No auth requests through TLS tunnel if connection was checked
nabble at felix.world
nabble at felix.world
Fri Apr 12 12:05:35 UTC 2024
> I've pushed some more debug messages to the v3.2.x branch which may help track down what's going on. Can you try that?
Sure. Since threading is needed for RadSec I was not able to start the server with -Xx and used -fxxx. But since I can’t find the messages which you’ve included I’m not sure if those two args are equal.
Log:
```
Fri Apr 12 11:37:35 2024 : Debug: Server was built with:
Fri Apr 12 11:37:35 2024 : Debug: accounting : yes
Fri Apr 12 11:37:35 2024 : Debug: authentication : yes
Fri Apr 12 11:37:35 2024 : Debug: ascend-binary-attributes : yes
Fri Apr 12 11:37:35 2024 : Debug: coa : yes
Fri Apr 12 11:37:35 2024 : Debug: recv-coa-from-home-server : no
Fri Apr 12 11:37:35 2024 : Debug: control-socket : yes
Fri Apr 12 11:37:35 2024 : Debug: detail : yes
Fri Apr 12 11:37:35 2024 : Debug: dhcp : yes
Fri Apr 12 11:37:35 2024 : Debug: dynamic-clients : yes
Fri Apr 12 11:37:35 2024 : Debug: osfc2 : no
Fri Apr 12 11:37:35 2024 : Debug: proxy : yes
Fri Apr 12 11:37:35 2024 : Debug: regex-pcre : yes
Fri Apr 12 11:37:35 2024 : Debug: regex-posix : no
Fri Apr 12 11:37:35 2024 : Debug: regex-posix-extended : no
Fri Apr 12 11:37:35 2024 : Debug: session-management : yes
Fri Apr 12 11:37:35 2024 : Debug: stats : yes
Fri Apr 12 11:37:35 2024 : Debug: systemd : no
Fri Apr 12 11:37:35 2024 : Debug: tcp : yes
Fri Apr 12 11:37:35 2024 : Debug: threads : yes
Fri Apr 12 11:37:35 2024 : Debug: tls : yes
Fri Apr 12 11:37:35 2024 : Debug: unlang : yes
Fri Apr 12 11:37:35 2024 : Debug: vmps : yes
Fri Apr 12 11:37:35 2024 : Debug: developer : no
Fri Apr 12 11:37:35 2024 : Debug: Server core libs:
Fri Apr 12 11:37:35 2024 : Debug: freeradius-server : 3.2.4
Fri Apr 12 11:37:35 2024 : Debug: talloc : 2.3.*
Fri Apr 12 11:37:35 2024 : Debug: ssl : 3.0.0b dev
Fri Apr 12 11:37:35 2024 : Debug: pcre : 8.39 2016-06-14
Fri Apr 12 11:37:35 2024 : Debug: Endianness:
Fri Apr 12 11:37:35 2024 : Debug: little
Fri Apr 12 11:37:35 2024 : Debug: Compilation flags:
Fri Apr 12 11:37:35 2024 : Debug: cppflags :
Fri Apr 12 11:37:35 2024 : Debug: cflags : -I. -Isrc -include src/freeradius-devel/autoconf.h -include src/freeradius-devel/build.h -include src/freeradius-devel/features.h -include src/freeradius-devel/radpaths.h -fno-strict-aliasing -Wno-date-time -DPTHREAD_DEBUG -Wall -std=c99 -D_GNU_SOURCE -D_REENTRANT -D_POSIX_PTHREAD_SEMANTICS -DOPENSSL_NO_KRB5 -DNDEBUG -DIS_MODULE=1
Fri Apr 12 11:37:35 2024 : Debug: ldflags :
Fri Apr 12 11:37:35 2024 : Debug: libs : -lcrypto -lssl -ltalloc -latomic -lpcre -lnsl -lresolv -ldl -lpthread
Fri Apr 12 11:37:35 2024 : Debug:
Fri Apr 12 11:37:35 2024 : Info: FreeRADIUS Version 3.2.4
Fri Apr 12 11:37:35 2024 : Info: Copyright (C) 1999-2023 The FreeRADIUS server project and contributors
Fri Apr 12 11:37:35 2024 : Info: There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
Fri Apr 12 11:37:35 2024 : Info: PARTICULAR PURPOSE
Fri Apr 12 11:37:35 2024 : Info: You may redistribute copies of FreeRADIUS under the terms of the
Fri Apr 12 11:37:35 2024 : Info: GNU General Public License
Fri Apr 12 11:37:35 2024 : Info: For more information about these matters, see the file named COPYRIGHT
Fri Apr 12 11:37:35 2024 : Info: Starting - reading configuration files ...
Fri Apr 12 11:37:35 2024 : Debug: including dictionary file /usr/local/share/freeradius/dictionary
Fri Apr 12 11:37:35 2024 : Debug: including dictionary file /usr/local/share/freeradius/dictionary.dhcp
Fri Apr 12 11:37:35 2024 : Debug: including dictionary file /usr/local/share/freeradius/dictionary.vqp
Fri Apr 12 11:37:35 2024 : Debug: including dictionary file /usr/local/etc/raddb/dictionary
Fri Apr 12 11:37:35 2024 : Debug: including configuration file /usr/local/etc/raddb/radiusd.conf
Fri Apr 12 11:37:35 2024 : Debug: including configuration file /usr/local/etc/raddb/proxy.conf
Fri Apr 12 11:37:35 2024 : Debug: including configuration file /usr/local/etc/raddb/clients.conf
Fri Apr 12 11:37:35 2024 : Debug: including files in directory /usr/local/etc/raddb/mods-enabled/
Fri Apr 12 11:37:35 2024 : Debug: including configuration file /usr/local/etc/raddb/mods-enabled/always
Fri Apr 12 11:37:35 2024 : Debug: including configuration file /usr/local/etc/raddb/mods-enabled/attr_filter
Fri Apr 12 11:37:35 2024 : Debug: including configuration file /usr/local/etc/raddb/mods-enabled/chap
Fri Apr 12 11:37:35 2024 : Debug: including configuration file /usr/local/etc/raddb/mods-enabled/date
Fri Apr 12 11:37:35 2024 : Debug: including configuration file /usr/local/etc/raddb/mods-enabled/detail
Fri Apr 12 11:37:35 2024 : Debug: including configuration file /usr/local/etc/raddb/mods-enabled/detail.log
Fri Apr 12 11:37:35 2024 : Debug: including configuration file /usr/local/etc/raddb/mods-enabled/digest
Fri Apr 12 11:37:35 2024 : Debug: including configuration file /usr/local/etc/raddb/mods-enabled/dynamic_clients
Fri Apr 12 11:37:35 2024 : Debug: including configuration file /usr/local/etc/raddb/mods-enabled/eap
Fri Apr 12 11:37:35 2024 : Debug: including configuration file /usr/local/etc/raddb/mods-enabled/echo
Fri Apr 12 11:37:35 2024 : Debug: including configuration file /usr/local/etc/raddb/mods-enabled/exec
Fri Apr 12 11:37:35 2024 : Debug: including configuration file /usr/local/etc/raddb/mods-enabled/expiration
Fri Apr 12 11:37:35 2024 : Debug: including configuration file /usr/local/etc/raddb/mods-enabled/expr
Fri Apr 12 11:37:35 2024 : Debug: including configuration file /usr/local/etc/raddb/mods-enabled/files
Fri Apr 12 11:37:35 2024 : Debug: including configuration file /usr/local/etc/raddb/mods-enabled/linelog
Fri Apr 12 11:37:35 2024 : Debug: including configuration file /usr/local/etc/raddb/mods-enabled/logintime
Fri Apr 12 11:37:35 2024 : Debug: including configuration file /usr/local/etc/raddb/mods-enabled/mschap
Fri Apr 12 11:37:35 2024 : Debug: including configuration file /usr/local/etc/raddb/mods-enabled/ntlm_auth
Fri Apr 12 11:37:35 2024 : Debug: including configuration file /usr/local/etc/raddb/mods-enabled/pap
Fri Apr 12 11:37:35 2024 : Debug: including configuration file /usr/local/etc/raddb/mods-enabled/passwd
Fri Apr 12 11:37:35 2024 : Debug: including configuration file /usr/local/etc/raddb/mods-enabled/preprocess
Fri Apr 12 11:37:35 2024 : Debug: including configuration file /usr/local/etc/raddb/mods-enabled/radutmp
Fri Apr 12 11:37:35 2024 : Debug: including configuration file /usr/local/etc/raddb/mods-enabled/realm
Fri Apr 12 11:37:35 2024 : Debug: including configuration file /usr/local/etc/raddb/mods-enabled/replicate
Fri Apr 12 11:37:35 2024 : Debug: including configuration file /usr/local/etc/raddb/mods-enabled/soh
Fri Apr 12 11:37:35 2024 : Debug: including configuration file /usr/local/etc/raddb/mods-enabled/sradutmp
Fri Apr 12 11:37:35 2024 : Debug: including configuration file /usr/local/etc/raddb/mods-enabled/totp
Fri Apr 12 11:37:35 2024 : Debug: including configuration file /usr/local/etc/raddb/mods-enabled/unix
Fri Apr 12 11:37:35 2024 : Debug: including configuration file /usr/local/etc/raddb/mods-enabled/unpack
Fri Apr 12 11:37:35 2024 : Debug: including configuration file /usr/local/etc/raddb/mods-enabled/utf8
Fri Apr 12 11:37:35 2024 : Debug: including files in directory /usr/local/etc/raddb/policy.d/
Fri Apr 12 11:37:35 2024 : Debug: including configuration file /usr/local/etc/raddb/policy.d/abfab-tr
Fri Apr 12 11:37:35 2024 : Debug: including configuration file /usr/local/etc/raddb/policy.d/accounting
Fri Apr 12 11:37:35 2024 : Debug: including configuration file /usr/local/etc/raddb/policy.d/canonicalization
Fri Apr 12 11:37:35 2024 : Debug: including configuration file /usr/local/etc/raddb/policy.d/control
Fri Apr 12 11:37:35 2024 : Debug: including configuration file /usr/local/etc/raddb/policy.d/cui
Fri Apr 12 11:37:35 2024 : Debug: OPTIMIZING (${policy.cui_require_operator_name} == yes) --> FALSE
Fri Apr 12 11:37:35 2024 : Debug: OPTIMIZING (no == yes) --> FALSE
Fri Apr 12 11:37:35 2024 : Debug: OPTIMIZING (${policy.cui_require_operator_name} == yes) --> FALSE
Fri Apr 12 11:37:35 2024 : Debug: OPTIMIZING (no == yes) --> FALSE
Fri Apr 12 11:37:35 2024 : Debug: including configuration file /usr/local/etc/raddb/policy.d/debug
Fri Apr 12 11:37:35 2024 : Debug: including configuration file /usr/local/etc/raddb/policy.d/dhcp
Fri Apr 12 11:37:35 2024 : Debug: including configuration file /usr/local/etc/raddb/policy.d/eap
Fri Apr 12 11:37:35 2024 : Debug: including configuration file /usr/local/etc/raddb/policy.d/filter
Fri Apr 12 11:37:35 2024 : Debug: including configuration file /usr/local/etc/raddb/policy.d/moonshot-targeted-ids
Fri Apr 12 11:37:35 2024 : Debug: including configuration file /usr/local/etc/raddb/policy.d/operator-name
Fri Apr 12 11:37:35 2024 : Debug: including configuration file /usr/local/etc/raddb/policy.d/rfc7542
Fri Apr 12 11:37:35 2024 : Debug: including files in directory /usr/local/etc/raddb/sites-enabled/
Fri Apr 12 11:37:35 2024 : Debug: including configuration file /usr/local/etc/raddb/sites-enabled/default
Fri Apr 12 11:37:35 2024 : Debug: including configuration file /usr/local/etc/raddb/sites-enabled/inner-tunnel
Fri Apr 12 11:37:35 2024 : Debug: including configuration file /usr/local/etc/raddb/sites-enabled/tls
Fri Apr 12 11:37:35 2024 : Debug: main {
Fri Apr 12 11:37:35 2024 : Debug: security {
Fri Apr 12 11:37:35 2024 : Debug: allow_core_dumps = no
Fri Apr 12 11:37:35 2024 : Warning: /usr/local/etc/raddb/radiusd.conf[567]: The item 'max_attributes' is defined, but is unused by the configuration
Fri Apr 12 11:37:35 2024 : Warning: /usr/local/etc/raddb/radiusd.conf[584]: The item 'reject_delay' is defined, but is unused by the configuration
Fri Apr 12 11:37:35 2024 : Warning: /usr/local/etc/raddb/radiusd.conf[604]: The item 'status_server' is defined, but is unused by the configuration
Fri Apr 12 11:37:35 2024 : Warning: /usr/local/etc/raddb/radiusd.conf[614]: The item 'allow_vulnerable_openssl' is defined, but is unused by the configuration
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: name = "radiusd"
Fri Apr 12 11:37:35 2024 : Debug: prefix = "/usr/local"
Fri Apr 12 11:37:35 2024 : Debug: localstatedir = "/usr/local/var"
Fri Apr 12 11:37:35 2024 : Debug: logdir = "/usr/local/var/log/radius"
Fri Apr 12 11:37:35 2024 : Debug: run_dir = "/usr/local/var/run/radiusd"
Fri Apr 12 11:37:35 2024 : Warning: /usr/local/etc/raddb/radiusd.conf[97]: The item 'confdir' is defined, but is unused by the configuration
Fri Apr 12 11:37:35 2024 : Warning: /usr/local/etc/raddb/radiusd.conf[104]: The item 'db_dir' is defined, but is unused by the configuration
Fri Apr 12 11:37:35 2024 : Warning: /usr/local/etc/raddb/radiusd.conf[138]: The item 'libdir' is defined, but is unused by the configuration
Fri Apr 12 11:37:35 2024 : Warning: /usr/local/etc/raddb/radiusd.conf[149]: The item 'pidfile' is defined, but is unused by the configuration
Fri Apr 12 11:37:35 2024 : Warning: /usr/local/etc/raddb/radiusd.conf[203]: The item 'max_request_time' is defined, but is unused by the configuration
Fri Apr 12 11:37:35 2024 : Warning: /usr/local/etc/raddb/radiusd.conf[222]: The item 'cleanup_delay' is defined, but is unused by the configuration
Fri Apr 12 11:37:35 2024 : Warning: /usr/local/etc/raddb/radiusd.conf[259]: The item 'hostname_lookups' is defined, but is unused by the configuration
Fri Apr 12 11:37:35 2024 : Warning: /usr/local/etc/raddb/radiusd.conf[413]: The item 'checkrad' is defined, but is unused by the configuration
Fri Apr 12 11:37:35 2024 : Warning: /usr/local/etc/raddb/radiusd.conf[633]: The item 'proxy_requests' is defined, but is unused by the configuration
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: main {
Fri Apr 12 11:37:35 2024 : Debug: name = "radiusd"
Fri Apr 12 11:37:35 2024 : Debug: prefix = "/usr/local"
Fri Apr 12 11:37:35 2024 : Debug: localstatedir = "/usr/local/var"
Fri Apr 12 11:37:35 2024 : Debug: sbindir = "/usr/local/sbin"
Fri Apr 12 11:37:35 2024 : Debug: logdir = "/usr/local/var/log/radius"
Fri Apr 12 11:37:35 2024 : Debug: run_dir = "/usr/local/var/run/radiusd"
Fri Apr 12 11:37:35 2024 : Debug: libdir = "/usr/local/lib"
Fri Apr 12 11:37:35 2024 : Debug: radacctdir = "/usr/local/var/log/radius/radacct"
Fri Apr 12 11:37:35 2024 : Debug: hostname_lookups = no
Fri Apr 12 11:37:35 2024 : Debug: max_request_time = 30
Fri Apr 12 11:37:35 2024 : Debug: proxy_dedup_window = 1
Fri Apr 12 11:37:35 2024 : Debug: cleanup_delay = 5
Fri Apr 12 11:37:35 2024 : Debug: max_requests = 16384
Fri Apr 12 11:37:35 2024 : Debug: postauth_client_lost = no
Fri Apr 12 11:37:35 2024 : Debug: pidfile = "/usr/local/var/run/radiusd/radiusd.pid"
Fri Apr 12 11:37:35 2024 : Debug: checkrad = "/usr/local/sbin/checkrad"
Fri Apr 12 11:37:35 2024 : Debug: debug_level = 0
Fri Apr 12 11:37:35 2024 : Debug: proxy_requests = yes
Fri Apr 12 11:37:35 2024 : Debug: log {
Fri Apr 12 11:37:35 2024 : Debug: stripped_names = no
Fri Apr 12 11:37:35 2024 : Debug: auth = no
Fri Apr 12 11:37:35 2024 : Debug: auth_badpass = no
Fri Apr 12 11:37:35 2024 : Debug: auth_goodpass = no
Fri Apr 12 11:37:35 2024 : Debug: colourise = yes
Fri Apr 12 11:37:35 2024 : Debug: msg_denied = "You are already logged in - access denied"
Fri Apr 12 11:37:35 2024 : Warning: /usr/local/etc/raddb/radiusd.conf[309]: The item 'destination' is defined, but is unused by the configuration
Fri Apr 12 11:37:35 2024 : Warning: /usr/local/etc/raddb/radiusd.conf[326]: The item 'file' is defined, but is unused by the configuration
Fri Apr 12 11:37:35 2024 : Warning: /usr/local/etc/raddb/radiusd.conf[334]: The item 'syslog_facility' is defined, but is unused by the configuration
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: resources {
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: security {
Fri Apr 12 11:37:35 2024 : Debug: max_attributes = 200
Fri Apr 12 11:37:35 2024 : Debug: reject_delay = 1.000000
Fri Apr 12 11:37:35 2024 : Debug: status_server = yes
Fri Apr 12 11:37:35 2024 : Debug: allow_vulnerable_openssl = "no"
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Warning: /usr/local/etc/raddb/radiusd.conf[97]: The item 'confdir' is defined, but is unused by the configuration
Fri Apr 12 11:37:35 2024 : Warning: /usr/local/etc/raddb/radiusd.conf[104]: The item 'db_dir' is defined, but is unused by the configuration
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: radiusd: #### Loading Realms and Home Servers ####
Fri Apr 12 11:37:35 2024 : Debug: proxy server {
Fri Apr 12 11:37:35 2024 : Debug: retry_delay = 5
Fri Apr 12 11:37:35 2024 : Debug: retry_count = 3
Fri Apr 12 11:37:35 2024 : Debug: default_fallback = no
Fri Apr 12 11:37:35 2024 : Debug: dead_time = 120
Fri Apr 12 11:37:35 2024 : Debug: wake_all_if_all_dead = no
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: home_server localhost {
Fri Apr 12 11:37:35 2024 : Debug: nonblock = no
Fri Apr 12 11:37:35 2024 : Debug: ipaddr = 127.0.0.1
Fri Apr 12 11:37:35 2024 : Debug: port = 1812
Fri Apr 12 11:37:35 2024 : Debug: type = "auth"
Fri Apr 12 11:37:35 2024 : Debug: secret = "testing123"
Fri Apr 12 11:37:35 2024 : Debug: response_window = 20.000000
Fri Apr 12 11:37:35 2024 : Debug: response_timeouts = 1
Fri Apr 12 11:37:35 2024 : Debug: max_outstanding = 65536
Fri Apr 12 11:37:35 2024 : Debug: zombie_period = 40
Fri Apr 12 11:37:35 2024 : Debug: status_check = "status-server"
Fri Apr 12 11:37:35 2024 : Debug: ping_interval = 30
Fri Apr 12 11:37:35 2024 : Debug: check_interval = 30
Fri Apr 12 11:37:35 2024 : Debug: check_timeout = 4
Fri Apr 12 11:37:35 2024 : Debug: num_answers_to_alive = 3
Fri Apr 12 11:37:35 2024 : Debug: revive_interval = 120
Fri Apr 12 11:37:35 2024 : Debug: limit {
Fri Apr 12 11:37:35 2024 : Debug: max_connections = 16
Fri Apr 12 11:37:35 2024 : Debug: max_requests = 0
Fri Apr 12 11:37:35 2024 : Debug: lifetime = 0
Fri Apr 12 11:37:35 2024 : Debug: idle_timeout = 0
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: coa {
Fri Apr 12 11:37:35 2024 : Debug: irt = 2
Fri Apr 12 11:37:35 2024 : Debug: mrt = 16
Fri Apr 12 11:37:35 2024 : Debug: mrc = 5
Fri Apr 12 11:37:35 2024 : Debug: mrd = 30
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: home_server tls {
Fri Apr 12 11:37:35 2024 : Debug: nonblock = no
Fri Apr 12 11:37:35 2024 : Debug: ipaddr = 127.0.0.1
Fri Apr 12 11:37:35 2024 : Debug: port = 2083
Fri Apr 12 11:37:35 2024 : Debug: type = "auth"
Fri Apr 12 11:37:35 2024 : Debug: proto = "tcp"
Fri Apr 12 11:37:35 2024 : Debug: secret = "radsec"
Fri Apr 12 11:37:35 2024 : Debug: response_window = 30.000000
Fri Apr 12 11:37:35 2024 : Debug: response_timeouts = 1
Fri Apr 12 11:37:35 2024 : Debug: max_outstanding = 65536
Fri Apr 12 11:37:35 2024 : Debug: zombie_period = 40
Fri Apr 12 11:37:35 2024 : Debug: status_check = "none"
Fri Apr 12 11:37:35 2024 : Debug: ping_interval = 30
Fri Apr 12 11:37:35 2024 : Debug: check_timeout = 4
Fri Apr 12 11:37:35 2024 : Debug: num_answers_to_alive = 3
Fri Apr 12 11:37:35 2024 : Debug: revive_interval = 300
Fri Apr 12 11:37:35 2024 : Debug: limit {
Fri Apr 12 11:37:35 2024 : Debug: max_connections = 16
Fri Apr 12 11:37:35 2024 : Debug: max_requests = 0
Fri Apr 12 11:37:35 2024 : Debug: lifetime = 0
Fri Apr 12 11:37:35 2024 : Debug: idle_timeout = 0
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: coa {
Fri Apr 12 11:37:35 2024 : Debug: irt = 2
Fri Apr 12 11:37:35 2024 : Debug: mrt = 16
Fri Apr 12 11:37:35 2024 : Debug: mrc = 5
Fri Apr 12 11:37:35 2024 : Debug: mrd = 30
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: tls {
Fri Apr 12 11:37:35 2024 : Debug: verify_depth = 0
Fri Apr 12 11:37:35 2024 : Debug: ca_path = "/usr/local/etc/raddb/certs"
Fri Apr 12 11:37:35 2024 : Debug: pem_file_type = yes
Fri Apr 12 11:37:35 2024 : Debug: private_key_file = "/usr/local/etc/raddb/certs/client.pem"
Fri Apr 12 11:37:35 2024 : Debug: certificate_file = "/usr/local/etc/raddb/certs/client.pem"
Fri Apr 12 11:37:35 2024 : Debug: ca_file = "/usr/local/etc/raddb/certs/ca.pem"
Fri Apr 12 11:37:35 2024 : Debug: private_key_password = "whatever"
Fri Apr 12 11:37:35 2024 : Debug: fragment_size = 8192
Fri Apr 12 11:37:35 2024 : Debug: include_length = yes
Fri Apr 12 11:37:35 2024 : Debug: check_crl = no
Fri Apr 12 11:37:35 2024 : Debug: cipher_list = "DEFAULT"
Fri Apr 12 11:37:35 2024 : Debug: ca_path_reload_interval = 0
Fri Apr 12 11:37:35 2024 : Debug: ecdh_curve = "prime256v1"
Fri Apr 12 11:37:35 2024 : Debug: tls_min_version = "1.2"
Fri Apr 12 11:37:35 2024 : Warning: /usr/local/etc/raddb/sites-enabled/tls[720]: The item 'connect_timeout' is defined, but is unused by the configuration
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: connect_timeout = 30
Fri Apr 12 11:37:35 2024 : Debug: home_server_pool my_auth_failover {
Fri Apr 12 11:37:35 2024 : Debug: type = fail-over
Fri Apr 12 11:37:35 2024 : Debug: home_server = localhost
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: realm example.com {
Fri Apr 12 11:37:35 2024 : Debug: auth_pool = my_auth_failover
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: realm LOCAL {
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: home_server_pool tls {
Fri Apr 12 11:37:35 2024 : Debug: type = fail-over
Fri Apr 12 11:37:35 2024 : Debug: home_server = tls
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: realm tls {
Fri Apr 12 11:37:35 2024 : Debug: auth_pool = tls
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: radiusd: #### Loading Clients ####
Fri Apr 12 11:37:35 2024 : Debug: client localhost {
Fri Apr 12 11:37:35 2024 : Debug: ipaddr = 127.0.0.1
Fri Apr 12 11:37:35 2024 : Debug: require_message_authenticator = no
Fri Apr 12 11:37:35 2024 : Debug: secret = "testing123"
Fri Apr 12 11:37:35 2024 : Debug: nas_type = "other"
Fri Apr 12 11:37:35 2024 : Debug: proto = "*"
Fri Apr 12 11:37:35 2024 : Debug: limit {
Fri Apr 12 11:37:35 2024 : Debug: max_connections = 16
Fri Apr 12 11:37:35 2024 : Debug: lifetime = 0
Fri Apr 12 11:37:35 2024 : Debug: idle_timeout = 30
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: Adding client 127.0.0.1/32 (127.0.0.1) to prefix tree 32
Fri Apr 12 11:37:35 2024 : Debug: client localhost_ipv6 {
Fri Apr 12 11:37:35 2024 : Debug: ipv6addr = ::1
Fri Apr 12 11:37:35 2024 : Debug: require_message_authenticator = no
Fri Apr 12 11:37:35 2024 : Debug: secret = "testing123"
Fri Apr 12 11:37:35 2024 : Debug: limit {
Fri Apr 12 11:37:35 2024 : Debug: max_connections = 16
Fri Apr 12 11:37:35 2024 : Debug: lifetime = 0
Fri Apr 12 11:37:35 2024 : Debug: idle_timeout = 30
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: Adding client ::1/128 (::1) to prefix tree 128
Fri Apr 12 11:37:35 2024 : Info: Debugger not attached
Fri Apr 12 11:37:35 2024 : Debug: # Creating Auth-Type = mschap
Fri Apr 12 11:37:35 2024 : Debug: # Creating Auth-Type = digest
Fri Apr 12 11:37:35 2024 : Debug: # Creating Auth-Type = eap
Fri Apr 12 11:37:35 2024 : Debug: # Creating Auth-Type = PAP
Fri Apr 12 11:37:35 2024 : Debug: # Creating Auth-Type = CHAP
Fri Apr 12 11:37:35 2024 : Debug: # Creating Auth-Type = MS-CHAP
Fri Apr 12 11:37:35 2024 : Debug: # Creating Autz-Type = New-TLS-Connection
Fri Apr 12 11:37:35 2024 : Debug: radiusd: #### Instantiating modules ####
Fri Apr 12 11:37:35 2024 : Debug: modules {
Fri Apr 12 11:37:35 2024 : Debug: Loaded rlm_always, checking if it's valid
Fri Apr 12 11:37:35 2024 : Debug: # Loaded module rlm_always
Fri Apr 12 11:37:35 2024 : Debug: # Loading module "reject" from file /usr/local/etc/raddb/mods-enabled/always
Fri Apr 12 11:37:35 2024 : Debug: always reject {
Fri Apr 12 11:37:35 2024 : Debug: rcode = "reject"
Fri Apr 12 11:37:35 2024 : Debug: simulcount = 0
Fri Apr 12 11:37:35 2024 : Debug: mpp = no
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: # Loading module "fail" from file /usr/local/etc/raddb/mods-enabled/always
Fri Apr 12 11:37:35 2024 : Debug: always fail {
Fri Apr 12 11:37:35 2024 : Debug: rcode = "fail"
Fri Apr 12 11:37:35 2024 : Debug: simulcount = 0
Fri Apr 12 11:37:35 2024 : Debug: mpp = no
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: # Loading module "ok" from file /usr/local/etc/raddb/mods-enabled/always
Fri Apr 12 11:37:35 2024 : Debug: always ok {
Fri Apr 12 11:37:35 2024 : Debug: rcode = "ok"
Fri Apr 12 11:37:35 2024 : Debug: simulcount = 0
Fri Apr 12 11:37:35 2024 : Debug: mpp = no
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: # Loading module "handled" from file /usr/local/etc/raddb/mods-enabled/always
Fri Apr 12 11:37:35 2024 : Debug: always handled {
Fri Apr 12 11:37:35 2024 : Debug: rcode = "handled"
Fri Apr 12 11:37:35 2024 : Debug: simulcount = 0
Fri Apr 12 11:37:35 2024 : Debug: mpp = no
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: # Loading module "invalid" from file /usr/local/etc/raddb/mods-enabled/always
Fri Apr 12 11:37:35 2024 : Debug: always invalid {
Fri Apr 12 11:37:35 2024 : Debug: rcode = "invalid"
Fri Apr 12 11:37:35 2024 : Debug: simulcount = 0
Fri Apr 12 11:37:35 2024 : Debug: mpp = no
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: # Loading module "userlock" from file /usr/local/etc/raddb/mods-enabled/always
Fri Apr 12 11:37:35 2024 : Debug: always userlock {
Fri Apr 12 11:37:35 2024 : Debug: rcode = "userlock"
Fri Apr 12 11:37:35 2024 : Debug: simulcount = 0
Fri Apr 12 11:37:35 2024 : Debug: mpp = no
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: # Loading module "notfound" from file /usr/local/etc/raddb/mods-enabled/always
Fri Apr 12 11:37:35 2024 : Debug: always notfound {
Fri Apr 12 11:37:35 2024 : Debug: rcode = "notfound"
Fri Apr 12 11:37:35 2024 : Debug: simulcount = 0
Fri Apr 12 11:37:35 2024 : Debug: mpp = no
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: # Loading module "noop" from file /usr/local/etc/raddb/mods-enabled/always
Fri Apr 12 11:37:35 2024 : Debug: always noop {
Fri Apr 12 11:37:35 2024 : Debug: rcode = "noop"
Fri Apr 12 11:37:35 2024 : Debug: simulcount = 0
Fri Apr 12 11:37:35 2024 : Debug: mpp = no
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: # Loading module "updated" from file /usr/local/etc/raddb/mods-enabled/always
Fri Apr 12 11:37:35 2024 : Debug: always updated {
Fri Apr 12 11:37:35 2024 : Debug: rcode = "updated"
Fri Apr 12 11:37:35 2024 : Debug: simulcount = 0
Fri Apr 12 11:37:35 2024 : Debug: mpp = no
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: Loaded rlm_attr_filter, checking if it's valid
Fri Apr 12 11:37:35 2024 : Debug: # Loaded module rlm_attr_filter
Fri Apr 12 11:37:35 2024 : Debug: # Loading module "attr_filter.post-proxy" from file /usr/local/etc/raddb/mods-enabled/attr_filter
Fri Apr 12 11:37:35 2024 : Debug: attr_filter attr_filter.post-proxy {
Fri Apr 12 11:37:35 2024 : Debug: filename = "/usr/local/etc/raddb/mods-config/attr_filter/post-proxy"
Fri Apr 12 11:37:35 2024 : Debug: key = "%{Realm}"
Fri Apr 12 11:37:35 2024 : Debug: relaxed = no
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: # Loading module "attr_filter.pre-proxy" from file /usr/local/etc/raddb/mods-enabled/attr_filter
Fri Apr 12 11:37:35 2024 : Debug: attr_filter attr_filter.pre-proxy {
Fri Apr 12 11:37:35 2024 : Debug: filename = "/usr/local/etc/raddb/mods-config/attr_filter/pre-proxy"
Fri Apr 12 11:37:35 2024 : Debug: key = "%{Realm}"
Fri Apr 12 11:37:35 2024 : Debug: relaxed = no
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: # Loading module "attr_filter.access_reject" from file /usr/local/etc/raddb/mods-enabled/attr_filter
Fri Apr 12 11:37:35 2024 : Debug: attr_filter attr_filter.access_reject {
Fri Apr 12 11:37:35 2024 : Debug: filename = "/usr/local/etc/raddb/mods-config/attr_filter/access_reject"
Fri Apr 12 11:37:35 2024 : Debug: key = "%{User-Name}"
Fri Apr 12 11:37:35 2024 : Debug: relaxed = no
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: # Loading module "attr_filter.access_challenge" from file /usr/local/etc/raddb/mods-enabled/attr_filter
Fri Apr 12 11:37:35 2024 : Debug: attr_filter attr_filter.access_challenge {
Fri Apr 12 11:37:35 2024 : Debug: filename = "/usr/local/etc/raddb/mods-config/attr_filter/access_challenge"
Fri Apr 12 11:37:35 2024 : Debug: key = "%{User-Name}"
Fri Apr 12 11:37:35 2024 : Debug: relaxed = no
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: # Loading module "attr_filter.accounting_response" from file /usr/local/etc/raddb/mods-enabled/attr_filter
Fri Apr 12 11:37:35 2024 : Debug: attr_filter attr_filter.accounting_response {
Fri Apr 12 11:37:35 2024 : Debug: filename = "/usr/local/etc/raddb/mods-config/attr_filter/accounting_response"
Fri Apr 12 11:37:35 2024 : Debug: key = "%{User-Name}"
Fri Apr 12 11:37:35 2024 : Debug: relaxed = no
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: # Loading module "attr_filter.coa" from file /usr/local/etc/raddb/mods-enabled/attr_filter
Fri Apr 12 11:37:35 2024 : Debug: attr_filter attr_filter.coa {
Fri Apr 12 11:37:35 2024 : Debug: filename = "/usr/local/etc/raddb/mods-config/attr_filter/coa"
Fri Apr 12 11:37:35 2024 : Debug: key = "%{User-Name}"
Fri Apr 12 11:37:35 2024 : Debug: relaxed = no
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: Loaded rlm_chap, checking if it's valid
Fri Apr 12 11:37:35 2024 : Debug: # Loaded module rlm_chap
Fri Apr 12 11:37:35 2024 : Debug: # Loading module "chap" from file /usr/local/etc/raddb/mods-enabled/chap
Fri Apr 12 11:37:35 2024 : Debug: Loaded rlm_date, checking if it's valid
Fri Apr 12 11:37:35 2024 : Debug: # Loaded module rlm_date
Fri Apr 12 11:37:35 2024 : Debug: # Loading module "date" from file /usr/local/etc/raddb/mods-enabled/date
Fri Apr 12 11:37:35 2024 : Debug: date {
Fri Apr 12 11:37:35 2024 : Debug: format = "%b %e %Y %H:%M:%S %Z"
Fri Apr 12 11:37:35 2024 : Debug: utc = no
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: # Loading module "wispr2date" from file /usr/local/etc/raddb/mods-enabled/date
Fri Apr 12 11:37:35 2024 : Debug: date wispr2date {
Fri Apr 12 11:37:35 2024 : Debug: format = "%Y-%m-%dT%H:%M:%S"
Fri Apr 12 11:37:35 2024 : Debug: utc = no
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: Loaded rlm_detail, checking if it's valid
Fri Apr 12 11:37:35 2024 : Debug: # Loaded module rlm_detail
Fri Apr 12 11:37:35 2024 : Debug: # Loading module "detail" from file /usr/local/etc/raddb/mods-enabled/detail
Fri Apr 12 11:37:35 2024 : Debug: detail {
Fri Apr 12 11:37:35 2024 : Debug: filename = "/usr/local/var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/detail-%Y%m%d"
Fri Apr 12 11:37:35 2024 : Debug: header = "%t"
Fri Apr 12 11:37:35 2024 : Debug: permissions = 384
Fri Apr 12 11:37:35 2024 : Debug: locking = no
Fri Apr 12 11:37:35 2024 : Debug: dates_as_integer = no
Fri Apr 12 11:37:35 2024 : Debug: escape_filenames = no
Fri Apr 12 11:37:35 2024 : Debug: log_packet_header = no
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: # Loading module "auth_log" from file /usr/local/etc/raddb/mods-enabled/detail.log
Fri Apr 12 11:37:35 2024 : Debug: detail auth_log {
Fri Apr 12 11:37:35 2024 : Debug: filename = "/usr/local/var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/auth-detail-%Y%m%d"
Fri Apr 12 11:37:35 2024 : Debug: header = "%t"
Fri Apr 12 11:37:35 2024 : Debug: permissions = 384
Fri Apr 12 11:37:35 2024 : Debug: locking = no
Fri Apr 12 11:37:35 2024 : Debug: dates_as_integer = no
Fri Apr 12 11:37:35 2024 : Debug: escape_filenames = no
Fri Apr 12 11:37:35 2024 : Debug: log_packet_header = no
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: # Loading module "reply_log" from file /usr/local/etc/raddb/mods-enabled/detail.log
Fri Apr 12 11:37:35 2024 : Debug: detail reply_log {
Fri Apr 12 11:37:35 2024 : Debug: filename = "/usr/local/var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/reply-detail-%Y%m%d"
Fri Apr 12 11:37:35 2024 : Debug: header = "%t"
Fri Apr 12 11:37:35 2024 : Debug: permissions = 384
Fri Apr 12 11:37:35 2024 : Debug: locking = no
Fri Apr 12 11:37:35 2024 : Debug: dates_as_integer = no
Fri Apr 12 11:37:35 2024 : Debug: escape_filenames = no
Fri Apr 12 11:37:35 2024 : Debug: log_packet_header = no
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: # Loading module "pre_proxy_log" from file /usr/local/etc/raddb/mods-enabled/detail.log
Fri Apr 12 11:37:35 2024 : Debug: detail pre_proxy_log {
Fri Apr 12 11:37:35 2024 : Debug: filename = "/usr/local/var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/pre-proxy-detail-%Y%m%d"
Fri Apr 12 11:37:35 2024 : Debug: header = "%t"
Fri Apr 12 11:37:35 2024 : Debug: permissions = 384
Fri Apr 12 11:37:35 2024 : Debug: locking = no
Fri Apr 12 11:37:35 2024 : Debug: dates_as_integer = no
Fri Apr 12 11:37:35 2024 : Debug: escape_filenames = no
Fri Apr 12 11:37:35 2024 : Debug: log_packet_header = no
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: # Loading module "post_proxy_log" from file /usr/local/etc/raddb/mods-enabled/detail.log
Fri Apr 12 11:37:35 2024 : Debug: detail post_proxy_log {
Fri Apr 12 11:37:35 2024 : Debug: filename = "/usr/local/var/log/radius/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/post-proxy-detail-%Y%m%d"
Fri Apr 12 11:37:35 2024 : Debug: header = "%t"
Fri Apr 12 11:37:35 2024 : Debug: permissions = 384
Fri Apr 12 11:37:35 2024 : Debug: locking = no
Fri Apr 12 11:37:35 2024 : Debug: dates_as_integer = no
Fri Apr 12 11:37:35 2024 : Debug: escape_filenames = no
Fri Apr 12 11:37:35 2024 : Debug: log_packet_header = no
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: Loaded rlm_digest, checking if it's valid
Fri Apr 12 11:37:35 2024 : Debug: # Loaded module rlm_digest
Fri Apr 12 11:37:35 2024 : Debug: # Loading module "digest" from file /usr/local/etc/raddb/mods-enabled/digest
Fri Apr 12 11:37:35 2024 : Debug: Loaded rlm_dynamic_clients, checking if it's valid
Fri Apr 12 11:37:35 2024 : Debug: # Loaded module rlm_dynamic_clients
Fri Apr 12 11:37:35 2024 : Debug: # Loading module "dynamic_clients" from file /usr/local/etc/raddb/mods-enabled/dynamic_clients
Fri Apr 12 11:37:35 2024 : Debug: Loaded rlm_eap, checking if it's valid
Fri Apr 12 11:37:35 2024 : Debug: # Loaded module rlm_eap
Fri Apr 12 11:37:35 2024 : Debug: # Loading module "eap" from file /usr/local/etc/raddb/mods-enabled/eap
Fri Apr 12 11:37:35 2024 : Debug: eap {
Fri Apr 12 11:37:35 2024 : Debug: default_eap_type = "md5"
Fri Apr 12 11:37:35 2024 : Debug: timer_expire = 60
Fri Apr 12 11:37:35 2024 : Debug: max_eap_type = 52
Fri Apr 12 11:37:35 2024 : Debug: ignore_unknown_eap_types = no
Fri Apr 12 11:37:35 2024 : Debug: cisco_accounting_username_bug = no
Fri Apr 12 11:37:35 2024 : Debug: max_sessions = 16384
Fri Apr 12 11:37:35 2024 : Debug: dedup_key = ""
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: Loaded rlm_exec, checking if it's valid
Fri Apr 12 11:37:35 2024 : Debug: # Loaded module rlm_exec
Fri Apr 12 11:37:35 2024 : Debug: # Loading module "echo" from file /usr/local/etc/raddb/mods-enabled/echo
Fri Apr 12 11:37:35 2024 : Debug: exec echo {
Fri Apr 12 11:37:35 2024 : Debug: wait = yes
Fri Apr 12 11:37:35 2024 : Debug: program = "/bin/echo %{User-Name}"
Fri Apr 12 11:37:35 2024 : Debug: input_pairs = "request"
Fri Apr 12 11:37:35 2024 : Debug: output_pairs = "reply"
Fri Apr 12 11:37:35 2024 : Debug: shell_escape = yes
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: # Loading module "exec" from file /usr/local/etc/raddb/mods-enabled/exec
Fri Apr 12 11:37:35 2024 : Debug: exec {
Fri Apr 12 11:37:35 2024 : Debug: wait = no
Fri Apr 12 11:37:35 2024 : Debug: input_pairs = "request"
Fri Apr 12 11:37:35 2024 : Debug: shell_escape = yes
Fri Apr 12 11:37:35 2024 : Debug: timeout = 10
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: Loaded rlm_expiration, checking if it's valid
Fri Apr 12 11:37:35 2024 : Debug: # Loaded module rlm_expiration
Fri Apr 12 11:37:35 2024 : Debug: # Loading module "expiration" from file /usr/local/etc/raddb/mods-enabled/expiration
Fri Apr 12 11:37:35 2024 : Debug: Loaded rlm_expr, checking if it's valid
Fri Apr 12 11:37:35 2024 : Debug: # Loaded module rlm_expr
Fri Apr 12 11:37:35 2024 : Debug: # Loading module "expr" from file /usr/local/etc/raddb/mods-enabled/expr
Fri Apr 12 11:37:35 2024 : Debug: expr {
Fri Apr 12 11:37:35 2024 : Debug: safe_characters = "@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_: /äéöüàâæçèéêëîïôœùûüaÿÄÉÖÜßÀÂÆÇÈÉÊËÎÏÔŒÙÛÜŸ"
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: Loaded rlm_files, checking if it's valid
Fri Apr 12 11:37:35 2024 : Debug: # Loaded module rlm_files
Fri Apr 12 11:37:35 2024 : Debug: # Loading module "files" from file /usr/local/etc/raddb/mods-enabled/files
Fri Apr 12 11:37:35 2024 : Debug: files {
Fri Apr 12 11:37:35 2024 : Debug: filename = "/usr/local/etc/raddb/mods-config/files/authorize"
Fri Apr 12 11:37:35 2024 : Debug: acctusersfile = "/usr/local/etc/raddb/mods-config/files/accounting"
Fri Apr 12 11:37:35 2024 : Debug: preproxy_usersfile = "/usr/local/etc/raddb/mods-config/files/pre-proxy"
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: Loaded rlm_linelog, checking if it's valid
Fri Apr 12 11:37:35 2024 : Debug: # Loaded module rlm_linelog
Fri Apr 12 11:37:35 2024 : Debug: # Loading module "linelog" from file /usr/local/etc/raddb/mods-enabled/linelog
Fri Apr 12 11:37:35 2024 : Debug: linelog {
Fri Apr 12 11:37:35 2024 : Debug: filename = "/usr/local/var/log/radius/linelog"
Fri Apr 12 11:37:35 2024 : Debug: escape_filenames = no
Fri Apr 12 11:37:35 2024 : Debug: syslog_severity = "info"
Fri Apr 12 11:37:35 2024 : Debug: permissions = 384
Fri Apr 12 11:37:35 2024 : Debug: format = "This is a log message for %{User-Name}"
Fri Apr 12 11:37:35 2024 : Debug: reference = "messages.%{%{reply:Packet-Type}:-default}"
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: # Loading module "log_accounting" from file /usr/local/etc/raddb/mods-enabled/linelog
Fri Apr 12 11:37:35 2024 : Debug: linelog log_accounting {
Fri Apr 12 11:37:35 2024 : Debug: filename = "/usr/local/var/log/radius/linelog-accounting"
Fri Apr 12 11:37:35 2024 : Debug: escape_filenames = no
Fri Apr 12 11:37:35 2024 : Debug: syslog_severity = "info"
Fri Apr 12 11:37:35 2024 : Debug: permissions = 384
Fri Apr 12 11:37:35 2024 : Debug: format = ""
Fri Apr 12 11:37:35 2024 : Debug: reference = "Accounting-Request.%{%{Acct-Status-Type}:-unknown}"
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: Loaded rlm_logintime, checking if it's valid
Fri Apr 12 11:37:35 2024 : Debug: # Loaded module rlm_logintime
Fri Apr 12 11:37:35 2024 : Debug: # Loading module "logintime" from file /usr/local/etc/raddb/mods-enabled/logintime
Fri Apr 12 11:37:35 2024 : Debug: logintime {
Fri Apr 12 11:37:35 2024 : Debug: minimum_timeout = 60
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: Loaded rlm_mschap, checking if it's valid
Fri Apr 12 11:37:35 2024 : Debug: # Loaded module rlm_mschap
Fri Apr 12 11:37:35 2024 : Debug: # Loading module "mschap" from file /usr/local/etc/raddb/mods-enabled/mschap
Fri Apr 12 11:37:35 2024 : Debug: mschap {
Fri Apr 12 11:37:35 2024 : Debug: use_mppe = yes
Fri Apr 12 11:37:35 2024 : Debug: require_encryption = no
Fri Apr 12 11:37:35 2024 : Debug: require_strong = no
Fri Apr 12 11:37:35 2024 : Debug: with_ntdomain_hack = yes
Fri Apr 12 11:37:35 2024 : Debug: passchange {
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: allow_retry = yes
Fri Apr 12 11:37:35 2024 : Debug: winbind_retry_with_normalised_username = no
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: # Loading module "ntlm_auth" from file /usr/local/etc/raddb/mods-enabled/ntlm_auth
Fri Apr 12 11:37:35 2024 : Debug: exec ntlm_auth {
Fri Apr 12 11:37:35 2024 : Debug: wait = yes
Fri Apr 12 11:37:35 2024 : Debug: program = "/path/to/ntlm_auth --request-nt-key --domain=MYDOMAIN --username=%{mschap:User-Name} --password=%{User-Password}"
Fri Apr 12 11:37:35 2024 : Debug: shell_escape = yes
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: Loaded rlm_pap, checking if it's valid
Fri Apr 12 11:37:35 2024 : Debug: # Loaded module rlm_pap
Fri Apr 12 11:37:35 2024 : Debug: # Loading module "pap" from file /usr/local/etc/raddb/mods-enabled/pap
Fri Apr 12 11:37:35 2024 : Debug: pap {
Fri Apr 12 11:37:35 2024 : Debug: normalise = yes
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: Loaded rlm_passwd, checking if it's valid
Fri Apr 12 11:37:35 2024 : Debug: # Loaded module rlm_passwd
Fri Apr 12 11:37:35 2024 : Debug: # Loading module "etc_passwd" from file /usr/local/etc/raddb/mods-enabled/passwd
Fri Apr 12 11:37:35 2024 : Debug: passwd etc_passwd {
Fri Apr 12 11:37:35 2024 : Debug: filename = "/etc/passwd"
Fri Apr 12 11:37:35 2024 : Debug: format = "*User-Name:Crypt-Password:"
Fri Apr 12 11:37:35 2024 : Debug: delimiter = ":"
Fri Apr 12 11:37:35 2024 : Debug: ignore_nislike = no
Fri Apr 12 11:37:35 2024 : Debug: ignore_empty = yes
Fri Apr 12 11:37:35 2024 : Debug: allow_multiple_keys = no
Fri Apr 12 11:37:35 2024 : Debug: hash_size = 100
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: Loaded rlm_preprocess, checking if it's valid
Fri Apr 12 11:37:35 2024 : Debug: # Loaded module rlm_preprocess
Fri Apr 12 11:37:35 2024 : Debug: # Loading module "preprocess" from file /usr/local/etc/raddb/mods-enabled/preprocess
Fri Apr 12 11:37:35 2024 : Debug: preprocess {
Fri Apr 12 11:37:35 2024 : Debug: huntgroups = "/usr/local/etc/raddb/mods-config/preprocess/huntgroups"
Fri Apr 12 11:37:35 2024 : Debug: hints = "/usr/local/etc/raddb/mods-config/preprocess/hints"
Fri Apr 12 11:37:35 2024 : Debug: with_ascend_hack = no
Fri Apr 12 11:37:35 2024 : Debug: ascend_channels_per_line = 23
Fri Apr 12 11:37:35 2024 : Debug: with_ntdomain_hack = no
Fri Apr 12 11:37:35 2024 : Debug: with_specialix_jetstream_hack = no
Fri Apr 12 11:37:35 2024 : Debug: with_cisco_vsa_hack = no
Fri Apr 12 11:37:35 2024 : Debug: with_alvarion_vsa_hack = no
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: Loaded rlm_radutmp, checking if it's valid
Fri Apr 12 11:37:35 2024 : Debug: # Loaded module rlm_radutmp
Fri Apr 12 11:37:35 2024 : Debug: # Loading module "radutmp" from file /usr/local/etc/raddb/mods-enabled/radutmp
Fri Apr 12 11:37:35 2024 : Debug: radutmp {
Fri Apr 12 11:37:35 2024 : Debug: filename = "/usr/local/var/log/radius/radutmp"
Fri Apr 12 11:37:35 2024 : Debug: username = "%{User-Name}"
Fri Apr 12 11:37:35 2024 : Debug: case_sensitive = yes
Fri Apr 12 11:37:35 2024 : Debug: check_with_nas = yes
Fri Apr 12 11:37:35 2024 : Debug: permissions = 384
Fri Apr 12 11:37:35 2024 : Debug: caller_id = yes
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: Loaded rlm_realm, checking if it's valid
Fri Apr 12 11:37:35 2024 : Debug: # Loaded module rlm_realm
Fri Apr 12 11:37:35 2024 : Debug: # Loading module "IPASS" from file /usr/local/etc/raddb/mods-enabled/realm
Fri Apr 12 11:37:35 2024 : Debug: realm IPASS {
Fri Apr 12 11:37:35 2024 : Debug: format = "prefix"
Fri Apr 12 11:37:35 2024 : Debug: delimiter = "/"
Fri Apr 12 11:37:35 2024 : Debug: ignore_default = no
Fri Apr 12 11:37:35 2024 : Debug: ignore_null = no
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: # Loading module "suffix" from file /usr/local/etc/raddb/mods-enabled/realm
Fri Apr 12 11:37:35 2024 : Debug: realm suffix {
Fri Apr 12 11:37:35 2024 : Debug: format = "suffix"
Fri Apr 12 11:37:35 2024 : Debug: delimiter = "@"
Fri Apr 12 11:37:35 2024 : Debug: ignore_default = no
Fri Apr 12 11:37:35 2024 : Debug: ignore_null = no
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: # Loading module "bangpath" from file /usr/local/etc/raddb/mods-enabled/realm
Fri Apr 12 11:37:35 2024 : Debug: realm bangpath {
Fri Apr 12 11:37:35 2024 : Debug: format = "prefix"
Fri Apr 12 11:37:35 2024 : Debug: delimiter = "!"
Fri Apr 12 11:37:35 2024 : Debug: ignore_default = no
Fri Apr 12 11:37:35 2024 : Debug: ignore_null = no
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: # Loading module "realmpercent" from file /usr/local/etc/raddb/mods-enabled/realm
Fri Apr 12 11:37:35 2024 : Debug: realm realmpercent {
Fri Apr 12 11:37:35 2024 : Debug: format = "suffix"
Fri Apr 12 11:37:35 2024 : Debug: delimiter = "%"
Fri Apr 12 11:37:35 2024 : Debug: ignore_default = no
Fri Apr 12 11:37:35 2024 : Debug: ignore_null = no
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: # Loading module "ntdomain" from file /usr/local/etc/raddb/mods-enabled/realm
Fri Apr 12 11:37:35 2024 : Debug: realm ntdomain {
Fri Apr 12 11:37:35 2024 : Debug: format = "prefix"
Fri Apr 12 11:37:35 2024 : Debug: delimiter = "\"
Fri Apr 12 11:37:35 2024 : Debug: ignore_default = no
Fri Apr 12 11:37:35 2024 : Debug: ignore_null = no
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: Loaded rlm_replicate, checking if it's valid
Fri Apr 12 11:37:35 2024 : Debug: # Loaded module rlm_replicate
Fri Apr 12 11:37:35 2024 : Debug: # Loading module "replicate" from file /usr/local/etc/raddb/mods-enabled/replicate
Fri Apr 12 11:37:35 2024 : Debug: Loaded rlm_soh, checking if it's valid
Fri Apr 12 11:37:35 2024 : Debug: # Loaded module rlm_soh
Fri Apr 12 11:37:35 2024 : Debug: # Loading module "soh" from file /usr/local/etc/raddb/mods-enabled/soh
Fri Apr 12 11:37:35 2024 : Debug: soh {
Fri Apr 12 11:37:35 2024 : Debug: dhcp = yes
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: # Loading module "sradutmp" from file /usr/local/etc/raddb/mods-enabled/sradutmp
Fri Apr 12 11:37:35 2024 : Debug: radutmp sradutmp {
Fri Apr 12 11:37:35 2024 : Debug: filename = "/usr/local/var/log/radius/sradutmp"
Fri Apr 12 11:37:35 2024 : Debug: username = "%{User-Name}"
Fri Apr 12 11:37:35 2024 : Debug: case_sensitive = yes
Fri Apr 12 11:37:35 2024 : Debug: check_with_nas = yes
Fri Apr 12 11:37:35 2024 : Debug: permissions = 420
Fri Apr 12 11:37:35 2024 : Debug: caller_id = no
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: Loaded rlm_totp, checking if it's valid
Fri Apr 12 11:37:35 2024 : Debug: # Loaded module rlm_totp
Fri Apr 12 11:37:35 2024 : Debug: # Loading module "totp" from file /usr/local/etc/raddb/mods-enabled/totp
Fri Apr 12 11:37:35 2024 : Debug: totp {
Fri Apr 12 11:37:35 2024 : Debug: time_step = 30
Fri Apr 12 11:37:35 2024 : Debug: otp_length = 8
Fri Apr 12 11:37:35 2024 : Debug: lookback_steps = 1
Fri Apr 12 11:37:35 2024 : Debug: lookback_interval = 30
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: Loaded rlm_unix, checking if it's valid
Fri Apr 12 11:37:35 2024 : Debug: # Loaded module rlm_unix
Fri Apr 12 11:37:35 2024 : Debug: # Loading module "unix" from file /usr/local/etc/raddb/mods-enabled/unix
Fri Apr 12 11:37:35 2024 : Debug: unix {
Fri Apr 12 11:37:35 2024 : Debug: radwtmp = "/usr/local/var/log/radius/radwtmp"
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: Creating attribute Unix-Group
Fri Apr 12 11:37:35 2024 : Debug: Loaded rlm_unpack, checking if it's valid
Fri Apr 12 11:37:35 2024 : Debug: # Loaded module rlm_unpack
Fri Apr 12 11:37:35 2024 : Debug: # Loading module "unpack" from file /usr/local/etc/raddb/mods-enabled/unpack
Fri Apr 12 11:37:35 2024 : Debug: Loaded rlm_utf8, checking if it's valid
Fri Apr 12 11:37:35 2024 : Debug: # Loaded module rlm_utf8
Fri Apr 12 11:37:35 2024 : Debug: # Loading module "utf8" from file /usr/local/etc/raddb/mods-enabled/utf8
Fri Apr 12 11:37:35 2024 : Debug: instantiate {
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: # Instantiating module "reject" from file /usr/local/etc/raddb/mods-enabled/always
Fri Apr 12 11:37:35 2024 : Debug: # Instantiating module "fail" from file /usr/local/etc/raddb/mods-enabled/always
Fri Apr 12 11:37:35 2024 : Debug: # Instantiating module "ok" from file /usr/local/etc/raddb/mods-enabled/always
Fri Apr 12 11:37:35 2024 : Debug: # Instantiating module "handled" from file /usr/local/etc/raddb/mods-enabled/always
Fri Apr 12 11:37:35 2024 : Debug: # Instantiating module "invalid" from file /usr/local/etc/raddb/mods-enabled/always
Fri Apr 12 11:37:35 2024 : Debug: # Instantiating module "userlock" from file /usr/local/etc/raddb/mods-enabled/always
Fri Apr 12 11:37:35 2024 : Debug: # Instantiating module "notfound" from file /usr/local/etc/raddb/mods-enabled/always
Fri Apr 12 11:37:35 2024 : Debug: # Instantiating module "noop" from file /usr/local/etc/raddb/mods-enabled/always
Fri Apr 12 11:37:35 2024 : Debug: # Instantiating module "updated" from file /usr/local/etc/raddb/mods-enabled/always
Fri Apr 12 11:37:35 2024 : Debug: # Instantiating module "attr_filter.post-proxy" from file /usr/local/etc/raddb/mods-enabled/attr_filter
Fri Apr 12 11:37:35 2024 : Debug: reading pairlist file /usr/local/etc/raddb/mods-config/attr_filter/post-proxy
Fri Apr 12 11:37:35 2024 : Debug: # Instantiating module "attr_filter.pre-proxy" from file /usr/local/etc/raddb/mods-enabled/attr_filter
Fri Apr 12 11:37:35 2024 : Debug: reading pairlist file /usr/local/etc/raddb/mods-config/attr_filter/pre-proxy
Fri Apr 12 11:37:35 2024 : Debug: # Instantiating module "attr_filter.access_reject" from file /usr/local/etc/raddb/mods-enabled/attr_filter
Fri Apr 12 11:37:35 2024 : Debug: reading pairlist file /usr/local/etc/raddb/mods-config/attr_filter/access_reject
Fri Apr 12 11:37:35 2024 : Debug: # Instantiating module "attr_filter.access_challenge" from file /usr/local/etc/raddb/mods-enabled/attr_filter
Fri Apr 12 11:37:35 2024 : Debug: reading pairlist file /usr/local/etc/raddb/mods-config/attr_filter/access_challenge
Fri Apr 12 11:37:35 2024 : Debug: # Instantiating module "attr_filter.accounting_response" from file /usr/local/etc/raddb/mods-enabled/attr_filter
Fri Apr 12 11:37:35 2024 : Debug: reading pairlist file /usr/local/etc/raddb/mods-config/attr_filter/accounting_response
Fri Apr 12 11:37:35 2024 : Debug: # Instantiating module "attr_filter.coa" from file /usr/local/etc/raddb/mods-enabled/attr_filter
Fri Apr 12 11:37:35 2024 : Debug: reading pairlist file /usr/local/etc/raddb/mods-config/attr_filter/coa
Fri Apr 12 11:37:35 2024 : Debug: # Instantiating module "detail" from file /usr/local/etc/raddb/mods-enabled/detail
Fri Apr 12 11:37:35 2024 : Debug: # Instantiating module "auth_log" from file /usr/local/etc/raddb/mods-enabled/detail.log
Fri Apr 12 11:37:35 2024 : Debug: rlm_detail (auth_log): 'User-Password' suppressed, will not appear in detail output
Fri Apr 12 11:37:35 2024 : Debug: # Instantiating module "reply_log" from file /usr/local/etc/raddb/mods-enabled/detail.log
Fri Apr 12 11:37:35 2024 : Debug: # Instantiating module "pre_proxy_log" from file /usr/local/etc/raddb/mods-enabled/detail.log
Fri Apr 12 11:37:35 2024 : Debug: # Instantiating module "post_proxy_log" from file /usr/local/etc/raddb/mods-enabled/detail.log
Fri Apr 12 11:37:35 2024 : Debug: # Instantiating module "eap" from file /usr/local/etc/raddb/mods-enabled/eap
Fri Apr 12 11:37:35 2024 : Debug: # Linked to sub-module rlm_eap_md5
Fri Apr 12 11:37:35 2024 : Debug: # Linked to sub-module rlm_eap_gtc
Fri Apr 12 11:37:35 2024 : Debug: gtc {
Fri Apr 12 11:37:35 2024 : Debug: challenge = "Password: "
Fri Apr 12 11:37:35 2024 : Debug: auth_type = "PAP"
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: # Linked to sub-module rlm_eap_tls
Fri Apr 12 11:37:35 2024 : Debug: tls {
Fri Apr 12 11:37:35 2024 : Debug: tls = "tls-common"
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: tls-config tls-common {
Fri Apr 12 11:37:35 2024 : Debug: verify_depth = 0
Fri Apr 12 11:37:35 2024 : Debug: ca_path = "/usr/local/etc/raddb/certs"
Fri Apr 12 11:37:35 2024 : Debug: pem_file_type = yes
Fri Apr 12 11:37:35 2024 : Debug: private_key_file = "/usr/local/etc/raddb/certs/server.pem"
Fri Apr 12 11:37:35 2024 : Debug: certificate_file = "/usr/local/etc/raddb/certs/server.pem"
Fri Apr 12 11:37:35 2024 : Debug: ca_file = "/usr/local/etc/raddb/certs/ca.pem"
Fri Apr 12 11:37:35 2024 : Debug: private_key_password = "whatever"
Fri Apr 12 11:37:35 2024 : Debug: fragment_size = 1024
Fri Apr 12 11:37:35 2024 : Debug: include_length = yes
Fri Apr 12 11:37:35 2024 : Debug: auto_chain = yes
Fri Apr 12 11:37:35 2024 : Debug: check_crl = no
Fri Apr 12 11:37:35 2024 : Debug: check_all_crl = no
Fri Apr 12 11:37:35 2024 : Debug: ca_path_reload_interval = 0
Fri Apr 12 11:37:35 2024 : Debug: cipher_list = "DEFAULT"
Fri Apr 12 11:37:35 2024 : Debug: cipher_server_preference = no
Fri Apr 12 11:37:35 2024 : Debug: reject_unknown_intermediate_ca = no
Fri Apr 12 11:37:35 2024 : Debug: ecdh_curve = ""
Fri Apr 12 11:37:35 2024 : Debug: tls_max_version = "1.2"
Fri Apr 12 11:37:35 2024 : Debug: tls_min_version = "1.2"
Fri Apr 12 11:37:35 2024 : Debug: cache {
Fri Apr 12 11:37:35 2024 : Debug: enable = no
Fri Apr 12 11:37:35 2024 : Debug: lifetime = 24
Fri Apr 12 11:37:35 2024 : Debug: max_entries = 255
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: verify {
Fri Apr 12 11:37:35 2024 : Debug: skip_if_ocsp_ok = no
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: ocsp {
Fri Apr 12 11:37:35 2024 : Debug: enable = no
Fri Apr 12 11:37:35 2024 : Debug: override_cert_url = yes
Fri Apr 12 11:37:35 2024 : Debug: url = "http://127.0.0.1/ocsp/"
Fri Apr 12 11:37:35 2024 : Debug: use_nonce = yes
Fri Apr 12 11:37:35 2024 : Debug: timeout = 0
Fri Apr 12 11:37:35 2024 : Debug: softfail = no
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: # Linked to sub-module rlm_eap_ttls
Fri Apr 12 11:37:35 2024 : Debug: ttls {
Fri Apr 12 11:37:35 2024 : Debug: tls = "tls-common"
Fri Apr 12 11:37:35 2024 : Debug: default_eap_type = "md5"
Fri Apr 12 11:37:35 2024 : Debug: copy_request_to_tunnel = no
Fri Apr 12 11:37:35 2024 : Debug: use_tunneled_reply = no
Fri Apr 12 11:37:35 2024 : Debug: virtual_server = "inner-tunnel"
Fri Apr 12 11:37:35 2024 : Debug: include_length = yes
Fri Apr 12 11:37:35 2024 : Debug: require_client_cert = no
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: tls: Using cached TLS configuration from previous invocation
Fri Apr 12 11:37:35 2024 : Debug: # Linked to sub-module rlm_eap_peap
Fri Apr 12 11:37:35 2024 : Debug: peap {
Fri Apr 12 11:37:35 2024 : Debug: tls = "tls-common"
Fri Apr 12 11:37:35 2024 : Debug: default_eap_type = "mschapv2"
Fri Apr 12 11:37:35 2024 : Debug: copy_request_to_tunnel = no
Fri Apr 12 11:37:35 2024 : Debug: use_tunneled_reply = no
Fri Apr 12 11:37:35 2024 : Debug: proxy_tunneled_request_as_eap = yes
Fri Apr 12 11:37:35 2024 : Debug: virtual_server = "inner-tunnel"
Fri Apr 12 11:37:35 2024 : Debug: soh = no
Fri Apr 12 11:37:35 2024 : Debug: require_client_cert = no
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: tls: Using cached TLS configuration from previous invocation
Fri Apr 12 11:37:35 2024 : Debug: # Linked to sub-module rlm_eap_mschapv2
Fri Apr 12 11:37:35 2024 : Debug: mschapv2 {
Fri Apr 12 11:37:35 2024 : Debug: with_ntdomain_hack = no
Fri Apr 12 11:37:35 2024 : Debug: send_error = no
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: # Instantiating module "expiration" from file /usr/local/etc/raddb/mods-enabled/expiration
Fri Apr 12 11:37:35 2024 : Debug: # Instantiating module "files" from file /usr/local/etc/raddb/mods-enabled/files
Fri Apr 12 11:37:35 2024 : Debug: reading pairlist file /usr/local/etc/raddb/mods-config/files/authorize
Fri Apr 12 11:37:35 2024 : Debug: reading pairlist file /usr/local/etc/raddb/mods-config/files/accounting
Fri Apr 12 11:37:35 2024 : Debug: reading pairlist file /usr/local/etc/raddb/mods-config/files/pre-proxy
Fri Apr 12 11:37:35 2024 : Debug: # Instantiating module "linelog" from file /usr/local/etc/raddb/mods-enabled/linelog
Fri Apr 12 11:37:35 2024 : Debug: # Instantiating module "log_accounting" from file /usr/local/etc/raddb/mods-enabled/linelog
Fri Apr 12 11:37:35 2024 : Debug: # Instantiating module "logintime" from file /usr/local/etc/raddb/mods-enabled/logintime
Fri Apr 12 11:37:35 2024 : Debug: # Instantiating module "mschap" from file /usr/local/etc/raddb/mods-enabled/mschap
Fri Apr 12 11:37:35 2024 : Debug: rlm_mschap (mschap): using internal authentication
Fri Apr 12 11:37:35 2024 : Debug: # Instantiating module "pap" from file /usr/local/etc/raddb/mods-enabled/pap
Fri Apr 12 11:37:35 2024 : Debug: # Instantiating module "etc_passwd" from file /usr/local/etc/raddb/mods-enabled/passwd
Fri Apr 12 11:37:35 2024 : Debug: rlm_passwd: nfields: 3 keyfield 0(User-Name) listable: no
Fri Apr 12 11:37:35 2024 : Debug: # Instantiating module "preprocess" from file /usr/local/etc/raddb/mods-enabled/preprocess
Fri Apr 12 11:37:35 2024 : Debug: reading pairlist file /usr/local/etc/raddb/mods-config/preprocess/huntgroups
Fri Apr 12 11:37:35 2024 : Debug: reading pairlist file /usr/local/etc/raddb/mods-config/preprocess/hints
Fri Apr 12 11:37:35 2024 : Debug: # Instantiating module "IPASS" from file /usr/local/etc/raddb/mods-enabled/realm
Fri Apr 12 11:37:35 2024 : Debug: # Instantiating module "suffix" from file /usr/local/etc/raddb/mods-enabled/realm
Fri Apr 12 11:37:35 2024 : Debug: # Instantiating module "bangpath" from file /usr/local/etc/raddb/mods-enabled/realm
Fri Apr 12 11:37:35 2024 : Debug: # Instantiating module "realmpercent" from file /usr/local/etc/raddb/mods-enabled/realm
Fri Apr 12 11:37:35 2024 : Debug: # Instantiating module "ntdomain" from file /usr/local/etc/raddb/mods-enabled/realm
Fri Apr 12 11:37:35 2024 : Debug: # Instantiating module "totp" from file /usr/local/etc/raddb/mods-enabled/totp
Fri Apr 12 11:37:35 2024 : Debug: } # modules
Fri Apr 12 11:37:35 2024 : Debug: radiusd: #### Loading Virtual Servers ####
Fri Apr 12 11:37:35 2024 : Debug: server { # from file /usr/local/etc/raddb/radiusd.conf
Fri Apr 12 11:37:35 2024 : Debug: } # server
Fri Apr 12 11:37:35 2024 : Debug: server default { # from file /usr/local/etc/raddb/sites-enabled/default
Fri Apr 12 11:37:35 2024 : Debug: # Loading authenticate {...}
Fri Apr 12 11:37:35 2024 : Debug: Compiling Auth-Type PAP for attr Auth-Type
Fri Apr 12 11:37:35 2024 : Debug: Compiling Auth-Type CHAP for attr Auth-Type
Fri Apr 12 11:37:35 2024 : Debug: Compiling Auth-Type MS-CHAP for attr Auth-Type
Fri Apr 12 11:37:35 2024 : Debug: mschap
Fri Apr 12 11:37:35 2024 : Debug: digest
Fri Apr 12 11:37:35 2024 : Debug: eap
Fri Apr 12 11:37:35 2024 : Debug: # Loading authorize {...}
Fri Apr 12 11:37:35 2024 : Debug: policy filter_username {
Fri Apr 12 11:37:35 2024 : Debug: if (&User-Name) {
Fri Apr 12 11:37:35 2024 : Debug: if (&User-Name =~ / /) {
Fri Apr 12 11:37:35 2024 : Debug: update {
Fri Apr 12 11:37:35 2024 : Debug: &Module-Failure-Message += 'Rejected: User-Name contains whitespace'
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: reject
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: if (&User-Name =~ /@[^@]*@/) {
Fri Apr 12 11:37:35 2024 : Debug: update {
Fri Apr 12 11:37:35 2024 : Debug: &Module-Failure-Message += 'Rejected: Multiple @ in User-Name'
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: reject
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: if (&User-Name =~ /\.\./) {
Fri Apr 12 11:37:35 2024 : Debug: update {
Fri Apr 12 11:37:35 2024 : Debug: &Module-Failure-Message += 'Rejected: User-Name contains multiple ..s'
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: reject
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: if (&User-Name =~ /@/ && !&User-Name =~ /@(.+)\.(.+)$/) {
Fri Apr 12 11:37:35 2024 : Debug: update {
Fri Apr 12 11:37:35 2024 : Debug: &Module-Failure-Message += 'Rejected: Realm does not have at least one dot separator'
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: reject
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: if (&User-Name =~ /\.$/) {
Fri Apr 12 11:37:35 2024 : Debug: update {
Fri Apr 12 11:37:35 2024 : Debug: &Module-Failure-Message += 'Rejected: Realm ends with a dot'
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: reject
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: if (&User-Name =~ /@\./) {
Fri Apr 12 11:37:35 2024 : Debug: update {
Fri Apr 12 11:37:35 2024 : Debug: &Module-Failure-Message += 'Rejected: Realm begins with a dot'
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: reject
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: preprocess
Fri Apr 12 11:37:35 2024 : Debug: chap
Fri Apr 12 11:37:35 2024 : Debug: mschap
Fri Apr 12 11:37:35 2024 : Debug: digest
Fri Apr 12 11:37:35 2024 : Debug: suffix
Fri Apr 12 11:37:35 2024 : Debug: eap
Fri Apr 12 11:37:35 2024 : Debug: files
Fri Apr 12 11:37:35 2024 : Warning: Ignoring "sql" (see raddb/mods-available/README.rst)
Fri Apr 12 11:37:35 2024 : Warning: Ignoring "ldap" (see raddb/mods-available/README.rst)
Fri Apr 12 11:37:35 2024 : Debug: expiration
Fri Apr 12 11:37:35 2024 : Debug: logintime
Fri Apr 12 11:37:35 2024 : Debug: pap
Fri Apr 12 11:37:35 2024 : Debug: Compiling Autz-Type New-TLS-Connection for attr Autz-Type
Fri Apr 12 11:37:35 2024 : Debug: # Loading preacct {...}
Fri Apr 12 11:37:35 2024 : Debug: preprocess
Fri Apr 12 11:37:35 2024 : Debug: policy acct_unique {
Fri Apr 12 11:37:35 2024 : Debug: update {
Fri Apr 12 11:37:35 2024 : Debug: &Tmp-String-9 := "ai:"
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: if ("%{hex:&Class}" =~ /^%{hex:&Tmp-String-9}/ && "%{string:&Class}" =~ /^ai:([0-9a-f]{32})/) {
Fri Apr 12 11:37:35 2024 : Debug: update {
Fri Apr 12 11:37:35 2024 : Debug: &Acct-Unique-Session-Id := "%{md5:%{1},%{Acct-Session-ID}}"
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: else {
Fri Apr 12 11:37:35 2024 : Debug: update {
Fri Apr 12 11:37:35 2024 : Debug: &Acct-Unique-Session-Id := "%{md5:%{User-Name},%{Acct-Session-ID},%{%{NAS-IPv6-Address}:-%{NAS-IP-Address}},%{NAS-Identifier},%{NAS-Port-ID},%{NAS-Port}}"
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: update {
Fri Apr 12 11:37:35 2024 : Debug: &Tmp-String-9 !* ANY
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: suffix
Fri Apr 12 11:37:35 2024 : Debug: files
Fri Apr 12 11:37:35 2024 : Debug: # Loading accounting {...}
Fri Apr 12 11:37:35 2024 : Debug: detail
Fri Apr 12 11:37:35 2024 : Debug: unix
Fri Apr 12 11:37:35 2024 : Debug: exec
Fri Apr 12 11:37:35 2024 : Debug: attr_filter.accounting_response
Fri Apr 12 11:37:35 2024 : Debug: # Loading post-proxy {...}
Fri Apr 12 11:37:35 2024 : Debug: eap
Fri Apr 12 11:37:35 2024 : Debug: # Loading post-auth {...}
Fri Apr 12 11:37:35 2024 : Debug: if (&session-state:User-Name && &reply:User-Name && &User-Name && &reply:User-Name == &User-Name) {
Fri Apr 12 11:37:35 2024 : Debug: update {
Fri Apr 12 11:37:35 2024 : Debug: &reply:User-Name !* ANY
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: update {
Fri Apr 12 11:37:35 2024 : Debug: &reply:[*] += &session-state:[*]
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: exec
Fri Apr 12 11:37:35 2024 : Debug: policy remove_reply_message_if_eap {
Fri Apr 12 11:37:35 2024 : Debug: if (&reply:EAP-Message && &reply:Reply-Message) {
Fri Apr 12 11:37:35 2024 : Debug: update {
Fri Apr 12 11:37:35 2024 : Debug: &reply:Reply-Message !* ANY
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: else {
Fri Apr 12 11:37:35 2024 : Debug: noop
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: Compiling Post-Auth-Type REJECT for attr Post-Auth-Type
Fri Apr 12 11:37:35 2024 : Debug: Compiling Post-Auth-Type Challenge for attr Post-Auth-Type
Fri Apr 12 11:37:35 2024 : Debug: Compiling Post-Auth-Type Client-Lost for attr Post-Auth-Type
Fri Apr 12 11:37:35 2024 : Debug: if (&EAP-Key-Name && &reply:EAP-Session-Id) {
Fri Apr 12 11:37:35 2024 : Debug: update {
Fri Apr 12 11:37:35 2024 : Debug: &reply:EAP-Key-Name := &reply:EAP-Session-Id
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: } # server default
Fri Apr 12 11:37:35 2024 : Debug: server inner-tunnel { # from file /usr/local/etc/raddb/sites-enabled/inner-tunnel
Fri Apr 12 11:37:35 2024 : Debug: # Loading authenticate {...}
Fri Apr 12 11:37:35 2024 : Debug: Compiling Auth-Type PAP for attr Auth-Type
Fri Apr 12 11:37:35 2024 : Debug: Compiling Auth-Type CHAP for attr Auth-Type
Fri Apr 12 11:37:35 2024 : Debug: Compiling Auth-Type MS-CHAP for attr Auth-Type
Fri Apr 12 11:37:35 2024 : Debug: mschap
Fri Apr 12 11:37:35 2024 : Debug: eap
Fri Apr 12 11:37:35 2024 : Debug: # Loading authorize {...}
Fri Apr 12 11:37:35 2024 : Debug: policy filter_username {
Fri Apr 12 11:37:35 2024 : Debug: if (&User-Name) {
Fri Apr 12 11:37:35 2024 : Debug: if (&User-Name =~ / /) {
Fri Apr 12 11:37:35 2024 : Debug: update {
Fri Apr 12 11:37:35 2024 : Debug: &Module-Failure-Message += 'Rejected: User-Name contains whitespace'
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: reject
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: if (&User-Name =~ /@[^@]*@/) {
Fri Apr 12 11:37:35 2024 : Debug: update {
Fri Apr 12 11:37:35 2024 : Debug: &Module-Failure-Message += 'Rejected: Multiple @ in User-Name'
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: reject
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: if (&User-Name =~ /\.\./) {
Fri Apr 12 11:37:35 2024 : Debug: update {
Fri Apr 12 11:37:35 2024 : Debug: &Module-Failure-Message += 'Rejected: User-Name contains multiple ..s'
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: reject
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: if (&User-Name =~ /@/ && !&User-Name =~ /@(.+)\.(.+)$/) {
Fri Apr 12 11:37:35 2024 : Debug: update {
Fri Apr 12 11:37:35 2024 : Debug: &Module-Failure-Message += 'Rejected: Realm does not have at least one dot separator'
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: reject
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: if (&User-Name =~ /\.$/) {
Fri Apr 12 11:37:35 2024 : Debug: update {
Fri Apr 12 11:37:35 2024 : Debug: &Module-Failure-Message += 'Rejected: Realm ends with a dot'
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: reject
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: if (&User-Name =~ /@\./) {
Fri Apr 12 11:37:35 2024 : Debug: update {
Fri Apr 12 11:37:35 2024 : Debug: &Module-Failure-Message += 'Rejected: Realm begins with a dot'
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: reject
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: chap
Fri Apr 12 11:37:35 2024 : Debug: mschap
Fri Apr 12 11:37:35 2024 : Debug: suffix
Fri Apr 12 11:37:35 2024 : Debug: update {
Fri Apr 12 11:37:35 2024 : Debug: &control:Proxy-To-Realm := LOCAL
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: eap
Fri Apr 12 11:37:35 2024 : Debug: files
Fri Apr 12 11:37:35 2024 : Debug: expiration
Fri Apr 12 11:37:35 2024 : Debug: logintime
Fri Apr 12 11:37:35 2024 : Debug: pap
Fri Apr 12 11:37:35 2024 : Debug: # Loading session {...}
Fri Apr 12 11:37:35 2024 : Debug: radutmp
Fri Apr 12 11:37:35 2024 : Debug: # Loading post-proxy {...}
Fri Apr 12 11:37:35 2024 : Debug: eap
Fri Apr 12 11:37:35 2024 : Debug: # Loading post-auth {...}
Fri Apr 12 11:37:35 2024 : Info: # Skipping contents of 'if' as it is always 'false' -- /usr/local/etc/raddb/sites-enabled/inner-tunnel:366
Fri Apr 12 11:37:35 2024 : Debug: if (false) {
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: Compiling Post-Auth-Type REJECT for attr Post-Auth-Type
Fri Apr 12 11:37:35 2024 : Debug: } # server inner-tunnel
Fri Apr 12 11:37:35 2024 : Debug: thread pool {
Fri Apr 12 11:37:35 2024 : Debug: start_servers = 5
Fri Apr 12 11:37:35 2024 : Debug: max_servers = 32
Fri Apr 12 11:37:35 2024 : Debug: min_spare_servers = 3
Fri Apr 12 11:37:35 2024 : Debug: max_spare_servers = 10
Fri Apr 12 11:37:35 2024 : Debug: max_requests_per_server = 0
Fri Apr 12 11:37:35 2024 : Debug: cleanup_delay = 5
Fri Apr 12 11:37:35 2024 : Debug: max_queue_size = 65536
Fri Apr 12 11:37:35 2024 : Debug: auto_limit_acct = no
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: Thread spawned new child 1. Total threads in pool: 1
Fri Apr 12 11:37:35 2024 : Debug: Thread spawned new child 2. Total threads in pool: 2
Fri Apr 12 11:37:35 2024 : Debug: Thread 1 waiting to be assigned a request
Fri Apr 12 11:37:35 2024 : Debug: Thread spawned new child 3. Total threads in pool: 3
Fri Apr 12 11:37:35 2024 : Debug: Thread spawned new child 4. Total threads in pool: 4
Fri Apr 12 11:37:35 2024 : Debug: Thread 2 waiting to be assigned a request
Fri Apr 12 11:37:35 2024 : Debug: Thread 3 waiting to be assigned a request
Fri Apr 12 11:37:35 2024 : Debug: Thread spawned new child 5. Total threads in pool: 5
Fri Apr 12 11:37:35 2024 : Debug: Thread 4 waiting to be assigned a request
Fri Apr 12 11:37:35 2024 : Debug: Thread pool initialized
Fri Apr 12 11:37:35 2024 : Debug: radiusd: #### Opening IP addresses and Ports ####
Fri Apr 12 11:37:35 2024 : Debug: Thread 5 waiting to be assigned a request
Fri Apr 12 11:37:35 2024 : Debug: listen {
Fri Apr 12 11:37:35 2024 : Debug: type = "auth+acct"
Fri Apr 12 11:37:35 2024 : Debug: virtual_server = "default"
Fri Apr 12 11:37:35 2024 : Debug: ipaddr = *
Fri Apr 12 11:37:35 2024 : Debug: port = 2083
Fri Apr 12 11:37:35 2024 : Debug: proto = "tcp"
Fri Apr 12 11:37:35 2024 : Debug: tls {
Fri Apr 12 11:37:35 2024 : Debug: verify_depth = 0
Fri Apr 12 11:37:35 2024 : Debug: ca_path = "/usr/local/etc/raddb/certs"
Fri Apr 12 11:37:35 2024 : Debug: pem_file_type = yes
Fri Apr 12 11:37:35 2024 : Debug: private_key_file = "/usr/local/etc/raddb/certs/server.pem"
Fri Apr 12 11:37:35 2024 : Debug: certificate_file = "/usr/local/etc/raddb/certs/server.pem"
Fri Apr 12 11:37:35 2024 : Debug: ca_file = "/usr/local/etc/raddb/certs/ca.pem"
Fri Apr 12 11:37:35 2024 : Debug: private_key_password = "whatever"
Fri Apr 12 11:37:35 2024 : Debug: fragment_size = 8192
Fri Apr 12 11:37:35 2024 : Debug: include_length = yes
Fri Apr 12 11:37:35 2024 : Debug: auto_chain = yes
Fri Apr 12 11:37:35 2024 : Debug: check_crl = no
Fri Apr 12 11:37:35 2024 : Debug: check_all_crl = no
Fri Apr 12 11:37:35 2024 : Debug: ca_path_reload_interval = 3600
Fri Apr 12 11:37:35 2024 : Debug: cipher_list = "DEFAULT"
Fri Apr 12 11:37:35 2024 : Debug: cipher_server_preference = no
Fri Apr 12 11:37:35 2024 : Debug: require_client_cert = yes
Fri Apr 12 11:37:35 2024 : Debug: reject_unknown_intermediate_ca = no
Fri Apr 12 11:37:35 2024 : Debug: ecdh_curve = "prime256v1"
Fri Apr 12 11:37:35 2024 : Debug: tls_max_version = "1.3"
Fri Apr 12 11:37:35 2024 : Debug: tls_min_version = "1.2"
Fri Apr 12 11:37:35 2024 : Debug: cache {
Fri Apr 12 11:37:35 2024 : Debug: enable = no
Fri Apr 12 11:37:35 2024 : Debug: lifetime = 24
Fri Apr 12 11:37:35 2024 : Debug: max_entries = 255
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: verify {
Fri Apr 12 11:37:35 2024 : Debug: skip_if_ocsp_ok = no
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: ocsp {
Fri Apr 12 11:37:35 2024 : Debug: enable = no
Fri Apr 12 11:37:35 2024 : Debug: override_cert_url = no
Fri Apr 12 11:37:35 2024 : Debug: use_nonce = yes
Fri Apr 12 11:37:35 2024 : Debug: timeout = 0
Fri Apr 12 11:37:35 2024 : Debug: softfail = no
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: check_client_connections = yes
Fri Apr 12 11:37:35 2024 : Debug: limit {
Fri Apr 12 11:37:35 2024 : Debug: max_connections = 16
Fri Apr 12 11:37:35 2024 : Debug: lifetime = 0
Fri Apr 12 11:37:35 2024 : Debug: idle_timeout = 30
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: clients = "radsec"
Fri Apr 12 11:37:35 2024 : Debug: client 127.0.0.1 {
Fri Apr 12 11:37:35 2024 : Debug: ipaddr = *
Fri Apr 12 11:37:35 2024 : Debug: require_message_authenticator = no
Fri Apr 12 11:37:35 2024 : Debug: secret = "radsec"
Fri Apr 12 11:37:35 2024 : Debug: proto = "tls"
Fri Apr 12 11:37:35 2024 : Debug: limit {
Fri Apr 12 11:37:35 2024 : Debug: max_connections = 16
Fri Apr 12 11:37:35 2024 : Debug: lifetime = 0
Fri Apr 12 11:37:35 2024 : Debug: idle_timeout = 30
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: Adding client 0.0.0.0/0 (0.0.0.0) to prefix tree 0
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: listen {
Fri Apr 12 11:37:35 2024 : Debug: type = "auth"
Fri Apr 12 11:37:35 2024 : Debug: ipaddr = *
Fri Apr 12 11:37:35 2024 : Debug: port = 0
Fri Apr 12 11:37:35 2024 : Debug: limit {
Fri Apr 12 11:37:35 2024 : Debug: max_connections = 16
Fri Apr 12 11:37:35 2024 : Debug: lifetime = 0
Fri Apr 12 11:37:35 2024 : Debug: idle_timeout = 30
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: listen {
Fri Apr 12 11:37:35 2024 : Debug: type = "acct"
Fri Apr 12 11:37:35 2024 : Debug: ipaddr = *
Fri Apr 12 11:37:35 2024 : Debug: port = 0
Fri Apr 12 11:37:35 2024 : Debug: limit {
Fri Apr 12 11:37:35 2024 : Debug: max_connections = 16
Fri Apr 12 11:37:35 2024 : Debug: lifetime = 0
Fri Apr 12 11:37:35 2024 : Debug: idle_timeout = 30
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: listen {
Fri Apr 12 11:37:35 2024 : Debug: type = "auth"
Fri Apr 12 11:37:35 2024 : Debug: ipv6addr = ::
Fri Apr 12 11:37:35 2024 : Debug: port = 0
Fri Apr 12 11:37:35 2024 : Debug: limit {
Fri Apr 12 11:37:35 2024 : Debug: max_connections = 16
Fri Apr 12 11:37:35 2024 : Debug: lifetime = 0
Fri Apr 12 11:37:35 2024 : Debug: idle_timeout = 30
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: listen {
Fri Apr 12 11:37:35 2024 : Debug: type = "acct"
Fri Apr 12 11:37:35 2024 : Debug: ipv6addr = ::
Fri Apr 12 11:37:35 2024 : Debug: port = 0
Fri Apr 12 11:37:35 2024 : Debug: limit {
Fri Apr 12 11:37:35 2024 : Debug: max_connections = 16
Fri Apr 12 11:37:35 2024 : Debug: lifetime = 0
Fri Apr 12 11:37:35 2024 : Debug: idle_timeout = 30
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: listen {
Fri Apr 12 11:37:35 2024 : Debug: type = "auth"
Fri Apr 12 11:37:35 2024 : Debug: ipaddr = 127.0.0.1
Fri Apr 12 11:37:35 2024 : Debug: port = 18120
Fri Apr 12 11:37:35 2024 : Debug: }
Fri Apr 12 11:37:35 2024 : Debug: Listening on auth+acct proto tcp address * port 2083 (TLS) bound to server default
Fri Apr 12 11:37:35 2024 : Debug: Listening on auth address * port 1812 bound to server default
Fri Apr 12 11:37:35 2024 : Debug: Listening on acct address * port 1813 bound to server default
Fri Apr 12 11:37:35 2024 : Debug: Listening on auth address :: port 1812 bound to server default
Fri Apr 12 11:37:35 2024 : Debug: Listening on acct address :: port 1813 bound to server default
Fri Apr 12 11:37:35 2024 : Debug: Listening on auth address 127.0.0.1 port 18120 bound to server inner-tunnel
Fri Apr 12 11:37:35 2024 : Debug: Opened new proxy socket 'proxy address * port 54130'
Fri Apr 12 11:37:35 2024 : Debug: Listening on proxy address * port 54130
Fri Apr 12 11:37:35 2024 : Debug: Opened new proxy socket 'proxy address :: port 43555'
Fri Apr 12 11:37:35 2024 : Debug: Listening on proxy address :: port 43555
Fri Apr 12 11:37:35 2024 : Info: Ready to process requests
Fri Apr 12 11:37:40 2024 : Debug: ... new connection request on TCP socket
Fri Apr 12 11:37:40 2024 : Debug: Listening on auth+acct from client (192.168.215.1, 33537) -> (*, 2083, virtual-server=default)
Fri Apr 12 11:37:40 2024 : Debug: Waking up in 0.5 seconds.
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) RADIUS/TLS -Initiating new session
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) RADIUS/TLS - Setting verify mode to require certificate from client
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) Reading from socket 15
READ FROM SSL 293
00: 16 03 01 01 20 01 00 01 1c 03 03 75 3d 57 c6 3f
10: 52 14 34 62 0e b8 f0 4d 75 15 07 8b 40 31 d0 31
20: d3 19 c7 a9 10 15 9c 26 a5 98 c3 20 45 ce d9 43
30: af f9 f0 dc d8 da d2 18 50 1a c7 37 b2 d9 22 2b
40: a8 dd f1 fd ea f0 b3 52 8e d6 8d 36 00 3e 13 02
50: 13 03 13 01 c0 2c c0 30 00 9f cc a9 cc a8 cc aa
60: c0 2b c0 2f 00 9e c0 24 c0 28 00 6b c0 23 c0 27
70: 00 67 c0 0a c0 14 00 39 c0 09 c0 13 00 33 00 9d
80: 00 9c 00 3d 00 3c 00 35 00 2f 00 ff 01 00 00 95
90: 00 0b 00 04 03 00 01 02 00 0a 00 16 00 14 00 1d
a0: 00 17 00 1e 00 19 00 18 01 00 01 01 01 02 01 03
b0: 01 04 00 23 00 00 00 16 00 00 00 17 00 00 00 0d
c0: 00 2a 00 28 04 03 05 03 06 03 08 07 08 08 08 09
d0: 08 0a 08 0b 08 04 08 05 08 06 04 01 05 01 06 01
e0: 03 03 03 01 03 02 04 02 05 02 06 02 00 2b 00 05
f0: 04 03 04 03 03 00 2d 00 02 01 01 00 33 00 26 00
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) RADIUS/TLS - Handshake state [PINIT] - before SSL initialization (0)
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) RADIUS/TLS - Handshake state [PINIT] - Server before SSL initialization (0)
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) RADIUS/TLS - Handshake state [PINIT] - Server before SSL initialization (0)
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) RADIUS/TLS - recv TLS 1.3 Handshake, ClientHello
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) RADIUS/TLS - Handshake state [TRCH] - Server SSLv3/TLS read client hello (20)
Fri Apr 12 11:37:40 2024 : Debug: (0) Server preferred ciphers (by priority)
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [0] TLS_AES_256_GCM_SHA384
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [1] TLS_CHACHA20_POLY1305_SHA256
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [2] TLS_AES_128_GCM_SHA256
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [3] ECDHE-ECDSA-AES256-GCM-SHA384
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [4] ECDHE-RSA-AES256-GCM-SHA384
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [5] DHE-RSA-AES256-GCM-SHA384
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [6] ECDHE-ECDSA-CHACHA20-POLY1305
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [7] ECDHE-RSA-CHACHA20-POLY1305
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [8] DHE-RSA-CHACHA20-POLY1305
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [9] ECDHE-ECDSA-AES128-GCM-SHA256
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [10] ECDHE-RSA-AES128-GCM-SHA256
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [11] DHE-RSA-AES128-GCM-SHA256
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [12] ECDHE-ECDSA-AES256-SHA384
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [13] ECDHE-RSA-AES256-SHA384
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [14] DHE-RSA-AES256-SHA256
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [15] ECDHE-ECDSA-AES128-SHA256
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [16] ECDHE-RSA-AES128-SHA256
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [17] DHE-RSA-AES128-SHA256
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [18] ECDHE-ECDSA-AES256-SHA
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [19] ECDHE-RSA-AES256-SHA
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [20] DHE-RSA-AES256-SHA
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [21] ECDHE-ECDSA-AES128-SHA
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [22] ECDHE-RSA-AES128-SHA
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [23] DHE-RSA-AES128-SHA
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [24] RSA-PSK-AES256-GCM-SHA384
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [25] DHE-PSK-AES256-GCM-SHA384
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [26] RSA-PSK-CHACHA20-POLY1305
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [27] DHE-PSK-CHACHA20-POLY1305
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [28] ECDHE-PSK-CHACHA20-POLY1305
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [29] AES256-GCM-SHA384
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [30] PSK-AES256-GCM-SHA384
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [31] PSK-CHACHA20-POLY1305
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [32] RSA-PSK-AES128-GCM-SHA256
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [33] DHE-PSK-AES128-GCM-SHA256
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [34] AES128-GCM-SHA256
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [35] PSK-AES128-GCM-SHA256
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [36] AES256-SHA256
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [37] AES128-SHA256
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [38] ECDHE-PSK-AES256-CBC-SHA384
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [39] ECDHE-PSK-AES256-CBC-SHA
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [40] SRP-RSA-AES-256-CBC-SHA
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [41] SRP-AES-256-CBC-SHA
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [42] RSA-PSK-AES256-CBC-SHA384
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [43] DHE-PSK-AES256-CBC-SHA384
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [44] RSA-PSK-AES256-CBC-SHA
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [45] DHE-PSK-AES256-CBC-SHA
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [46] AES256-SHA
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [47] PSK-AES256-CBC-SHA384
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [48] PSK-AES256-CBC-SHA
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [49] ECDHE-PSK-AES128-CBC-SHA256
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [50] ECDHE-PSK-AES128-CBC-SHA
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [51] SRP-RSA-AES-128-CBC-SHA
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [52] SRP-AES-128-CBC-SHA
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [53] RSA-PSK-AES128-CBC-SHA256
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [54] DHE-PSK-AES128-CBC-SHA256
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [55] RSA-PSK-AES128-CBC-SHA
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [56] DHE-PSK-AES128-CBC-SHA
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [57] AES128-SHA
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [58] PSK-AES128-CBC-SHA256
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [59] PSK-AES128-CBC-SHA
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) RADIUS/TLS - Client preferred ciphers (by priority)
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [0] TLS_AES_256_GCM_SHA384
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [1] TLS_CHACHA20_POLY1305_SHA256
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [2] TLS_AES_128_GCM_SHA256
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [3] ECDHE-ECDSA-AES256-GCM-SHA384
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [4] ECDHE-RSA-AES256-GCM-SHA384
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [5] DHE-RSA-AES256-GCM-SHA384
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [6] ECDHE-ECDSA-CHACHA20-POLY1305
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [7] ECDHE-RSA-CHACHA20-POLY1305
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [8] DHE-RSA-CHACHA20-POLY1305
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [9] ECDHE-ECDSA-AES128-GCM-SHA256
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [10] ECDHE-RSA-AES128-GCM-SHA256
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [11] DHE-RSA-AES128-GCM-SHA256
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [12] ECDHE-ECDSA-AES256-SHA384
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [13] ECDHE-RSA-AES256-SHA384
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [14] DHE-RSA-AES256-SHA256
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [15] ECDHE-ECDSA-AES128-SHA256
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [16] ECDHE-RSA-AES128-SHA256
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [17] DHE-RSA-AES128-SHA256
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [18] ECDHE-ECDSA-AES256-SHA
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [19] ECDHE-RSA-AES256-SHA
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [20] DHE-RSA-AES256-SHA
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [21] ECDHE-ECDSA-AES128-SHA
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [22] ECDHE-RSA-AES128-SHA
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [23] DHE-RSA-AES128-SHA
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [24] AES256-GCM-SHA384
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [25] AES128-GCM-SHA256
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [26] AES256-SHA256
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [27] AES128-SHA256
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [28] AES256-SHA
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [29] AES128-SHA
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) RADIUS/TLS - send TLS 1.3 Handshake, ServerHello
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) RADIUS/TLS - Handshake state [TWSH] - Server SSLv3/TLS write server hello (22)
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) RADIUS/TLS - send TLS 1.3 ChangeCipherSpec
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) RADIUS/TLS - Handshake state [TWCCS] - Server SSLv3/TLS write change cipher spec (35)
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) RADIUS/TLS - Handshake state [TED] - Server TLSv1.3 early data (46)
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) RADIUS/TLS - Server : Need to read more data: TLSv1.3 early data
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) RADIUS/TLS - In Handshake Phase
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) RADIUS/TLS- got 99 bytes of data
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) Writing to socket 15
Fri Apr 12 11:37:40 2024 : Debug: Waking up in 0.5 seconds.
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) Reading from socket 15
READ FROM SSL 332
00: 14 03 03 00 01 01 16 03 03 01 41 01 00 01 3d 03
10: 03 75 3d 57 c6 3f 52 14 34 62 0e b8 f0 4d 75 15
20: 07 8b 40 31 d0 31 d3 19 c7 a9 10 15 9c 26 a5 98
30: c3 20 45 ce d9 43 af f9 f0 dc d8 da d2 18 50 1a
40: c7 37 b2 d9 22 2b a8 dd f1 fd ea f0 b3 52 8e d6
50: 8d 36 00 3e 13 02 13 03 13 01 c0 2c c0 30 00 9f
60: cc a9 cc a8 cc aa c0 2b c0 2f 00 9e c0 24 c0 28
70: 00 6b c0 23 c0 27 00 67 c0 0a c0 14 00 39 c0 09
80: c0 13 00 33 00 9d 00 9c 00 3d 00 3c 00 35 00 2f
90: 00 ff 01 00 00 b6 00 0b 00 04 03 00 01 02 00 0a
a0: 00 16 00 14 00 1d 00 17 00 1e 00 19 00 18 01 00
b0: 01 01 01 02 01 03 01 04 00 23 00 00 00 16 00 00
c0: 00 17 00 00 00 0d 00 2a 00 28 04 03 05 03 06 03
d0: 08 07 08 08 08 09 08 0a 08 0b 08 04 08 05 08 06
e0: 04 01 05 01 06 01 03 03 03 01 03 02 04 02 05 02
f0: 06 02 00 2b 00 05 04 03 04 03 03 00 2d 00 02 01
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) RADIUS/TLS - Handshake state [TED] - Server TLSv1.3 early data (46)
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) RADIUS/TLS - recv TLS 1.3 Handshake, ClientHello
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) RADIUS/TLS - Handshake state [TRCH] - Server SSLv3/TLS read client hello (20)
Fri Apr 12 11:37:40 2024 : Debug: (0) Server preferred ciphers (by priority)
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [0] TLS_AES_256_GCM_SHA384
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [1] TLS_CHACHA20_POLY1305_SHA256
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [2] TLS_AES_128_GCM_SHA256
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [3] ECDHE-ECDSA-AES256-GCM-SHA384
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [4] ECDHE-RSA-AES256-GCM-SHA384
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [5] DHE-RSA-AES256-GCM-SHA384
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [6] ECDHE-ECDSA-CHACHA20-POLY1305
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [7] ECDHE-RSA-CHACHA20-POLY1305
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [8] DHE-RSA-CHACHA20-POLY1305
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [9] ECDHE-ECDSA-AES128-GCM-SHA256
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [10] ECDHE-RSA-AES128-GCM-SHA256
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [11] DHE-RSA-AES128-GCM-SHA256
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [12] ECDHE-ECDSA-AES256-SHA384
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [13] ECDHE-RSA-AES256-SHA384
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [14] DHE-RSA-AES256-SHA256
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [15] ECDHE-ECDSA-AES128-SHA256
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [16] ECDHE-RSA-AES128-SHA256
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [17] DHE-RSA-AES128-SHA256
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [18] ECDHE-ECDSA-AES256-SHA
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [19] ECDHE-RSA-AES256-SHA
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [20] DHE-RSA-AES256-SHA
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [21] ECDHE-ECDSA-AES128-SHA
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [22] ECDHE-RSA-AES128-SHA
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [23] DHE-RSA-AES128-SHA
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [24] RSA-PSK-AES256-GCM-SHA384
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [25] DHE-PSK-AES256-GCM-SHA384
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [26] RSA-PSK-CHACHA20-POLY1305
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [27] DHE-PSK-CHACHA20-POLY1305
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [28] ECDHE-PSK-CHACHA20-POLY1305
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [29] AES256-GCM-SHA384
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [30] PSK-AES256-GCM-SHA384
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [31] PSK-CHACHA20-POLY1305
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [32] RSA-PSK-AES128-GCM-SHA256
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [33] DHE-PSK-AES128-GCM-SHA256
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [34] AES128-GCM-SHA256
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [35] PSK-AES128-GCM-SHA256
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [36] AES256-SHA256
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [37] AES128-SHA256
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [38] ECDHE-PSK-AES256-CBC-SHA384
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [39] ECDHE-PSK-AES256-CBC-SHA
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [40] SRP-RSA-AES-256-CBC-SHA
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [41] SRP-AES-256-CBC-SHA
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [42] RSA-PSK-AES256-CBC-SHA384
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [43] DHE-PSK-AES256-CBC-SHA384
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [44] RSA-PSK-AES256-CBC-SHA
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [45] DHE-PSK-AES256-CBC-SHA
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [46] AES256-SHA
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [47] PSK-AES256-CBC-SHA384
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [48] PSK-AES256-CBC-SHA
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [49] ECDHE-PSK-AES128-CBC-SHA256
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [50] ECDHE-PSK-AES128-CBC-SHA
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [51] SRP-RSA-AES-128-CBC-SHA
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [52] SRP-AES-128-CBC-SHA
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [53] RSA-PSK-AES128-CBC-SHA256
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [54] DHE-PSK-AES128-CBC-SHA256
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [55] RSA-PSK-AES128-CBC-SHA
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [56] DHE-PSK-AES128-CBC-SHA
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [57] AES128-SHA
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [58] PSK-AES128-CBC-SHA256
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [59] PSK-AES128-CBC-SHA
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) RADIUS/TLS - Client preferred ciphers (by priority)
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [0] TLS_AES_256_GCM_SHA384
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [1] TLS_CHACHA20_POLY1305_SHA256
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [2] TLS_AES_128_GCM_SHA256
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [3] ECDHE-ECDSA-AES256-GCM-SHA384
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [4] ECDHE-RSA-AES256-GCM-SHA384
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [5] DHE-RSA-AES256-GCM-SHA384
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [6] ECDHE-ECDSA-CHACHA20-POLY1305
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [7] ECDHE-RSA-CHACHA20-POLY1305
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [8] DHE-RSA-CHACHA20-POLY1305
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [9] ECDHE-ECDSA-AES128-GCM-SHA256
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [10] ECDHE-RSA-AES128-GCM-SHA256
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [11] DHE-RSA-AES128-GCM-SHA256
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [12] ECDHE-ECDSA-AES256-SHA384
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [13] ECDHE-RSA-AES256-SHA384
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [14] DHE-RSA-AES256-SHA256
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [15] ECDHE-ECDSA-AES128-SHA256
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [16] ECDHE-RSA-AES128-SHA256
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [17] DHE-RSA-AES128-SHA256
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [18] ECDHE-ECDSA-AES256-SHA
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [19] ECDHE-RSA-AES256-SHA
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [20] DHE-RSA-AES256-SHA
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [21] ECDHE-ECDSA-AES128-SHA
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [22] ECDHE-RSA-AES128-SHA
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [23] DHE-RSA-AES128-SHA
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [24] AES256-GCM-SHA384
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [25] AES128-GCM-SHA256
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [26] AES256-SHA256
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [27] AES128-SHA256
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [28] AES256-SHA
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) [29] AES128-SHA
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) RADIUS/TLS - send TLS 1.3 Handshake, ServerHello
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) RADIUS/TLS - Handshake state [TWSH] - Server SSLv3/TLS write server hello (22)
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) RADIUS/TLS - send TLS 1.3 Handshake, EncryptedExtensions
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) RADIUS/TLS - Handshake state [TWEE] - Server TLSv1.3 write encrypted extensions (37)
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) RADIUS/TLS - send TLS 1.3 Handshake, CertificateRequest
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) RADIUS/TLS - Handshake state [TWCR] - Server SSLv3/TLS write certificate request (25)
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) RADIUS/TLS - send TLS 1.3 Handshake, Certificate
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) RADIUS/TLS - Handshake state [TWSC] - Server SSLv3/TLS write certificate (23)
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) RADIUS/TLS - send TLS 1.3 Handshake, CertificateVerify
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) RADIUS/TLS - Handshake state [TWSCV] - Server TLSv1.3 write server certificate verify (40)
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) RADIUS/TLS - send TLS 1.3 Handshake, Finished
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) RADIUS/TLS - Handshake state [TWFIN] - Server SSLv3/TLS write finished (36)
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) RADIUS/TLS - Handshake state [TED] - Server TLSv1.3 early data (46)
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) RADIUS/TLS - Server : Need to read more data: TLSv1.3 early data
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) RADIUS/TLS - In Handshake Phase
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) RADIUS/TLS- got 3766 bytes of data
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) Writing to socket 15
Fri Apr 12 11:37:40 2024 : Debug: Waking up in 0.5 seconds.
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) Reading from socket 15
READ FROM SSL 2015
00: 17 03 03 05 72 13 de d6 3a d5 10 82 88 8b 91 e4
10: 37 8f fa c0 7c 25 dc d3 32 22 bd ca 7c 9e 73 29
20: 7f 52 f3 1d 97 18 d0 48 18 34 9a 8f c1 1f 71 88
30: d4 be a9 4b 6f b3 48 77 3c 1a ab 5c af c9 f1 2c
40: c4 1c 4b 1d 8a d3 8e e8 18 0a bc 2b 18 fc 3c 2a
50: 34 51 d3 dc 0d 8c 69 99 21 a8 92 f4 4f 46 f7 b0
60: b0 2a 58 6c 02 1d 2e 98 2f 69 09 4e d9 ac 4d 8f
70: 4e 7f 73 1f 9d 76 3d 1d ac ef f2 05 a0 c4 42 f6
80: d6 ae a4 12 95 4b 92 ab 81 e8 9d 3a d7 fc 92 ca
90: f7 01 0d 07 28 57 66 cc 43 81 ea 7a 4c 3a 6e 80
a0: ed 9f 22 d6 27 98 49 ce c4 34 0f aa b2 7f 0c 2c
b0: 06 58 13 9f de bd df 3e 22 36 e6 20 c8 16 56 49
c0: 96 89 2e 26 83 22 23 ba 49 58 df 55 6d 8d 86 1a
d0: 3d 31 97 5a fe de 47 da f4 62 97 9e b7 b0 5a 0c
e0: 9e 4c a5 69 26 2f 8e 68 ff 18 a9 b4 26 4f f9 10
f0: 5c fb 0c e4 3a 63 74 66 cc 88 fc 4b d8 d2 85 3c
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) RADIUS/TLS - Handshake state [TED] - Server TLSv1.3 early data (46)
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) RADIUS/TLS - recv TLS 1.3 Handshake, Certificate
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) RADIUS/TLS - Creating attributes from client certificate
Fri Apr 12 11:37:40 2024 : Debug: (0) TLS-Client-Cert-Serial := "2aef75f0ea7f49c68b28781d7a6a2ff9"
Fri Apr 12 11:37:40 2024 : Debug: (0) TLS-Client-Cert-Expiration := "340208105559Z"
Fri Apr 12 11:37:40 2024 : Debug: (0) TLS-Client-Cert-Valid-Since := "240208104559Z"
Fri Apr 12 11:37:40 2024 : Debug: (0) TLS-Client-Cert-Subject := "/CN=BoilerPlate"
Fri Apr 12 11:37:40 2024 : Debug: (0) TLS-Client-Cert-Issuer := "/CN=BoilerPlate"
Fri Apr 12 11:37:40 2024 : Debug: (0) TLS-Client-Cert-Common-Name := "BoilerPlate"
Fri Apr 12 11:37:40 2024 : Debug: (0) TLS-Client-Cert-Subject-Alt-Name-Dns := "radius.BoilerPlate.net"
Fri Apr 12 11:37:40 2024 : Debug: (0) Skipping TLS-Client-Cert-X509v3-Key-Usage += 'Digital Signature, Key Encipherment, Certificate Sign'. Please check that both the attribute and value are defined in the dictionaries
Fri Apr 12 11:37:40 2024 : Debug: (0) TLS-Client-Cert-X509v3-Basic-Constraints += "CA:FALSE"
Fri Apr 12 11:37:40 2024 : Debug: (0) Skipping TLS-Client-Cert-X509v3-Subject-Alternative-Name += 'DNS:radius.BoilerPlate.net'. Please check that both the attribute and value are defined in the dictionaries
Fri Apr 12 11:37:40 2024 : Debug: (0) TLS-Client-Cert-X509v3-Authority-Key-Identifier += "73:D2:45:9F:1A:5B:BB:04:31:0D:2B:52:A8:66:F9:72:EB:12:D1:54"
Fri Apr 12 11:37:40 2024 : Debug: (0) TLS-Client-Cert-X509v3-Subject-Key-Identifier += "73:D2:45:9F:1A:5B:BB:04:31:0D:2B:52:A8:66:F9:72:EB:12:D1:54"
Fri Apr 12 11:37:40 2024 : Warning: Certificate chain - 0 intermediate CA cert(s) untrusted
Fri Apr 12 11:37:40 2024 : Warning: To forbid these certificates see 'reject_unknown_intermediate_ca'
Fri Apr 12 11:37:40 2024 : Warning: (TLS) untrusted certificate with depth [0] subject name /CN=BoilerPlate
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) chain-depth : 0
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) error : 0
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) common name : BoilerPlate
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) subject : /CN=BoilerPlate
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) issuer : /CN=BoilerPlate
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) verify return : 1
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) RADIUS/TLS - Handshake state [TRCC] - Server SSLv3/TLS read client certificate (27)
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) RADIUS/TLS - recv TLS 1.3 Handshake, CertificateVerify
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) RADIUS/TLS - Handshake state [TRCV] - Server SSLv3/TLS read certificate verify (29)
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) RADIUS/TLS - recv TLS 1.3 Handshake, Finished
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) RADIUS/TLS - Handshake state [TRFIN] - Server SSLv3/TLS read finished (32)
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) RADIUS/TLS - Handshake state [SSLOK] - SSL negotiation finished successfully (1)
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) RADIUS/TLS - Connection Established
Fri Apr 12 11:37:40 2024 : Debug: (0) TLS-Session-Cipher-Suite = "TLS_AES_256_GCM_SHA384"
Fri Apr 12 11:37:40 2024 : Debug: (0) TLS-Session-Version = "TLS 1.3"
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) RADIUS/TLS - Application data.
Fri Apr 12 11:37:40 2024 : Debug: Threads: total/active/spare threads = 5/0/5
Fri Apr 12 11:37:40 2024 : Debug: Waking up in 0.3 seconds.
Fri Apr 12 11:37:40 2024 : Debug: Thread 5 got semaphore
Fri Apr 12 11:37:40 2024 : Debug: Thread 5 handling request 0, (1 handled so far)
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) Checking connection to see if it is authorized.
Fri Apr 12 11:37:40 2024 : Debug: (0) # Executing group from file /usr/local/etc/raddb/sites-enabled/default
Fri Apr 12 11:37:40 2024 : Debug: (0) Autz-Type New-TLS-Connection {
Fri Apr 12 11:37:40 2024 : Debug: (0) modsingle[authorize]: calling ok (rlm_always)
Fri Apr 12 11:37:40 2024 : Debug: (0) modsingle[authorize]: returned from ok (rlm_always)
Fri Apr 12 11:37:40 2024 : Debug: (0) [ok] = ok
Fri Apr 12 11:37:40 2024 : Debug: (0) } # Autz-Type New-TLS-Connection = ok
Fri Apr 12 11:37:40 2024 : Debug: (0) (TLS) Connection is authorized
Fri Apr 12 11:37:40 2024 : Debug: (0) Sent Access-Accept Id 4294967295 from 0.0.0.0:2083 to 192.168.215.1:33537 length 0
Fri Apr 12 11:37:40 2024 : Debug: (0) Finished request
Fri Apr 12 11:37:40 2024 : Debug: Thread 5 waiting to be assigned a request
Fri Apr 12 11:37:40 2024 : Debug: Waking up in 0.1 seconds.
Fri Apr 12 11:37:41 2024 : Debug: Waking up in 4.4 seconds.
Fri Apr 12 11:37:45 2024 : Debug: (0) Cleaning up request packet ID 4294967295 with timestamp +5 due to cleanup_delay was reached
Fri Apr 12 11:37:45 2024 : Info: Ready to process requests
```
Netstat output:
```
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:2083 0.0.0.0:* LISTEN 99/radiusd
tcp 468 0 a11e1a6f10a3:2083 192.168.215.1:33537 ESTABLISHED 99/radiusd
udp 0 0 0.0.0.0:54130 0.0.0.0:* 99/radiusd
udp 0 0 localhost:18120 0.0.0.0:* 99/radiusd
udp 0 0 0.0.0.0:radius 0.0.0.0:* 99/radiusd
udp 0 0 0.0.0.0:radius-acct 0.0.0.0:* 99/radiusd
udp6 0 0 [::]:radius [::]:* 99/radiusd
udp6 0 0 [::]:radius-acct [::]:* 99/radiusd
```
-
Lineconnect
More information about the Freeradius-Users
mailing list