I am trying to use EAP-MD5 module with
FreeRadius for authentication. In my setup I am using Windows 2000 RRAS service
as the NAS. Earlier setup was using MS-CHAP auth-type and was working fine.
When I try to run freeradius with
EAP-MD5 as the auth-type, I get a segmentation fault. I applied the
changes Raghu had suggested in the eap_wireformat method in the file.c
on 03/21/2002, but that would not help me.
I am new to freeRadius server as a user
and I am not sure if the current module supports Windows 2000 RRAS as a NAS. The
test setup (descibed in this list earlier, using Aironet etc) is
definitely different from mine. But, it will be exteremely helpful if you can
clarify on the following:
(a) Can we not use Windows 2000 RRAS as
NAS? - If this is true - What will I have to do? Build another version of
eap.c? My scenario requires me to send Auth request over PPP not
802.1x
(b) Does it appear to be another
problem with the code in EAP module?
I am including the content of log file
for reference. Any help or pointers to appropriate content will be highly
appreciated. TIA!
Initializing the thread
pool...
Listening on IP address *, ports 1812/udp and 1813/udp, with proxy on 1814/udp. Ready to process requests. rad_recv: Accounting-Request packet from host 172.20.2.117:1046, id=2, length=210 Acct-Status-Type = Stop Acct-Delay-Time = 0 NAS-IP-Address = 172.20.2.117 Service-Type = Framed-User Framed-Protocol = PPP NAS-Port = 11 MS-RAS-Vendor = 311 MS-RAS-Version = "MSRASV5.00" NAS-Port-Type = Async Connect-Info = "\r\nCONNECT 26400\r\n" Acct-Session-Id = "4" User-Name = "raduser" Framed-IP-Address = 172.20.2.21 Framed-MTU = 1500 Framed-Compression = Van-Jacobson-TCP-IP Acct-Multi-Session-Id = "7" Acct-Link-Count = 1 Event-Timestamp = "Mar 25 2002" Acct-Authentic = RADIUS MS-MPPE-Encryption-Types = 0x00000004 Acct-Session-Time = 433 Acct-Output-Octets = 7571 Acct-Input-Octets = 4137 Acct-Output-Packets = 76 Acct-Input-Packets = 44 Acct-Terminate-Cause = User-Request Sending Accounting-Response of id 2 to 172.20.2.117:1046 rad_recv: Access-Request packet from host 172.20.2.117:1047, id=5, length=146 Framed-MTU = 1500 NAS-IP-Address = 172.20.2.117 Service-Type = Framed-User Framed-Protocol = PPP NAS-Port = 11 MS-RAS-Vendor = 311 MS-RAS-Version = "MSRASV5.00" NAS-Port-Type = Async Connect-Info = "\r\nCONNECT 26400\r\n" EAP-Message = "\002\003\000\014\001raduser" User-Name = "raduser" Message-Authenticator = 0xad2606ede11b35af3d67eb45b4137615 rlm_eap: processing type md5 Login OK: [raduser/<no User-Password attribute>] (from nas UNKNOWN-NAS port 11) Sending Access-Challenge of id 5 to 172.20.2.117:1047 EAP-Message = "\001\005\000\026\004\020p@\261a\242\340\256$\364\320 \\H\232\200\320\000\000\000\000\000\030\000\000\000\000\000\n\006\300a\242\340\256$\364\320 \\H\232\200\320\000\000\000\000\000\000\000\000\000\000\030\000\000\000\000\000\n\006\340\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\030\000\000\000\000\000\n\007\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\030\000\000\000\000\000\n\007 \000\000\000\000\000\000\000" EAP-Message = "\000\000\000\000\000\n\007\240\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\030\000\000\000\000\000\n\007\300\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\030\000\000\000\000\000\n\007\340\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\030\000\000\000\000\000\n\010\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\030\000\000" EAP-Message = "\000\000\004\001\000\000\000\000\000\000\000\t\000\000\000\000\000\004\\P\000\004X\020\000\000\000\t\000\000\000\000rpc\000\000\000\000\000\000\000\000\t\000\000\000\000nis\000\000\000\000\000\000\000\000\t\000\000\000\000files\000\000\000\000\000\000\t\000\000\000\000\000\004\\\200\000\n\010\220\000\000\000\t\000\000\000\000ethers\000\000\000\000\000\t\000\000\000\000nis\000\000\000\000\000\000\000\000\t\000\000\000\000files\000\000\000\000\000\000\t\000\000\000\000\000\004\\\230\000\n\010\320\000\000\000" EAP-Message = "\000\000\000\000nis\000\000\000\000\000\000\000\000\t\000\000\000\000files\000\000\000\000\000\000\t\000\000\000\000\000\004]\020\000\n\tp\000\000\000\t\000\000\000\000nis\000\000\000\000\000\000\000\000\t\000\000\000\000\000\004]@\000\n\t\240\000\000\000\t\000\000\000\000files\000\000\000\000\000\000\t\000\000\000\000nis\000\000\000\000\000\000\000\000\t\000\000\000\000\000\004]p\000\n\t\300\000\000\000\t\000\000\000\000aliases\000\000\000\000\t\000\000\000\000files\000\000\000\000\000\000\t\000\000\000\000" EAP-Message = "\000\000\000\t\000\000\000\000\000\004]\350\000\n\n`\000\000\000\t\000\000\000\000user\000\000\000\000\000\000\000\t\000\000\000\000files\000\000\000\000\000\000\t\000\000\000\000nis\000\000\000\000\000\000\000\000\t\000\000\000\000\000\004^\030\000\n\n\200\000\000\000\t\000\000\000\000files\000\000\000\000\000\000\t\000\000\000\000nis\000\000\000\000\000\000\000\000\t\000\000\000\000\000\004^H\000\n\n\300\000\000\000\t\000\000\000\000files\000\000\000\000\000\000\t\000\000\000\000nis\000\000\000\000\000\000" EAP-Message = "\000\000\000\000\000\000\000\t\000\000\000\000\000\000\000\005\000\303\000A\000\000\000\010\000\000\000\000\000\n\013\330\000\004S<\000\000\000\010\000\000\000\000\000\n\013\210\000\t\341(\000\000\000\t\000\000\000\000\000\n\006H\000\n\006h\000\000\000\t\000\000\000\000sundev1\000\000\000\000\t\000\000\000\000udp\000\000\000\000\000\000\000\000\010\000\000\000\000\000\n\013\350\000\000\000\000\000\000\000\010\000\000\000\000\000\n\013\370\000\000\000\000\000\000\000\010\000\000\000\000\000\n\014\010\000\000" EAP-Message = "\000\n\014x\000\000\000\000\000\000\000\010\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000A\000\000\000\000\000\000\000\000\000\n\005\010\000\n\004\310\000\n\004\350\000\000\000\000\000\000\000\003\000\244\000e\000\000\000\000\000\000\000\000inet\000\004\000\003u\000MX\000\000\000\010\000de\000\000\000\000\000\000\000\000\000\000\000&\031\000\000\000\000\000\000\000\024\000\000\000\020\000\000\000\024\000\000\000\000\000\000\000$\000\002\003\377\254\024\001\n\000\000\000\000\000\000\000\000\000" EAP-Message = "\t13/tcp\ndaytime\t\t13/udp\nnetstat\t\t15/tcp\nchargen\t\t19/tcp\t\tttytst source\nchargen\t\t19/udp\t\tttytst source\nftp-data\t20/tcp\nftp\t\t21/tcp\ntelnet\t\t23/tcp\nsmtp\t\t25/tcp\t\tmail\ntime\t\t37/tcp\t\ttimserver\ntime\t\t37/udp\t\ttimserver\nname\t\t42/udp\t\tnameserver\nwhois\t\t43/tcp\t\t" EAP-Message = "nicname\t\t# usually to sri-nic\ndomain\t\t53/udp\ndomain\t\t53/tcp\nbootps\t\t67/udp\t\t\t\t# BOOTP/DHCP server\nbootpc\t\t68/udp\t\t\t\t# BOOTP/DHCP client\nhostnames\t101/tcp\t\thostname\t# usually to sri-nic\npop2\t\t109/tcp\t\tpop-2\t\t# Post Office Protocol - V2\npop3\t\t110/tcp\t\t\t\t" EAP-Message = "# Post Office Protocol - Version 3\nsunrpc\t\t111/udp\t\trpcbind\nsunrpc\t\t111/tcp\t\trpcbind\nimap\t\t143/tcp\t\timap2\t\t# Internet Mail Access Protocol v2\nldap\t\t389/tcp\t\t\t\t# Lightweight Directory Access Protocol\t\nldap\t\t389/udp\t\t\t\t# Lightweight Directory Access Prot" EAP-Message = "ocol\nldaps\t\t636/tcp\t\t\t\t# LDAP protocol over TLS/SSL (was sldap)\nldaps\t\t636/udp\t\t\t\t# LDAP protocol over TLS/SSL (was sldap)\n#\n# Host specific functions\n#\ntftp\t\t69/udp\nrje\t\t77/tcp\nfinger\t\t79/tcp\nlink\t\t87/tcp\t\tttylink\nsupdup\t\t95/tcp\niso-tsap\t102/tcp\nx400\t" EAP-Message = "\t103/tcp\t\t\t\t# ISO Mail\nx400-snd\t104/tcp\ncsnet-ns\t105/tcp\npop-2\t\t109/tcp\t\t\t\t# Post Office\nuucp-path\t117/tcp\nnntp 119/tcp usenet\t\t# Network News Transfer\nntp\t\t123/tcp\t\t\t\t# Network Time Protocol\nntp\t\t123/udp\t\t\t\t# Network Time Protocol\nn" EAP-Message = "etbios-ns\t137/tcp\t\t\t\t# NETBIOS Name Service\nnetbios-ns\t137/udp\t\t\t\t# NETBIOS Name Service\nnetbios-dgm\t138/tcp\t\t\t\t# NETBIOS Datagram Service\nnetbios-dgm\t138/udp\t\t\t\t# NETBIOS Datagram Service\nnetbios-ssn\t139/tcp\t\t\t\t# NETBIOS Session Service\nnetbios-ssn\t13" EAP-Message = "9/udp\t\t\t\t# NETBIOS Session Service\nNeWS\t\t144/tcp\t\tnews\t\t# Window System\nslp\t\t427/tcp\t\tslp\t\t# Service Location Protocol, V2\nslp 427/udp slp # Service Location Protocol, V2\ncvc_hostd\t442/tcp\t\t\t\t# Network Console\n#\n# UNIX s" EAP-Message = "pecific services\n#\n# these are NOT officially assigned\n#\nexec\t\t512/tcp\nlogin\t\t513/tcp\nshell\t\t514/tcp\t\tcmd\t\t# no passwords used\nprinter\t\t515/tcp\t\tspooler\t\t# line printer spooler\ncourier\t\t530/tcp\t\trpc\t\t# experimental\nuucp\t\t540/tcp\t\tuucpd\t\t# uucp daemon\nb" EAP-Message = "iff\t\t512/udp\t\tcomsat\nwho\t\t513/udp\t\twhod\nsyslog\t\t514/udp\ntalk\t\t517/udp\nroute\t\t520/udp\t\trouter routed\nripng\t\t521/udp\nklogin\t\t543/tcp\t\t\t\t# Kerberos authenticated rlogin\nkshell\t\t544/tcp\t\tcmd\t\t# Kerberos authenticated remote shell\nnew-rwho\t550/udp\t\tnew-who\t" EAP-Message = "\t# experimental\nrmonitor\t560/udp\t\trmonitord\t# experimental\nmonitor\t\t561/udp\t\t\t\t# experimental\npcserver\t600/tcp\t\t\t\t# ECD Integrated PC board srvr\nkerberos-adm\t749/tcp\t\t\t\t# Kerberos V5 Administration\nkerberos-adm\t749/udp\t\t\t\t# Kerberos V5 Administration\nk" EAP-Message = "erberos\t750/udp kdc\t\t# Kerberos key server\nkerberos\t750/tcp\t\tkdc\t\t# Kerberos key server\nkrb5_prop\t754/tcp\t\t\t\t# Kerberos V5 KDC propogation\nufsd\t\t1008/tcp\tufsd\t\t# UFS-aware server\nufsd\t\t1008/udp\tufsd\ncvc\t\t1495/tcp\t\t\t# Network Console\ningreslock " EAP-Message = " 1524/tcp\nwww-ldap-gw\t1760/tcp\t\t\t# HTTP to LDAP gateway\nwww-ldap-gw\t1760/udp\t\t\t# HTTP to LDAP gateway\nlisten 2766/tcp # System V listener port\nnfsd\t\t2049/udp\tnfs\t\t# NFS server daemon (clts)\nnfsd\t\t2049/tcp\tnfs\t\t# NFS " EAP-Message = "server daemon (cots)\neklogin\t\t2105/tcp\t\t\t# Kerberos encrypted rlogin\nlockd\t\t4045/udp\t\t\t# NFS lock daemon/manager\nlockd\t\t4045/tcp\ndtspc\t\t6112/tcp\t\t\t# CDE subprocess control\nfs\t\t7100/tcp\t\t\t# Font server\n\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000" signal fault in critical section signal number: 11, signal code: 2, fault address: 0xfed0a000, pc: 0xff0b06bc, sp: 0xfed08b08 libthread panic: fault in libthread critical section (PID: 23492 LWP 796156784) stacktrace: 22490 15bb8 626f6172 23492 Segmentation Fault - core dumped Mon Mar 25 10:33:10 EST 2002: Radius died, restarting.. Regards,
Siddharth Jeevan
Technologist,
Niteo Partners, Boston -
MA |
- Re: EAP-MD5 seg fault on Solaris 8 Siddharth Jeevan
- Re: EAP-MD5 seg fault on Solaris 8 Raghu
- Re: EAP-MD5 seg fault on Solaris 8 Alan DeKok
- Re: EAP-MD5 seg fault on Solaris 8 Ken Roser
- Re: EAP-MD5 seg fault on Solaris 8 Raghu
- Re: EAP-MD5 seg fault on Solaris 8 Ken Roser
- Re: EAP-MD5 seg fault on Solaris 8 Alan DeKok
- Re: EAP-MD5 seg fault on Solaris 8 Ken Roser
- Re: EAP-MD5 seg fault on Solaris 8 Alan DeKok