I'm attempting to use FreeRADIUS with EAP/TLS and Windows XP. I'm using certificates
generated by OpenSSL. I'm pretty much following the EAP/TLS notes you can find at
http://www.missl.cs.umd.edu/wireless/eaptls/
When I do this I get a core dump with FreeRADIUS.
Details:
FreeRADIUS CVS snapshot of April 4th.
OpenSSL, tried both the one used in the TLS notes and version of April 8th. (this
dump is with the same OpenSSL Adam used)
Server is Sun Blade 100 with Solaris 8
AP is Cisco Aironet 340
I've noticed some OpenSSL errors scattered through the RADIUS log but I don't know
(yet) what they mean. Even Adam's log on the eaptls website had some errors, but none
classified as "fatal" as I do.
Is there any glaring error here that someone can see? Otherwise I'll dig in further
and debug it.
(gdb) bt
#0 0xfefb3084 in strlen () from /usr/lib/libc.so.1
#1 0xff0028d8 in _doprnt () from /usr/lib/libc.so.1
#2 0xff004a4c in vsnprintf () from /usr/lib/libc.so.1
#3 0x18124 in radlogdir_iswritable ()
#4 0x1836c in radlog ()
#5 0xfee62fc8 in cbtls_verify (ok=1, ctx=0xffbecb38) at cb.c:135
#6 0xff2d7c1c in internal_verify () from /usr/local/openssl/lib/libcrypto.so
#7 0xff2d7600 in X509_verify_cert () from /usr/local/openssl/lib/libcrypto.so
#8 0xfee24e3c in ssl_verify_cert_chain ()
from /usr/local/openssl/lib/libssl.so.0.9.7
#9 0xfee15c58 in ssl3_get_client_certificate ()
from /usr/local/openssl/lib/libssl.so.0.9.7
#10 0xfee13dd4 in ssl3_accept () from /usr/local/openssl/lib/libssl.so.0.9.7
#11 0xfee1bbb4 in ssl3_read_bytes ()
from /usr/local/openssl/lib/libssl.so.0.9.7
#12 0xfee19bb0 in ssl3_read () from /usr/local/openssl/lib/libssl.so.0.9.7
#13 0xfee23598 in SSL_read () from /usr/local/openssl/lib/libssl.so.0.9.7
#14 0xfee6377c in tls_handshake_recv (ssn=0xda960) at tls.c:294
#15 0xfee62c20 in eaptls_operation (eaptls_packet=0xd8df8,
status=EAPTLS_LENGTH_INCLUDED, handler=0xc2b88) at eap_tls.c:586
#16 0xfee6220c in eaptls_authenticate (arg=0xb, handler=0xc2b88)
at rlm_eap_tls.c:203
#17 0xfee81bc0 in eaptype_call (eap_type=276976, action=AUTHENTICATE,
---Type <return> to continue, or q <return> to quit---
type_list=0x439f0, handler=0xc2b88) at eap.c:203
#18 0xfee81d3c in eaptype_select (type_list=0x439f0, handler=0xc2b88,
conftype=0xd8be0 "\r") at eap.c:277
#19 0xfee8154c in eap_authenticate (instance=0xa5958, request=0xd32b8)
at rlm_eap.c:213
#20 0x1db14 in module_checksimul ()
#21 0x1dcbc in modcall ()
#22 0x1db68 in module_checksimul ()
#23 0x1dc6c in modcall ()
#24 0x1d394 in find_module_instance ()
#25 0x1d724 in module_authenticate ()
#26 0x1a1c8 in rad_check_password ()
#27 0x1a49c in rad_authenticate ()
#28 0x15758 in rad_respond ()
#29 0x1539c in rad_process ()
#30 0x14f4c in main ()
(gdb)
The RADIUS log is:
# ./radiusd -X -A
Starting - reading configuration files ...
reread_config: reading radiusd.conf
Config: including file: /home/freeradius/cvs/etc/raddb/proxy.conf
Config: including file: /home/freeradius/cvs/etc/raddb/clients.conf
Config: including file: /home/freeradius/cvs/etc/raddb/snmp.conf
Config: including file: /home/freeradius/cvs/etc/raddb/sql.conf
main: prefix = "/home/freeradius/cvs"
main: localstatedir = "/home/freeradius/cvs/var"
main: logdir = "/home/freeradius/cvs/var/log/radius"
main: libdir = "/home/freeradius/cvs/lib"
main: radacctdir = "/home/freeradius/cvs/var/log/radius/radacct"
main: hostname_lookups = no
read_config_files: reading dictionary
read_config_files: reading clients
read_config_files: reading realms
read_config_files: reading naslist
main: max_request_time = 30
main: cleanup_delay = 5
main: max_requests = 1024
main: delete_blocked_requests = 0
main: port = 0
main: allow_core_dumps = no
main: log_stripped_names = no
main: log_auth = yes
main: log_auth_badpass = yes
main: log_auth_goodpass = yes
main: pidfile = "/home/freeradius/cvs/var/run/radiusd.pid"
main: user = "root"
main: group = "root"
main: usercollide = no
main: lower_user = "no"
main: lower_pass = "no"
main: nospace_user = "no"
main: nospace_pass = "no"
main: proxy_requests = yes
proxy: retry_delay = 5
proxy: retry_count = 3
proxy: synchronous = no
proxy: default_fallback = yes
proxy: dead_time = 120
security: max_attributes = 200
security: reject_delay = 1
main: debug_level = 0
read_config_files: entering modules setup
Module: Library search path is /home/freeradius/cvs/lib
Module: Loaded System
unix: cache = no
unix: passwd = "/etc/passwd"
unix: shadow = "(null)"
unix: group = "/etc/group"
unix: radwtmp = "/home/freeradius/cvs/var/log/radius/radwtmp"
unix: usegroup = no
unix: cache_reload = 600
Module: Instantiated unix (unix)
Module: Loaded eap
eap: default_eap_type = "tls"
eap: timer_expire = 60
tls: rsa_key_exchange = no
tls: dh_key_exchange = yes
tls: rsa_key_length = 512
tls: dh_key_length = 512
tls: verify_depth = 0
tls: CA_path = "(null)"
tls: pem_file_type = yes
tls: private_key_file = "/etc/1x/cert/cert-srv.pem"
tls: certificate_file = "/etc/1x/cert/cert-srv.pem"
tls: CA_file = "/etc/1x/cert/demoCA/cacert.pem"
tls: private_key_password = "whatever"
tls: dh_file = "/etc/1x/adamcert/random"
tls: random_file = "/etc/1x/adamcert/dh"
tls: fragment_size = 1024
tls: include_length = yes
rlm_eap_tls: conf N ctx stored
rlm_eap: Loaded and initialized the type tls
Module: Instantiated eap (eap)
Module: Loaded preprocess
preprocess: huntgroups = "/home/freeradius/cvs/etc/raddb/huntgroups"
preprocess: hints = "/home/freeradius/cvs/etc/raddb/hints"
preprocess: with_ascend_hack = no
preprocess: ascend_channels_per_line = 23
preprocess: with_ntdomain_hack = no
preprocess: with_specialix_jetstream_hack = no
preprocess: with_cisco_vsa_hack = no
Module: Instantiated preprocess (preprocess)
Module: Loaded realm
realm: format = "suffix"
realm: delimiter = "@"
Module: Instantiated realm (suffix)
Module: Loaded files
files: usersfile = "/home/freeradius/cvs/etc/raddb/users"
files: acctusersfile = "/home/freeradius/cvs/etc/raddb/acct_users"
files: compat = "no"
Module: Instantiated files (files)
Module: Loaded detail
detail: detailfile =
"/home/freeradius/cvs/var/log/radius/radacct/%{Client-IP-Address}/detail"
detail: detailperm = 384
detail: dirperm = 493
Module: Instantiated detail (detail)
Module: Loaded radutmp
radutmp: filename = "/home/freeradius/cvs/var/log/radius/radutmp"
radutmp: username = "%{User-Name}"
radutmp: perm = 384
radutmp: callerid = yes
Module: Instantiated radutmp (radutmp)
Listening on IP address *, ports 1812/udp and 1813/udp, with proxy on 1814/udp.
Ready to process requests.
rad_recv: Access-Request packet from host 192.168.123.2:3192, id=50, length=119
User-Name = "KEN"
NAS-IP-Address = 192.168.123.2
Called-Station-Id = "004096431d06"
Calling-Station-Id = "000625039e69"
NAS-Identifier = "AP340-431d06"
NAS-Port = 29
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
EAP-Message = "\002\000\000\010\001KEN"
Message-Authenticator = 0x7bbd37e894aa65d712e1c6be39e3868b
modcall: entering group authorize
modcall[authorize]: module "preprocess" returns ok
modcall[authorize]: module "eap" returns updated
rlm_realm: Looking up realm NULL for User-Name = "KEN"
rlm_realm: No such realm NULL
modcall[authorize]: module "suffix" returns noop
users: Matched KEN at 25
modcall[authorize]: module "files" returns ok
modcall: group authorize returns updated
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
modcall: entering group authenticate
rlm_eap: processing type tls
modcall[authenticate]: module "eap" returns ok
modcall: group authenticate returns ok
Login OK: [KEN/<no User-Password attribute>] (from client 192.168.123.2 port 29 cli
000625039e69)
Sending Access-Challenge of id 50 to 192.168.123.2:3192
Acct-Interim-Interval = 30
Idle-Timeout = 7200
Session-Timeout = 14400
EAP-Message = "\001\001\000\006\r "
Message-Authenticator = 0x00000000000000000000000000000000
State =
0xe664779fdc06f7b82d6447a235c2cc703cb36058c8e490866df580d8848b26313b732417
Finished request 0
Going to the next request
--- Walking the entire request list ---
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 192.168.123.2:3193, id=51, length=229
User-Name = "KEN"
NAS-IP-Address = 192.168.123.2
Called-Station-Id = "004096431d06"
Calling-Station-Id = "000625039e69"
NAS-Identifier = "AP340-431d06"
NAS-Port = 29
Framed-MTU = 1400
State =
0xe664779fdc06f7b82d6447a235c2cc703cb36058c8e490866df580d8848b26313b732417
NAS-Port-Type = Wireless-802.11
EAP-Message =
"\002\001\000P\r\200\000\000\000F\026\003\001\000A\001\000\000=\003\001<\263`J.\322G\227\353%_G\3768l
\272i=\363\350;\221H\212-\221\021\264\273\303\316\000\000\026\000\004\000\005\000\n\000\t\000d\000b\000\003\000\006\000\023\000\022\000c\001"
Message-Authenticator = 0x941d1f0981b4eb694223f99e8356974e
modcall: entering group authorize
modcall[authorize]: module "preprocess" returns ok
modcall[authorize]: module "eap" returns updated
rlm_realm: Looking up realm NULL for User-Name = "KEN"
rlm_realm: No such realm NULL
modcall[authorize]: module "suffix" returns noop
users: Matched KEN at 25
modcall[authorize]: module "files" returns ok
modcall: group authorize returns updated
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
modcall: entering group authenticate
rlm_eap: Request found, released from the list
rlm_eap: EAP_TYPE - tls
rlm_eap: processing type tls
rlm_eap_tls: Length Included
undefined:before/accept initialization
TLS_accept:before/accept initialization
<<< TLS 1.0 Handshake [length 0041], ClientHello
TLS_accept:SSLv3 read client hello A
>>> TLS 1.0 Handshake [length 004a], ServerHello
TLS_accept:SSLv3 write server hello A
>>> TLS 1.0 Handshake [length 0780], Certificate
TLS_accept:SSLv3 write certificate A
>>> TLS 1.0 Handshake [length 00a9], CertificateRequest
TLS_accept:SSLv3 write certificate request A
TLS_accept:SSLv3 flush data
TLS_accept:error in SSLv3 read client certificate A
rlm_eap_tls: SSL_read Error
Error code is ..... 2
SSL Error ..... 2
In SSL Handshake Phase
In SSL Accept mode
modcall[authenticate]: module "eap" returns ok
modcall: group authenticate returns ok
Login OK: [KEN/<no User-Password attribute>] (from client 192.168.123.2 port 29 cli
000625039e69)
Sending Access-Challenge of id 51 to 192.168.123.2:3193
Acct-Interim-Interval = 30
Idle-Timeout = 7200
Session-Timeout = 14400
EAP-Message =
"\001\002\004\n\r\300\000\000\010\202\026\003\001\000J\002\000\000F\003\001<\263`X5\001\226\032L\006\305Z\314!\317\022\256,\274\333ssK\212\267\236\001\234d&H\206
'\241\356\311\276\3631\216\310"\375\262-.\251Y\234\353V>\322\321f\3127\251L\276\002\243\247\301\000\004\000\026\003\001\007\200\013\000\007|\000\007y\000\003\3210\202\003\3150\202\0036\240\003\002\001\002\002\001\0020\r\006\t*\206H\206\367\r\001\001\004\005\0000\201\2271\0130\t\006\003U\004\006\023\002US1\0230\021\006\003U\004\010\023\nNew
Jersey1"
EAP-Message =
"0#\006\t*\206H\206\367\r\001\t\001\026\[EMAIL PROTECTED]\036\027\r020409163318Z\027\r030409163318Z0\201\2311\0130\t\006\003U\004\006\023\002US1\0230\021\006\003U\004\010\023\nNew
Jersey1\0270\025\006\003U\004\007\023\016New
Providence1\0220\020\006\003U\004\n\023\tBroadwave1\0140\n\006\003U\004\013\023\003CBG1\0230\021\006\003U\004\003\023\ncbg-server1%0#\006\t*\206H\206\367\r\001\t\001\026\[EMAIL PROTECTED]\201\2370\r\006\t*\206H\206\367\r\001\001\001\005\000\003\201\215\0000\201\211\002"
EAP-Message =
"\201\000\314\311\3543\341KE\273"\366\3551\317\233\245\323u\330\\\201M\031'\225\362\247\353.\331@J%\226B\276\256'\344b\200h\305\212\2578\235\345\213\315.Wg#!K,\225\212tH\355:\331v8\376\277\276u\355\315\367\360\333\363>\334\235I\320\202\331\267Ob@_\221\253\3451\246\010\321&'\225\017\305b\202\334k\324\3407\232\014\034!\007x\nk\n#WF>\240\366\251\300:\220i\303\275\002\003\001\000\001\243\202\001#0\202\001\0370\t\006\003U\035\023\004\0020\0000,\006\t`\206H\001\206\370B\001\r\004\037\026\035OpenSSL
Generated Cer"
EAP-Message =
"\317\230\273\343X0\247n\203\016\272&\035\331"\241\201\235\244\201\2320\201\2271\0130\t\006\003U\004\006\023\002US1\0230\021\006\003U\004\010\023\nNew
Jersey1\0270\025\006\003U\004\007\023\016New
Providence1\0220\020\006\003U\004\n\023\tBroadwave1\0140\n\006\003U\004\013\023\003CBG1\0210\017\006\003U\004\003\023\010cbg-root1%0#\006\t*\206H\206\367\r\001\t\001\026\[EMAIL PROTECTED]\202\001\0000\r\006\t*\206H\206\367\r\001\001\004\005\000\003\201\201\000z\317\033\026\304\036(\3510\3425\356|xiU\034y\242"
EAP-Message =
"\347\024\257\333\211\360d\247\250\270Ta\271b\367\032M\203\333E\226\263;\006&\212"
Message-Authenticator = 0x00000000000000000000000000000000
State =
0x1e6623dace6bc40ffdba04c308cf19ad3cb3605873f074a9326e3be3600327bd0d19045d
Finished request 1
Going to the next request
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 192.168.123.2:3194, id=52, length=155
User-Name = "KEN"
NAS-IP-Address = 192.168.123.2
Called-Station-Id = "004096431d06"
Calling-Station-Id = "000625039e69"
NAS-Identifier = "AP340-431d06"
NAS-Port = 29
Framed-MTU = 1400
State =
0x1e6623dace6bc40ffdba04c308cf19ad3cb3605873f074a9326e3be3600327bd0d19045d
NAS-Port-Type = Wireless-802.11
EAP-Message = "\002\002\000\006\r"
Message-Authenticator = 0xf532bbd42e5d0326660db04931506b38
modcall: entering group authorize
modcall[authorize]: module "preprocess" returns ok
modcall[authorize]: module "eap" returns updated
rlm_realm: Looking up realm NULL for User-Name = "KEN"
rlm_realm: No such realm NULL
modcall[authorize]: module "suffix" returns noop
users: Matched KEN at 25
modcall[authorize]: module "files" returns ok
modcall: group authorize returns updated
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
modcall: entering group authenticate
rlm_eap: Request found, released from the list
rlm_eap: EAP_TYPE - tls
rlm_eap: processing type tls
rlm_eap_tls: Received EAP-TLS ACK message
modcall[authenticate]: module "eap" returns ok
modcall: group authenticate returns ok
Login OK: [KEN/<no User-Password attribute>] (from client 192.168.123.2 port 29 cli
000625039e69)
Sending Access-Challenge of id 52 to 192.168.123.2:3194
Acct-Interim-Interval = 30
Idle-Timeout = 7200
Session-Timeout = 14400
EAP-Message =
"\001\003\004\n\r\300\000\000\010\202\3209\356\220a\001\206\355\310\220K\000\025\341\020\213\341\356\372\204\277\2634\026x\304\250\202zlD\342\241\001\340n\271<\230\030\225\001\023\260{?(\000\003\2420\202\003\2360\202\003\007\240\003\002\001\002\002\001\0000\r\006\t*\206H\206\367\r\001\001\004\005\0000\201\2271\0130\t\006\003U\004\006\023\002US1\0230\021\006\003U\004\010\023\nNew
Jersey1\0270\025\006\003U\004\007\023\016New
Providence1\0220\020\006\003U\004\n\023\tBroadwave1\0140\n\006\003U\004\013\023\003C"
EAP-Message =
"409163243Z\027\r040408163243Z0\201\2271\0130\t\006\003U\004\006\023\002US1\0230\021\006\003U\004\010\023\nNew
Jersey1\0270\025\006\003U\004\007\023\016New
Providence1\0220\020\006\003U\004\n\023\tBroadwave1\0140\n\006\003U\004\013\023\003CBG1\0210\017\006\003U\004\003\023\010cbg-root1%0#\006\t*\206H\206\367\r\001\t\001\026\[EMAIL PROTECTED]\201\2370\r\006\t*\206H\206\367\r\001\001\001\005\000\003\201\215\0000\201\211\002\201\201\000\274f\266\t\227F\002\366\343\312l:|\252\217\013\r\330\330\3778\026"
EAP-Message =
"M\261\3706\316=A\251iT:\222\3645E\t\357\354%\001\227\223\270\024?\302\036h7\236n\245\370m\237e\367\250q\373\277\234\n2\234\337\020\227\331_ga\226\376\377}\321\324\260CfG\312@\311\226\024\266\000\240o\306y\261\007Jg}\330\347U\350*\221\002\003\001\000\001\243\201\3670\201\3640\035\006\003U\035\016\004\026\004\024\350\023\303\226\276\317\230\273\343X0\247n\203\016\272&\035\331"0\201\304\006\003U\035#\004\201\2740\201\271\200\024\350\023\303\226\276\317\230\273\343X0\247n\203\016\272&\035\331"\241\201\235\244"
EAP-Message =
"0\n\006\003U\004\013\023\003CBG1\0210\017\006\003U\004\003\023\010cbg-root1%0#\006\t*\206H\206\367\r\001\t\001\026\[EMAIL PROTECTED]\202\001\0000\014\006\003U\035\023\004\0050\003\001\001\3770\r\006\t*\206H\206\367\r\001\001\004\005\000\003\201\201\000Jeo\226\323\372v\333\354!\276\253\334=\025\363o\270T;\034Q,4\255\362\031\001\372j\231;\210B\247\025'N\204\244T\365\270\355<f\225\354\037\371\267\225I\347I\rPw\305\215\234%l\27074\357\027\336k\351\276\213J\333\035\334M>\026\025\005\231\024\362\264V\252"
EAP-Message =
"\2271\0130\t\006\003U\004\006\023\002US1\0230\021\006\003U\004\010\023\nN"
Message-Authenticator = 0x00000000000000000000000000000000
State =
0x0741ffb59d84a7aa5e41e291d88731b93cb36058b77574d690fba2cdf5ad4566d3af3cd9
Finished request 2
Going to the next request
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 192.168.123.2:3195, id=53, length=155
User-Name = "KEN"
NAS-IP-Address = 192.168.123.2
Called-Station-Id = "004096431d06"
Calling-Station-Id = "000625039e69"
NAS-Identifier = "AP340-431d06"
NAS-Port = 29
Framed-MTU = 1400
State =
0x0741ffb59d84a7aa5e41e291d88731b93cb36058b77574d690fba2cdf5ad4566d3af3cd9
NAS-Port-Type = Wireless-802.11
EAP-Message = "\002\003\000\006\r"
Message-Authenticator = 0xe479b0a4fa41872b8c0ee43eebb4a56d
modcall: entering group authorize
modcall[authorize]: module "preprocess" returns ok
modcall[authorize]: module "eap" returns updated
rlm_realm: Looking up realm NULL for User-Name = "KEN"
rlm_realm: No such realm NULL
modcall[authorize]: module "suffix" returns noop
users: Matched KEN at 25
modcall[authorize]: module "files" returns ok
modcall: group authorize returns updated
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
modcall: entering group authenticate
rlm_eap: Request found, released from the list
rlm_eap: EAP_TYPE - tls
rlm_eap: processing type tls
rlm_eap_tls: Received EAP-TLS ACK message
modcall[authenticate]: module "eap" returns ok
modcall: group authenticate returns ok
Login OK: [KEN/<no User-Password attribute>] (from client 192.168.123.2 port 29 cli
000625039e69)
Sending Access-Challenge of id 53 to 192.168.123.2:3195
Acct-Interim-Interval = 30
Idle-Timeout = 7200
Session-Timeout = 14400
EAP-Message = "\001\004\000\214\r\200\000\000\010\202ew
Jersey1\0270\025\006\003U\004\007\023\016New
Providence1\0220\020\006\003U\004\n\023\tBroadwave1\0140\n\006\003U\004\013\023\003CBG1\0210\017\006\003U\004\003\023\010cbg-root1%0#\006\t*\206H\206\367\r\001\t\001\026\[EMAIL PROTECTED]\016\000\000"
Message-Authenticator = 0x00000000000000000000000000000000
State =
0x54945026b357edb112a86482018452bc3cb360586e5882d181e693b0d2da042a6d0ebbf1
Finished request 3
Going to the next request
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 192.168.123.2:3196, id=54, length=1465
User-Name = "KEN"
NAS-IP-Address = 192.168.123.2
Called-Station-Id = "004096431d06"
Calling-Station-Id = "000625039e69"
NAS-Identifier = "AP340-431d06"
NAS-Port = 29
Framed-MTU = 1400
State =
0x54945026b357edb112a86482018452bc3cb360586e5882d181e693b0d2da042a6d0ebbf1
NAS-Port-Type = Wireless-802.11
EAP-Message =
"\002\004\005\032\r\200\000\000\005\020\026\003\001\004\340\013\000\003\320\000\003\315\000\003\3120\202\003\3060\202\003/\240\003\002\001\002\002\001\0060\r\006\t*\206H\206\367\r\001\001\004\005\0000\201\2271\0130\t\006\003U\004\006\023\002US1\0230\021\006\003U\004\010\023\nNew
Jersey1\0270\025\006\003U\004\007\023\016New
Providence1\0220\020\006\003U\004\n\023\tBroadwave1\0140\n\006\003U\004\013\023\003CBG1\0210\017\006\003U\004\003\023\010cbg-root1%0#\006\t*\206H\206\367\r\001\t\001\026\026root@broadwav"
EAP-Message = "\006\023\002US1\0230\021\006\003U\004\010\023\nNew
Jersey1\0270\025\006\003U\004\007\023\016New
Providence1\0220\020\006\003U\004\n\023\tBroadwave1\0140\n\006\003U\004\013\023\003CBG1\0140\n\006\003U\004\003\023\003KEN1%0#\006\t*\206H\206\367\r\001\t\001\026\[EMAIL PROTECTED]\201\2370\r\006\t*\206H\206\367\r\001\001\001\005\000\003\201\215\0000\201\211\002\201\201\000\267\203\251t[\266\341\025\300!\332r\336{\257\026\336\322\301\000+a\3036-{C
)\034;T\r\277G\274ah\003\311\t\262H\302FJ4\354,\024|\201"
EAP-Message =
"u^f2\327\217N\350jk\303it\017\367\212\376p\321\363Y'\267\217~Zk\0364I]\022A\320\271\026\375`\365)hW\002\003\001\000\001\243\202\001#0\202\001\0370\t\006\003U\035\023\004\0020\0000,\006\t`\206H\001\206\370B\001\r\004\037\026\035OpenSSL
Generated
Certificate0\035\006\003U\035\016\004\026\004\024wó\243<\200Y\213oV\347\351r\276\257\301\242H$G50\201\304\006\003U\035#\004\201\2740\201\271\200\024\350\023\303\226\276\317\230\273\343X0\247n\203\016\272&\035\331"\241\201\235\244\201\2320\201\2271\0130\t\006\003U\004"
EAP-Message =
"U\004\n\023\tBroadwave1\0140\n\006\003U\004\013\023\003CBG1\0210\017\006\003U\004\003\023\010cbg-root1%0#\006\t*\206H\206\367\r\001\t\001\026\[EMAIL PROTECTED]\202\001\0000\r\006\t*\206H\206\367\r\001\001\004\005\000\003\201\201\000q\367\315'\\\201;\344_?\313\n\030w\211PX\034\344Zp_\315\306\352\247\315\375\316\210\327\206r\030<\275?\020\275\203{\344\257\255\341Z\210\221$=\003\205]\001qk\2023aj\221i\227\211{j\345\277a\246\331&T\223\246\310\337\262\355\225s\255`j\201\232\310.\216\020\250\215Q\003\345"
EAP-Message =
"\206\310\264\350\312\372\016\267d\270Y\257\024V\023-D\315\353\311\375\200T\214Y\0027\036i\352\372\3724\220)\354\030\351^s\221A\375\237\347{\027\031\301o\253"`\005h\314K\346\23339T\242\2316t\307\340\211\241x\246\355#B\260D\242\333\201\014\302|L\035\305\262\025\027\331\324\000i\304}\035c\276\337\215\000H1E\035u\023\362H\203\006\322E\226\021\326U\017\000\000\202\000\200\206q\034}N\034\246\316o\300R\017\357_\022\3667\0162\233N\0177k\322\247N&\266J\247\245\236\335q\225u\n\224\206Q(;vTó\210x\377+Q\314:\350D\224"
EAP-Message = "\001\000\001\001\026\003\001\000 H\3418\233\247\006\3469\333
\347k>\257:\323&i\275\007P\335(*\037\330F\312t\241<h"
Message-Authenticator = 0x3d94dfa06729c0e5b782e40ff4194416
modcall: entering group authorize
modcall[authorize]: module "preprocess" returns ok
modcall[authorize]: module "eap" returns updated
rlm_realm: Looking up realm NULL for User-Name = "KEN"
rlm_realm: No such realm NULL
modcall[authorize]: module "suffix" returns noop
users: Matched KEN at 25
modcall[authorize]: module "files" returns ok
modcall: group authorize returns updated
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
modcall: entering group authenticate
rlm_eap: Multiple EAP_Message attributes found
rlm_eap: Request found, released from the list
rlm_eap: EAP_TYPE - tls
rlm_eap: processing type tls
rlm_eap_tls: Length Included
<<< TLS 1.0 Handshake [length 03d4], Certificate
chain-depth=1,
error=0
--> User-Name = KEN
--> subject = /C=US/ST=New Jersey/L=New
[EMAIL PROTECTED]
--> issuer = /C=US/ST=New Jersey/L=New
[EMAIL PROTECTED]
--> verify return:1
chain-depth=0,
error=0
--> User-Name = KEN
--> subject = /C=US/ST=New Jersey/L=New
[EMAIL PROTECTED]
--> issuer = /C=US/ST=New Jersey/L=New
[EMAIL PROTECTED]
--> verify return:1
TLS_accept:SSLv3 read client certificate A
<<< TLS 1.0 Handshake [length 0086], ClientKeyExchange
TLS_accept:SSLv3 read client key exchange A
<<< TLS 1.0 Handshake [length 0086], CertificateVerify
TLS_accept:SSLv3 read certificate verify A
<<< TLS 1.0 ChangeCipherSpec [length 0001]
<<< TLS 1.0 Handshake [length 0010], Finished
TLS_accept:SSLv3 read finished A
>>> TLS 1.0 ChangeCipherSpec [length 0001]
TLS_accept:SSLv3 write change cipher spec A
>>> TLS 1.0 Handshake [length 0010], Finished
TLS_accept:SSLv3 write finished A
TLS_accept:SSLv3 flush data
undefined:SSL negotiation finished successfully
rlm_eap_tls: SSL_read Error
Error code is ..... 2
SSL Error ..... 2
SSL Connection Established
modcall[authenticate]: module "eap" returns ok
modcall: group authenticate returns ok
Login OK: [KEN/<no User-Password attribute>] (from client 192.168.123.2 port 29 cli
000625039e69)
Sending Access-Challenge of id 54 to 192.168.123.2:3196
Acct-Interim-Interval = 30
Idle-Timeout = 7200
Session-Timeout = 14400
EAP-Message =
"\001\005\0005\r\200\000\000\000+\024\003\001\000\001\001\026\003\001\000
\310\307\204\014n\353P]{\027\324\374\203^ó_\3051\r\345\213\337\202\202d\261\305\345Fz\005ó"
Message-Authenticator = 0x00000000000000000000000000000000
State =
0x83209badd7f206f43b13c13b9e7d95e23cb360589bc2c883f784099fdfe4bf28a6f1bfd8
Finished request 4
Going to the next request
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 192.168.123.2:3197, id=55, length=182
User-Name = "KEN"
NAS-IP-Address = 192.168.123.2
Called-Station-Id = "004096431d06"
Calling-Station-Id = "000625039e69"
NAS-Identifier = "AP340-431d06"
NAS-Port = 29
Framed-MTU = 1400
State =
0x83209badd7f206f43b13c13b9e7d95e23cb360589bc2c883f784099fdfe4bf28a6f1bfd8
NAS-Port-Type = Wireless-802.11
EAP-Message =
"\002\005\000!\r\200\000\000\000\027\025\003\001\000\022g\332\\@\010cX\375\3168\260\205\002B^UIT"
Message-Authenticator = 0x47fa23eb4472ba38d93c675f11dc7c54
modcall: entering group authorize
modcall[authorize]: module "preprocess" returns ok
modcall[authorize]: module "eap" returns updated
rlm_realm: Looking up realm NULL for User-Name = "KEN"
rlm_realm: No such realm NULL
modcall[authorize]: module "suffix" returns noop
users: Matched KEN at 25
modcall[authorize]: module "files" returns ok
modcall: group authorize returns updated
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
modcall: entering group authenticate
rlm_eap: Request found, released from the list
rlm_eap: EAP_TYPE - tls
rlm_eap: processing type tls
rlm_eap_tls: Length Included
<<< TLS 1.0 Alert [length 0002], fatal access_denied
TLS Alert read:fatal:access denied
rlm_eap_tls: SSL_read Error
12523:error:14094419:SSL routines:SSL3_READ_BYTES:tlsv1 alert access
denied:s3_pkt.c:991:SSL alert number 49
Error code is ..... 6
SSL Error ..... 6
SSL Connection Established
rlm_eap_tls: BIO_read Error
Error code is ..... 5
Error in SSL ..... 5
modcall[authenticate]: module "eap" returns ok
modcall: group authenticate returns ok
Login OK: [KEN/<no User-Password attribute>] (from client 192.168.123.2 port 29 cli
000625039e69)
Sending Access-Challenge of id 55 to 192.168.123.2:3197
Acct-Interim-Interval = 30
Idle-Timeout = 7200
Session-Timeout = 14400
EAP-Message = "\001\006\000\n\r\200\000\000\000"
Message-Authenticator = 0x00000000000000000000000000000000
State =
0x296b9acb6a041103d2e94ddb611faa6a3cb3605815b738fdb39e305eae9042fc3bfe6207
Finished request 5
Going to the next request
Waking up in 6 seconds...
--- Walking the entire request list ---
Cleaning up request 0 ID 50 with timestamp 3cb36058
Cleaning up request 1 ID 51 with timestamp 3cb36058
Cleaning up request 2 ID 52 with timestamp 3cb36058
Cleaning up request 3 ID 53 with timestamp 3cb36058
Cleaning up request 4 ID 54 with timestamp 3cb36058
Cleaning up request 5 ID 55 with timestamp 3cb36058
Nothing to do. Sleeping until we see a request.
rad_recv: Access-Request packet from host 192.168.123.2:3198, id=56, length=119
User-Name = "KEN"
NAS-IP-Address = 192.168.123.2
Called-Station-Id = "004096431d06"
Calling-Station-Id = "000625039e69"
NAS-Identifier = "AP340-431d06"
NAS-Port = 29
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
EAP-Message = "\002\006\000\010\001KEN"
Message-Authenticator = 0x4126b1c6d313a4fea3c5731407894c56
modcall: entering group authorize
modcall[authorize]: module "preprocess" returns ok
modcall[authorize]: module "eap" returns updated
rlm_realm: Looking up realm NULL for User-Name = "KEN"
rlm_realm: No such realm NULL
modcall[authorize]: module "suffix" returns noop
users: Matched KEN at 25
modcall[authorize]: module "files" returns ok
modcall: group authorize returns updated
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
modcall: entering group authenticate
rlm_eap: processing type tls
modcall[authenticate]: module "eap" returns ok
modcall: group authenticate returns ok
Login OK: [KEN/<no User-Password attribute>] (from client 192.168.123.2 port 29 cli
000625039e69)
Sending Access-Challenge of id 56 to 192.168.123.2:3198
Acct-Interim-Interval = 30
Idle-Timeout = 7200
Session-Timeout = 14400
EAP-Message = "\001\007\000\006\r "
Message-Authenticator = 0x00000000000000000000000000000000
State =
0x3f0c496e4e0ecd815eab4c686613cda33cb36076814b06cd41b4b84161dfda0245313868
Finished request 6
Going to the next request
--- Walking the entire request list ---
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 192.168.123.2:3199, id=57, length=229
User-Name = "KEN"
NAS-IP-Address = 192.168.123.2
Called-Station-Id = "004096431d06"
Calling-Station-Id = "000625039e69"
NAS-Identifier = "AP340-431d06"
NAS-Port = 29
Framed-MTU = 1400
State =
0x3f0c496e4e0ecd815eab4c686613cda33cb36076814b06cd41b4b84161dfda0245313868
NAS-Port-Type = Wireless-802.11
EAP-Message =
"\002\007\000P\r\200\000\000\000F\026\003\001\000A\001\000\000=\003\001<\263`i\376\232ul\021\361\311\3731\272\344\263\270\206\205\371"/b\002t\262\230\010[J\334\376\000\000\026\000\004\000\005\000\n\000\t\000d\000b\000\003\000\006\000\023\000\022\000c\001"
Message-Authenticator = 0xd020e58bb10ed8f4376191a0ee7fbbbd
modcall: entering group authorize
modcall[authorize]: module "preprocess" returns ok
modcall[authorize]: module "eap" returns updated
rlm_realm: Looking up realm NULL for User-Name = "KEN"
rlm_realm: No such realm NULL
modcall[authorize]: module "suffix" returns noop
users: Matched KEN at 25
modcall[authorize]: module "files" returns ok
modcall: group authorize returns updated
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
modcall: entering group authenticate
rlm_eap: Request found, released from the list
rlm_eap: EAP_TYPE - tls
rlm_eap: processing type tls
rlm_eap_tls: Length Included
undefined:before/accept initialization
TLS_accept:before/accept initialization
<<< TLS 1.0 Handshake [length 0041], ClientHello
TLS_accept:SSLv3 read client hello A
>>> TLS 1.0 Handshake [length 004a], ServerHello
TLS_accept:SSLv3 write server hello A
>>> TLS 1.0 Handshake [length 0780], Certificate
TLS_accept:SSLv3 write certificate A
>>> TLS 1.0 Handshake [length 00a9], CertificateRequest
TLS_accept:SSLv3 write certificate request A
TLS_accept:SSLv3 flush data
TLS_accept:error in SSLv3 read client certificate A
rlm_eap_tls: SSL_read Error
Error code is ..... 2
SSL Error ..... 2
In SSL Handshake Phase
In SSL Accept mode
modcall[authenticate]: module "eap" returns ok
modcall: group authenticate returns ok
Login OK: [KEN/<no User-Password attribute>] (from client 192.168.123.2 port 29 cli
000625039e69)
Sending Access-Challenge of id 57 to 192.168.123.2:3199
Acct-Interim-Interval = 30
Idle-Timeout = 7200
Session-Timeout = 14400
EAP-Message =
"\001\010\004\n\r\300\000\000\010\202\026\003\001\000J\002\000\000F\003\001<\263`v\2343m\313\\\212\247-\213\305\322E\375\336W\220\244V\2716\256\265\000e\003W\234;
ah#\274n\365p_\227u\301:)\317\264A\313g\2659\363\227\275\005\372q\0362\370c\277\254\000\004\000\026\003\001\007\200\013\000\007|\000\007y\000\003\3210\202\003\3150\202\0036\240\003\002\001\002\002\001\0020\r\006\t*\206H\206\367\r\001\001\004\005\0000\201\2271\0130\t\006\003U\004\006\023\002US1\0230\021\006\003U\004\010\023\nNew
Jersey1\0270\025\006"
EAP-Message =
"0#\006\t*\206H\206\367\r\001\t\001\026\[EMAIL PROTECTED]\036\027\r020409163318Z\027\r030409163318Z0\201\2311\0130\t\006\003U\004\006\023\002US1\0230\021\006\003U\004\010\023\nNew
Jersey1\0270\025\006\003U\004\007\023\016New
Providence1\0220\020\006\003U\004\n\023\tBroadwave1\0140\n\006\003U\004\013\023\003CBG1\0230\021\006\003U\004\003\023\ncbg-server1%0#\006\t*\206H\206\367\r\001\t\001\026\[EMAIL PROTECTED]\201\2370\r\006\t*\206H\206\367\r\001\001\001\005\000\003\201\215\0000\201\211\002"
EAP-Message =
"\201\000\314\311\3543\341KE\273"\366\3551\317\233\245\323u\330\\\201M\031'\225\362\247\353.\331@J%\226B\276\256'\344b\200h\305\212\2578\235\345\213\315.Wg#!K,\225\212tH\355:\331v8\376\277\276u\355\315\367\360\333\363>\334\235I\320\202\331\267Ob@_\221\253\3451\246\010\321&'\225\017\305b\202\334k\324\3407\232\014\034!\007x\nk\n#WF>\240\366\251\300:\220i\303\275\002\003\001\000\001\243\202\001#0\202\001\0370\t\006\003U\035\023\004\0020\0000,\006\t`\206H\001\206\370B\001\r\004\037\026\035OpenSSL
Generated Cer"
EAP-Message =
"\317\230\273\343X0\247n\203\016\272&\035\331"\241\201\235\244\201\2320\201\2271\0130\t\006\003U\004\006\023\002US1\0230\021\006\003U\004\010\023\nNew
Jersey1\0270\025\006\003U\004\007\023\016New
Providence1\0220\020\006\003U\004\n\023\tBroadwave1\0140\n\006\003U\004\013\023\003CBG1\0210\017\006\003U\004\003\023\010cbg-root1%0#\006\t*\206H\206\367\r\001\t\001\026\[EMAIL PROTECTED]\202\001\0000\r\006\t*\206H\206\367\r\001\001\004\005\000\003\201\201\000z\317\033\026\304\036(\3510\3425\356|xiU\034y\242"
EAP-Message =
"\347\024\257\333\211\360d\247\250\270Ta\271b\367\032M\203\333E\226\263;\006&\212"
Message-Authenticator = 0x00000000000000000000000000000000
State =
0x3de2e760073a0b35e7bc0c304e4d33833cb36076a1646ded289ba251ee6c06caea2d2fce
Finished request 7
Going to the next request
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 192.168.123.2:3200, id=58, length=155
User-Name = "KEN"
NAS-IP-Address = 192.168.123.2
Called-Station-Id = "004096431d06"
Calling-Station-Id = "000625039e69"
NAS-Identifier = "AP340-431d06"
NAS-Port = 29
Framed-MTU = 1400
State =
0x3de2e760073a0b35e7bc0c304e4d33833cb36076a1646ded289ba251ee6c06caea2d2fce
NAS-Port-Type = Wireless-802.11
EAP-Message = "\002\010\000\006\r"
Message-Authenticator = 0x957b46ed2f54e084ffba4060ecd609e3
modcall: entering group authorize
modcall[authorize]: module "preprocess" returns ok
modcall[authorize]: module "eap" returns updated
rlm_realm: Looking up realm NULL for User-Name = "KEN"
rlm_realm: No such realm NULL
modcall[authorize]: module "suffix" returns noop
users: Matched KEN at 25
modcall[authorize]: module "files" returns ok
modcall: group authorize returns updated
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
modcall: entering group authenticate
rlm_eap: Request found, released from the list
rlm_eap: EAP_TYPE - tls
rlm_eap: processing type tls
rlm_eap_tls: Received EAP-TLS ACK message
modcall[authenticate]: module "eap" returns ok
modcall: group authenticate returns ok
Login OK: [KEN/<no User-Password attribute>] (from client 192.168.123.2 port 29 cli
000625039e69)
Sending Access-Challenge of id 58 to 192.168.123.2:3200
Acct-Interim-Interval = 30
Idle-Timeout = 7200
Session-Timeout = 14400
EAP-Message =
"\001\t\004\n\r\300\000\000\010\202\3209\356\220a\001\206\355\310\220K\000\025\341\020\213\341\356\372\204\277\2634\026x\304\250\202zlD\342\241\001\340n\271<\230\030\225\001\023\260{?(\000\003\2420\202\003\2360\202\003\007\240\003\002\001\002\002\001\0000\r\006\t*\206H\206\367\r\001\001\004\005\0000\201\2271\0130\t\006\003U\004\006\023\002US1\0230\021\006\003U\004\010\023\nNew
Jersey1\0270\025\006\003U\004\007\023\016New
Providence1\0220\020\006\003U\004\n\023\tBroadwave1\0140\n\006\003U\004\013\023\003CBG"
EAP-Message =
"409163243Z\027\r040408163243Z0\201\2271\0130\t\006\003U\004\006\023\002US1\0230\021\006\003U\004\010\023\nNew
Jersey1\0270\025\006\003U\004\007\023\016New
Providence1\0220\020\006\003U\004\n\023\tBroadwave1\0140\n\006\003U\004\013\023\003CBG1\0210\017\006\003U\004\003\023\010cbg-root1%0#\006\t*\206H\206\367\r\001\t\001\026\[EMAIL PROTECTED]\201\2370\r\006\t*\206H\206\367\r\001\001\001\005\000\003\201\215\0000\201\211\002\201\201\000\274f\266\t\227F\002\366\343\312l:|\252\217\013\r\330\330\3778\026"
EAP-Message =
"M\261\3706\316=A\251iT:\222\3645E\t\357\354%\001\227\223\270\024?\302\036h7\236n\245\370m\237e\367\250q\373\277\234\n2\234\337\020\227\331_ga\226\376\377}\321\324\260CfG\312@\311\226\024\266\000\240o\306y\261\007Jg}\330\347U\350*\221\002\003\001\000\001\243\201\3670\201\3640\035\006\003U\035\016\004\026\004\024\350\023\303\226\276\317\230\273\343X0\247n\203\016\272&\035\331"0\201\304\006\003U\035#\004\201\2740\201\271\200\024\350\023\303\226\276\317\230\273\343X0\247n\203\016\272&\035\331"\241\201\235\244"
EAP-Message =
"0\n\006\003U\004\013\023\003CBG1\0210\017\006\003U\004\003\023\010cbg-root1%0#\006\t*\206H\206\367\r\001\t\001\026\[EMAIL PROTECTED]\202\001\0000\014\006\003U\035\023\004\0050\003\001\001\3770\r\006\t*\206H\206\367\r\001\001\004\005\000\003\201\201\000Jeo\226\323\372v\333\354!\276\253\334=\025\363o\270T;\034Q,4\255\362\031\001\372j\231;\210B\247\025'N\204\244T\365\270\355<f\225\354\037\371\267\225I\347I\rPw\305\215\234%l\27074\357\027\336k\351\276\213J\333\035\334M>\026\025\005\231\024\362\264V\252"
EAP-Message =
"\2271\0130\t\006\003U\004\006\023\002US1\0230\021\006\003U\004\010\023\nN"
Message-Authenticator = 0x00000000000000000000000000000000
State =
0xee15bb0b824609c28938df55b19d49213cb36076e12cb46f626316382ebc8052716ab71a
Finished request 8
Going to the next request
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 192.168.123.2:3201, id=59, length=155
User-Name = "KEN"
NAS-IP-Address = 192.168.123.2
Called-Station-Id = "004096431d06"
Calling-Station-Id = "000625039e69"
NAS-Identifier = "AP340-431d06"
NAS-Port = 29
Framed-MTU = 1400
State =
0xee15bb0b824609c28938df55b19d49213cb36076e12cb46f626316382ebc8052716ab71a
NAS-Port-Type = Wireless-802.11
EAP-Message = "\002\t\000\006\r"
Message-Authenticator = 0x2ad0b4402ccd88ad9fab60be516e63d5
modcall: entering group authorize
modcall[authorize]: module "preprocess" returns ok
modcall[authorize]: module "eap" returns updated
rlm_realm: Looking up realm NULL for User-Name = "KEN"
rlm_realm: No such realm NULL
modcall[authorize]: module "suffix" returns noop
users: Matched KEN at 25
modcall[authorize]: module "files" returns ok
modcall: group authorize returns updated
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
modcall: entering group authenticate
rlm_eap: Request found, released from the list
rlm_eap: EAP_TYPE - tls
rlm_eap: processing type tls
rlm_eap_tls: Received EAP-TLS ACK message
modcall[authenticate]: module "eap" returns ok
modcall: group authenticate returns ok
Login OK: [KEN/<no User-Password attribute>] (from client 192.168.123.2 port 29 cli
000625039e69)
Sending Access-Challenge of id 59 to 192.168.123.2:3201
Acct-Interim-Interval = 30
Idle-Timeout = 7200
Session-Timeout = 14400
EAP-Message = "\001\n\000\214\r\200\000\000\010\202ew
Jersey1\0270\025\006\003U\004\007\023\016New
Providence1\0220\020\006\003U\004\n\023\tBroadwave1\0140\n\006\003U\004\013\023\003CBG1\0210\017\006\003U\004\003\023\010cbg-root1%0#\006\t*\206H\206\367\r\001\t\001\026\[EMAIL PROTECTED]\016\000\000"
Message-Authenticator = 0x00000000000000000000000000000000
State =
0x7226690e9d9a241ae69c1eb30db1d0f83cb36076453b1acea082cf49d0461f171435b6ff
Finished request 9
Going to the next request
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 192.168.123.2:3202, id=60, length=1465
User-Name = "KEN"
NAS-IP-Address = 192.168.123.2
Called-Station-Id = "004096431d06"
Calling-Station-Id = "000625039e69"
NAS-Identifier = "AP340-431d06"
NAS-Port = 29
Framed-MTU = 1400
State =
0x7226690e9d9a241ae69c1eb30db1d0f83cb36076453b1acea082cf49d0461f171435b6ff
NAS-Port-Type = Wireless-802.11
EAP-Message =
"\002\n\005\032\r\200\000\000\005\020\026\003\001\004\340\013\000\003\320\000\003\315\000\003\3120\202\003\3060\202\003/\240\003\002\001\002\002\001\0060\r\006\t*\206H\206\367\r\001\001\004\005\0000\201\2271\0130\t\006\003U\004\006\023\002US1\0230\021\006\003U\004\010\023\nNew
Jersey1\0270\025\006\003U\004\007\023\016New
Providence1\0220\020\006\003U\004\n\023\tBroadwave1\0140\n\006\003U\004\013\023\003CBG1\0210\017\006\003U\004\003\023\010cbg-root1%0#\006\t*\206H\206\367\r\001\t\001\026\026root@broadwave."
EAP-Message = "\006\023\002US1\0230\021\006\003U\004\010\023\nNew
Jersey1\0270\025\006\003U\004\007\023\016New
Providence1\0220\020\006\003U\004\n\023\tBroadwave1\0140\n\006\003U\004\013\023\003CBG1\0140\n\006\003U\004\003\023\003KEN1%0#\006\t*\206H\206\367\r\001\t\001\026\[EMAIL PROTECTED]\201\2370\r\006\t*\206H\206\367\r\001\001\001\005\000\003\201\215\0000\201\211\002\201\201\000\267\203\251t[\266\341\025\300!\332r\336{\257\026\336\322\301\000+a\3036-{C
)\034;T\r\277G\274ah\003\311\t\262H\302FJ4\354,\024|\201"
EAP-Message =
"u^f2\327\217N\350jk\303it\017\367\212\376p\321\363Y'\267\217~Zk\0364I]\022A\320\271\026\375`\365)hW\002\003\001\000\001\243\202\001#0\202\001\0370\t\006\003U\035\023\004\0020\0000,\006\t`\206H\001\206\370B\001\r\004\037\026\035OpenSSL
Generated
Certificate0\035\006\003U\035\016\004\026\004\024wó\243<\200Y\213oV\347\351r\276\257\301\242H$G50\201\304\006\003U\035#\004\201\2740\201\271\200\024\350\023\303\226\276\317\230\273\343X0\247n\203\016\272&\035\331"\241\201\235\244\201\2320\201\2271\0130\t\006\003U\004"
EAP-Message =
"U\004\n\023\tBroadwave1\0140\n\006\003U\004\013\023\003CBG1\0210\017\006\003U\004\003\023\010cbg-root1%0#\006\t*\206H\206\367\r\001\t\001\026\[EMAIL PROTECTED]\202\001\0000\r\006\t*\206H\206\367\r\001\001\004\005\000\003\201\201\000q\367\315'\\\201;\344_?\313\n\030w\211PX\034\344Zp_\315\306\352\247\315\375\316\210\327\206r\030<\275?\020\275\203{\344\257\255\341Z\210\221$=\003\205]\001qk\2023aj\221i\227\211{j\345\277a\246\331&T\223\246\310\337\262\355\225s\255`j\201\232\310.\216\020\250\215Q\003\345"
EAP-Message =
"\360-\322\341\226\332\216R\nz\333\376\237\026\265\\\315HG\254\276\313\276C\200~c\n\033\266\006\222\323F:3a>c\0268\\\247\205\347\342\030\302\303bi4\235\004Có\236\315\277@\350P\330r
t\237R\253U\2316\270A\265>\335\213\t>i\336\002\253\241\331\224\263\204\266o\323\250c\215&\265\342\352h\312$`\r\304\004U\r\322\322n\363\324)\345\272\211\017\000\000\202\000\200&\006\014\252g\304\004\206\241\230\305\003\253Q{\305\013\366\027\352\203$\331\362\350\331\243\362.Uf\352\252\342\000,\001\203\277\037\2455\366\307\242\341@"
EAP-Message = "\001\000\001\001\026\003\001\000
\242\361B\014#\306"\225dP\353P\327{,\335%Q\356\r\275\3263\002\241\n}\017\250\275\335\223"
Message-Authenticator = 0xbda4ad5c2ed49b2170d0263da605d455
modcall: entering group authorize
modcall[authorize]: module "preprocess" returns ok
modcall[authorize]: module "eap" returns updated
rlm_realm: Looking up realm NULL for User-Name = "KEN"
rlm_realm: No such realm NULL
modcall[authorize]: module "suffix" returns noop
users: Matched KEN at 25
modcall[authorize]: module "files" returns ok
modcall: group authorize returns updated
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
modcall: entering group authenticate
rlm_eap: Multiple EAP_Message attributes found
rlm_eap: Request found, released from the list
rlm_eap: EAP_TYPE - tls
rlm_eap: processing type tls
rlm_eap_tls: Length Included
<<< TLS 1.0 Handshake [length 03d4], Certificate
chain-depth=1,
error=0
Segmentation Fault - core dumped
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
