Need help on eap-cache

Arran Cudbard-Bell a.cudbardb at freeradius.org
Mon May 22 17:48:55 UTC 2023 

That's very odd.  Must be a bug in the cache module or whatever it's calling to expand pairs.

-Arran

> On May 19, 2023, at 03:56, deepika parmar <parmardeepika9 at gmail.com> wrote:
> 
> Hello,
> 
>        I have configured *EAP-AKA virtual-server in FreeRADIUS to
> perform authentication. I have enabled eap cache so that fast reauth
> will work and
> session data will be stored in cache. However during store session
> even if session
> data is there in session state, in cache while storing session data its null.
> 
> Logs are like:
> Debug : (0.0)    h9-auth-server - store session {
> Debug : (0.0)    h9-auth-server -   | debug_attr
> INFO  : (0.0)    h9-auth-server -     Attributes matching "&session-state"
> INFO  : (0.0)    h9-auth-server -       &session-State.session-State = {
> INFO  : (0.0)    h9-auth-server -         Permanent-Identity =
> 10026000000000 at wlan.mnc11343.mcc0.3gppnetwork.org
> INFO  : (0.0)    h9-auth-server -         SIM-Ki =
> 0x465b5ce8b199b49faa5f0a2ee238a6bc
> INFO  : (0.0)    h9-auth-server -         SIM-OPc =
> 0xcd63cb71954a9f4e48a5994e37a02baf
> INFO  : (0.0)    h9-auth-server -         SIM-SQN = 640
> INFO  : (0.0)    h9-auth-server -         Identity = 2TGUFSvpAG13Ugm
> INFO  : (0.0)    h9-auth-server -         Session-Data =
> 0x2d9b493ceda56d4b440d6a6b011c06b2f54ffd51
>>>>>>>>>>>>>>>>>>>>>>>>>>>>> Session data is present
> INFO  : (0.0)    h9-auth-server -         Counter = 0
> INFO  : (0.0)    h9-auth-server -       }
> Debug : (0.0)    h9-auth-server -   | %(debug_attr:{&session-state})
> Debug : (0.0)    h9-auth-server -   | --> (null)
> Debug : (0.0)    h9-auth-server -   &session-state.SIM-Ki :=
> 0x2d9b493ceda56d4b440d6a6b011c06b2f54ffd51
> Debug : (0.0)    eap_aka_cache -   | eap-aka-sim.Session-ID
> Debug : (0.0)    eap_aka_cache -     | %{eap-aka-sim.Session-ID}
> Debug : (0.0)    eap_aka_cache -     | --> 0x345043774142776875516d30353132
> Debug : (0.0)    eap_aka_cache -      --> 0x345043774142776875516d30353132
> Debug : (0.0)    eap_aka_cache -   No cache entry found for
> "0x345043774142776875516d30353132"
> Debug : (0.0)    eap_aka_cache -   Creating new cache entry
> Debug : (0.0)    eap_aka_cache -   EXPAND %{session-state.Permanent-Identity}
> Debug : (0.0)    eap_aka_cache -     | session-state.Permanent-Identity
> Debug : (0.0)    eap_aka_cache -       | %{session-state.Permanent-Identity}
> Debug : (0.0)    eap_aka_cache -       | -->
> 10026000000000 at wlan.mnc11343.mcc0.3gppnetwork.org
> Debug : (0.0)    eap_aka_cache -   -->
> 10026000000000 at wlan.mnc11343.mcc0.3gppnetwork.org
> Debug : (0.0)    eap_aka_cache -
> &session-State[0].Permanent-Identity :=
> "10026000000000 at wlan.mnc11343.mcc0.3gppnetwork.org"
> Debug : (0.0)    eap_aka_cache -   EXPAND
> %{session-state.Session-Data}       >>>>>>>>> Session data not
> available
> Debug : (0.0)    eap_aka_cache -     | session-state.Session-Data
> Debug : (0.0)    eap_aka_cache -       | %{session-state.Session-Data}
> Debug : (0.0)    eap_aka_cache -       | -->
> Debug : (0.0)    eap_aka_cache -   -->
> Debug : (0.0)    eap_aka_cache -     &session-State[0].Session-Data := 0x
> Debug : (0.0)    eap_aka_cache -   EXPAND %{session-state.Encr-Data.Counter}
> Debug : (0.0)    eap_aka_cache -     | session-state.Encr-Data.Counter
> Debug : (0.0)    eap_aka_cache -       | %{session-state.Encr-Data.Counter}
> 
> 
> Store session setting in virtual server:
> 
>        store session {
>                "%(debug_attr:&session-state)"
> 
>                eap_aka_cache
> 
>                "%(debug_attr:&session-state)"
>                ok
>        }
> 
> Eap cache:
> cache eap_aka_cache {
>        #
>        #  key:: Cache key.
>        #
>        key = "%{eap-aka-sim.Session-ID}"
> 
>        #
>        #  ttl:: TTL for cache entries.
>        #
>        ttl = 150
> 
>        #
>        #  update <section> { ... }::
>        #
>        update session-state {
> 
>                &Permanent-Identity := "%{session-state.Permanent-Identity}"
>                &Session-Data           := "%{session-state.Session-Data}"
> 
>                &Encr-Data.Counter      := "%{session-state.Encr-Data.Counter}"
>        }
> }
> 
> Can anyone help?
> 
> 
> Summary of my setup:
> 
> 
> 
>  *   FreeRadius version4 -  Configured, compiled and installed from
> master Branch
> 
>  *   wpa_supplicant version 2.10
> 
>  *   Ubuntu 20.04 LTS
> 
> Thanks,
> 
> Deepika
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: Message signed with OpenPGP
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20230522/c4c45259/attachment-0001.sig>

More information about the Freeradius-Users mailing list