FR 2.1.1 core dump Solaris 10 x86
Chris Howley
C.P.Howley at leeds.ac.uk
Fri Sep 26 11:27:36 CEST 2008
Dear Alan,
FR 2.1.1 running under Solaris 10 x86 creates a core dump when using EAP
PEAP/MSCHAPv2.
Chris Howley
bash-3.00# radiusd -X
FreeRADIUS Version 2.1.1, for host i386-pc-solaris2.10, built on Sep 25
2008 at 12:42:55
Copyright (C) 1999-2008 The FreeRADIUS server project and contributors.
There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE.
You may redistribute copies of FreeRADIUS under the terms of the
GNU General Public License v2.
Starting - reading configuration files ...
including configuration file /usr/local/etc/raddb/radiusd.conf
including configuration file /usr/local/etc/raddb/proxy.conf
including configuration file /usr/local/etc/raddb/clients.conf
including files in directory /usr/local/etc/raddb/modules/
including configuration file /usr/local/etc/raddb/modules/acct_unique
including configuration file /usr/local/etc/raddb/modules/always
including configuration file /usr/local/etc/raddb/modules/attr_filter
including configuration file /usr/local/etc/raddb/modules/attr_rewrite
including configuration file /usr/local/etc/raddb/modules/chap
including configuration file /usr/local/etc/raddb/modules/checkval
including configuration file /usr/local/etc/raddb/modules/counter
including configuration file /usr/local/etc/raddb/modules/detail
including configuration file
/usr/local/etc/raddb/modules/detail.example.com
including configuration file /usr/local/etc/raddb/modules/detail.log
including configuration file /usr/local/etc/raddb/modules/digest
including configuration file /usr/local/etc/raddb/modules/echo
including configuration file /usr/local/etc/raddb/modules/etc_group
including configuration file /usr/local/etc/raddb/modules/exec
including configuration file /usr/local/etc/raddb/modules/expiration
including configuration file /usr/local/etc/raddb/modules/expr
including configuration file /usr/local/etc/raddb/modules/files
including configuration file /usr/local/etc/raddb/modules/inner-eap
including configuration file /usr/local/etc/raddb/modules/ippool
including configuration file /usr/local/etc/raddb/modules/krb5
including configuration file /usr/local/etc/raddb/modules/ldap
including configuration file /usr/local/etc/raddb/modules/linelog
including configuration file /usr/local/etc/raddb/modules/logintime
including configuration file /usr/local/etc/raddb/modules/mac2ip
including configuration file /usr/local/etc/raddb/modules/mac2vlan
including configuration file /usr/local/etc/raddb/modules/mschap
including configuration file /usr/local/etc/raddb/modules/pam
including configuration file /usr/local/etc/raddb/modules/pap
including configuration file /usr/local/etc/raddb/modules/passwd
including configuration file /usr/local/etc/raddb/modules/policy
including configuration file /usr/local/etc/raddb/modules/preprocess
including configuration file /usr/local/etc/raddb/modules/radutmp
including configuration file /usr/local/etc/raddb/modules/realm
including configuration file /usr/local/etc/raddb/modules/smbpasswd
including configuration file /usr/local/etc/raddb/modules/sql_log
including configuration file /usr/local/etc/raddb/modules/sradutmp
including configuration file /usr/local/etc/raddb/modules/unix
including configuration file /usr/local/etc/raddb/modules/wimax
including configuration file /usr/local/etc/raddb/eap.conf
including configuration file /usr/local/etc/raddb/sql.conf
including configuration file /usr/local/etc/raddb/sql/mysql/dialup.conf
including configuration file /usr/local/etc/raddb/sql/mysql/counter.conf
including configuration file /usr/local/etc/raddb/policy.conf
including files in directory /usr/local/etc/raddb/sites-enabled/
including configuration file /usr/local/etc/raddb/sites-enabled/default
including configuration file
/usr/local/etc/raddb/sites-enabled/inner-tunnel
including dictionary file /usr/local/etc/raddb/dictionary
main {
prefix = "/usr/local"
localstatedir = "/usr/local/var"
logdir = "/usr/local/var/log/radius"
libdir = "/usr/local/lib"
radacctdir = "/usr/local/var/log/radius/radacct"
hostname_lookups = no
max_request_time = 30
cleanup_delay = 5
max_requests = 1024
allow_core_dumps = no
pidfile = "/usr/local/var/run/radiusd/radiusd.pid"
checkrad = "/usr/local/sbin/checkrad"
debug_level = 0
proxy_requests = yes
log {
stripped_names = no
auth = no
auth_badpass = no
auth_goodpass = no
}
security {
max_attributes = 200
reject_delay = 1
status_server = yes
}
}
client localhost {
ipaddr = 127.0.0.1
require_message_authenticator = no
secret = "testing123"
nastype = "other"
}
client 10.12.80.96/27 {
require_message_authenticator = no
secret = "testing123"
shortname = "wism"
}
radiusd: #### Loading Realms and Home Servers ####
proxy server {
retry_delay = 5
retry_count = 3
default_fallback = no
dead_time = 120
wake_all_if_all_dead = no
}
home_server localhost {
ipaddr = 127.0.0.1
port = 1812
type = "auth"
secret = "testing123"
response_window = 20
max_outstanding = 65536
zombie_period = 40
status_check = "status-server"
ping_interval = 30
check_interval = 30
num_answers_to_alive = 3
num_pings_to_alive = 3
revive_interval = 120
status_check_timeout = 4
}
home_server_pool my_auth_failover {
type = fail-over
home_server = localhost
}
realm example.com {
auth_pool = my_auth_failover
}
realm LOCAL {
}
radiusd: #### Instantiating modules ####
instantiate {
Module: Linked to module rlm_exec
Module: Instantiating exec
exec {
wait = no
input_pairs = "request"
shell_escape = yes
}
Module: Linked to module rlm_expr
Module: Instantiating expr
Module: Linked to module rlm_expiration
Module: Instantiating expiration
expiration {
reply-message = "Password Has Expired "
}
Module: Linked to module rlm_logintime
Module: Instantiating logintime
logintime {
reply-message = "You are calling outside your allowed timespan
"
minimum-timeout = 60
}
}
radiusd: #### Loading Virtual Servers ####
server inner-tunnel {
modules {
Module: Checking authenticate {...} for more modules to load
Module: Linked to module rlm_pap
Module: Instantiating pap
pap {
encryption_scheme = "auto"
auto_header = no
}
Module: Linked to module rlm_chap
Module: Instantiating chap
Module: Linked to module rlm_mschap
Module: Instantiating mschap
mschap {
use_mppe = yes
require_encryption = yes
require_strong = yes
with_ntdomain_hack = no
ntlm_auth = "/usr/sfw/bin/ntlm_auth --request-nt-key
--username=%{Stripped-User-Name:-%{User-Name:-None}}
--domain=%{mschap:NT-Domain:-DS.LEEDS.AC.UK}
--challenge=%{mschap:Challenge:-00}
--nt-response=%{mschap:NT-Response:-00}"
}
Module: Linked to module rlm_unix
Module: Instantiating unix
unix {
radwtmp = "/usr/local/var/log/radius/radwtmp"
}
Module: Linked to module rlm_eap
Module: Instantiating eap
eap {
default_eap_type = "peap"
timer_expire = 60
ignore_unknown_eap_types = no
cisco_accounting_username_bug = no
max_sessions = 2048
}
Module: Linked to sub-module rlm_eap_md5
Module: Instantiating eap-md5
Module: Linked to sub-module rlm_eap_leap
Module: Instantiating eap-leap
Module: Linked to sub-module rlm_eap_gtc
Module: Instantiating eap-gtc
gtc {
challenge = "Password: "
auth_type = "PAP"
}
Module: Linked to sub-module rlm_eap_tls
Module: Instantiating eap-tls
tls {
rsa_key_exchange = no
dh_key_exchange = yes
rsa_key_length = 512
dh_key_length = 512
verify_depth = 0
pem_file_type = yes
private_key_file = "/usr/local/etc/raddb/certs/server.pem"
certificate_file = "/usr/local/etc/raddb/certs/server.pem"
CA_file = "/usr/local/etc/raddb/certs/ca.pem"
private_key_password = "whatever"
dh_file = "/usr/local/etc/raddb/certs/dh"
random_file = "/dev/urandom"
fragment_size = 1024
include_length = yes
check_crl = no
cipher_list = "DEFAULT"
cache {
enable = no
lifetime = 24
max_entries = 255
}
}
Module: Linked to sub-module rlm_eap_ttls
Module: Instantiating eap-ttls
ttls {
default_eap_type = "mschapv2"
copy_request_to_tunnel = yes
use_tunneled_reply = yes
virtual_server = "inner-tunnel"
}
Module: Linked to sub-module rlm_eap_peap
Module: Instantiating eap-peap
peap {
default_eap_type = "mschapv2"
copy_request_to_tunnel = yes
use_tunneled_reply = yes
proxy_tunneled_request_as_eap = no
virtual_server = "inner-tunnel"
}
Module: Linked to sub-module rlm_eap_mschapv2
Module: Instantiating eap-mschapv2
mschapv2 {
with_ntdomain_hack = no
}
Module: Checking authorize {...} for more modules to load
Module: Linked to module rlm_realm
Module: Instantiating suffix
realm suffix {
format = "suffix"
delimiter = "@"
ignore_default = no
ignore_null = no
}
Module: Linked to module rlm_files
Module: Instantiating files
files {
usersfile = "/usr/local/etc/raddb/users"
acctusersfile = "/usr/local/etc/raddb/acct_users"
preproxy_usersfile = "/usr/local/etc/raddb/preproxy_users"
compat = "no"
}
Module: Checking session {...} for more modules to load
Module: Linked to module rlm_radutmp
Module: Instantiating radutmp
radutmp {
filename = "/usr/local/var/log/radius/radutmp"
username = "%{User-Name}"
case_sensitive = yes
check_with_nas = yes
perm = 384
callerid = yes
}
Module: Checking post-proxy {...} for more modules to load
Module: Checking post-auth {...} for more modules to load
Module: Linked to module rlm_attr_filter
Module: Instantiating attr_filter.access_reject
attr_filter attr_filter.access_reject {
attrsfile = "/usr/local/etc/raddb/attrs.access_reject"
key = "%{User-Name}"
}
}
}
modules {
Module: Checking authenticate {...} for more modules to load
Module: Checking authorize {...} for more modules to load
Module: Linked to module rlm_preprocess
Module: Instantiating preprocess
preprocess {
huntgroups = "/usr/local/etc/raddb/huntgroups"
hints = "/usr/local/etc/raddb/hints"
with_ascend_hack = no
ascend_channels_per_line = 23
with_ntdomain_hack = no
with_specialix_jetstream_hack = no
with_cisco_vsa_hack = no
with_alvarion_vsa_hack = no
}
Module: Checking preacct {...} for more modules to load
Module: Linked to module rlm_acct_unique
Module: Instantiating acct_unique
acct_unique {
key = "User-Name, Acct-Session-Id, NAS-IP-Address,
Client-IP-Address, NAS-Port"
}
Module: Checking accounting {...} for more modules to load
Module: Linked to module rlm_detail
Module: Instantiating detail
detail {
detailfile =
"/usr/local/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d"
header = "%t"
detailperm = 384
dirperm = 493
locking = no
log_packet_header = no
}
Module: Instantiating attr_filter.accounting_response
attr_filter attr_filter.accounting_response {
attrsfile = "/usr/local/etc/raddb/attrs.accounting_response"
key = "%{User-Name}"
}
Module: Checking session {...} for more modules to load
Module: Checking post-proxy {...} for more modules to load
Module: Checking post-auth {...} for more modules to load
}
radiusd: #### Opening IP addresses and Ports ####
listen {
type = "auth"
ipaddr = *
port = 0
}
listen {
type = "acct"
ipaddr = *
port = 0
}
Listening on authentication address * port 1812
Listening on accounting address * port 1813
Listening on proxy address * port 1814
Ready to process requests.
rad_recv: Access-Request packet from host 10.12.80.101 port 32769,
id=142, length=176
User-Name = "testuser"
Calling-Station-Id = "00-13-02-8D-F3-1F"
Called-Station-Id = "00-14-6A-D8-C2-80:ISS TEST"
NAS-Port = 29
NAS-IP-Address = 10.12.80.101
NAS-Identifier = "WM03-1"
Airespace-Wlan-Id = 6
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "3021"
EAP-Message = 0x0201000c01656475726f616d
Message-Authenticator = 0x106b870c32a62fb087dc711482652b96
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = "testuser", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 1 length 12
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[unix] returns notfound
++[files] returns noop
++[expiration] returns noop
++[logintime] returns noop
[pap] WARNING! No "known good" password found for the user.
Authentication may fail because of this.
++[pap] returns noop
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] EAP Identity
[eap] processing type tls
[tls] Initiate
[tls] Start returned 1
++[eap] returns handled
Sending Access-Challenge of id 142 to 10.12.80.101 port 32769
EAP-Message = 0x010200061920
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x0cb46c820cb675ef9949b7230ccbdaa5
Finished request 0.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 10.12.80.101 port 32769,
id=143, length=262
User-Name = "testuser"
Calling-Station-Id = "00-13-02-8D-F3-1F"
Called-Station-Id = "00-14-6A-D8-C2-80:ISS TEST"
NAS-Port = 29
NAS-IP-Address = 10.12.80.101
NAS-Identifier = "WM03-1"
Airespace-Wlan-Id = 6
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "3021"
EAP-Message =
0x0202005019800000004616030100410100003d030148dca64833b2ae971205068066e7
ac41dce152d7a4a1f0abe60489262290d3c900001600040005000a000900640062000300
060013001200630100
State = 0x0cb46c820cb675ef9949b7230ccbdaa5
Message-Authenticator = 0xdd4d5afdd354da330e8a851117507a41
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = "testuser", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 2 length 80
[eap] Continuing tunnel setup.
++[eap] returns ok
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/peap
[eap] processing type peap
[peap] processing EAP-TLS
TLS Length 70
[peap] Length Included
[peap] eaptls_verify returned 11
[peap] (other): before/accept initialization
[peap] TLS_accept: before/accept initialization
[peap] <<< TLS 1.0 Handshake [length 0041], ClientHello
[peap] TLS_accept: SSLv3 read client hello A
[peap] >>> TLS 1.0 Handshake [length 002a], ServerHello
[peap] TLS_accept: SSLv3 write server hello A
[peap] >>> TLS 1.0 Handshake [length 084e], Certificate
[peap] TLS_accept: SSLv3 write certificate A
[peap] >>> TLS 1.0 Handshake [length 0004], ServerHelloDone
[peap] TLS_accept: SSLv3 write server done A
[peap] TLS_accept: SSLv3 flush data
[peap] TLS_accept: Need to read more data: SSLv3 read client
certificate A
In SSL Handshake Phase
In SSL Accept mode
[peap] eaptls_process returned 13
[peap] EAPTLS_HANDLED
++[eap] returns handled
Sending Access-Challenge of id 143 to 10.12.80.101 port 32769
EAP-Message =
0x0103040019c00000088b160301002a02000026030148dca647db39a03303db064cd3bc
4b90a41614d174e0141d3d3f27b99935267900000400160301084e0b00084a0008470003
a6308203a23082028aa003020102020101300d06092a864886f70d010104050030819331
0b3009060355040613024652310f300d0603550408130652616469757331123010060355
04071309536f6d65776865726531153013060355040a130c4578616d706c6520496e632e
3120301e06092a864886f70d010901161161646d696e406578616d706c652e636f6d3126
30240603550403131d4578616d706c6520436572746966696361746520417574686f7269
7479
EAP-Message =
0x301e170d3038303932353134353731385a170d3039303932353134353731385a307c31
0b3009060355040613024652310f300d0603550408130652616469757331153013060355
040a130c4578616d706c6520496e632e312330210603550403131a4578616d706c652053
65727665722043657274696669636174653120301e06092a864886f70d01090116116164
6d696e406578616d706c652e636f6d30820122300d06092a864886f70d01010105000382
010f003082010a0282010100d0766818cb56a43de093034321aca55bbbe9d3222e476e89
959a7f56e169825c7b08debc9b41bdceff6ed5ba350b4ec81197e8ef508c842c8173d190
913f
EAP-Message =
0xc85131e44cf875ac2feec3ef18c0f9275462d925449b7273f6150d86c885c268fec945
5f0763abffdadc38307319af270b4ff7c6dc4b6ff54dd33e67c80c9b21e9de61077c9561
9e3b74d1791c320c23304aad26d741234947eba6a253da1359e88078a25ae61c099f0fcd
103f85d84038d81aeee595c9901cd007cbdbd6eee9b8f3845459e4f8342f05266eb164e4
6074e557f9fe37b9c3967a9e57b12a503beeaf81b6d013e6d8c534c83753a12e7cee7564
ee0cd31f3253bff7e27c8b069adc670203010001a317301530130603551d25040c300a06
082b06010505070301300d06092a864886f70d010104050003820101006b2c6c7331c040
9c00
EAP-Message =
0x994bf72bcb52a61eca106b42cf409ca599d69f529a9a21e991c625ac71cf01da4185a1
447e38cea9563fb819296ff0bef68a8b8335c3fa5d2af11607b06b212797a6e7c6d5d175
61656aa47f925e6d26852fd5e850efb253372b9d89a41343c10309a242af62ca4820d8dd
7336710d47a12e104c59285f36bcd406b682548c337b5dfb5eda1c37da7d5ae95c1ad0ff
8611b0c2794e74c039d14dbc5e6d93afa224a87c6eef38460000b29118f3f9fc5ed27037
399b190ca0e2f1d98c7376e77f4afecf6b55f234c5734ec74b9c836e8aeafc770ec5cf63
ec6e1fe465a5a9233f5ebdaf3a02d8f43ea5026d4fba067882646ed2b14a983f00049b30
8204
EAP-Message = 0x973082037fa0030201020201
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x0cb46c820db775ef9949b7230ccbdaa5
Finished request 1.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 10.12.80.101 port 32769,
id=144, length=188
User-Name = "testuser"
Calling-Station-Id = "00-13-02-8D-F3-1F"
Called-Station-Id = "00-14-6A-D8-C2-80:ISS TEST"
NAS-Port = 29
NAS-IP-Address = 10.12.80.101
NAS-Identifier = "WM03-1"
Airespace-Wlan-Id = 6
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "3021"
EAP-Message = 0x020300061900
State = 0x0cb46c820db775ef9949b7230ccbdaa5
Message-Authenticator = 0x306ba7aa4d3c40bf26c3200a39f91071
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = "testuser", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 3 length 6
[eap] Continuing tunnel setup.
++[eap] returns ok
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/peap
[eap] processing type peap
[peap] processing EAP-TLS
[peap] Received TLS ACK
[peap] ACK handshake fragment handler
[peap] eaptls_verify returned 1
[peap] eaptls_process returned 13
[peap] EAPTLS_HANDLED
++[eap] returns handled
Sending Access-Challenge of id 144 to 10.12.80.101 port 32769
EAP-Message =
0x010403fc194000300d06092a864886f70d0101040500308193310b3009060355040613
024652310f300d060355040813065261646975733112301006035504071309536f6d6577
6865726531153013060355040a130c4578616d706c6520496e632e3120301e06092a8648
86f70d010901161161646d696e406578616d706c652e636f6d312630240603550403131d
4578616d706c6520436572746966696361746520417574686f72697479301e170d303830
3932353134353731375a170d3038313032353134353731375a308193310b300906035504
0613024652310f300d060355040813065261646975733112301006035504071309536f6d
6577
EAP-Message =
0x6865726531153013060355040a130c4578616d706c6520496e632e3120301e06092a86
4886f70d010901161161646d696e406578616d706c652e636f6d31263024060355040313
1d4578616d706c6520436572746966696361746520417574686f7269747930820122300d
06092a864886f70d01010105000382010f003082010a0282010100c808067e3b9540e4ce
6ec3115c5d07a7db66c329bdc5c1e33a156fbee608d1ef787d79031aedd1ff660914247a
076fbbe674d17d47e805418815576932174c0a67b4ecb92cee42519375933687af2f632a
3e6d25f5d781a5b4cacf3383f3984b27f7ce147005c6e5f4904166a696ad9b2e6efe53c4
87b3
EAP-Message =
0x01040076d327ff47280d6416a8f41e4b588e8cc4f3c904511b6242b5baf175bc998bfd
79717111e3f48e999ed733094d2f0f4e1f79fbe31bd6f932b9ac937e0e9c232d52d87444
547d0f0375acf5f4b9affc31ad80026589bf4e577beaa792ced4eb75d37a4059347c5411
000587df3ed9bd130610434ebb8a3a0c67bce235ac9efb8fe858473923c30203010001a3
81f33081f0301d0603551d0e041604147ac63ac5ff6dbb9a842a4295883c0025fe8cb1cd
3081c00603551d230481b83081b580147ac63ac5ff6dbb9a842a4295883c0025fe8cb1cd
a18199a48196308193310b3009060355040613024652310f300d06035504081306526164
6975
EAP-Message =
0x733112301006035504071309536f6d65776865726531153013060355040a130c457861
6d706c6520496e632e3120301e06092a864886f70d010901161161646d696e406578616d
706c652e636f6d312630240603550403131d4578616d706c652043657274696669636174
6520417574686f72697479820100300c0603551d13040530030101ff300d06092a864886
f70d010104050003820101009ef5b32c06e5a05b107865ec976832e9b0ba15c84a521311
3bc31a1c8356c9aa129a00af265a7e1178d2dc279e6f8da03cf502b9c4c5c0535fef9052
eae9a18b5b5b409b0a948c2e59ca8a25bc6cbae91b866313b8a121554ddd00be2c4b3620
3f2a
EAP-Message = 0xbef8ea593db1741c
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x0cb46c820eb075ef9949b7230ccbdaa5
Finished request 2.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 10.12.80.101 port 32769,
id=145, length=188
User-Name = "testuser"
Calling-Station-Id = "00-13-02-8D-F3-1F"
Called-Station-Id = "00-14-6A-D8-C2-80:ISS TEST"
NAS-Port = 29
NAS-IP-Address = 10.12.80.101
NAS-Identifier = "WM03-1"
Airespace-Wlan-Id = 6
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "3021"
EAP-Message = 0x020400061900
State = 0x0cb46c820eb075ef9949b7230ccbdaa5
Message-Authenticator = 0x79702e24654636170854100516765466
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = "testuser", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 4 length 6
[eap] Continuing tunnel setup.
++[eap] returns ok
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/peap
[eap] processing type peap
[peap] processing EAP-TLS
[peap] Received TLS ACK
[peap] ACK handshake fragment handler
[peap] eaptls_verify returned 1
[peap] eaptls_process returned 13
[peap] EAPTLS_HANDLED
++[eap] returns handled
Sending Access-Challenge of id 145 to 10.12.80.101 port 32769
EAP-Message =
0x010500a5190051f7587d8252a2fe137eb7e38b0e8fcef534028b2c428386171b32fbbd
c32dd19f8dfbb32ffaa058af9aac90d67ea54fbf0af236cf2d898f74b4094a6a4a506bff
ca8b0343e529813ba443b217057c2ac2d3e105ba819ea91f16eea7ccc5fdf227ad6b04f0
c3670f6fc80cb67b80f739fc220974e6205cea6eff801077234b2b1fe984b6bbc724ccb0
b111ace3c0c920bf802b4eeec816030100040e000000
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x0cb46c820fb175ef9949b7230ccbdaa5
Finished request 3.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 10.12.80.101 port 32769,
id=146, length=504
User-Name = "testuser"
Calling-Station-Id = "00-13-02-8D-F3-1F"
Called-Station-Id = "00-14-6A-D8-C2-80:ISS TEST"
NAS-Port = 29
NAS-IP-Address = 10.12.80.101
NAS-Identifier = "WM03-1"
Airespace-Wlan-Id = 6
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "3021"
EAP-Message =
0x020501401980000001361603010106100001020100ad02c1ef3a938a536d4f773bc120
9e8785b2e98ee2441a3f905145cc38d552e28022588f574e36e97132b5a53e57a4d8c08d
86d38c4ccb6ede1050e26f0e38a430877de544a1b09fc4ee8d7dcb263cda083c8bd7bb2a
6654aaee155c27aaeb5c849c5b1f0b17e7d973dd302cab480a886f95fed090afacf4d445
ca89f5b7e929b7b9be5382d111806e600b9a1d9f08e7fc36868415d5448a52ebc07dfce7
e0463d0afea3f3a4d3bfa49d31d00bbd246b95934b68de2f5e47016af1f8d528965cb394
9ab6751dec08fc55333b32c4b186ed91fb9324fb5d2b0e65011c32d0583ce6dbabf83509
f165
EAP-Message =
0xfc2930c450657a33d83a7cb0d3f56894100b5b601cf6c59b1403010001011603010020
f50a783ce47300318272c132172d390b388ca8597e452771d686db3e1cbfc8fb
State = 0x0cb46c820fb175ef9949b7230ccbdaa5
Message-Authenticator = 0x0efc830adc0963b7f12f33848a2e7215
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = "testuser", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 5 length 253
[eap] Continuing tunnel setup.
++[eap] returns ok
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/peap
[eap] processing type peap
[peap] processing EAP-TLS
TLS Length 310
[peap] Length Included
[peap] eaptls_verify returned 11
[peap] <<< TLS 1.0 Handshake [length 0106], ClientKeyExchange
[peap] TLS_accept: SSLv3 read client key exchange A
[peap] <<< TLS 1.0 ChangeCipherSpec [length 0001]
[peap] <<< TLS 1.0 Handshake [length 0010], Finished
[peap] TLS_accept: SSLv3 read finished A
[peap] >>> TLS 1.0 ChangeCipherSpec [length 0001]
[peap] TLS_accept: SSLv3 write change cipher spec A
[peap] >>> TLS 1.0 Handshake [length 0010], Finished
[peap] TLS_accept: SSLv3 write finished A
[peap] TLS_accept: SSLv3 flush data
[peap] (other): SSL negotiation finished successfully
SSL Connection Established
[peap] eaptls_process returned 13
[peap] EAPTLS_HANDLED
++[eap] returns handled
Sending Access-Challenge of id 146 to 10.12.80.101 port 32769
EAP-Message =
0x0106003119001403010001011603010020c0714e9ed9b7ab79912d4e96168226e6274a
a9df918058f5e6e1eef4d9f231a0
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x0cb46c8208b275ef9949b7230ccbdaa5
Finished request 4.
Going to the next request
Waking up in 4.5 seconds.
rad_recv: Access-Request packet from host 10.12.80.101 port 32769,
id=147, length=188
User-Name = "testuser"
Calling-Station-Id = "00-13-02-8D-F3-1F"
Called-Station-Id = "00-14-6A-D8-C2-80:ISS TEST"
NAS-Port = 29
NAS-IP-Address = 10.12.80.101
NAS-Identifier = "WM03-1"
Airespace-Wlan-Id = 6
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "3021"
EAP-Message = 0x020600061900
State = 0x0cb46c8208b275ef9949b7230ccbdaa5
Message-Authenticator = 0x83b9c2f9eff4a524ca5c4b8f8c59365c
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = "testuser", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 6 length 6
[eap] Continuing tunnel setup.
++[eap] returns ok
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/peap
[eap] processing type peap
[peap] processing EAP-TLS
[peap] Received TLS ACK
[peap] ACK handshake is finished
[peap] eaptls_verify returned 3
[peap] eaptls_process returned 3
[peap] EAPTLS_SUCCESS
++[eap] returns handled
Sending Access-Challenge of id 147 to 10.12.80.101 port 32769
EAP-Message =
0x01070020190017030100150ac4600ef9fffd886bc7eb1748e65fac575ea21069
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x0cb46c8209b375ef9949b7230ccbdaa5
Finished request 5.
Going to the next request
Waking up in 4.4 seconds.
rad_recv: Access-Request packet from host 10.12.80.101 port 32769,
id=148, length=217
User-Name = "testuser"
Calling-Station-Id = "00-13-02-8D-F3-1F"
Called-Station-Id = "00-14-6A-D8-C2-80:ISS TEST"
NAS-Port = 29
NAS-IP-Address = 10.12.80.101
NAS-Identifier = "WM03-1"
Airespace-Wlan-Id = 6
Service-Type = Framed-User
Framed-MTU = 1300
NAS-Port-Type = Wireless-802.11
Tunnel-Type:0 = VLAN
Tunnel-Medium-Type:0 = IEEE-802
Tunnel-Private-Group-Id:0 = "3021"
EAP-Message =
0x020700231900170301001809d221beba90673f8aacd0022d3c037a4cac1d6be40d3d42
State = 0x0cb46c8209b375ef9949b7230ccbdaa5
Message-Authenticator = 0x54b9111ba19bd6a78c04a5e6ba6ac7bb
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = "testuser", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 7 length 35
[eap] Continuing tunnel setup.
++[eap] returns ok
Found Auth-Type = EAP
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/peap
[eap] processing type peap
[peap] processing EAP-TLS
[peap] eaptls_verify returned 7
[peap] Done initial handshake
[peap] eaptls_process returned 7
[peap] EAPTLS_OK
[peap] Session established. Decoding tunneled attributes.
[peap] Identity - testuser
[peap] Got tunnled request
EAP-Message = 0x0207000c01656475726f616d
Segmentation Fault (core dumped)
bash-3.00#
More information about the Freeradius-Users
mailing list