error of segmentation during the implementation of eap2

arnauld ndefo ndefo2002 at yahoo.fr
Tue Sep 18 23:44:23 CEST 2012


Sorry to spam you, but we have  #radtest user1 password 127.0.0.1:1812 0 testing1234  and 
#radtest user1 password 127.0.0.1:18120 0 testing1234 
and we have got the same result for the client

________________________________
 De : arnauld ndefo <ndefo2002 at yahoo.fr>
À : alan buxey <A.L.M.Buxey at lboro.ac.uk>; FreeRadius users mailing list <freeradius-users at lists.freeradius.org>; Arran Cudbard-Bell <a.cudbardb at freeradius.org> 
Cc : Alan DeKok <aland at deployingradius.com>; tatiana dibanda <tdibanda31 at yahoo.fr>; "tdibanda2005 at yahoo.fr" <tdibanda2005 at yahoo.fr> 
Envoyé le : Mardi 18 septembre 2012 23h38
Objet : Re: error of segmentation during the implementation of eap2
 

Hi, 
Concerning the error of segmentation, we have removed in the section authorize the part eap2{ ok = return} in the default and inner-server file. After that we have got the output of the radiusd -X which is in the attached file radiusd.txt. Normally we think that it is fine because the eap2 module has been loaded and we have at the end the line 

 ... adding new socket proxy address * port 52902
Listening on authentication address * port 1812
Listening on accounting address * port 1813
Listening on command file /usr/local/var/run/radiusd/radiusd.sock
Listening on authentication address 127.0.0.1 port 18120 as server inner-tunnel
Listening on proxy address * port 1814
Ready to process requests.

For the test of the eap2 module, we have put in the users file the line user1 Auth-Type :=eap2, Cleartext-Password :="password"

On the client, we have got 

#radtest user1 password 127.0.0.1:18120 0 testing1234
sh: getcwd() failed: No such file or directory
Sending Access-Request of id 217 to 127.0.0.1 port 18120
User-Name = "user1"
User-Password = "password"
NAS-IP-Address = 127.0.1.1
NAS-Port = 0
Message-Authenticator = 0x00000000000000000000000000000000
rad_recv: Access-Reject packet from host 127.0.0.1 port 18120, id=217, length=20

And on the server we have got 

rad_recv: Access-Request packet from host 127.0.0.1 port 53591, id=217, length=75
User-Name = "user1"
User-Password = "password"
NAS-IP-Address = 127.0.1.1
NAS-Port = 0
Message-Authenticator = 0xd755b04bec06d6babdc5c934be2aae5a
server inner-tunnel {
# Executing section authorize from file /usr/local/etc/raddb/sites-enabled/inner-tunnel
+- entering group authorize {...}
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = "user1", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
++[control] returns noop
[files] users: Matched entry user1 at line 204
++[files] returns ok
++[expiration] returns noop
++[logintime] returns noop
[pap] WARNING: Auth-Type already set.  Not setting to PAP
++[pap] returns noop
Found Auth-Type = eap2
# Executing group from file /usr/local/etc/raddb/sites-enabled/inner-tunnel
+- entering group authenticate {...}
[eap2] No EAP-Message.  Not doing EAP.
++[eap2] returns fail
Failed to authenticate the user.
} # server inner-tunnel
Using Post-Auth-Type REJECT
# Executing group from file /usr/local/etc/raddb/sites-enabled/inner-tunnel
+- entering group REJECT {...}
[attr_filter.access_reject] expand: %{User-Name} -> user1
attr_filter: Matched entry DEFAULT at line 11
++[attr_filter.access_reject] returns updated
Delaying reject of request 1 for 1 seconds
Going to the next request
Waking up in 0.9 seconds.
Sending delayed reject for request 1
Sending Access-Reject of id 217 to 127.0.0.1 port 53591
Waking up in 4.9 seconds.
Cleaning up request 1 ID 217 with timestamp +96

I have checked all the file and everything is Ok. Then i dont know why the server doesnt success to authenticate the user??? As you see, we have a failed to authenticate the user.
Do you have an ideas or suggestions please??

Thank you

 




________________________________
 De : alan buxey <A.L.M.Buxey at lboro.ac.uk>
À : arnauld ndefo <ndefo2002 at yahoo.fr>; FreeRadius users mailing list <freeradius-users at lists.freeradius.org> 
Cc : Alan DeKok <aland at deployingradius.com>; tatiana dibanda <tdibanda31 at yahoo.fr>; "tdibanda2005 at yahoo.fr" <tdibanda2005 at yahoo.fr> 
Envoyé le : Mardi 18 septembre 2012 17h57
Objet : Re: error of segmentation during the implementation of eap2
 
Hi,
>    My project is to authenticate a client openpana with my radius server. The
>    authentication method used by the client is based on the
 EAP-PSK, which is
>    why I would have a radius server with authtentification method as EAP-PSK.
>    After apply the instruction of doc/bugs, i have got a file gdb-radiusd.log
>    which i have attached to the mail.

I take it that you've tried removing eap2 call from authorize and only have it in the authentication
section?

alan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20120918/ba8f5f26/attachment-0001.html>


More information about the Freeradius-Users mailing list