problem with pam_radius_auth version 1.3.16 on HP-UX 11.11
I am having a problem with the pam_radius_auth module running under HP-UX. I compiled version 1.3.16 of pam_radius_auth on an HP-UX 11.0 system with HP's Ansi C compiler. I had to #define u_int32_t to be unsigned int. The code compiled ok and the shared library was built successfully. My test environment is as follows: 1 HP-UX 11.11 system running pam_radius_auth version 1.3.16 (systemA XXX.XXX.XXX.150) 1 Solaris 2.8 system running pam_radius_auth version 1.3.16 (systemB) 2 Red Hat AS 2.1 Linux servers running freeRADIUS server version 0.9.3 (XXX.XXX.XXX.251 XXX.XXX.XXX.238) a local user account called test on the Linux systems, with a valid password a local user account called test with an invalid password on both the HP-UX and Solaris systems. The /etc/raddb/server file on both clients systemA and systemB contains: XXX.XXX.XXX.251:1812 secret 5 XXX.XXX.XXX.238:1812 secret 5 The problem is that pam_radius_auth module on the HP (systemA) system fails to authenticate the user test on the freeRADIUS server. The same test user will authenticate fine when coming from the Solaris (systemB) system. The messages produced by the debug on the failing client are: Dec 17 08:07:36 systemA login: pam_radius_auth: RADIUS server XXX.XXX.XXX.251 failed to respond Dec 17 08:07:37 systemA login: pam_radius_auth: packet from RADIUS server XXX.XXX.XXX.238 fails verification: The shared secret is probably incorrect. Dec 17 08:07:37 systemA login: pam_radius_auth: All RADIUS servers failed to respond. Dec 17 08:07:37 systemA login: pam_radius_auth: authentication failed Dec 17 08:07:37 systemA login: pam_authenticate: error Can not retrieve authentication info Dec 17 08:07:45 systemA login: pam_setcred: error Can not retrieve authentication info The Linux server XXX.XXX.XXX.238 is running with -X option and produces the following messages: rad_recv: Access-Request packet from host XXX.XXX.XXX.150:14570, id=39, length=101 User-Name = test User-Password = \311\260\020\\Q\245\306f}\025\224R\334?\016\275 NAS-IP-Address = XXX.XXX.XXX.150 NAS-Identifier = login NAS-Port = 13545 NAS-Port-Type = Virtual Service-Type = Authenticate-Only Calling-Station-Id = clientA modcall: entering group authorize for request 0 users: Matched DEFAULT at 5 modcall[authorize]: module files returns ok for request 0 modcall: group authorize returns ok for request 0 Sending Access-Request of id 1 to XXX.XXX.XXX.72:1645 User-Name = test User-Password = \311\260\020\\Q\245\306f}\025\224R\334?\016\275 NAS-IP-Address = XXX.XXX.XXX.150 NAS-Identifier = login NAS-Port = 13545 NAS-Port-Type = Virtual Service-Type = Authenticate-Only Calling-Station-Id = clientA Proxy-State = 0x3339 --- Walking the entire request list --- Re-sending Access-Request of id 1 to XXX.XXX.XXX.72:1645 User-Name = test User-Password = \263\316+\025\312p\t\000\234\273l,\336)L~ NAS-IP-Address = XXX.XXX.XXX.150 NAS-Identifier = login NAS-Port = 13545 NAS-Port-Type = Virtual Service-Type = Authenticate-Only Calling-Station-Id = clientA Realm = realm1 Proxy-State = 0x3339 Waking up in 1 seconds... --- Walking the entire request list --- Server rejecting request 0. Waking up in 1 seconds... --- Walking the entire request list --- Sending Access-Reject of id 39 to XXX.XXX.XXX.150:14570 Cleaning up request 0 ID 39 with timestamp 3fe08909 Nothing to do. Sleeping until we see a request. Now, I have triple checked the correctness of the shared secret and I have also manually recreated this file twice, typing the entries by hand, but I still continue to get the shared secret is incorrect message. It appears that the problem is related to MD5 hashing of the shared secret and the user's password. Can anybody shed some light on this? Regards, Jim Lynch [EMAIL PROTECTED] - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: problem with pam_radius_auth version 1.3.16 on HP-UX 11.11
The Linux server XXX.XXX.XXX.238 is running with -X option and produces the following messages: rad_recv: Access-Request packet from host XXX.XXX.XXX.150:14570, id=39, length=101 User-Name = test User-Password = \311\260\020\\Q\245\306f}\025\224R\334?\016\275 Hiya That mangled mess in the password suggests to me that the shared secret isn't correct. Check that you have that right at both ends. hope thats of help -- - Graeme Hinchliffe (BSc) Core Team Member Zen Internet (http://www.zen.co.uk) ICQ 3842605 (link) Direct: 0845 058 9074 Main : 0845 058 9000 Fax : 0845 058 9005 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
problem compiling on hp-ux
hi! i have a problem compiling freeradius 0.81 on hp-ux 11.00: ---cut--- Server:/var/spool/depots/freeradius-0.8.1 # ./configure -prefix=/opt/radius --localstatedir=/var --sysconfdir=/opt/radius/conf --with-logdir=/opt/radius/logs --with-raddbdir=/opt/radius/raddb --without-rlm_x99_token --disable-ltdl-install creating cache ./config.cache checking for gcc... gcc checking whether the C compiler (gcc ) works... yes checking whether the C compiler (gcc ) is a cross-compiler... no checking whether we are using GNU C... yes checking whether gcc accepts -g... yes checking how to run the C preprocessor... gcc -E checking whether gcc needs -traditional... no checking whether we are using SUNPro C... no checking for ranlib... ranlib checking for AIX... no checking for gmake... yes checking for gmake... /opt/make/bin/gmake checking for lt_dlinit in -lltdl... no configure: warning: libltdl not installed, but installation disabled checking for Cygwin environment... no checking for mingw32 environment... no checking host system type... hppa1.1-hp-hpux11.00 checking build system type... hppa1.1-hp-hpux11.00 checking for ld used by GCC... /usr/ccs/bin/ld checking if the linker (/usr/ccs/bin/ld) is GNU ld... no checking for /usr/ccs/bin/ld option to reload object files... -r checking for BSD-compatible nm... /usr/bin/nm -p checking whether ln -s works... yes checking how to recognise dependant libraries... file_magic (s[0-9][0-9][0-9]|PA-RISC[0-9].[0-9]) shared library checking for object suffix... o checking for executable suffix... no checking command to parse /usr/bin/nm -p output... ok checking for dlfcn.h... yes checking for ranlib... (cached) ranlib checking for strip... strip checking for objdir... .libs checking for gcc option to produce PIC... -fPIC checking if gcc PIC flag -fPIC works... yes checking if gcc static flag -static works... yes checking if gcc supports -c -o file.o... yes checking if gcc supports -c -o file.lo... yes checking if gcc supports -fno-rtti -fno-exceptions... yes checking whether the linker (/usr/ccs/bin/ld) supports shared libraries... yes checking how to hardcode library paths into programs... relink checking whether stripping libraries is possible... no checking dynamic linker characteristics... hpux11.00 dld.sl checking if libtool supports shared libraries... yes checking whether to build shared libraries... yes checking whether to build static libraries... yes checking for shl_load... yes creating libtool checking logdir... /opt/radius/logs checking radacctdir... ${logdir}/radacct checking raddbdir... /opt/radius/raddb checking for perl... /usr/local/bin/perl checking for snmpget... /usr/local/bin/snmpget checking for snmpwalk... /usr/local/bin/snmpwalk checking for rusers... /usr/bin/rusers checking for working aclocal... missing checking for working autoconf... missing checking for working autoheader... missing checking for locate... no checking for dirname... /usr/bin/dirname checking for grep... /usr/bin/grep checking for pthread.h... yes checking for pthread_create in -lpthread... no checking for pthread_create in -lc_r... no checking for getsockname in -lsocket... no checking for inet_aton in -lresolv... no checking for inet_ntoa in -lnsl... yes checking for dirent.h that defines DIR... yes checking for opendir in -ldir... no checking for ANSI C header files... yes checking whether time.h and sys/time.h may both be included... yes checking for sys/wait.h that is POSIX.1 compatible... yes checking for unistd.h... yes checking for crypt.h... yes checking for errno.h... yes checking for resource.h... no checking for getopt.h... no checking for malloc.h... yes checking for utmp.h... yes checking for utmpx.h... yes checking for signal.h... yes checking for sys/select.h... no checking for syslog.h... yes checking for inttypes.h... yes checking for stdint.h... no checking for stdio.h... yes checking for netdb.h... yes checking for semaphore.h... yes checking for arpa/inet.h... yes checking for netinet/in.h... yes checking for sys/types.h... yes checking for sys/socket.h... yes checking for sys/time.h... yes checking for sys/wait.h... (cached) yes checking for sys/security.h... no checking for fcntl.h... yes checking for sys/fcntl.h... yes checking for prot.h... yes checking for sia.h... no checking for siad.h... no checking for regex.h... yes checking for off_t... yes checking for pid_t... yes checking for size_t... yes checking for uid_t in sys/types.h... yes checking for socklen_t... yes checking for uint8_t... yes checking for uint16_t... yes checking for uint32_t... yes checking for getopt_long... no checking for lockf... yes checking for strsignal... no checking for sigaction... yes checking for sigprocmask... yes checking for pthread_sigmask... no checking for snprintf... yes checking for vsnprintf... yes checking for setsid... yes checking for strncasecmp... yes checking for strcasecmp... yes checking for localtime_r... yes checking for ctime_r... yes checking
Re: problem compiling on hp-ux
[EMAIL PROTECTED] wrote: i have a problem compiling freeradius 0.81 on hp-ux 11.00: ... Was it really necessary to post 1000's of lines of output to the list, when only the last few mattered? rlm_detail.c:28:31: sys/select.h: No such file or directory Hmm... I don't think that the detail module needs to use select(). 1. am i right that the compilation aborts due to the missing file? 2. if yes, where can i get that file? in theory, it is provided by the glibc utils, but they are not ported to hp-ux until now. and to be honest, i don't intend to port them by myself. Try deleting that line from rlm_detail.c Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
MD5 problem on HP-UX
I compiled the pam_radius_auth on HP-UX 11 (PA-RISC 1.1 processor), but the password doesn't get encrypted correctly. When I decrypt the password on the server using the secret it just shows random characters. Could this be due to the md5 module ?? Thanks, Walter. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: MD5 problem on HP-UX
Lecossois, Walter [EMAIL PROTECTED] wrote: I compiled the pam_radius_auth on HP-UX 11 (PA-RISC 1.1 processor), but the password doesn't get encrypted correctly. When I decrypt the password on the server using the secret it just shows random characters. Could this be due to the md5 module ?? Maybe the shared secret is wrong. If not, it may be an HPUX specific bug. I know there's at least one platform which ships with broken MD5 functions, but I don't know if HPUX does the same. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: HP-UX
Erling Paulsen [EMAIL PROTECTED] wrote: Has anyone managed to compile FreeRADIUS under any version of HP-(s)UX? Yes, but it may require small amounts of editing header files. If you can supply patches, we will integrate them to make it easier for other people to build on HP-UX. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: HP-UX
At 11:05 AM 5/2/2002 +, Erling Paulsen wrote: Has anyone managed to compile FreeRADIUS under any version of HP-(s)UX? I believe people have attempted to do so in the past. I do not know of any recent posts to the list. If you have HP-UX/Tru-64/whatever you may want to give it a try yourself. Please post your results here, and we can attempt to help make any changes that might be needed to enable it to compile. -Chris -- \\\|||/// \ StarNet Inc. \Chris Parker \ ~ ~ / \ WX *is* Wireless!\ Director, Engineering | |\ http://www.starnetwx.net \ (847) 963-0116 oOo---(_)---oOo--\-- \ Wholesale Internet Services - http://www.megapop.net - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
HP-UX
Has anyone managed to compile FreeRADIUS under any version of HP-(s)UX? - Erling Paulsen - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Compiling pam_radius module on HP-UX
Hi, Does anybody have some experience or hints on how to get the pam_radius module compiled on HP-UX (10.20 and 11) ? Thanks, Walter. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Installation of FREERADIUS 3.0 on HP-UX 11
Luis Azevedo [EMAIL PROTECTED] wrote: I'm trying to build freeradius 3.0 in a HP-UX 11. I'm using GCC and GMAKE 3.79.1 The problem is: I get the compilation aborted due to strange source errors... HPUX is a strange system... raduse.c: In function `listnas': raduse.c:93: structure has no member named `ut_tv' OK... so we need to find out what the structure *is* called. It sounds like a umtp/utmpx issue. HP (like AIX) is a very *odd* kind of Unix, to put it politely. Anyone ever compiled freeradius on this platform? Yes, but probably not for a while. As always, patches are welcome. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
HP-UX 11 FreeRadius0.3 compilation problems...
Hi all, Im trying to compile and install FREERADIUS0.3 on a HP-UX 11.0 Im using gcc3.0 and gmake. The problem is the following: -- gcc -g -O2 -D_REENTRANT -Wall -D_GNU_SOURCE -DNDEBUG -I../include -c -o raduse.o raduse.c In file included from raduse.c:27: /opt/gcc/lib/gcc-lib/hppa2.0n-hp-hpux11.00/2.95.3/include/stdlib.h:28: warning: `__va__list' redefined /opt/gcc/lib/gcc-lib/hppa2.0n-hp-hpux11.00/2.95.3/include/stdio.h:30: warning: this is the location of t he previous definition In file included from /opt/gcc/lib/gcc-lib/hppa2.0n-hp-hpux11.00/2.95.3/include/sys/types.h:11, from /opt/gcc/lib/gcc-lib/hppa2.0n-hp-hpux11.00/2.95.3/include/stdio.h:33, from raduse.c:26: /opt/gcc/lib/gcc-lib/hppa2.0n-hp-hpux11.00/2.95.3/include/sys/_inttypes.h:38 : warning: empty declaration /opt/gcc/lib/gcc-lib/hppa2.0n-hp-hpux11.00/2.95.3/include/sys/_inttypes.h:42 : warning: empty declaration raduse.c: In function `listnas': raduse.c:93: structure has no member named `ut_tv' raduse.c: In function `fillstruct': raduse.c:151: structure has no member named `ut_tv' raduse.c:183: structure has no member named `ut_tv' raduse.c:192: structure has no member named `ut_tv' make[4]: *** [raduse.o] Error 1 make[4]: Leaving directory `/users/npmsi/freeradius-0.3/src/main' make[3]: *** [common] Error 1 make[3]: Leaving directory `/users/npmsi/freeradius-0.3/src' make[2]: *** [all] Error 2 make[2]: Leaving directory `/users/npmsi/freeradius-0.3/src' make[1]: *** [common] Error 1 make[1]: Leaving directory `/users/npmsi/freeradius-0.3' make: *** [all] Error 2 --- If one take a look at raduse.c line 93 the following appears: fread(ut, UTSIZE, 1, fp); if (ut.ut_time stop) break; There is no ut_tv member... The same with the other lines... What could be wrong here? Thanks, Luis. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Installation of FREERADIUS 3.0 on HP-UX 11
Hi Alan, It seems that is a UTMP detection bug related with HP-UX... We found the procedure that is described in BUG#125: Incorrect UTMP detection on HP-UX. It's installed now! Let's see if new surprises arises... Thanks a lot for your prompt response, Luis. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 30, 2001 3:51 PM To: [EMAIL PROTECTED] Subject: Re: Installation of FREERADIUS 3.0 on HP-UX 11 Luis Azevedo [EMAIL PROTECTED] wrote: I'm trying to build freeradius 3.0 in a HP-UX 11. I'm using GCC and GMAKE 3.79.1 The problem is: I get the compilation aborted due to strange source errors... HPUX is a strange system... raduse.c: In function `listnas': raduse.c:93: structure has no member named `ut_tv' OK... so we need to find out what the structure *is* called. It sounds like a umtp/utmpx issue. HP (like AIX) is a very *odd* kind of Unix, to put it politely. Anyone ever compiled freeradius on this platform? Yes, but probably not for a while. As always, patches are welcome. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html