 4:22 PM
> To: FreeRadius users mailing list
> Subject: Re: Freeradius in an AD environment on opensuse server
>
> Murray, Elizabeth [DNR] wrote:
> > OK.  Following the suggestions, I installed the application for the
> application to track changes.  Not so easy to do.  I now give up.
> > I followed the instructions and when I run the test it asks me about the
> .hgrc file.  Not to be found anywhere.
>
> Given this error, it seems that you're busy installing Mercurial; but I
> did not sugest you to install any Source Control Management system. At
> least is not related with the installation of freeradius.
>
>
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
>
>
> ------------------------------
>
> Message: 2
> Date: Sat, 16 Aug 2008 00:03:40 +1000
> From: Andrew Hood <freeradius at andyhood.net>
> Subject: Re: 2.0.5 on Solaris with openssl 0.9.8h
> To: FreeRadius users mailing list
>        <freeradius-users at lists.freeradius.org>
> Message-ID: <48A58CBC.40201 at andyhood.net>
> Content-Type: text/plain; charset=us-ascii
>
> Rafiqul Ahsan wrote:
> > Hi Alan, and All,
> >
> > Well, I believe I have linked Freeradius 2.0.5 with the right openssl
> > (0.9.8h) now by adding below env variables(my build logs also says
> > that linked with -L/usr/local/ssl/lib). However I still see the same
> > error while using sha256 encryption algorithm with RSA 2048 key. I
> > sent this query to openssl maillist, they are sending me back to you
> > (freeradius folks) to verify whether Freeradius supports sha2, sha256
> > etc. (I hoped that below patch would allow, but no luck).
> >
> > CFLAGS=-I/usr/local/ssl/include/openssl
> > CPPFLAGS=-I/usr/local/ssl/include/openssl
> > LDFLAGS=-L/usr/local/ssl/lib
> > export CFLAGS CPPFLAGS LDFLAGS
>
> I forget. Were you using the Sun toolchain or GNU?
>
> You probably need one of:
>
> LDFLAGS='-L/usr/local/ssl/lib -Wl,-rpath -Wl,/usr/local/ssl/lib
>
> or
>
> LDFLAGS='-L/usr/local/ssl/lib -R/usr/local/ssl/lib'
>
> or whatever similar incantation your linker wants to achive the same
> result, forcing it to use the version of openssl in /usr/local/lib
>
>
> --
> REALITY.SYS not found: Universe halted.
>
>
> ------------------------------
>
> Message: 3
> Date: Fri, 15 Aug 2008 17:03:23 +0200
> From: Maurizio Cimaschi <mauri at unixrulez.org>
> Subject: Re: Freeradius in an AD environment on opensuse server
> To: FreeRadius users mailing list
>        <freeradius-users at lists.freeradius.org>
> Message-ID: <48A59ABB.7080702 at unixrulez.org>
> Content-Type: text/plain; charset=UTF-8; format=flowed
>
> Murray, Elizabeth [DNR] wrote:
> > "/etc/raddb/certs/bootstrap: line 15: make: command not found"
>
> you need to install "make" package.
>
> Try here: http://packages.opensuse-community.org/
>
>
>
>
> ------------------------------
>
> Message: 4
> Date: Fri, 15 Aug 2008 10:27:45 -0500
> From: "Murray, Elizabeth [DNR]" <Elizabeth.Murray at dnr.iowa.gov>
> Subject: RE: Freeradius in an AD environment on opensuse server
> To: FreeRadius users mailing list
>        <freeradius-users at lists.freeradius.org>
> Message-ID:
>        <
> 19B6CF3C6982234BB7AD5E01E70F5AF8037EB28264 at iowadsmex104.iowa.gov.state.ia.us
> >
>
> Content-Type: text/plain; charset="us-ascii"
>
>
> ________________________________________
> From: freeradius-users-bounces+elizabeth.murray=dnr.iowa.gov@
> lists.freeradius.org [freeradius-users-bounces+elizabeth.murray=
> dnr.iowa.gov at lists.freeradius.org] On Behalf Of Maurizio Cimaschi [
> mauri at unixrulez.org]
> Sent: Friday, August 15, 2008 10:03 AM
> To: FreeRadius users mailing list
> Subject: Re: Freeradius in an AD environment on opensuse server
>
> Murray, Elizabeth [DNR] wrote:
> > "/etc/raddb/certs/bootstrap: line 15: make: command not found"
>
> you need to install "make" package.
>
> Try here: http://packages.opensuse-community.org/
>
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
>
>
> ------------------------------
>
> Message: 5
> Date: Fri, 15 Aug 2008 13:00:06 -0400 (EDT)
> From: "Alex Balashov" <abalashov at evaristesys.com>
> Subject: Re: Crash on x64?
> To: "FreeRadius users mailing list"
>        <freeradius-users at lists.freeradius.org>
> Message-ID:
>        <4043.97.81.69.51.1218819606.squirrel at webmail.corp.evaristesys.com>
> Content-Type: text/plain;charset=iso-8859-1
>
>
> On Fri, August 15, 2008 5:56 am, Phil Mayers wrote:
>
> > Well, it's an invalid "free", obviously, which indicates pointer
> > corruption or something similar. What's odd is that we're running a
> > relatively high-volume server on RHEL5 & Postgres and it's fine.
>
> 2.0.5 (tried both from binary and source0.  Postgres 8.3.3.
>
> --
> Alex Balashov
> Evariste Systems
> Web    : http://www.evaristesys.com/
> Tel    : (+1) (678) 954-0670
> Direct : (+1) (678) 954-0671
> Mobile : (+1) (706) 338-8599
>
>
>
> ------------------------------
>
> Message: 6
> Date: Fri, 15 Aug 2008 13:23:23 -0400
> From: "Brooks, Kyle" <Kyle.Brooks at nrc-cnrc.gc.ca>
> Subject: RE: FreeRadius 2.0.5 AD PEAP
> To: "FreeRadius users mailing list"
>        <freeradius-users at lists.freeradius.org>
> Message-ID: <6AF37B759D23CD4FB862A21C1F06CF9732AD3C at nrccenexb2.nrc.ca>
> Content-Type: text/plain;       charset="us-ascii"
>
> >>>++[mschap] returns ok
> >>>MSCHAP Success
> >>>++[eap] returns handled
> >>
> >>Radius is doing fine. Your switch is having problems with
> EAP-MSCHAPv2.
> >>Debug the switch.
> >>
> >>Ivan Kalik
> >>Kalik Informatika ISP
> >
> >Ok, but we are using this same switch and config for our current
> >deployment of freeradius 1.1.7 with AD and everything is working fine.
> >
> >I will debug the switch but would it be something else?
>
> I've debugged the switch which is currently passing auth traffic with
> FreeRadius 1.1.7 correctly, and it too is passing traffic correctly with
> 2.0.5.
>
>
>
> ------------------------------
>
> Message: 7
> Date: Fri, 15 Aug 2008 21:28:51 +0100
> From: "Ivan Kalik" <tnt at kalik.net>
> Subject: Re: Failing to authenticate using FreeRadius(in OpenBSD) + XP
>        as a    client+Linksys AP (WRT54v2.2) using peap
> To: "FreeRadius users mailing list"
>        <freeradius-users at lists.freeradius.org>
> Message-ID: <FkuK2QF9.1218832131.0955900.tnt at kalik.co.yu>
> Content-Type: text/plain; charset=ISO-8859-2
>
> What is in this entry:
>
> users: Matched entry test100 at line 172
>
> Ivan Kalik
> Kalik Informatika ISP
>
>
> Dana 15/8/2008, "Venkata LK Mula" <vlkmula at saitechnology.com> pi?e:
>
> >Hi,
> >
> >This is with reference to the above mentioned subject, we
> >are trying to authenticate client in PEAP-MSCHAPv2
> >configuration.
> >
> >For which we are getting the following error:
> >
> >modsingle[authenticate]: calling mschap (rlm_mschap) for
> >request 6
> >rlm_mschap: No Cleartext-Password configured. Cannot create
> >LM-Password.
> >rlm_mschap: No Cleartext-Password configured. Cannot create
> >NT-Password.
> >rlm_mschap: Told to do MS-CHAPv2 for test100 with
> >NT-Password
> >rlm_mschap: FAILED: No NT/LM-Password. Cannot perform
> >authentication.
> >rlm_mschap: FAILED: MS-CHAP2-Response is incorrect
> >modsingle[authenticate]: returned from mschap (rlm_mschap)
> >for request 6
> >++[mschap] returns reject
> >rlm_eap: Freeing handler
> >modsingle[authenticate]: returned from eap (rlm_eap) for
> >request 6
> >++[eap] returns reject
> >auth: Failed to validate the user.
> >PEAP: Tunneled authentication was rejected.
> >rlm_eap_peap: FAILURE
> >modsingle[authenticate]: returned from eap (rlm_eap) for
> >request 6
> >++[eap] returns handled
> >
> >
> >rlm_eap_peap: Received EAP-TLV response.
> >rlm_eap_peap: Had sent TLV failure. User was rejected
> >earlier in this session.
> >
> >The version of FreeRadius is 2.0.5.
> >
> >Please help me out to solve the issue.
> >
> >regards,
> >Venkat
> >
> >We are also attaching the total log and the clients.conf,
> >eap.conf and radiusd.conf. and the log file as .rar file.
> >
> >
>
>
>
> ------------------------------
>
> Message: 8
> Date: Fri, 15 Aug 2008 16:50:21 -0400
> From: John Dennis <jdennis at redhat.com>
> Subject: what are the intended semantics of paircompare()?
> To: FreeRadius users mailing list
>        <freeradius-users at lists.freeradius.org>
> Message-ID: <48A5EC0D.2020101 at redhat.com>
> Content-Type: text/plain; charset=ISO-8859-1; format=flowed
>
> I'm in the process of debugging a problem and it seems to me
> paircompare() (in src/main/valuepair.c) is returning the wrong result.
> But I might be ascribing the wrong semantics to the function. Here is
> what I think it's supposed to do, is this correct?
>
> If any check attribute matches (according to it's operator) any
> attribute of the same attribute type in the request then return 0 else
> return ~0.
>
> Phrased another way it's a short circuit "logical or", e.g. as long as
> something matches it succeeds.
>
> If that is the intended semantics then I think there are couple of bugs
> in it and I'll provide a patch along with an explanation, otherwise
> could you set me straight on what it's behaviour is supposed to be?
>
> Thanks!
>
> --
> John Dennis <jdennis at redhat.com>
>
>
>
> ------------------------------
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
>
> End of Freeradius-Users Digest, Vol 40, Issue 68
> ************************************************
>



-- 
regards,
Venkat
9885480745
'take the things and as and when the way they come ...'
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20080815/8176ddc6/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: users
Type: application/octet-stream
Size: 10817 bytes
Desc: not available
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20080815/8176ddc6/attachment.obj>


More information about the Freeradius-Users mailing list