I'm attempting to use FreeRADIUS with EAP/TLS and Windows XP. I'm using certificates generated by OpenSSL. I'm pretty much following the EAP/TLS notes you can find at http://www.missl.cs.umd.edu/wireless/eaptls/
When I do this I get a core dump with FreeRADIUS. Details: FreeRADIUS CVS snapshot of April 4th. OpenSSL, tried both the one used in the TLS notes and version of April 8th. (this dump is with the same OpenSSL Adam used) Server is Sun Blade 100 with Solaris 8 AP is Cisco Aironet 340 I've noticed some OpenSSL errors scattered through the RADIUS log but I don't know (yet) what they mean. Even Adam's log on the eaptls website had some errors, but none classified as "fatal" as I do. Is there any glaring error here that someone can see? Otherwise I'll dig in further and debug it. (gdb) bt #0 0xfefb3084 in strlen () from /usr/lib/libc.so.1 #1 0xff0028d8 in _doprnt () from /usr/lib/libc.so.1 #2 0xff004a4c in vsnprintf () from /usr/lib/libc.so.1 #3 0x18124 in radlogdir_iswritable () #4 0x1836c in radlog () #5 0xfee62fc8 in cbtls_verify (ok=1, ctx=0xffbecb38) at cb.c:135 #6 0xff2d7c1c in internal_verify () from /usr/local/openssl/lib/libcrypto.so #7 0xff2d7600 in X509_verify_cert () from /usr/local/openssl/lib/libcrypto.so #8 0xfee24e3c in ssl_verify_cert_chain () from /usr/local/openssl/lib/libssl.so.0.9.7 #9 0xfee15c58 in ssl3_get_client_certificate () from /usr/local/openssl/lib/libssl.so.0.9.7 #10 0xfee13dd4 in ssl3_accept () from /usr/local/openssl/lib/libssl.so.0.9.7 #11 0xfee1bbb4 in ssl3_read_bytes () from /usr/local/openssl/lib/libssl.so.0.9.7 #12 0xfee19bb0 in ssl3_read () from /usr/local/openssl/lib/libssl.so.0.9.7 #13 0xfee23598 in SSL_read () from /usr/local/openssl/lib/libssl.so.0.9.7 #14 0xfee6377c in tls_handshake_recv (ssn=0xda960) at tls.c:294 #15 0xfee62c20 in eaptls_operation (eaptls_packet=0xd8df8, status=EAPTLS_LENGTH_INCLUDED, handler=0xc2b88) at eap_tls.c:586 #16 0xfee6220c in eaptls_authenticate (arg=0xb, handler=0xc2b88) at rlm_eap_tls.c:203 #17 0xfee81bc0 in eaptype_call (eap_type=276976, action=AUTHENTICATE, ---Type <return> to continue, or q <return> to quit--- type_list=0x439f0, handler=0xc2b88) at eap.c:203 #18 0xfee81d3c in eaptype_select (type_list=0x439f0, handler=0xc2b88, conftype=0xd8be0 "\r") at eap.c:277 #19 0xfee8154c in eap_authenticate (instance=0xa5958, request=0xd32b8) at rlm_eap.c:213 #20 0x1db14 in module_checksimul () #21 0x1dcbc in modcall () #22 0x1db68 in module_checksimul () #23 0x1dc6c in modcall () #24 0x1d394 in find_module_instance () #25 0x1d724 in module_authenticate () #26 0x1a1c8 in rad_check_password () #27 0x1a49c in rad_authenticate () #28 0x15758 in rad_respond () #29 0x1539c in rad_process () #30 0x14f4c in main () (gdb) The RADIUS log is: # ./radiusd -X -A Starting - reading configuration files ... reread_config: reading radiusd.conf Config: including file: /home/freeradius/cvs/etc/raddb/proxy.conf Config: including file: /home/freeradius/cvs/etc/raddb/clients.conf Config: including file: /home/freeradius/cvs/etc/raddb/snmp.conf Config: including file: /home/freeradius/cvs/etc/raddb/sql.conf main: prefix = "/home/freeradius/cvs" main: localstatedir = "/home/freeradius/cvs/var" main: logdir = "/home/freeradius/cvs/var/log/radius" main: libdir = "/home/freeradius/cvs/lib" main: radacctdir = "/home/freeradius/cvs/var/log/radius/radacct" main: hostname_lookups = no read_config_files: reading dictionary read_config_files: reading clients read_config_files: reading realms read_config_files: reading naslist main: max_request_time = 30 main: cleanup_delay = 5 main: max_requests = 1024 main: delete_blocked_requests = 0 main: port = 0 main: allow_core_dumps = no main: log_stripped_names = no main: log_auth = yes main: log_auth_badpass = yes main: log_auth_goodpass = yes main: pidfile = "/home/freeradius/cvs/var/run/radiusd.pid" main: user = "root" main: group = "root" main: usercollide = no main: lower_user = "no" main: lower_pass = "no" main: nospace_user = "no" main: nospace_pass = "no" main: proxy_requests = yes proxy: retry_delay = 5 proxy: retry_count = 3 proxy: synchronous = no proxy: default_fallback = yes proxy: dead_time = 120 security: max_attributes = 200 security: reject_delay = 1 main: debug_level = 0 read_config_files: entering modules setup Module: Library search path is /home/freeradius/cvs/lib Module: Loaded System unix: cache = no unix: passwd = "/etc/passwd" unix: shadow = "(null)" unix: group = "/etc/group" unix: radwtmp = "/home/freeradius/cvs/var/log/radius/radwtmp" unix: usegroup = no unix: cache_reload = 600 Module: Instantiated unix (unix) Module: Loaded eap eap: default_eap_type = "tls" eap: timer_expire = 60 tls: rsa_key_exchange = no tls: dh_key_exchange = yes tls: rsa_key_length = 512 tls: dh_key_length = 512 tls: verify_depth = 0 tls: CA_path = "(null)" tls: pem_file_type = yes tls: private_key_file = "/etc/1x/cert/cert-srv.pem" tls: certificate_file = "/etc/1x/cert/cert-srv.pem" tls: CA_file = "/etc/1x/cert/demoCA/cacert.pem" tls: private_key_password = "whatever" tls: dh_file = "/etc/1x/adamcert/random" tls: random_file = "/etc/1x/adamcert/dh" tls: fragment_size = 1024 tls: include_length = yes rlm_eap_tls: conf N ctx stored rlm_eap: Loaded and initialized the type tls Module: Instantiated eap (eap) Module: Loaded preprocess preprocess: huntgroups = "/home/freeradius/cvs/etc/raddb/huntgroups" preprocess: hints = "/home/freeradius/cvs/etc/raddb/hints" preprocess: with_ascend_hack = no preprocess: ascend_channels_per_line = 23 preprocess: with_ntdomain_hack = no preprocess: with_specialix_jetstream_hack = no preprocess: with_cisco_vsa_hack = no Module: Instantiated preprocess (preprocess) Module: Loaded realm realm: format = "suffix" realm: delimiter = "@" Module: Instantiated realm (suffix) Module: Loaded files files: usersfile = "/home/freeradius/cvs/etc/raddb/users" files: acctusersfile = "/home/freeradius/cvs/etc/raddb/acct_users" files: compat = "no" Module: Instantiated files (files) Module: Loaded detail detail: detailfile = "/home/freeradius/cvs/var/log/radius/radacct/%{Client-IP-Address}/detail" detail: detailperm = 384 detail: dirperm = 493 Module: Instantiated detail (detail) Module: Loaded radutmp radutmp: filename = "/home/freeradius/cvs/var/log/radius/radutmp" radutmp: username = "%{User-Name}" radutmp: perm = 384 radutmp: callerid = yes Module: Instantiated radutmp (radutmp) Listening on IP address *, ports 1812/udp and 1813/udp, with proxy on 1814/udp. Ready to process requests. rad_recv: Access-Request packet from host 192.168.123.2:3192, id=50, length=119 User-Name = "KEN" NAS-IP-Address = 192.168.123.2 Called-Station-Id = "004096431d06" Calling-Station-Id = "000625039e69" NAS-Identifier = "AP340-431d06" NAS-Port = 29 Framed-MTU = 1400 NAS-Port-Type = Wireless-802.11 EAP-Message = "\002\000\000\010\001KEN" Message-Authenticator = 0x7bbd37e894aa65d712e1c6be39e3868b modcall: entering group authorize modcall[authorize]: module "preprocess" returns ok modcall[authorize]: module "eap" returns updated rlm_realm: Looking up realm NULL for User-Name = "KEN" rlm_realm: No such realm NULL modcall[authorize]: module "suffix" returns noop users: Matched KEN at 25 modcall[authorize]: module "files" returns ok modcall: group authorize returns updated rad_check_password: Found Auth-Type EAP auth: type "EAP" modcall: entering group authenticate rlm_eap: processing type tls modcall[authenticate]: module "eap" returns ok modcall: group authenticate returns ok Login OK: [KEN/<no User-Password attribute>] (from client 192.168.123.2 port 29 cli 000625039e69) Sending Access-Challenge of id 50 to 192.168.123.2:3192 Acct-Interim-Interval = 30 Idle-Timeout = 7200 Session-Timeout = 14400 EAP-Message = "\001\001\000\006\r " Message-Authenticator = 0x00000000000000000000000000000000 State = 0xe664779fdc06f7b82d6447a235c2cc703cb36058c8e490866df580d8848b26313b732417 Finished request 0 Going to the next request --- Walking the entire request list --- Waking up in 6 seconds... rad_recv: Access-Request packet from host 192.168.123.2:3193, id=51, length=229 User-Name = "KEN" NAS-IP-Address = 192.168.123.2 Called-Station-Id = "004096431d06" Calling-Station-Id = "000625039e69" NAS-Identifier = "AP340-431d06" NAS-Port = 29 Framed-MTU = 1400 State = 0xe664779fdc06f7b82d6447a235c2cc703cb36058c8e490866df580d8848b26313b732417 NAS-Port-Type = Wireless-802.11 EAP-Message = "\002\001\000P\r\200\000\000\000F\026\003\001\000A\001\000\000=\003\001<\263`J.\322G\227\353%_G\3768l \272i=\363\350;\221H\212-\221\021\264\273\303\316\000\000\026\000\004\000\005\000\n\000\t\000d\000b\000\003\000\006\000\023\000\022\000c\001" Message-Authenticator = 0x941d1f0981b4eb694223f99e8356974e modcall: entering group authorize modcall[authorize]: module "preprocess" returns ok modcall[authorize]: module "eap" returns updated rlm_realm: Looking up realm NULL for User-Name = "KEN" rlm_realm: No such realm NULL modcall[authorize]: module "suffix" returns noop users: Matched KEN at 25 modcall[authorize]: module "files" returns ok modcall: group authorize returns updated rad_check_password: Found Auth-Type EAP auth: type "EAP" modcall: entering group authenticate rlm_eap: Request found, released from the list rlm_eap: EAP_TYPE - tls rlm_eap: processing type tls rlm_eap_tls: Length Included undefined:before/accept initialization TLS_accept:before/accept initialization <<< TLS 1.0 Handshake [length 0041], ClientHello TLS_accept:SSLv3 read client hello A >>> TLS 1.0 Handshake [length 004a], ServerHello TLS_accept:SSLv3 write server hello A >>> TLS 1.0 Handshake [length 0780], Certificate TLS_accept:SSLv3 write certificate A >>> TLS 1.0 Handshake [length 00a9], CertificateRequest TLS_accept:SSLv3 write certificate request A TLS_accept:SSLv3 flush data TLS_accept:error in SSLv3 read client certificate A rlm_eap_tls: SSL_read Error Error code is ..... 2 SSL Error ..... 2 In SSL Handshake Phase In SSL Accept mode modcall[authenticate]: module "eap" returns ok modcall: group authenticate returns ok Login OK: [KEN/<no User-Password attribute>] (from client 192.168.123.2 port 29 cli 000625039e69) Sending Access-Challenge of id 51 to 192.168.123.2:3193 Acct-Interim-Interval = 30 Idle-Timeout = 7200 Session-Timeout = 14400 EAP-Message = "\001\002\004\n\r\300\000\000\010\202\026\003\001\000J\002\000\000F\003\001<\263`X5\001\226\032L\006\305Z\314!\317\022\256,\274\333ssK\212\267\236\001\234d&H\206 '\241\356\311\276\3631\216\310"\375\262-.\251Y\234\353V>\322\321f\3127\251L\276\002\243\247\301\000\004\000\026\003\001\007\200\013\000\007|\000\007y\000\003\3210\202\003\3150\202\0036\240\003\002\001\002\002\001\0020\r\006\t*\206H\206\367\r\001\001\004\005\0000\201\2271\0130\t\006\003U\004\006\023\002US1\0230\021\006\003U\004\010\023\nNew Jersey1" EAP-Message = "0#\006\t*\206H\206\367\r\001\t\001\026\[EMAIL PROTECTED]\036\027\r020409163318Z\027\r030409163318Z0\201\2311\0130\t\006\003U\004\006\023\002US1\0230\021\006\003U\004\010\023\nNew Jersey1\0270\025\006\003U\004\007\023\016New Providence1\0220\020\006\003U\004\n\023\tBroadwave1\0140\n\006\003U\004\013\023\003CBG1\0230\021\006\003U\004\003\023\ncbg-server1%0#\006\t*\206H\206\367\r\001\t\001\026\[EMAIL PROTECTED]\201\2370\r\006\t*\206H\206\367\r\001\001\001\005\000\003\201\215\0000\201\211\002" EAP-Message = "\201\000\314\311\3543\341KE\273"\366\3551\317\233\245\323u\330\\\201M\031'\225\362\247\353.\331@J%\226B\276\256'\344b\200h\305\212\2578\235\345\213\315.Wg#!K,\225\212tH\355:\331v8\376\277\276u\355\315\367\360\333\363>\334\235I\320\202\331\267Ob@_\221\253\3451\246\010\321&'\225\017\305b\202\334k\324\3407\232\014\034!\007x\nk\n#WF>\240\366\251\300:\220i\303\275\002\003\001\000\001\243\202\001#0\202\001\0370\t\006\003U\035\023\004\0020\0000,\006\t`\206H\001\206\370B\001\r\004\037\026\035OpenSSL Generated Cer" EAP-Message = "\317\230\273\343X0\247n\203\016\272&\035\331"\241\201\235\244\201\2320\201\2271\0130\t\006\003U\004\006\023\002US1\0230\021\006\003U\004\010\023\nNew Jersey1\0270\025\006\003U\004\007\023\016New Providence1\0220\020\006\003U\004\n\023\tBroadwave1\0140\n\006\003U\004\013\023\003CBG1\0210\017\006\003U\004\003\023\010cbg-root1%0#\006\t*\206H\206\367\r\001\t\001\026\[EMAIL PROTECTED]\202\001\0000\r\006\t*\206H\206\367\r\001\001\004\005\000\003\201\201\000z\317\033\026\304\036(\3510\3425\356|xiU\034y\242" EAP-Message = "\347\024\257\333\211\360d\247\250\270Ta\271b\367\032M\203\333E\226\263;\006&\212" Message-Authenticator = 0x00000000000000000000000000000000 State = 0x1e6623dace6bc40ffdba04c308cf19ad3cb3605873f074a9326e3be3600327bd0d19045d Finished request 1 Going to the next request Waking up in 6 seconds... rad_recv: Access-Request packet from host 192.168.123.2:3194, id=52, length=155 User-Name = "KEN" NAS-IP-Address = 192.168.123.2 Called-Station-Id = "004096431d06" Calling-Station-Id = "000625039e69" NAS-Identifier = "AP340-431d06" NAS-Port = 29 Framed-MTU = 1400 State = 0x1e6623dace6bc40ffdba04c308cf19ad3cb3605873f074a9326e3be3600327bd0d19045d NAS-Port-Type = Wireless-802.11 EAP-Message = "\002\002\000\006\r" Message-Authenticator = 0xf532bbd42e5d0326660db04931506b38 modcall: entering group authorize modcall[authorize]: module "preprocess" returns ok modcall[authorize]: module "eap" returns updated rlm_realm: Looking up realm NULL for User-Name = "KEN" rlm_realm: No such realm NULL modcall[authorize]: module "suffix" returns noop users: Matched KEN at 25 modcall[authorize]: module "files" returns ok modcall: group authorize returns updated rad_check_password: Found Auth-Type EAP auth: type "EAP" modcall: entering group authenticate rlm_eap: Request found, released from the list rlm_eap: EAP_TYPE - tls rlm_eap: processing type tls rlm_eap_tls: Received EAP-TLS ACK message modcall[authenticate]: module "eap" returns ok modcall: group authenticate returns ok Login OK: [KEN/<no User-Password attribute>] (from client 192.168.123.2 port 29 cli 000625039e69) Sending Access-Challenge of id 52 to 192.168.123.2:3194 Acct-Interim-Interval = 30 Idle-Timeout = 7200 Session-Timeout = 14400 EAP-Message = "\001\003\004\n\r\300\000\000\010\202\3209\356\220a\001\206\355\310\220K\000\025\341\020\213\341\356\372\204\277\2634\026x\304\250\202zlD\342\241\001\340n\271<\230\030\225\001\023\260{?(\000\003\2420\202\003\2360\202\003\007\240\003\002\001\002\002\001\0000\r\006\t*\206H\206\367\r\001\001\004\005\0000\201\2271\0130\t\006\003U\004\006\023\002US1\0230\021\006\003U\004\010\023\nNew Jersey1\0270\025\006\003U\004\007\023\016New Providence1\0220\020\006\003U\004\n\023\tBroadwave1\0140\n\006\003U\004\013\023\003C" EAP-Message = "409163243Z\027\r040408163243Z0\201\2271\0130\t\006\003U\004\006\023\002US1\0230\021\006\003U\004\010\023\nNew Jersey1\0270\025\006\003U\004\007\023\016New Providence1\0220\020\006\003U\004\n\023\tBroadwave1\0140\n\006\003U\004\013\023\003CBG1\0210\017\006\003U\004\003\023\010cbg-root1%0#\006\t*\206H\206\367\r\001\t\001\026\[EMAIL PROTECTED]\201\2370\r\006\t*\206H\206\367\r\001\001\001\005\000\003\201\215\0000\201\211\002\201\201\000\274f\266\t\227F\002\366\343\312l:|\252\217\013\r\330\330\3778\026" EAP-Message = "M\261\3706\316=A\251iT:\222\3645E\t\357\354%\001\227\223\270\024?\302\036h7\236n\245\370m\237e\367\250q\373\277\234\n2\234\337\020\227\331_ga\226\376\377}\321\324\260CfG\312@\311\226\024\266\000\240o\306y\261\007Jg}\330\347U\350*\221\002\003\001\000\001\243\201\3670\201\3640\035\006\003U\035\016\004\026\004\024\350\023\303\226\276\317\230\273\343X0\247n\203\016\272&\035\331"0\201\304\006\003U\035#\004\201\2740\201\271\200\024\350\023\303\226\276\317\230\273\343X0\247n\203\016\272&\035\331"\241\201\235\244" EAP-Message = "0\n\006\003U\004\013\023\003CBG1\0210\017\006\003U\004\003\023\010cbg-root1%0#\006\t*\206H\206\367\r\001\t\001\026\[EMAIL PROTECTED]\202\001\0000\014\006\003U\035\023\004\0050\003\001\001\3770\r\006\t*\206H\206\367\r\001\001\004\005\000\003\201\201\000Jeo\226\323\372v\333\354!\276\253\334=\025\363o\270T;\034Q,4\255\362\031\001\372j\231;\210B\247\025'N\204\244T\365\270\355<f\225\354\037\371\267\225I\347I\rPw\305\215\234%l\27074\357\027\336k\351\276\213J\333\035\334M>\026\025\005\231\024\362\264V\252" EAP-Message = "\2271\0130\t\006\003U\004\006\023\002US1\0230\021\006\003U\004\010\023\nN" Message-Authenticator = 0x00000000000000000000000000000000 State = 0x0741ffb59d84a7aa5e41e291d88731b93cb36058b77574d690fba2cdf5ad4566d3af3cd9 Finished request 2 Going to the next request Waking up in 6 seconds... rad_recv: Access-Request packet from host 192.168.123.2:3195, id=53, length=155 User-Name = "KEN" NAS-IP-Address = 192.168.123.2 Called-Station-Id = "004096431d06" Calling-Station-Id = "000625039e69" NAS-Identifier = "AP340-431d06" NAS-Port = 29 Framed-MTU = 1400 State = 0x0741ffb59d84a7aa5e41e291d88731b93cb36058b77574d690fba2cdf5ad4566d3af3cd9 NAS-Port-Type = Wireless-802.11 EAP-Message = "\002\003\000\006\r" Message-Authenticator = 0xe479b0a4fa41872b8c0ee43eebb4a56d modcall: entering group authorize modcall[authorize]: module "preprocess" returns ok modcall[authorize]: module "eap" returns updated rlm_realm: Looking up realm NULL for User-Name = "KEN" rlm_realm: No such realm NULL modcall[authorize]: module "suffix" returns noop users: Matched KEN at 25 modcall[authorize]: module "files" returns ok modcall: group authorize returns updated rad_check_password: Found Auth-Type EAP auth: type "EAP" modcall: entering group authenticate rlm_eap: Request found, released from the list rlm_eap: EAP_TYPE - tls rlm_eap: processing type tls rlm_eap_tls: Received EAP-TLS ACK message modcall[authenticate]: module "eap" returns ok modcall: group authenticate returns ok Login OK: [KEN/<no User-Password attribute>] (from client 192.168.123.2 port 29 cli 000625039e69) Sending Access-Challenge of id 53 to 192.168.123.2:3195 Acct-Interim-Interval = 30 Idle-Timeout = 7200 Session-Timeout = 14400 EAP-Message = "\001\004\000\214\r\200\000\000\010\202ew Jersey1\0270\025\006\003U\004\007\023\016New Providence1\0220\020\006\003U\004\n\023\tBroadwave1\0140\n\006\003U\004\013\023\003CBG1\0210\017\006\003U\004\003\023\010cbg-root1%0#\006\t*\206H\206\367\r\001\t\001\026\[EMAIL PROTECTED]\016\000\000" Message-Authenticator = 0x00000000000000000000000000000000 State = 0x54945026b357edb112a86482018452bc3cb360586e5882d181e693b0d2da042a6d0ebbf1 Finished request 3 Going to the next request Waking up in 6 seconds... rad_recv: Access-Request packet from host 192.168.123.2:3196, id=54, length=1465 User-Name = "KEN" NAS-IP-Address = 192.168.123.2 Called-Station-Id = "004096431d06" Calling-Station-Id = "000625039e69" NAS-Identifier = "AP340-431d06" NAS-Port = 29 Framed-MTU = 1400 State = 0x54945026b357edb112a86482018452bc3cb360586e5882d181e693b0d2da042a6d0ebbf1 NAS-Port-Type = Wireless-802.11 EAP-Message = "\002\004\005\032\r\200\000\000\005\020\026\003\001\004\340\013\000\003\320\000\003\315\000\003\3120\202\003\3060\202\003/\240\003\002\001\002\002\001\0060\r\006\t*\206H\206\367\r\001\001\004\005\0000\201\2271\0130\t\006\003U\004\006\023\002US1\0230\021\006\003U\004\010\023\nNew Jersey1\0270\025\006\003U\004\007\023\016New Providence1\0220\020\006\003U\004\n\023\tBroadwave1\0140\n\006\003U\004\013\023\003CBG1\0210\017\006\003U\004\003\023\010cbg-root1%0#\006\t*\206H\206\367\r\001\t\001\026\026root@broadwav" EAP-Message = "\006\023\002US1\0230\021\006\003U\004\010\023\nNew Jersey1\0270\025\006\003U\004\007\023\016New Providence1\0220\020\006\003U\004\n\023\tBroadwave1\0140\n\006\003U\004\013\023\003CBG1\0140\n\006\003U\004\003\023\003KEN1%0#\006\t*\206H\206\367\r\001\t\001\026\[EMAIL PROTECTED]\201\2370\r\006\t*\206H\206\367\r\001\001\001\005\000\003\201\215\0000\201\211\002\201\201\000\267\203\251t[\266\341\025\300!\332r\336{\257\026\336\322\301\000+a\3036-{C )\034;T\r\277G\274ah\003\311\t\262H\302FJ4\354,\024|\201" EAP-Message = "u^f2\327\217N\350jk\303it\017\367\212\376p\321\363Y'\267\217~Zk\0364I]\022A\320\271\026\375`\365)hW\002\003\001\000\001\243\202\001#0\202\001\0370\t\006\003U\035\023\004\0020\0000,\006\t`\206H\001\206\370B\001\r\004\037\026\035OpenSSL Generated Certificate0\035\006\003U\035\016\004\026\004\024wó\243<\200Y\213oV\347\351r\276\257\301\242H$G50\201\304\006\003U\035#\004\201\2740\201\271\200\024\350\023\303\226\276\317\230\273\343X0\247n\203\016\272&\035\331"\241\201\235\244\201\2320\201\2271\0130\t\006\003U\004" EAP-Message = "U\004\n\023\tBroadwave1\0140\n\006\003U\004\013\023\003CBG1\0210\017\006\003U\004\003\023\010cbg-root1%0#\006\t*\206H\206\367\r\001\t\001\026\[EMAIL PROTECTED]\202\001\0000\r\006\t*\206H\206\367\r\001\001\004\005\000\003\201\201\000q\367\315'\\\201;\344_?\313\n\030w\211PX\034\344Zp_\315\306\352\247\315\375\316\210\327\206r\030<\275?\020\275\203{\344\257\255\341Z\210\221$=\003\205]\001qk\2023aj\221i\227\211{j\345\277a\246\331&T\223\246\310\337\262\355\225s\255`j\201\232\310.\216\020\250\215Q\003\345" EAP-Message = "\206\310\264\350\312\372\016\267d\270Y\257\024V\023-D\315\353\311\375\200T\214Y\0027\036i\352\372\3724\220)\354\030\351^s\221A\375\237\347{\027\031\301o\253"`\005h\314K\346\23339T\242\2316t\307\340\211\241x\246\355#B\260D\242\333\201\014\302|L\035\305\262\025\027\331\324\000i\304}\035c\276\337\215\000H1E\035u\023\362H\203\006\322E\226\021\326U\017\000\000\202\000\200\206q\034}N\034\246\316o\300R\017\357_\022\3667\0162\233N\0177k\322\247N&\266J\247\245\236\335q\225u\n\224\206Q(;vTó\210x\377+Q\314:\350D\224" EAP-Message = "\001\000\001\001\026\003\001\000 H\3418\233\247\006\3469\333 \347k>\257:\323&i\275\007P\335(*\037\330F\312t\241<h" Message-Authenticator = 0x3d94dfa06729c0e5b782e40ff4194416 modcall: entering group authorize modcall[authorize]: module "preprocess" returns ok modcall[authorize]: module "eap" returns updated rlm_realm: Looking up realm NULL for User-Name = "KEN" rlm_realm: No such realm NULL modcall[authorize]: module "suffix" returns noop users: Matched KEN at 25 modcall[authorize]: module "files" returns ok modcall: group authorize returns updated rad_check_password: Found Auth-Type EAP auth: type "EAP" modcall: entering group authenticate rlm_eap: Multiple EAP_Message attributes found rlm_eap: Request found, released from the list rlm_eap: EAP_TYPE - tls rlm_eap: processing type tls rlm_eap_tls: Length Included <<< TLS 1.0 Handshake [length 03d4], Certificate chain-depth=1, error=0 --> User-Name = KEN --> subject = /C=US/ST=New Jersey/L=New [EMAIL PROTECTED] --> issuer = /C=US/ST=New Jersey/L=New [EMAIL PROTECTED] --> verify return:1 chain-depth=0, error=0 --> User-Name = KEN --> subject = /C=US/ST=New Jersey/L=New [EMAIL PROTECTED] --> issuer = /C=US/ST=New Jersey/L=New [EMAIL PROTECTED] --> verify return:1 TLS_accept:SSLv3 read client certificate A <<< TLS 1.0 Handshake [length 0086], ClientKeyExchange TLS_accept:SSLv3 read client key exchange A <<< TLS 1.0 Handshake [length 0086], CertificateVerify TLS_accept:SSLv3 read certificate verify A <<< TLS 1.0 ChangeCipherSpec [length 0001] <<< TLS 1.0 Handshake [length 0010], Finished TLS_accept:SSLv3 read finished A >>> TLS 1.0 ChangeCipherSpec [length 0001] TLS_accept:SSLv3 write change cipher spec A >>> TLS 1.0 Handshake [length 0010], Finished TLS_accept:SSLv3 write finished A TLS_accept:SSLv3 flush data undefined:SSL negotiation finished successfully rlm_eap_tls: SSL_read Error Error code is ..... 2 SSL Error ..... 2 SSL Connection Established modcall[authenticate]: module "eap" returns ok modcall: group authenticate returns ok Login OK: [KEN/<no User-Password attribute>] (from client 192.168.123.2 port 29 cli 000625039e69) Sending Access-Challenge of id 54 to 192.168.123.2:3196 Acct-Interim-Interval = 30 Idle-Timeout = 7200 Session-Timeout = 14400 EAP-Message = "\001\005\0005\r\200\000\000\000+\024\003\001\000\001\001\026\003\001\000 \310\307\204\014n\353P]{\027\324\374\203^ó_\3051\r\345\213\337\202\202d\261\305\345Fz\005ó" Message-Authenticator = 0x00000000000000000000000000000000 State = 0x83209badd7f206f43b13c13b9e7d95e23cb360589bc2c883f784099fdfe4bf28a6f1bfd8 Finished request 4 Going to the next request Waking up in 6 seconds... rad_recv: Access-Request packet from host 192.168.123.2:3197, id=55, length=182 User-Name = "KEN" NAS-IP-Address = 192.168.123.2 Called-Station-Id = "004096431d06" Calling-Station-Id = "000625039e69" NAS-Identifier = "AP340-431d06" NAS-Port = 29 Framed-MTU = 1400 State = 0x83209badd7f206f43b13c13b9e7d95e23cb360589bc2c883f784099fdfe4bf28a6f1bfd8 NAS-Port-Type = Wireless-802.11 EAP-Message = "\002\005\000!\r\200\000\000\000\027\025\003\001\000\022g\332\\@\010cX\375\3168\260\205\002B^UIT" Message-Authenticator = 0x47fa23eb4472ba38d93c675f11dc7c54 modcall: entering group authorize modcall[authorize]: module "preprocess" returns ok modcall[authorize]: module "eap" returns updated rlm_realm: Looking up realm NULL for User-Name = "KEN" rlm_realm: No such realm NULL modcall[authorize]: module "suffix" returns noop users: Matched KEN at 25 modcall[authorize]: module "files" returns ok modcall: group authorize returns updated rad_check_password: Found Auth-Type EAP auth: type "EAP" modcall: entering group authenticate rlm_eap: Request found, released from the list rlm_eap: EAP_TYPE - tls rlm_eap: processing type tls rlm_eap_tls: Length Included <<< TLS 1.0 Alert [length 0002], fatal access_denied TLS Alert read:fatal:access denied rlm_eap_tls: SSL_read Error 12523:error:14094419:SSL routines:SSL3_READ_BYTES:tlsv1 alert access denied:s3_pkt.c:991:SSL alert number 49 Error code is ..... 6 SSL Error ..... 6 SSL Connection Established rlm_eap_tls: BIO_read Error Error code is ..... 5 Error in SSL ..... 5 modcall[authenticate]: module "eap" returns ok modcall: group authenticate returns ok Login OK: [KEN/<no User-Password attribute>] (from client 192.168.123.2 port 29 cli 000625039e69) Sending Access-Challenge of id 55 to 192.168.123.2:3197 Acct-Interim-Interval = 30 Idle-Timeout = 7200 Session-Timeout = 14400 EAP-Message = "\001\006\000\n\r\200\000\000\000" Message-Authenticator = 0x00000000000000000000000000000000 State = 0x296b9acb6a041103d2e94ddb611faa6a3cb3605815b738fdb39e305eae9042fc3bfe6207 Finished request 5 Going to the next request Waking up in 6 seconds... --- Walking the entire request list --- Cleaning up request 0 ID 50 with timestamp 3cb36058 Cleaning up request 1 ID 51 with timestamp 3cb36058 Cleaning up request 2 ID 52 with timestamp 3cb36058 Cleaning up request 3 ID 53 with timestamp 3cb36058 Cleaning up request 4 ID 54 with timestamp 3cb36058 Cleaning up request 5 ID 55 with timestamp 3cb36058 Nothing to do. Sleeping until we see a request. rad_recv: Access-Request packet from host 192.168.123.2:3198, id=56, length=119 User-Name = "KEN" NAS-IP-Address = 192.168.123.2 Called-Station-Id = "004096431d06" Calling-Station-Id = "000625039e69" NAS-Identifier = "AP340-431d06" NAS-Port = 29 Framed-MTU = 1400 NAS-Port-Type = Wireless-802.11 EAP-Message = "\002\006\000\010\001KEN" Message-Authenticator = 0x4126b1c6d313a4fea3c5731407894c56 modcall: entering group authorize modcall[authorize]: module "preprocess" returns ok modcall[authorize]: module "eap" returns updated rlm_realm: Looking up realm NULL for User-Name = "KEN" rlm_realm: No such realm NULL modcall[authorize]: module "suffix" returns noop users: Matched KEN at 25 modcall[authorize]: module "files" returns ok modcall: group authorize returns updated rad_check_password: Found Auth-Type EAP auth: type "EAP" modcall: entering group authenticate rlm_eap: processing type tls modcall[authenticate]: module "eap" returns ok modcall: group authenticate returns ok Login OK: [KEN/<no User-Password attribute>] (from client 192.168.123.2 port 29 cli 000625039e69) Sending Access-Challenge of id 56 to 192.168.123.2:3198 Acct-Interim-Interval = 30 Idle-Timeout = 7200 Session-Timeout = 14400 EAP-Message = "\001\007\000\006\r " Message-Authenticator = 0x00000000000000000000000000000000 State = 0x3f0c496e4e0ecd815eab4c686613cda33cb36076814b06cd41b4b84161dfda0245313868 Finished request 6 Going to the next request --- Walking the entire request list --- Waking up in 6 seconds... rad_recv: Access-Request packet from host 192.168.123.2:3199, id=57, length=229 User-Name = "KEN" NAS-IP-Address = 192.168.123.2 Called-Station-Id = "004096431d06" Calling-Station-Id = "000625039e69" NAS-Identifier = "AP340-431d06" NAS-Port = 29 Framed-MTU = 1400 State = 0x3f0c496e4e0ecd815eab4c686613cda33cb36076814b06cd41b4b84161dfda0245313868 NAS-Port-Type = Wireless-802.11 EAP-Message = "\002\007\000P\r\200\000\000\000F\026\003\001\000A\001\000\000=\003\001<\263`i\376\232ul\021\361\311\3731\272\344\263\270\206\205\371"/b\002t\262\230\010[J\334\376\000\000\026\000\004\000\005\000\n\000\t\000d\000b\000\003\000\006\000\023\000\022\000c\001" Message-Authenticator = 0xd020e58bb10ed8f4376191a0ee7fbbbd modcall: entering group authorize modcall[authorize]: module "preprocess" returns ok modcall[authorize]: module "eap" returns updated rlm_realm: Looking up realm NULL for User-Name = "KEN" rlm_realm: No such realm NULL modcall[authorize]: module "suffix" returns noop users: Matched KEN at 25 modcall[authorize]: module "files" returns ok modcall: group authorize returns updated rad_check_password: Found Auth-Type EAP auth: type "EAP" modcall: entering group authenticate rlm_eap: Request found, released from the list rlm_eap: EAP_TYPE - tls rlm_eap: processing type tls rlm_eap_tls: Length Included undefined:before/accept initialization TLS_accept:before/accept initialization <<< TLS 1.0 Handshake [length 0041], ClientHello TLS_accept:SSLv3 read client hello A >>> TLS 1.0 Handshake [length 004a], ServerHello TLS_accept:SSLv3 write server hello A >>> TLS 1.0 Handshake [length 0780], Certificate TLS_accept:SSLv3 write certificate A >>> TLS 1.0 Handshake [length 00a9], CertificateRequest TLS_accept:SSLv3 write certificate request A TLS_accept:SSLv3 flush data TLS_accept:error in SSLv3 read client certificate A rlm_eap_tls: SSL_read Error Error code is ..... 2 SSL Error ..... 2 In SSL Handshake Phase In SSL Accept mode modcall[authenticate]: module "eap" returns ok modcall: group authenticate returns ok Login OK: [KEN/<no User-Password attribute>] (from client 192.168.123.2 port 29 cli 000625039e69) Sending Access-Challenge of id 57 to 192.168.123.2:3199 Acct-Interim-Interval = 30 Idle-Timeout = 7200 Session-Timeout = 14400 EAP-Message = "\001\010\004\n\r\300\000\000\010\202\026\003\001\000J\002\000\000F\003\001<\263`v\2343m\313\\\212\247-\213\305\322E\375\336W\220\244V\2716\256\265\000e\003W\234; ah#\274n\365p_\227u\301:)\317\264A\313g\2659\363\227\275\005\372q\0362\370c\277\254\000\004\000\026\003\001\007\200\013\000\007|\000\007y\000\003\3210\202\003\3150\202\0036\240\003\002\001\002\002\001\0020\r\006\t*\206H\206\367\r\001\001\004\005\0000\201\2271\0130\t\006\003U\004\006\023\002US1\0230\021\006\003U\004\010\023\nNew Jersey1\0270\025\006" EAP-Message = "0#\006\t*\206H\206\367\r\001\t\001\026\[EMAIL PROTECTED]\036\027\r020409163318Z\027\r030409163318Z0\201\2311\0130\t\006\003U\004\006\023\002US1\0230\021\006\003U\004\010\023\nNew Jersey1\0270\025\006\003U\004\007\023\016New Providence1\0220\020\006\003U\004\n\023\tBroadwave1\0140\n\006\003U\004\013\023\003CBG1\0230\021\006\003U\004\003\023\ncbg-server1%0#\006\t*\206H\206\367\r\001\t\001\026\[EMAIL PROTECTED]\201\2370\r\006\t*\206H\206\367\r\001\001\001\005\000\003\201\215\0000\201\211\002" EAP-Message = "\201\000\314\311\3543\341KE\273"\366\3551\317\233\245\323u\330\\\201M\031'\225\362\247\353.\331@J%\226B\276\256'\344b\200h\305\212\2578\235\345\213\315.Wg#!K,\225\212tH\355:\331v8\376\277\276u\355\315\367\360\333\363>\334\235I\320\202\331\267Ob@_\221\253\3451\246\010\321&'\225\017\305b\202\334k\324\3407\232\014\034!\007x\nk\n#WF>\240\366\251\300:\220i\303\275\002\003\001\000\001\243\202\001#0\202\001\0370\t\006\003U\035\023\004\0020\0000,\006\t`\206H\001\206\370B\001\r\004\037\026\035OpenSSL Generated Cer" EAP-Message = "\317\230\273\343X0\247n\203\016\272&\035\331"\241\201\235\244\201\2320\201\2271\0130\t\006\003U\004\006\023\002US1\0230\021\006\003U\004\010\023\nNew Jersey1\0270\025\006\003U\004\007\023\016New Providence1\0220\020\006\003U\004\n\023\tBroadwave1\0140\n\006\003U\004\013\023\003CBG1\0210\017\006\003U\004\003\023\010cbg-root1%0#\006\t*\206H\206\367\r\001\t\001\026\[EMAIL PROTECTED]\202\001\0000\r\006\t*\206H\206\367\r\001\001\004\005\000\003\201\201\000z\317\033\026\304\036(\3510\3425\356|xiU\034y\242" EAP-Message = "\347\024\257\333\211\360d\247\250\270Ta\271b\367\032M\203\333E\226\263;\006&\212" Message-Authenticator = 0x00000000000000000000000000000000 State = 0x3de2e760073a0b35e7bc0c304e4d33833cb36076a1646ded289ba251ee6c06caea2d2fce Finished request 7 Going to the next request Waking up in 6 seconds... rad_recv: Access-Request packet from host 192.168.123.2:3200, id=58, length=155 User-Name = "KEN" NAS-IP-Address = 192.168.123.2 Called-Station-Id = "004096431d06" Calling-Station-Id = "000625039e69" NAS-Identifier = "AP340-431d06" NAS-Port = 29 Framed-MTU = 1400 State = 0x3de2e760073a0b35e7bc0c304e4d33833cb36076a1646ded289ba251ee6c06caea2d2fce NAS-Port-Type = Wireless-802.11 EAP-Message = "\002\010\000\006\r" Message-Authenticator = 0x957b46ed2f54e084ffba4060ecd609e3 modcall: entering group authorize modcall[authorize]: module "preprocess" returns ok modcall[authorize]: module "eap" returns updated rlm_realm: Looking up realm NULL for User-Name = "KEN" rlm_realm: No such realm NULL modcall[authorize]: module "suffix" returns noop users: Matched KEN at 25 modcall[authorize]: module "files" returns ok modcall: group authorize returns updated rad_check_password: Found Auth-Type EAP auth: type "EAP" modcall: entering group authenticate rlm_eap: Request found, released from the list rlm_eap: EAP_TYPE - tls rlm_eap: processing type tls rlm_eap_tls: Received EAP-TLS ACK message modcall[authenticate]: module "eap" returns ok modcall: group authenticate returns ok Login OK: [KEN/<no User-Password attribute>] (from client 192.168.123.2 port 29 cli 000625039e69) Sending Access-Challenge of id 58 to 192.168.123.2:3200 Acct-Interim-Interval = 30 Idle-Timeout = 7200 Session-Timeout = 14400 EAP-Message = "\001\t\004\n\r\300\000\000\010\202\3209\356\220a\001\206\355\310\220K\000\025\341\020\213\341\356\372\204\277\2634\026x\304\250\202zlD\342\241\001\340n\271<\230\030\225\001\023\260{?(\000\003\2420\202\003\2360\202\003\007\240\003\002\001\002\002\001\0000\r\006\t*\206H\206\367\r\001\001\004\005\0000\201\2271\0130\t\006\003U\004\006\023\002US1\0230\021\006\003U\004\010\023\nNew Jersey1\0270\025\006\003U\004\007\023\016New Providence1\0220\020\006\003U\004\n\023\tBroadwave1\0140\n\006\003U\004\013\023\003CBG" EAP-Message = "409163243Z\027\r040408163243Z0\201\2271\0130\t\006\003U\004\006\023\002US1\0230\021\006\003U\004\010\023\nNew Jersey1\0270\025\006\003U\004\007\023\016New Providence1\0220\020\006\003U\004\n\023\tBroadwave1\0140\n\006\003U\004\013\023\003CBG1\0210\017\006\003U\004\003\023\010cbg-root1%0#\006\t*\206H\206\367\r\001\t\001\026\[EMAIL PROTECTED]\201\2370\r\006\t*\206H\206\367\r\001\001\001\005\000\003\201\215\0000\201\211\002\201\201\000\274f\266\t\227F\002\366\343\312l:|\252\217\013\r\330\330\3778\026" EAP-Message = "M\261\3706\316=A\251iT:\222\3645E\t\357\354%\001\227\223\270\024?\302\036h7\236n\245\370m\237e\367\250q\373\277\234\n2\234\337\020\227\331_ga\226\376\377}\321\324\260CfG\312@\311\226\024\266\000\240o\306y\261\007Jg}\330\347U\350*\221\002\003\001\000\001\243\201\3670\201\3640\035\006\003U\035\016\004\026\004\024\350\023\303\226\276\317\230\273\343X0\247n\203\016\272&\035\331"0\201\304\006\003U\035#\004\201\2740\201\271\200\024\350\023\303\226\276\317\230\273\343X0\247n\203\016\272&\035\331"\241\201\235\244" EAP-Message = "0\n\006\003U\004\013\023\003CBG1\0210\017\006\003U\004\003\023\010cbg-root1%0#\006\t*\206H\206\367\r\001\t\001\026\[EMAIL PROTECTED]\202\001\0000\014\006\003U\035\023\004\0050\003\001\001\3770\r\006\t*\206H\206\367\r\001\001\004\005\000\003\201\201\000Jeo\226\323\372v\333\354!\276\253\334=\025\363o\270T;\034Q,4\255\362\031\001\372j\231;\210B\247\025'N\204\244T\365\270\355<f\225\354\037\371\267\225I\347I\rPw\305\215\234%l\27074\357\027\336k\351\276\213J\333\035\334M>\026\025\005\231\024\362\264V\252" EAP-Message = "\2271\0130\t\006\003U\004\006\023\002US1\0230\021\006\003U\004\010\023\nN" Message-Authenticator = 0x00000000000000000000000000000000 State = 0xee15bb0b824609c28938df55b19d49213cb36076e12cb46f626316382ebc8052716ab71a Finished request 8 Going to the next request Waking up in 6 seconds... rad_recv: Access-Request packet from host 192.168.123.2:3201, id=59, length=155 User-Name = "KEN" NAS-IP-Address = 192.168.123.2 Called-Station-Id = "004096431d06" Calling-Station-Id = "000625039e69" NAS-Identifier = "AP340-431d06" NAS-Port = 29 Framed-MTU = 1400 State = 0xee15bb0b824609c28938df55b19d49213cb36076e12cb46f626316382ebc8052716ab71a NAS-Port-Type = Wireless-802.11 EAP-Message = "\002\t\000\006\r" Message-Authenticator = 0x2ad0b4402ccd88ad9fab60be516e63d5 modcall: entering group authorize modcall[authorize]: module "preprocess" returns ok modcall[authorize]: module "eap" returns updated rlm_realm: Looking up realm NULL for User-Name = "KEN" rlm_realm: No such realm NULL modcall[authorize]: module "suffix" returns noop users: Matched KEN at 25 modcall[authorize]: module "files" returns ok modcall: group authorize returns updated rad_check_password: Found Auth-Type EAP auth: type "EAP" modcall: entering group authenticate rlm_eap: Request found, released from the list rlm_eap: EAP_TYPE - tls rlm_eap: processing type tls rlm_eap_tls: Received EAP-TLS ACK message modcall[authenticate]: module "eap" returns ok modcall: group authenticate returns ok Login OK: [KEN/<no User-Password attribute>] (from client 192.168.123.2 port 29 cli 000625039e69) Sending Access-Challenge of id 59 to 192.168.123.2:3201 Acct-Interim-Interval = 30 Idle-Timeout = 7200 Session-Timeout = 14400 EAP-Message = "\001\n\000\214\r\200\000\000\010\202ew Jersey1\0270\025\006\003U\004\007\023\016New Providence1\0220\020\006\003U\004\n\023\tBroadwave1\0140\n\006\003U\004\013\023\003CBG1\0210\017\006\003U\004\003\023\010cbg-root1%0#\006\t*\206H\206\367\r\001\t\001\026\[EMAIL PROTECTED]\016\000\000" Message-Authenticator = 0x00000000000000000000000000000000 State = 0x7226690e9d9a241ae69c1eb30db1d0f83cb36076453b1acea082cf49d0461f171435b6ff Finished request 9 Going to the next request Waking up in 6 seconds... rad_recv: Access-Request packet from host 192.168.123.2:3202, id=60, length=1465 User-Name = "KEN" NAS-IP-Address = 192.168.123.2 Called-Station-Id = "004096431d06" Calling-Station-Id = "000625039e69" NAS-Identifier = "AP340-431d06" NAS-Port = 29 Framed-MTU = 1400 State = 0x7226690e9d9a241ae69c1eb30db1d0f83cb36076453b1acea082cf49d0461f171435b6ff NAS-Port-Type = Wireless-802.11 EAP-Message = "\002\n\005\032\r\200\000\000\005\020\026\003\001\004\340\013\000\003\320\000\003\315\000\003\3120\202\003\3060\202\003/\240\003\002\001\002\002\001\0060\r\006\t*\206H\206\367\r\001\001\004\005\0000\201\2271\0130\t\006\003U\004\006\023\002US1\0230\021\006\003U\004\010\023\nNew Jersey1\0270\025\006\003U\004\007\023\016New Providence1\0220\020\006\003U\004\n\023\tBroadwave1\0140\n\006\003U\004\013\023\003CBG1\0210\017\006\003U\004\003\023\010cbg-root1%0#\006\t*\206H\206\367\r\001\t\001\026\026root@broadwave." EAP-Message = "\006\023\002US1\0230\021\006\003U\004\010\023\nNew Jersey1\0270\025\006\003U\004\007\023\016New Providence1\0220\020\006\003U\004\n\023\tBroadwave1\0140\n\006\003U\004\013\023\003CBG1\0140\n\006\003U\004\003\023\003KEN1%0#\006\t*\206H\206\367\r\001\t\001\026\[EMAIL PROTECTED]\201\2370\r\006\t*\206H\206\367\r\001\001\001\005\000\003\201\215\0000\201\211\002\201\201\000\267\203\251t[\266\341\025\300!\332r\336{\257\026\336\322\301\000+a\3036-{C )\034;T\r\277G\274ah\003\311\t\262H\302FJ4\354,\024|\201" EAP-Message = "u^f2\327\217N\350jk\303it\017\367\212\376p\321\363Y'\267\217~Zk\0364I]\022A\320\271\026\375`\365)hW\002\003\001\000\001\243\202\001#0\202\001\0370\t\006\003U\035\023\004\0020\0000,\006\t`\206H\001\206\370B\001\r\004\037\026\035OpenSSL Generated Certificate0\035\006\003U\035\016\004\026\004\024wó\243<\200Y\213oV\347\351r\276\257\301\242H$G50\201\304\006\003U\035#\004\201\2740\201\271\200\024\350\023\303\226\276\317\230\273\343X0\247n\203\016\272&\035\331"\241\201\235\244\201\2320\201\2271\0130\t\006\003U\004" EAP-Message = "U\004\n\023\tBroadwave1\0140\n\006\003U\004\013\023\003CBG1\0210\017\006\003U\004\003\023\010cbg-root1%0#\006\t*\206H\206\367\r\001\t\001\026\[EMAIL PROTECTED]\202\001\0000\r\006\t*\206H\206\367\r\001\001\004\005\000\003\201\201\000q\367\315'\\\201;\344_?\313\n\030w\211PX\034\344Zp_\315\306\352\247\315\375\316\210\327\206r\030<\275?\020\275\203{\344\257\255\341Z\210\221$=\003\205]\001qk\2023aj\221i\227\211{j\345\277a\246\331&T\223\246\310\337\262\355\225s\255`j\201\232\310.\216\020\250\215Q\003\345" EAP-Message = "\360-\322\341\226\332\216R\nz\333\376\237\026\265\\\315HG\254\276\313\276C\200~c\n\033\266\006\222\323F:3a>c\0268\\\247\205\347\342\030\302\303bi4\235\004Có\236\315\277@\350P\330r t\237R\253U\2316\270A\265>\335\213\t>i\336\002\253\241\331\224\263\204\266o\323\250c\215&\265\342\352h\312$`\r\304\004U\r\322\322n\363\324)\345\272\211\017\000\000\202\000\200&\006\014\252g\304\004\206\241\230\305\003\253Q{\305\013\366\027\352\203$\331\362\350\331\243\362.Uf\352\252\342\000,\001\203\277\037\2455\366\307\242\341@" EAP-Message = "\001\000\001\001\026\003\001\000 \242\361B\014#\306"\225dP\353P\327{,\335%Q\356\r\275\3263\002\241\n}\017\250\275\335\223" Message-Authenticator = 0xbda4ad5c2ed49b2170d0263da605d455 modcall: entering group authorize modcall[authorize]: module "preprocess" returns ok modcall[authorize]: module "eap" returns updated rlm_realm: Looking up realm NULL for User-Name = "KEN" rlm_realm: No such realm NULL modcall[authorize]: module "suffix" returns noop users: Matched KEN at 25 modcall[authorize]: module "files" returns ok modcall: group authorize returns updated rad_check_password: Found Auth-Type EAP auth: type "EAP" modcall: entering group authenticate rlm_eap: Multiple EAP_Message attributes found rlm_eap: Request found, released from the list rlm_eap: EAP_TYPE - tls rlm_eap: processing type tls rlm_eap_tls: Length Included <<< TLS 1.0 Handshake [length 03d4], Certificate chain-depth=1, error=0 Segmentation Fault - core dumped - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html