LDAP Groups to Freeradius and then Ruckus Wireless?
Enrique Sainz Baixauli
enriquesainz.beca at intef.educacion.es
Tue Jun 10 09:44:43 CEST 2014
> ./configure --enable-developer
>
> It's hitting a bunch of soft asserts in the freeradius library which would
launch the debugger if --enable-developer were set.
>
> If we can get the backtrace from one of those we might have a better idea
about what's going on.
>
> -Arran
You got it :)
(sorry for the broken lines, they're too many to fix them by hand)
Received Access-Request Id 0 from 192.168.60.1:1024 to 192.168.50.62:1812
length 190
User-Name = 'juan'
Calling-Station-Id = '00-26-C6-7C-C4-58'
NAS-IP-Address = 192.168.60.1
NAS-Port = 1
Called-Station-Id = '2C-E6-CC-1A-3E-5C:PROFESORES'
Service-Type = Framed-User
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
NAS-Identifier = '2C-E6-CC-1A-3E-5C'
Connect-Info = 'CONNECT 802.11a/n'
EAP-Message = 0x02000009016a75616e
Attr-26.25053.3 = 0x50524f4645534f524553
Message-Authenticator = 0x3efe33ca51c0208284178dd3aef14db6
(0) # Executing section authorize from file
/etc/freeradius/sites-enabled/default
(0) authorize {
(0) [preprocess] = ok
(0) [chap] = noop
(0) [mschap] = noop
(0) [digest] = noop
(0) suffix : No '@' in User-Name = "juan", looking up realm NULL
(0) suffix : No such realm "NULL"
(0) [suffix] = noop
(0) eap : EAP packet type response id 0 length 9
(0) eap : EAP-Identity reply, returning 'ok' so we can short-circuit the
rest of authorize
(0) [eap] = ok
(0) } # authorize = ok
(0) Found Auth-Type = EAP
(0) # Executing group from file /etc/freeradius/sites-enabled/default
(0) authenticate {
(0) eap : Peer sent Identity (1)
(0) eap : Calling eap_tls to process EAP data
(0) eap_tls : Flushing SSL sessions (of #0)
(0) eap_tls : Requiring client certificate
(0) eap_tls : Initiate
(0) eap_tls : Requiring client certificate
(0) eap_tls : Start returned 1
(0) eap : New EAP session, adding 'State' attribute to reply
0x00fd4c1700fc41e0
(0) [eap] = handled
(0) } # authenticate = handled
Sending Access-Challenge Id 0 from 192.168.50.62:1812 to 192.168.60.1:1024
EAP-Message = 0x010100060d20
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x00fd4c1700fc41e024238a16d8cdd2f7
(0) Finished request
Waking up in 0.3 seconds.
Received Access-Request Id 1 from 192.168.60.1:1024 to 192.168.50.62:1812
length 304
User-Name = 'juan'
Calling-Station-Id = '00-26-C6-7C-C4-58'
NAS-IP-Address = 192.168.60.1
NAS-Port = 1
Called-Station-Id = '2C-E6-CC-1A-3E-5C:PROFESORES'
Service-Type = Framed-User
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
NAS-Identifier = '2C-E6-CC-1A-3E-5C'
Connect-Info = 'CONNECT 802.11a/n'
EAP-Message =
0x020100690d800000005f160301005a0100005603015396b55c93922b259b39f8d912916e47
3f3d2b12527dae7df54b5d3dadf68f08000018002f00350005000ac013c014
c009c00a003200380013000401000015ff01000100000a0006000400170018000b00020100
State = 0x00fd4c1700fc41e024238a16d8cdd2f7
Attr-26.25053.3 = 0x50524f4645534f524553
Message-Authenticator = 0xb561c819708f28f71e9390a39d2c44e1
(1) # Executing section authorize from file
/etc/freeradius/sites-enabled/default
(1) authorize {
(1) [preprocess] = ok
(1) [chap] = noop
(1) [mschap] = noop
(1) [digest] = noop
(1) suffix : No '@' in User-Name = "juan", looking up realm NULL
(1) suffix : No such realm "NULL"
(1) [suffix] = noop
(1) eap : EAP packet type response id 1 length 105
(1) eap : No EAP Start, assuming it's an on-going EAP conversation
(1) [eap] = updated
(1) [files] = noop
rlm_ldap (ldap): Reserved connection (4)
(1) ldap : EXPAND (uid=%{%{Stripped-User-Name}:-%{User-Name}})
(1) ldap : --> (uid=juan)
(1) ldap : EXPAND dc=ejemplo,dc=org
(1) ldap : --> dc=ejemplo,dc=org
(1) ldap : Performing search in 'dc=ejemplo,dc=org' with filter
'(uid=juan)', scope 'sub'
(1) ldap : Waiting for search result...
(1) ldap : User object found at DN "uid=juan,ou=usuarios,dc=ejemplo,dc=org"
(1) ldap : No cacheable group memberships found in user object
(1) ldap : EXPAND
(&(objectClass=groupOfNames)(member=%{control:Ldap-UserDn}))
(1) ldap : -->
(&(objectClass=groupOfNames)(member=uid\3djuan\2cou\3dusuario
s\2cdc\3dejemplo\2cdc\3dorg))
(1) ldap : EXPAND dc=ejemplo,dc=org
(1) ldap : --> dc=ejemplo,dc=org
(1) ldap : Performing search in 'dc=ejemplo,dc=org' with filter
'(&(objectClass
=groupOfNames)(member=uid\3djuan\2cou\3dusuarios\2cdc\3dejemplo\2cdc\3dorg))
', s
cope 'sub'
(1) ldap : Waiting for search result...
(1) ldap : Added control:Ldap-Group with value "profesores"
(1) ldap : Processing user attributes
(1) ldap : control:Password-With-Header += '1234'
rlm_ldap (ldap): Released connection (4)
(1) [ldap] = ok
(1) foreach &control:LDAP-Group
(1) # Foreach-Variable-0 = "profesores"
(1) update reply {
(1) EXPAND %{Foreach-Variable-0}
(1) --> profesores
(1) &Ruckus-User-Groups += "profesores"
(1) } # update reply = noop
(1) } # foreach &control:LDAP-Group = noop
(1) [expiration] = noop
(1) [logintime] = noop
(1) pap : No {...} in Password-With-Header, re-writing to
Cleartext-Password
(1) WARNING: pap : Auth-Type already set. Not setting to PAP
(1) [pap] = noop
(1) } # authorize = updated
(1) Found Auth-Type = EAP
(1) # Executing group from file /etc/freeradius/sites-enabled/default
(1) authenticate {
(1) eap : Expiring EAP session with state 0x00fd4c1700fc41e0
(1) eap : Finished EAP session with state 0x00fd4c1700fc41e0
(1) eap : Previous EAP request found for state 0x00fd4c1700fc41e0, released
fro
m the list
(1) eap : Peer sent TLS (13)
(1) eap : EAP TLS (13)
(1) eap : Calling eap_tls to process EAP data
(1) eap_tls : Authenticate
(1) eap_tls : processing EAP-TLS
TLS Length 95
(1) eap_tls : Length Included
(1) eap_tls : eaptls_verify returned 11
(1) eap_tls : (other): before/accept initialization
(1) eap_tls : TLS_accept: before/accept initialization
(1) eap_tls : <<< TLS 1.0 Handshake [length 005a], ClientHello
(1) eap_tls : TLS_accept: SSLv3 read client hello A
(1) eap_tls : >>> TLS 1.0 Handshake [length 0051], ServerHello
(1) eap_tls : TLS_accept: SSLv3 write server hello A
(1) eap_tls : >>> TLS 1.0 Handshake [length 0707], Certificate
(1) eap_tls : TLS_accept: SSLv3 write certificate A
(1) eap_tls : >>> TLS 1.0 Handshake [length 0056], CertificateRequest
(1) eap_tls : TLS_accept: SSLv3 write certificate request A
(1) eap_tls : TLS_accept: SSLv3 flush data
(1) eap_tls : TLS_accept: Need to read more data: SSLv3 read client
certificate
A
In SSL Handshake Phase
In SSL Accept mode
(1) eap_tls : eaptls_process returned 13
(1) eap : New EAP session, adding 'State' attribute to reply
0x00fd4c1701ff41e0
(1) [eap] = handled
(1) } # authenticate = handled
Sending Access-Challenge Id 1 from 192.168.50.62:1812 to 192.168.60.1:1024
Ruckus-User-Groups += 'profesores'
EAP-Message =
0x010203ec0dc0000007bd16030100510200004d03015396b5bb5127ae
2ded900dee3ee029ee75cf4cdc80461cea0c199f23c00ac886206d20cc13ea954dfc5a871a3c
a033
877860fdeb811c3c90a090d67fe82e10d4a1002f000005ff0100010016030107070b00070300
0700
00039b308203973082027fa003020102020900c43f77feef6a22ef300d06092a864886f70d01
0105
05003044310b3009060355040613024553310f300d06035504080c064d6164726964310e300c
0603
55040a0c05494e5445463114301206035504030c0b656a656d706c6f2e6f7267301e170d3134
3035
32303037313134325a170d3135303532303037313134325a3055310b30090603550406130245
5331
0f300d06035504080c064d6164726964310f300d06035504070c064d6164726964310e300c06
0355
040a0c05494e5445463114301206035504030c0b656a656d706c6f2e6f726730820122300d06
092a
864886f70d01010105000382010f003082010a0282010100d86d13ea2fa99efe3982e0ceface
40d3
45221a17f49a4cbdf8774fc1cea663192790995f1df5c32c30ea86fe5190ff99a3012ff8e54e
94de
9d81e96fb282562e1264f059238606c51afebce65604a4902dcdfc803041f6240e2c7a03cca1
8c70
238e9c0fda027487bcb8868c95850aae68986c068f737434eecdbbbdaabfd83780ce9
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x00fd4c1701ff41e024238a16d8cdd2f7
(1) Finished request
Waking up in 0.1 seconds.
Received Access-Request Id 2 from 192.168.60.1:1024 to 192.168.50.62:1812
length
205
User-Name = 'juan'
Calling-Station-Id = '00-26-C6-7C-C4-58'
NAS-IP-Address = 192.168.60.1
NAS-Port = 1
Called-Station-Id = '2C-E6-CC-1A-3E-5C:PROFESORES'
Service-Type = Framed-User
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
NAS-Identifier = '2C-E6-CC-1A-3E-5C'
Connect-Info = 'CONNECT 802.11a/n'
EAP-Message = 0x020200060d00
State = 0x00fd4c1701ff41e024238a16d8cdd2f7
Attr-26.25053.3 = 0x50524f4645534f524553
Message-Authenticator = 0xafc5da6d1f9ffb1582a031cf7de5401d
(2) # Executing section authorize from file
/etc/freeradius/sites-enabled/defaul
t
(2) authorize {
(2) [preprocess] = ok
(2) [chap] = noop
(2) [mschap] = noop
(2) [digest] = noop
(2) suffix : No '@' in User-Name = "juan", looking up realm NULL
(2) suffix : No such realm "NULL"
(2) [suffix] = noop
(2) eap : EAP packet type response id 2 length 6
(2) eap : No EAP Start, assuming it's an on-going EAP conversation
(2) [eap] = updated
(2) [files] = noop
rlm_ldap (ldap): Reserved connection (4)
(2) ldap : EXPAND (uid=%{%{Stripped-User-Name}:-%{User-Name}})
(2) ldap : --> (uid=juan)
(2) ldap : EXPAND dc=ejemplo,dc=org
(2) ldap : --> dc=ejemplo,dc=org
(2) ldap : Performing search in 'dc=ejemplo,dc=org' with filter
'(uid=juan)', s
cope 'sub'
(2) ldap : Waiting for search result...
(2) ldap : User object found at DN "uid=juan,ou=usuarios,dc=ejemplo,dc=org"
(2) ldap : No cacheable group memberships found in user object
(2) ldap : EXPAND
(&(objectClass=groupOfNames)(member=%{control:Ldap-UserDn}))
(2) ldap : -->
(&(objectClass=groupOfNames)(member=uid\3djuan\2cou\3dusuario
s\2cdc\3dejemplo\2cdc\3dorg))
(2) ldap : EXPAND dc=ejemplo,dc=org
(2) ldap : --> dc=ejemplo,dc=org
(2) ldap : Performing search in 'dc=ejemplo,dc=org' with filter
'(&(objectClass
=groupOfNames)(member=uid\3djuan\2cou\3dusuarios\2cdc\3dejemplo\2cdc\3dorg))
', s
cope 'sub'
(2) ldap : Waiting for search result...
(2) ldap : Added control:Ldap-Group with value "profesores"
(2) ldap : Processing user attributes
(2) ldap : control:Password-With-Header += '1234'
rlm_ldap (ldap): Released connection (4)
(2) [ldap] = ok
(2) foreach &control:LDAP-Group
(2) # Foreach-Variable-0 = "profesores"
(2) update reply {
(2) EXPAND %{Foreach-Variable-0}
(2) --> profesores
(2) &Ruckus-User-Groups += "profesores"
(2) } # update reply = noop
(2) } # foreach &control:LDAP-Group = noop
(2) [expiration] = noop
(2) [logintime] = noop
(2) pap : No {...} in Password-With-Header, re-writing to
Cleartext-Password
(2) WARNING: pap : Auth-Type already set. Not setting to PAP
(2) [pap] = noop
(2) } # authorize = updated
(2) Found Auth-Type = EAP
(2) # Executing group from file /etc/freeradius/sites-enabled/default
(2) authenticate {
(2) eap : Expiring EAP session with state 0x00fd4c1701ff41e0
(2) eap : Finished EAP session with state 0x00fd4c1701ff41e0
(2) eap : Previous EAP request found for state 0x00fd4c1701ff41e0, released
fro
m the list
(2) eap : Peer sent TLS (13)
(2) eap : EAP TLS (13)
(2) eap : Calling eap_tls to process EAP data
(2) eap_tls : Authenticate
(2) eap_tls : processing EAP-TLS
(2) eap_tls : Received TLS ACK
(2) eap_tls : Received TLS ACK
(2) eap_tls : ACK handshake fragment handler
(2) eap_tls : eaptls_verify returned 1
(2) eap_tls : eaptls_process returned 13
(2) eap : New EAP session, adding 'State' attribute to reply
0x00fd4c1702fe41e0
(2) [eap] = handled
(2) } # authenticate = handled
Sending Access-Challenge Id 2 from 192.168.50.62:1812 to 192.168.60.1:1024
Ruckus-User-Groups += 'profesores'
EAP-Message =
0x010303e50d80000007bd3849d248b1dfa322109bc7213dc7b995e11c
f1ec9e393177e1d411f1b83700035f3082035b30820243a003020102020900c43f77feef6a22
ee30
0d06092a864886f70d01010505003044310b3009060355040613024553310f300d0603550408
0c06
4d6164726964310e300c060355040a0c05494e5445463114301206035504030c0b656a656d70
6c6f
2e6f7267301e170d3134303532303037303835355a170d3137303531393037303835355a3044
310b
3009060355040613024553310f300d06035504080c064d6164726964310e300c060355040a0c
0549
4e5445463114301206035504030c0b656a656d706c6f2e6f726730820122300d06092a864886
f70d
01010105000382010f003082010a0282010100b34d31cc087201a6f5f91e1f411fbe7c8175e6
8364
d88e7bc6fb454918d40aca5f65cb2caf0496d4c7ef1b62379ab4ddfc60338d8785d6f4b20809
1cda
2f566d39b233c9a76cfcd2e14a21a5c1c1ad30c6c6734fb0024ef4511a78679f4b2e6085113c
b24d
3229fa288b7ae5a460348f253fa438172cfb0b2c66c005747d6b716d6e221e492e793c17439a
19d6
38bc84ecde2aaf864e1b22007c29b5aa056637d4dd4bde4783dd1b2994b87522662742b8c547
7ce8
c39227a3bf8b71b2dce5323150b49cd27134e4a79f7f98d371cad38b0e72363efbc62
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x00fd4c1702fe41e024238a16d8cdd2f7
(2) Finished request
Waking up in 0.1 seconds.
Received Access-Request Id 3 from 192.168.60.1:1024 to 192.168.50.62:1812
length
1701
User-Name = 'juan'
Calling-Station-Id = '00-26-C6-7C-C4-58'
NAS-IP-Address = 192.168.60.1
NAS-Port = 1
Called-Station-Id = '2C-E6-CC-1A-3E-5C:PROFESORES'
Service-Type = Framed-User
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
NAS-Identifier = '2C-E6-CC-1A-3E-5C'
Connect-Info = 'CONNECT 802.11a/n'
EAP-Message =
0x020305d40dc0000005d916030105990b000389000386000383308203
7f30820267a003020102020900c43f77feef6a22f0300d06092a864886f70d01010505003044
310b
3009060355040613024553310f300d06035504080c064d6164726964310e300c060355040a0c
0549
4e5445463114301206035504030c0b656a656d706c6f2e6f7267301e170d3134303532313035
3231
30335a170d3135303532313035323130335a303d310b3009060355040613024553310f300d06
0355
04080c064d6164726964310e300c060355040a0c05494e544546310d300b06035504030c046a
7561
6e30820122300d06092a864886f70d01010105000382010f003082010a0282010100d8fe45c4
6e47
43d7ecaf6c82f5206a6d1683234f11e54af93501eba03aaadf6c4a123bb2aeebce0717b6930a
3e55
0f9e75e38fb7f0057acebdeecb6d396c4547ed2cb496d887ae6973982c7b708898d3d4e080c4
4679
ffc2eeea7b707f3d03aacfd8544465a96f0988366c5c8a8fd9e84bd38006f71b572a526759ea
f147
a20c21f42ef7c8f8c37915768eec7e41402c3869e8c06a06d6d53a3fac290b9db34a737a55ce
6c3b
c544396ee4f35ff28622c2318c57b0ce8b86aac710ed16e56960d4a2fafbe851afb250256e5b
03cf
37f52ace63f3eb801d78d6e2e3ebdb4ac5493bbca5129d60cbea4a1f7e96391a9216a
State = 0x00fd4c1702fe41e024238a16d8cdd2f7
Attr-26.25053.3 = 0x50524f4645534f524553
Message-Authenticator = 0x7a153d76d7b2744ca31fb2b68216dedf
(3) # Executing section authorize from file
/etc/freeradius/sites-enabled/defaul
t
(3) authorize {
(3) [preprocess] = ok
(3) [chap] = noop
(3) [mschap] = noop
(3) [digest] = noop
(3) suffix : No '@' in User-Name = "juan", looking up realm NULL
(3) suffix : No such realm "NULL"
(3) [suffix] = noop
(3) eap : EAP packet type response id 3 length 1492
(3) eap : No EAP Start, assuming it's an on-going EAP conversation
(3) [eap] = updated
(3) [files] = noop
rlm_ldap (ldap): Reserved connection (4)
(3) ldap : EXPAND (uid=%{%{Stripped-User-Name}:-%{User-Name}})
(3) ldap : --> (uid=juan)
(3) ldap : EXPAND dc=ejemplo,dc=org
(3) ldap : --> dc=ejemplo,dc=org
(3) ldap : Performing search in 'dc=ejemplo,dc=org' with filter
'(uid=juan)', s
cope 'sub'
(3) ldap : Waiting for search result...
(3) ldap : User object found at DN "uid=juan,ou=usuarios,dc=ejemplo,dc=org"
(3) ldap : No cacheable group memberships found in user object
(3) ldap : EXPAND
(&(objectClass=groupOfNames)(member=%{control:Ldap-UserDn}))
(3) ldap : -->
(&(objectClass=groupOfNames)(member=uid\3djuan\2cou\3dusuario
s\2cdc\3dejemplo\2cdc\3dorg))
(3) ldap : EXPAND dc=ejemplo,dc=org
(3) ldap : --> dc=ejemplo,dc=org
(3) ldap : Performing search in 'dc=ejemplo,dc=org' with filter
'(&(objectClass
=groupOfNames)(member=uid\3djuan\2cou\3dusuarios\2cdc\3dejemplo\2cdc\3dorg))
', s
cope 'sub'
(3) ldap : Waiting for search result...
(3) ldap : Added control:Ldap-Group with value "profesores"
(3) ldap : Processing user attributes
(3) ldap : control:Password-With-Header += '1234'
rlm_ldap (ldap): Released connection (4)
(3) [ldap] = ok
(3) foreach &control:LDAP-Group
(3) # Foreach-Variable-0 = "profesores"
(3) update reply {
(3) EXPAND %{Foreach-Variable-0}
(3) --> profesores
(3) &Ruckus-User-Groups += "profesores"
(3) } # update reply = noop
(3) } # foreach &control:LDAP-Group = noop
(3) [expiration] = noop
(3) [logintime] = noop
(3) pap : No {...} in Password-With-Header, re-writing to
Cleartext-Password
(3) WARNING: pap : Auth-Type already set. Not setting to PAP
(3) [pap] = noop
(3) } # authorize = updated
(3) Found Auth-Type = EAP
(3) # Executing group from file /etc/freeradius/sites-enabled/default
(3) authenticate {
(3) eap : Expiring EAP session with state 0x00fd4c1702fe41e0
(3) eap : Finished EAP session with state 0x00fd4c1702fe41e0
(3) eap : Previous EAP request found for state 0x00fd4c1702fe41e0, released
fro
m the list
(3) eap : Peer sent TLS (13)
(3) eap : EAP TLS (13)
(3) eap : Calling eap_tls to process EAP data
(3) eap_tls : Authenticate
(3) eap_tls : processing EAP-TLS
TLS Length 1497
(3) eap_tls : Received EAP-TLS First Fragment of the message
(3) eap_tls : eaptls_verify returned 9
(3) eap_tls : eaptls_process returned 13
(3) eap : New EAP session, adding 'State' attribute to reply
0x00fd4c1703f941e0
(3) [eap] = handled
(3) } # authenticate = handled
Sending Access-Challenge Id 3 from 192.168.50.62:1812 to 192.168.60.1:1024
Ruckus-User-Groups += 'profesores'
EAP-Message = 0x010400060d00
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x00fd4c1703f941e024238a16d8cdd2f7
(3) Finished request
Waking up in 0.1 seconds.
Received Access-Request Id 4 from 192.168.60.1:1024 to 192.168.50.62:1812
length
220
User-Name = 'juan'
Calling-Station-Id = '00-26-C6-7C-C4-58'
NAS-IP-Address = 192.168.60.1
NAS-Port = 1
Called-Station-Id = '2C-E6-CC-1A-3E-5C:PROFESORES'
Service-Type = Framed-User
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
NAS-Identifier = '2C-E6-CC-1A-3E-5C'
Connect-Info = 'CONNECT 802.11a/n'
EAP-Message = 0x020400150d00e01b879ad8ef587fe7ccfa117c55be
State = 0x00fd4c1703f941e024238a16d8cdd2f7
Attr-26.25053.3 = 0x50524f4645534f524553
Message-Authenticator = 0xa8c975397e2ee0a2cc04124ef2b9fba2
(4) # Executing section authorize from file
/etc/freeradius/sites-enabled/defaul
t
(4) authorize {
(4) [preprocess] = ok
(4) [chap] = noop
(4) [mschap] = noop
(4) [digest] = noop
(4) suffix : No '@' in User-Name = "juan", looking up realm NULL
(4) suffix : No such realm "NULL"
(4) [suffix] = noop
(4) eap : EAP packet type response id 4 length 21
(4) eap : No EAP Start, assuming it's an on-going EAP conversation
(4) [eap] = updated
(4) [files] = noop
rlm_ldap (ldap): Reserved connection (4)
(4) ldap : EXPAND (uid=%{%{Stripped-User-Name}:-%{User-Name}})
(4) ldap : --> (uid=juan)
(4) ldap : EXPAND dc=ejemplo,dc=org
(4) ldap : --> dc=ejemplo,dc=org
(4) ldap : Performing search in 'dc=ejemplo,dc=org' with filter
'(uid=juan)', s
cope 'sub'
(4) ldap : Waiting for search result...
(4) ldap : User object found at DN "uid=juan,ou=usuarios,dc=ejemplo,dc=org"
(4) ldap : No cacheable group memberships found in user object
(4) ldap : EXPAND
(&(objectClass=groupOfNames)(member=%{control:Ldap-UserDn}))
(4) ldap : -->
(&(objectClass=groupOfNames)(member=uid\3djuan\2cou\3dusuario
s\2cdc\3dejemplo\2cdc\3dorg))
(4) ldap : EXPAND dc=ejemplo,dc=org
(4) ldap : --> dc=ejemplo,dc=org
(4) ldap : Performing search in 'dc=ejemplo,dc=org' with filter
'(&(objectClass
=groupOfNames)(member=uid\3djuan\2cou\3dusuarios\2cdc\3dejemplo\2cdc\3dorg))
', s
cope 'sub'
(4) ldap : Waiting for search result...
(4) ldap : Added control:Ldap-Group with value "profesores"
(4) ldap : Processing user attributes
(4) ldap : control:Password-With-Header += '1234'
rlm_ldap (ldap): Released connection (4)
(4) [ldap] = ok
(4) foreach &control:LDAP-Group
(4) # Foreach-Variable-0 = "profesores"
(4) update reply {
(4) EXPAND %{Foreach-Variable-0}
(4) --> profesores
(4) &Ruckus-User-Groups += "profesores"
(4) } # update reply = noop
(4) } # foreach &control:LDAP-Group = noop
(4) [expiration] = noop
(4) [logintime] = noop
(4) pap : No {...} in Password-With-Header, re-writing to
Cleartext-Password
(4) WARNING: pap : Auth-Type already set. Not setting to PAP
(4) [pap] = noop
(4) } # authorize = updated
(4) Found Auth-Type = EAP
(4) # Executing group from file /etc/freeradius/sites-enabled/default
(4) authenticate {
(4) eap : Expiring EAP session with state 0x00fd4c1703f941e0
(4) eap : Finished EAP session with state 0x00fd4c1703f941e0
(4) eap : Previous EAP request found for state 0x00fd4c1703f941e0, released
fro
m the list
(4) eap : Peer sent TLS (13)
(4) eap : EAP TLS (13)
(4) eap : Calling eap_tls to process EAP data
(4) eap_tls : Authenticate
(4) eap_tls : processing EAP-TLS
(4) eap_tls : eaptls_verify returned 7
(4) eap_tls : Done initial handshake
(4) eap_tls : <<< TLS 1.0 Handshake [length 038d], Certificate
(4) eap_tls : chain-depth=1,
(4) eap_tls : error=0
(4) eap_tls : --> User-Name = juan
(4) eap_tls : --> BUF-Name = ejemplo.org
(4) eap_tls : --> subject = /C=ES/ST=Madrid/O=INTEF/CN=ejemplo.org
(4) eap_tls : --> issuer = /C=ES/ST=Madrid/O=INTEF/CN=ejemplo.org
(4) eap_tls : --> verify return:1
(4) eap_tls : chain-depth=0,
(4) eap_tls : error=0
(4) eap_tls : --> User-Name = juan
(4) eap_tls : --> BUF-Name = juan
(4) eap_tls : --> subject = /C=ES/ST=Madrid/O=INTEF/CN=juan
(4) eap_tls : --> issuer = /C=ES/ST=Madrid/O=INTEF/CN=ejemplo.org
(4) eap_tls : --> verify return:1
(4) eap_tls : TLS_accept: SSLv3 read client certificate A
(4) eap_tls : <<< TLS 1.0 Handshake [length 0106], ClientKeyExchange
(4) eap_tls : TLS_accept: SSLv3 read client key exchange A
(4) eap_tls : <<< TLS 1.0 Handshake [length 0106], CertificateVerify
(4) eap_tls : TLS_accept: SSLv3 read certificate verify A
(4) eap_tls : <<< TLS 1.0 ChangeCipherSpec [length 0001]
(4) eap_tls : <<< TLS 1.0 Handshake [length 0010], Finished
(4) eap_tls : TLS_accept: SSLv3 read finished A
(4) eap_tls : >>> TLS 1.0 ChangeCipherSpec [length 0001]
(4) eap_tls : TLS_accept: SSLv3 write change cipher spec A
(4) eap_tls : >>> TLS 1.0 Handshake [length 0010], Finished
(4) eap_tls : TLS_accept: SSLv3 write finished A
(4) eap_tls : TLS_accept: SSLv3 flush data
SSL: adding session
6d20cc13ea954dfc5a871a3ca033877860fdeb811c3c90a090d67fe82e
10d4a1 to cache
(4) eap_tls : (other): SSL negotiation finished successfully
SSL Connection Established
(4) eap_tls : eaptls_process returned 13
(4) eap : New EAP session, adding 'State' attribute to reply
0x00fd4c1704f841e0
(4) [eap] = handled
(4) } # authenticate = handled
Sending Access-Challenge Id 4 from 192.168.50.62:1812 to 192.168.60.1:1024
Ruckus-User-Groups += 'profesores'
EAP-Message =
0x010500450d800000003b14030100010116030100307de5ae6078318d
4c60d99d5318aea5bd210bff31b1923eb6d1bbe3668728130330234b5efbc02b30f92cfcab30
abf3
21
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x00fd4c1704f841e024238a16d8cdd2f7
(4) Finished request
Received Access-Request Id 5 from 192.168.60.1:1024 to 192.168.50.62:1812
length
205
User-Name = 'juan'
Calling-Station-Id = '00-26-C6-7C-C4-58'
NAS-IP-Address = 192.168.60.1
NAS-Port = 1
Called-Station-Id = '2C-E6-CC-1A-3E-5C:PROFESORES'
Service-Type = Framed-User
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
NAS-Identifier = '2C-E6-CC-1A-3E-5C'
Connect-Info = 'CONNECT 802.11a/n'
EAP-Message = 0x020500060d00
State = 0x00fd4c1704f841e024238a16d8cdd2f7
Attr-26.25053.3 = 0x50524f4645534f524553
Message-Authenticator = 0x7790bdb7d581acba7f3d7804e460fa78
(5) # Executing section authorize from file
/etc/freeradius/sites-enabled/defaul
t
(5) authorize {
(5) [preprocess] = ok
(5) [chap] = noop
(5) [mschap] = noop
(5) [digest] = noop
(5) suffix : No '@' in User-Name = "juan", looking up realm NULL
(5) suffix : No such realm "NULL"
(5) [suffix] = noop
(5) eap : EAP packet type response id 5 length 6
(5) eap : No EAP Start, assuming it's an on-going EAP conversation
(5) [eap] = updated
(5) [files] = noop
rlm_ldap (ldap): Reserved connection (4)
(5) ldap : EXPAND (uid=%{%{Stripped-User-Name}:-%{User-Name}})
(5) ldap : --> (uid=juan)
(5) ldap : EXPAND dc=ejemplo,dc=org
(5) ldap : --> dc=ejemplo,dc=org
(5) ldap : Performing search in 'dc=ejemplo,dc=org' with filter
'(uid=juan)', s
cope 'sub'
(5) ldap : Waiting for search result...
(5) ldap : User object found at DN "uid=juan,ou=usuarios,dc=ejemplo,dc=org"
(5) ldap : No cacheable group memberships found in user object
(5) ldap : EXPAND
(&(objectClass=groupOfNames)(member=%{control:Ldap-UserDn}))
(5) ldap : -->
(&(objectClass=groupOfNames)(member=uid\3djuan\2cou\3dusuario
s\2cdc\3dejemplo\2cdc\3dorg))
(5) ldap : EXPAND dc=ejemplo,dc=org
(5) ldap : --> dc=ejemplo,dc=org
(5) ldap : Performing search in 'dc=ejemplo,dc=org' with filter
'(&(objectClass
=groupOfNames)(member=uid\3djuan\2cou\3dusuarios\2cdc\3dejemplo\2cdc\3dorg))
', s
cope 'sub'
(5) ldap : Waiting for search result...
(5) ldap : Added control:Ldap-Group with value "profesores"
(5) ldap : Processing user attributes
(5) ldap : control:Password-With-Header += '1234'
rlm_ldap (ldap): Released connection (4)
(5) [ldap] = ok
(5) foreach &control:LDAP-Group
(5) # Foreach-Variable-0 = "profesores"
(5) update reply {
(5) EXPAND %{Foreach-Variable-0}
(5) --> profesores
(5) &Ruckus-User-Groups += "profesores"
(5) } # update reply = noop
(5) } # foreach &control:LDAP-Group = noop
(5) [expiration] = noop
(5) [logintime] = noop
(5) pap : No {...} in Password-With-Header, re-writing to
Cleartext-Password
(5) WARNING: pap : Auth-Type already set. Not setting to PAP
(5) [pap] = noop
(5) } # authorize = updated
(5) Found Auth-Type = EAP
(5) # Executing group from file /etc/freeradius/sites-enabled/default
(5) authenticate {
(5) eap : Expiring EAP session with state 0x00fd4c1704f841e0
(5) eap : Finished EAP session with state 0x00fd4c1704f841e0
(5) eap : Previous EAP request found for state 0x00fd4c1704f841e0, released
fro
m the list
(5) eap : Peer sent TLS (13)
(5) eap : EAP TLS (13)
(5) eap : Calling eap_tls to process EAP data
(5) eap_tls : Authenticate
(5) eap_tls : processing EAP-TLS
(5) eap_tls : Received TLS ACK
(5) eap_tls : Received TLS ACK
(5) eap_tls : ACK handshake is finished
(5) eap_tls : eaptls_verify returned 3
(5) eap_tls : eaptls_process returned 3
(5) eap_tls : Saving session
6d20cc13ea954dfc5a871a3ca033877860fdeb811c3c90a090
d67fe82e10d4a1 vps 0x176e900 in the cache
(5) eap : Freeing handler
(5) [eap] = ok
(5) } # authenticate = ok
(5) # Executing section post-auth from file
/etc/freeradius/sites-enabled/defaul
t
(5) post-auth {
(5) cache : EXPAND %{User-Name}
(5) cache : --> juan
(5) cache : Creating entry for "juan"
(5) cache : Adding to cache entry:
(5) cache : control:LDAP-Group += &Ldap-Group -> 'profesores'
(5) cache : Inserted entry, TTL 3600 seconds
(5) [cache] = updated
(5) foreach &control:LDAP-Group
(5) # Foreach-Variable-1 = "profesores"
(5) update reply {
Bad talloc magic value - unknown value
talloc abort: Bad talloc magic value - unknown value
CAUGHT SIGNAL: Aborted
Backtrace of last 32 frames:
/usr/lib/freeradius/libfreeradius-radius.so(fr_fault+0xd2)[0x7f6304078b58]
/usr/lib/freeradius/libfreeradius-radius.so(+0xbe97)[0x7f6304078e97]
/usr/lib/x86_64-linux-gnu/libtalloc.so.2(talloc_get_name+0x70)[0x7f6303602ed
0]
/usr/lib/x86_64-linux-gnu/libtalloc.so.2(_talloc_get_type_abort+0x2b)[0x7f63
0360
519b]
/usr/lib/freeradius/libfreeradius-radius.so(fr_verify_vp+0x26)[0x7f630407946
e]
/usr/lib/freeradius/libfreeradius-radius.so(vp_prints_value+0x66)[0x7f630408
63ca
]
/usr/lib/freeradius/libfreeradius-server.so(+0x18f3b)[0x7f63042c7f3b]
/usr/lib/freeradius/libfreeradius-server.so(+0x1ca15)[0x7f63042cba15]
/usr/lib/freeradius/libfreeradius-server.so(+0x1cd89)[0x7f63042cbd89]
/usr/lib/freeradius/libfreeradius-server.so(+0x1d092)[0x7f63042cc092]
/usr/lib/freeradius/libfreeradius-server.so(radius_axlat_struct+0x43)[0x7f63
042c
c44d]
/usr/lib/freeradius/libfreeradius-server.so(radius_map2vp+0x2dc)[0x7f63042c2
526]
/usr/lib/freeradius/libfreeradius-server.so(radius_map2request+0x265)[0x7f63
042c
1459]
freeradius[0x42491a]
freeradius[0x424fb0]
freeradius[0x42432b]
freeradius[0x425375]
freeradius(modcall+0x9c)[0x426013]
freeradius(indexed_modcall+0x24d)[0x421c7c]
freeradius(process_post_auth+0x22)[0x423bdb]
freeradius(rad_postauth+0x94)[0x40ebca]
freeradius[0x435a82]
freeradius[0x435f6e]
freeradius[0x43511c]
freeradius(request_receive+0x701)[0x4366ba]
freeradius[0x415ff0]
freeradius[0x43c1fe]
/usr/lib/freeradius/libfreeradius-radius.so(fr_event_loop+0x5ba)[0x7f630409c
35f]
freeradius(radius_event_process+0x26)[0x43d8e5]
freeradius(main+0xbf1)[0x42b131]
/lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xfd)[0x7f63025c6ead]
freeradius[0x40e089]
Calling: gdb -silent -x /etc/freeradius/panic.gdb freeradius 2512 2>&1 | tee
/va
r/log/freeradius/gdb-freeradius-2512.log
Temporarily setting PR_DUMPABLE to 1
Reading symbols from /usr/sbin/freeradius...Reading symbols from
/usr/lib/debug/
usr/sbin/freeradius...done.
done.
Attaching to program: /usr/sbin/freeradius, process 2512
Reading symbols from /usr/lib/freeradius/libfreeradius-server.so...Reading
symbo
ls from /usr/lib/debug/usr/lib/freeradius/libfreeradius-server.so...done.
done.
Loaded symbols for /usr/lib/freeradius/libfreeradius-server.so
Reading symbols from /usr/lib/freeradius/libfreeradius-radius.so...Reading
symbo
ls from /usr/lib/debug/usr/lib/freeradius/libfreeradius-radius.so...done.
done.
Loaded symbols for /usr/lib/freeradius/libfreeradius-radius.so
Reading symbols from /usr/lib/freeradius/libfreeradius-eap.so...Reading
symbols
from /usr/lib/debug/usr/lib/freeradius/libfreeradius-eap.so...done.
done.
Loaded symbols for /usr/lib/freeradius/libfreeradius-eap.so
Reading symbols from /usr/lib/x86_64-linux-gnu/libcrypto.so.1.0.0...(no
debuggin
g symbols found)...done.
Loaded symbols for /usr/lib/x86_64-linux-gnu/libcrypto.so.1.0.0
Reading symbols from /usr/lib/x86_64-linux-gnu/libssl.so.1.0.0...(no
debugging s
ymbols found)...done.
Loaded symbols for /usr/lib/x86_64-linux-gnu/libssl.so.1.0.0
Reading symbols from /usr/lib/x86_64-linux-gnu/libtalloc.so.2...(no
debugging sy
mbols found)...done.
Loaded symbols for /usr/lib/x86_64-linux-gnu/libtalloc.so.2
Reading symbols from /lib/x86_64-linux-gnu/libnsl.so.1...(no debugging
symbols f
ound)...done.
Loaded symbols for /lib/x86_64-linux-gnu/libnsl.so.1
Reading symbols from /lib/x86_64-linux-gnu/libresolv.so.2...(no debugging
symbol
s found)...done.
Loaded symbols for /lib/x86_64-linux-gnu/libresolv.so.2
Reading symbols from /lib/x86_64-linux-gnu/libdl.so.2...(no debugging
symbols fo
und)...done.
Loaded symbols for /lib/x86_64-linux-gnu/libdl.so.2
Reading symbols from /lib/x86_64-linux-gnu/libpthread.so.0...(no debugging
symbo
ls found)...done.
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
Loaded symbols for /lib/x86_64-linux-gnu/libpthread.so.0
Reading symbols from /lib/x86_64-linux-gnu/libreadline.so.6...(no debugging
symbols found)...done.
Loaded symbols for /lib/x86_64-linux-gnu/libreadline.so.6
Reading symbols from /lib/x86_64-linux-gnu/libcrypt.so.1...(no debugging
symbols found)...done.
Loaded symbols for /lib/x86_64-linux-gnu/libcrypt.so.1
Reading symbols from /lib/x86_64-linux-gnu/libc.so.6...(no debugging symbols
found)...done.
Loaded symbols for /lib/x86_64-linux-gnu/libc.so.6
Reading symbols from /usr/lib/x86_64-linux-gnu/libpcap.so.0.8...(no
debugging symbols found)...done.
Loaded symbols for /usr/lib/x86_64-linux-gnu/libpcap.so.0.8
Reading symbols from /lib64/ld-linux-x86-64.so.2...(no debugging symbols
found)...done.
Loaded symbols for /lib64/ld-linux-x86-64.so.2
Reading symbols from /lib/x86_64-linux-gnu/libz.so.1...(no debugging symbols
found)...done.
Loaded symbols for /lib/x86_64-linux-gnu/libz.so.1
Reading symbols from /lib/x86_64-linux-gnu/libtinfo.so.5...(no debugging
symbols found)...done.
Loaded symbols for /lib/x86_64-linux-gnu/libtinfo.so.5
Reading symbols from /lib/x86_64-linux-gnu/libnss_compat.so.2...(no
debugging symbols found)...done.
Loaded symbols for /lib/x86_64-linux-gnu/libnss_compat.so.2
Reading symbols from /lib/x86_64-linux-gnu/libnss_nis.so.2...(no debugging
symbols found)...done.
Loaded symbols for /lib/x86_64-linux-gnu/libnss_nis.so.2
Reading symbols from /lib/x86_64-linux-gnu/libnss_files.so.2...(no debugging
symbols found)...done.
Loaded symbols for /lib/x86_64-linux-gnu/libnss_files.so.2
Reading symbols from /usr/lib/freeradius/rlm_exec.so...Reading symbols from
/usr/lib/debug/usr/lib/freeradius/rlm_exec.so...done.
done.
Loaded symbols for /usr/lib/freeradius/rlm_exec.so
Reading symbols from /usr/lib/freeradius/rlm_preprocess.so...Reading symbols
fro
m /usr/lib/debug/usr/lib/freeradius/rlm_preprocess.so...done.
done.
Loaded symbols for /usr/lib/freeradius/rlm_preprocess.so
Reading symbols from /usr/lib/freeradius/rlm_digest.so...Reading symbols
from /u
sr/lib/debug/usr/lib/freeradius/rlm_digest.so...done.
done.
Loaded symbols for /usr/lib/freeradius/rlm_digest.so
Reading symbols from /usr/lib/freeradius/rlm_cache.so...Reading symbols from
/us
r/lib/debug/usr/lib/freeradius/rlm_cache.so...done.
done.
Loaded symbols for /usr/lib/freeradius/rlm_cache.so
Reading symbols from /usr/lib/freeradius/rlm_replicate.so...Reading symbols
from
/usr/lib/debug/usr/lib/freeradius/rlm_replicate.so...done.
done.
Loaded symbols for /usr/lib/freeradius/rlm_replicate.so
Reading symbols from /usr/lib/freeradius/rlm_dhcp.so...Reading symbols from
/usr
/lib/debug/usr/lib/freeradius/rlm_dhcp.so...done.
done.
Loaded symbols for /usr/lib/freeradius/rlm_dhcp.so
Reading symbols from /usr/lib/freeradius/rlm_detail.so...Reading symbols
from /u
sr/lib/debug/usr/lib/freeradius/rlm_detail.so...done.
done.
Loaded symbols for /usr/lib/freeradius/rlm_detail.so
Reading symbols from /usr/lib/freeradius/rlm_linelog.so...Reading symbols
from /
usr/lib/debug/usr/lib/freeradius/rlm_linelog.so...done.
done.
Loaded symbols for /usr/lib/freeradius/rlm_linelog.so
Reading symbols from /usr/lib/freeradius/rlm_always.so...Reading symbols
from /u
sr/lib/debug/usr/lib/freeradius/rlm_always.so...done.
done.
Loaded symbols for /usr/lib/freeradius/rlm_always.so
Reading symbols from /usr/lib/freeradius/rlm_chap.so...Reading symbols from
/usr
/lib/debug/usr/lib/freeradius/rlm_chap.so...done.
done.
Loaded symbols for /usr/lib/freeradius/rlm_chap.so
Reading symbols from /usr/lib/freeradius/rlm_mschap.so...Reading symbols
from /u
sr/lib/debug/usr/lib/freeradius/rlm_mschap.so...done.
done.
Loaded symbols for /usr/lib/freeradius/rlm_mschap.so
Reading symbols from /usr/lib/freeradius/rlm_pap.so...Reading symbols from
/usr/
lib/debug/usr/lib/freeradius/rlm_pap.so...done.
done.
Loaded symbols for /usr/lib/freeradius/rlm_pap.so
Reading symbols from /usr/lib/freeradius/rlm_soh.so...Reading symbols from
/usr/
lib/debug/usr/lib/freeradius/rlm_soh.so...done.
done.
Loaded symbols for /usr/lib/freeradius/rlm_soh.so
Reading symbols from /usr/lib/freeradius/rlm_attr_filter.so...Reading
symbols fr
om /usr/lib/debug/usr/lib/freeradius/rlm_attr_filter.so...done.
done.
Loaded symbols for /usr/lib/freeradius/rlm_attr_filter.so
Reading symbols from /usr/lib/freeradius/rlm_eap.so...Reading symbols from
/usr/
lib/debug/usr/lib/freeradius/rlm_eap.so...done.
done.
Loaded symbols for /usr/lib/freeradius/rlm_eap.so
Reading symbols from /usr/lib/freeradius/rlm_eap_tls.so...Reading symbols
from /
usr/lib/debug/usr/lib/freeradius/rlm_eap_tls.so...done.
done.
Loaded symbols for /usr/lib/freeradius/rlm_eap_tls.so
Reading symbols from /usr/lib/freeradius/rlm_eap_ttls.so...Reading symbols
from
/usr/lib/debug/usr/lib/freeradius/rlm_eap_ttls.so...done.
done.
Loaded symbols for /usr/lib/freeradius/rlm_eap_ttls.so
Reading symbols from /usr/lib/freeradius/rlm_eap_peap.so...Reading symbols
from
/usr/lib/debug/usr/lib/freeradius/rlm_eap_peap.so...done.
done.
Loaded symbols for /usr/lib/freeradius/rlm_eap_peap.so
Reading symbols from /usr/lib/freeradius/rlm_eap_mschapv2.so...Reading
symbols f
rom /usr/lib/debug/usr/lib/freeradius/rlm_eap_mschapv2.so...done.
done.
Loaded symbols for /usr/lib/freeradius/rlm_eap_mschapv2.so
Reading symbols from /usr/lib/freeradius/rlm_passwd.so...Reading symbols
from /u
sr/lib/debug/usr/lib/freeradius/rlm_passwd.so...done.
done.
Loaded symbols for /usr/lib/freeradius/rlm_passwd.so
Reading symbols from /usr/lib/freeradius/rlm_files.so...Reading symbols from
/us
r/lib/debug/usr/lib/freeradius/rlm_files.so...done.
done.
Loaded symbols for /usr/lib/freeradius/rlm_files.so
Reading symbols from /usr/lib/freeradius/rlm_logintime.so...Reading symbols
from
/usr/lib/debug/usr/lib/freeradius/rlm_logintime.so...done.
done.
Loaded symbols for /usr/lib/freeradius/rlm_logintime.so
Reading symbols from /usr/lib/freeradius/rlm_unix.so...Reading symbols from
/usr
/lib/debug/usr/lib/freeradius/rlm_unix.so...done.
done.
Loaded symbols for /usr/lib/freeradius/rlm_unix.so
Reading symbols from /usr/lib/freeradius/rlm_realm.so...Reading symbols from
/us
r/lib/debug/usr/lib/freeradius/rlm_realm.so...done.
done.
Loaded symbols for /usr/lib/freeradius/rlm_realm.so
Reading symbols from /usr/lib/freeradius/rlm_expiration.so...Reading symbols
fro
m /usr/lib/debug/usr/lib/freeradius/rlm_expiration.so...done.
done.
Loaded symbols for /usr/lib/freeradius/rlm_expiration.so
Reading symbols from /usr/lib/freeradius/rlm_radutmp.so...Reading symbols
from /
usr/lib/debug/usr/lib/freeradius/rlm_radutmp.so...done.
done.
Loaded symbols for /usr/lib/freeradius/rlm_radutmp.so
Reading symbols from /usr/lib/freeradius/rlm_ldap.so...Reading symbols from
/usr
/lib/debug/usr/lib/freeradius/rlm_ldap.so...done.
done.
Loaded symbols for /usr/lib/freeradius/rlm_ldap.so
Reading symbols from /usr/lib/x86_64-linux-gnu/libldap_r-2.4.so.2...(no
debuggin
g symbols found)...done.
Loaded symbols for /usr/lib/x86_64-linux-gnu/libldap_r-2.4.so.2
Reading symbols from /usr/lib/x86_64-linux-gnu/liblber-2.4.so.2...(no
debugging
symbols found)...done.
Loaded symbols for /usr/lib/x86_64-linux-gnu/liblber-2.4.so.2
Reading symbols from /usr/lib/x86_64-linux-gnu/libsasl2.so.2...(no debugging
sym
bols found)...done.
Loaded symbols for /usr/lib/x86_64-linux-gnu/libsasl2.so.2
Reading symbols from /usr/lib/x86_64-linux-gnu/libgnutls.so.26...(no
debugging s
ymbols found)...done.
Loaded symbols for /usr/lib/x86_64-linux-gnu/libgnutls.so.26
Reading symbols from /lib/x86_64-linux-gnu/libgcrypt.so.11...(no debugging
symbo
ls found)...done.
Loaded symbols for /lib/x86_64-linux-gnu/libgcrypt.so.11
Reading symbols from /usr/lib/x86_64-linux-gnu/libtasn1.so.3...(no debugging
sym
bols found)...done.
Loaded symbols for /usr/lib/x86_64-linux-gnu/libtasn1.so.3
Reading symbols from /usr/lib/x86_64-linux-gnu/libp11-kit.so.0...(no
debugging s
ymbols found)...done.
Loaded symbols for /usr/lib/x86_64-linux-gnu/libp11-kit.so.0
Reading symbols from /lib/x86_64-linux-gnu/libgpg-error.so.0...(no debugging
sym
bols found)...done.
Loaded symbols for /lib/x86_64-linux-gnu/libgpg-error.so.0
Reading symbols from /usr/lib/freeradius/rlm_utf8.so...Reading symbols from
/usr
/lib/debug/usr/lib/freeradius/rlm_utf8.so...done.
done.
Loaded symbols for /usr/lib/freeradius/rlm_utf8.so
Reading symbols from /usr/lib/freeradius/rlm_dynamic_clients.so...Reading
symbol
s from /usr/lib/debug/usr/lib/freeradius/rlm_dynamic_clients.so...done.
done.
Loaded symbols for /usr/lib/freeradius/rlm_dynamic_clients.so
Reading symbols from /usr/lib/freeradius/rlm_unpack.so...Reading symbols
from /u
sr/lib/debug/usr/lib/freeradius/rlm_unpack.so...done.
done.
Loaded symbols for /usr/lib/freeradius/rlm_unpack.so
Reading symbols from /usr/lib/freeradius/rlm_expr.so...Reading symbols from
/usr
/lib/debug/usr/lib/freeradius/rlm_expr.so...done.
done.
Loaded symbols for /usr/lib/freeradius/rlm_expr.so
Reading symbols from /lib/x86_64-linux-gnu/libgcc_s.so.1...(no debugging
symbols
found)...done.
Loaded symbols for /lib/x86_64-linux-gnu/libgcc_s.so.1
0x00007f63026541ee in waitpid () from /lib/x86_64-linux-gnu/libc.so.6
No symbol table info available.
No symbol table info available.
Thread 1 (Thread 0x7f63046ad720 (LWP 2512)):
#0 0x00007f63026541ee in waitpid () from /lib/x86_64-linux-gnu/libc.so.6
No symbol table info available.
#1 0x00007f63025e7c99 in ?? () from /lib/x86_64-linux-gnu/libc.so.6
No symbol table info available.
#2 0x00007f6304078dab in fr_fault (sig=6) at src/lib/debug.c:525
disable = true
cmd = "gdb -silent -x /etc/freeradius/panic.gdb freeradius 2512 2>&1
| tee /var/log/freeradius/gdb-freeradius-2512.log", '\000' <repeats 420
times>
out = 0x7fff248a6d1b ".log"
left = 425
ret = 51
p = 0x7f63042adaa7 ".log"
q = 0x0
code = 32767
#3 0x00007f6304078e97 in _fr_talloc_fault (
reason=0x7f6303608678 "Bad talloc magic value - unknown value")
at src/lib/debug.c:561
No locals.
#4 0x00007f6303602ed0 in talloc_get_name ()
from /usr/lib/x86_64-linux-gnu/libtalloc.so.2
No symbol table info available.
#5 0x00007f630360519b in _talloc_get_type_abort ()
from /usr/lib/x86_64-linux-gnu/libtalloc.so.2
No symbol table info available.
#6 0x00007f630407946e in fr_verify_vp (vp=0x7fff248a7e40)
at src/lib/debug.c:788
No locals.
#7 0x00007f63040863ca in vp_prints_value (
out=0x1776ed0
"\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\
275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\
275\
275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\
275\
275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\
275\
275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\
275\
275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\
275\
275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\
275\
275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\
275\
275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\
275\
275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\
275\
275\275\275\275\275"..., outlen=1024, vp=0x7fff248a7e40, quote=0 '\000')
at src/lib/print.c:323
v = 0x400
buf =
"\320q\212$\377\177\000\000\000\000\000\000\000\000\000\000\370q\2
12$\377\177\000\000\000\200o\004c\177\000\000E;\032;\000\000\000\000\002\\N\
004c
\177", '\000' <repeats 18 times>,
"\001\000\000\000\377\177\000\000\000\000\000\
000\000\000\000\000\001\000\000\000\377\177\000\000\000\200o\004c\177\000\00
0Ķ&Z
\000\000\000\000\002\\N\004c\177", '\000' <repeats 26 times>,
"DQN\004c\177\000\
000\200q\212$\377\177\000\000 at q\212$\377\177\000\000\020\337t\001\000\000\00
0\00
0\060r\212$\377\177\000\000\310\067-\004c\177\000\000\240r\212$\377\177\000\
000\
033\000\000\000\000\000\000\000l\000\000\000\000\000\000\000\020\337t\001\00
0\00
0\000\000\242Fa\002c\177\000\000\001\200\255\373\000\000\000\000\020\337t\00
1\00
0\000\000\000\020\337t\001\000\000\000\000\020\337t\001\000\000\000\000"...
a = 0x0
t = 140063252906840
s_tm = {tm_sec = 16, tm_min = 48, tm_hour = 613053424,
tm_mday = 32767, tm_mon = 613053232, tm_year = 32767,
tm_wday = 65415808, tm_yday = 32611, tm_isdst = 0,
tm_gmtoff = 4294967634, tm_zone = 0x0}
len = 0
freespace = 1024
#8 0x00007f63042c7f3b in xlat_foreach (instance=0x7f63044db1e0,
request=0x1779680, fmt=0x0,
out=0x1776ed0
"\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\
275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\
275\
275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\
275\
275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\
275\
275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\
275\
275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\
275\
275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\
275\
275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\
275\
275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\
275\
275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\
275\
275\275\275\275\275"..., outlen=1024) at src/main/xlat.c:405
pvp = 0x7fff248a7dd8
len = 0
#9 0x00007f63042cba15 in xlat_aprint (ctx=0x1779680, request=0x1779680,
node=0x173af70, escape=0, escape_ctx=0x0, lvl=0) at src/main/xlat.c:2004
rcode = 140063252915528
str = 0x1776ed0
"\275\275\275\275\275\275\275\275\275\275\275\275\275\27
5\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\27
5\27
5\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\27
5\27
5\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\27
5\27
5\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\27
5\27
5\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\27
5\27
5\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\27
5\27
5\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\27
5\27
5\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\27
5\27
5\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\275\27
5\27
5\275\275\275\275\275\275"...
child = 0x0
ref = 0x7fff248a76f0
#10 0x00007f63042cbd89 in xlat_process (out=0x7fff248a7680,
request=0x1779680,
head=0x173af70, escape=0, escape_ctx=0x0) at src/main/xlat.c:2101
i = 0
list = 160
total = 140063221673568
array = 0xb046fa8a0
answer = 0x7fff248a76a0 ""
node = 0x1779680
#11 0x00007f63042cc092 in xlat_expand_struct (out=0x7fff248a7708, outlen=0,
request=0x1779680, node=0x173af70, escape=0, escape_ctx=0x0)
at src/main/xlat.c:2173
buff = 0x0
len = 140733806442192
#12 0x00007f63042cc44d in radius_axlat_struct (out=0x7fff248a7708,
request=0x1779680, xlat=0x173af70, escape=0, ctx=0x0)
at src/main/xlat.c:2280
No locals.
#13 0x00007f63042c2526 in radius_map2vp (out=0x7fff248a7810,
request=0x1779680, map=0x17379f0, ctx=0x0) at src/main/valuepair.c:1456
slen = 140063248575007
str = 0x0
rcode = 0
vp = 0x1777ac0
found = 0x7fff248a7840
from = 0x0
da = 0x161f5f0
context = 0x1779680
cursor = {first = 0x7f63042d6a1f, found = 0x0, last = 0x0,
current = 0x8, next = 0x78}
#14 0x00007f63042c1459 in radius_map2request (request=0x1779680,
map=0x17379f0, func=0x7f63042c224a <radius_map2vp>, ctx=0x0)
at src/main/valuepair.c:1003
rcode = 0
num = 0
list = 0x1779888
vp = 0x1779680
dst = 0x7f630409c590
head = 0x0
found = false
context = 0x1779680
parent = 0x1779810
dst_list = {first = 0x7fff248a7820, found = 0x7f6304091073,
last = 0x3, current = 0x4552f0, next = 0x174df10}
src_list = {first = 0xe10, found = 0x3000000020,
last = 0x7fff248a7890, current = 0x7fff248a77d0, next = 0x0}
#15 0x000000000042491a in modcall_recurse (request=0x1779680,
component=RLM_COMPONENT_POST_AUTH, depth=2, entry=0x7fff248a8a70)
at src/main/modcall.c:596
rcode = 0
g = 0x1737c20
map = 0x17379f0
if_taken = false
was_if = false
c = 0x1737c20
priority = -1
result = RLM_MODULE_UNKNOWN
#16 0x0000000000424fb0 in modcall_recurse (request=0x1779680,
component=RLM_COMPONENT_POST_AUTH, depth=1, entry=0x7fff248a8a58)
at src/main/modcall.c:704
i = 1
vps = 0x1777990
vp = 0x1777990
cursor = {first = 0x7fff248a82f8, found = 0x1779a70, last = 0x0,
current = 0x0, next = 0x0}
g = 0x1737910
foreach_depth = 1
next = 0x7fff248a8a70
copy = {first = 0x7fff248a8300, found = 0x0, last = 0x0,
current = 0x1777990, next = 0x0}
if_taken = false
was_if = false
c = 0x1737910
priority = -1
result = RLM_MODULE_UPDATED
#17 0x000000000042432b in modcall_child (request=0x1779680,
component=RLM_COMPONENT_POST_AUTH, depth=1, entry=0x7fff248a8a40,
c=0x17377b0, result=0x7fff248a891c) at src/main/modcall.c:412
next = 0x7fff248a8a58
#18 0x0000000000425375 in modcall_recurse (request=0x1779680,
component=RLM_COMPONENT_POST_AUTH, depth=0, entry=0x7fff248a8a40)
at src/main/modcall.c:783
g = 0x1737720
if_taken = false
was_if = false
c = 0x1737720
priority = -1
result = RLM_MODULE_UNKNOWN
#19 0x0000000000426013 in modcall (component=RLM_COMPONENT_POST_AUTH,
c=0x1737720, request=0x1779680) at src/main/modcall.c:1092
stack = {{result = RLM_MODULE_NOOP, priority = 0, unwind = 0,
c = 0x1737720}, {result = RLM_MODULE_UPDATED, priority = 4,
unwind = 0, c = 0x1737910}, {result = RLM_MODULE_UPDATED,
priority = 0, unwind = 0, c = 0x1737c20}, {
result = RLM_MODULE_REJECT, priority = 0, unwind = 0,
c = 0x0} <repeats 29 times>}
#20 0x0000000000421c7c in indexed_modcall (comp=RLM_COMPONENT_POST_AUTH,
idx=0, request=0x1779680) at src/main/modules.c:818
rcode = 1014
list = 0x1737720
server = 0x17351e0
#21 0x0000000000423bdb in process_post_auth (postauth_type=0,
request=0x1779680) at src/main/modules.c:1865
No locals.
#22 0x000000000040ebca in rad_postauth (request=0x1779680)
at src/main/auth.c:303
result = 0
postauth_type = 0
vp = 0x0
#23 0x0000000000435a82 in request_finish (request=0x1779680, action=1)
at src/main/process.c:1274
vp = 0x0
#24 0x0000000000435f6e in request_running (request=0x1779680, action=1)
at src/main/process.c:1461
__FUNCTION__ = "request_running"
#25 0x000000000043511c in request_queue_or_run (request=0x1779680,
process=0x435e05 <request_running>) at src/main/process.c:999
No locals.
#26 0x00000000004366ba in request_receive (listener=0x173a080,
packet=0x1772eb0, client=0x1678740, fun=0x40ec10 <rad_authenticate>)
at src/main/process.c:1639
count = 5
packet_p = 0x0
request = 0x1779680
now = {tv_sec = 1402385851, tv_usec = 442131}
sock = 0x173a1a0
#27 0x0000000000415ff0 in auth_socket_recv (listener=0x173a080)
at src/main/listen.c:1507
rcode = 205
code = 1
src_port = 1024
packet = 0x1772eb0
fun = 0x40ec10 <rad_authenticate>
client = 0x1678740
src_ipaddr = {af = 2, ipaddr = {ip4addr = {s_addr = 20752576},
ip6addr = {__in6_u = {
__u6_addr8 =
"\300\250<\001\340\317t\001\000\000\000\000\060\217\212$", __u6_addr16 =
{43200, 316, 53216, 372, 0, 0, 36656, 9354},
__u6_addr32 = {20752576, 24432608, 0, 613060400}}}},
prefix = 32 ' ', scope = 67749368}
#28 0x000000000043c1fe in event_socket_handler (xel=0x14a2ac0, fd=14,
ctx=0x173a080) at src/main/process.c:3924
listener = 0x173a080
#29 0x00007f630409c35f in fr_event_loop (el=0x14a2ac0) at
src/lib/event.c:495
ef = 0x14a2b28
i = 2
rcode = 1
maxfd = 16
when = {tv_sec = 1402385851, tv_usec = 528156}
wake = 0x7fff248a91a0
read_fds = {fds_bits = {16384, 0 <repeats 15 times>}}
master_fds = {fds_bits = {124928, 0 <repeats 15 times>}}
#30 0x000000000043d8e5 in radius_event_process () at src/main/process.c:4785
No locals.
#31 0x000000000042b131 in main (argc=2, argv=0x7fff248a9378)
at src/main/radiusd.c:565
rcode = 0
status = 32767
argval = -1
spawn_flag = false
write_pid = false
display_version = false
flag = 0
from_child = {-1, -1}
autofree = 0x1485060
A debugging session is active.
Inferior 1 [process 2512] will be detached.
Quit anyway? (y or n) [answered Y; input not from terminal]
Resetting PR_DUMPABLE to 0
Panic action exited with 0
_EXIT(1) CALLED src/lib/debug.c[550]. Last error was: Unknown value
'Challenge' for attribute 'Post-Auth-Type'
If running under a debugger it should break <<here>>
More information about the Freeradius-Users
mailing list