problem with pam_radius_auth version 1.3.16 on HP-UX 11.11
I am having a problem with the pam_radius_auth module running under HP-UX. I compiled version 1.3.16 of pam_radius_auth on an HP-UX 11.0 system with HP's Ansi C compiler. I had to #define u_int32_t to be unsigned int. The code compiled ok and the shared library was built successfully. My test environment is as follows: 1 HP-UX 11.11 system running pam_radius_auth version 1.3.16 (systemA XXX.XXX.XXX.150) 1 Solaris 2.8 system running pam_radius_auth version 1.3.16 (systemB) 2 Red Hat AS 2.1 Linux servers running freeRADIUS server version 0.9.3 (XXX.XXX.XXX.251 XXX.XXX.XXX.238) a local user account called test on the Linux systems, with a valid password a local user account called test with an invalid password on both the HP-UX and Solaris systems. The /etc/raddb/server file on both clients systemA and systemB contains: XXX.XXX.XXX.251:1812 secret 5 XXX.XXX.XXX.238:1812 secret 5 The problem is that pam_radius_auth module on the HP (systemA) system fails to authenticate the user test on the freeRADIUS server. The same test user will authenticate fine when coming from the Solaris (systemB) system. The messages produced by the debug on the failing client are: Dec 17 08:07:36 systemA login: pam_radius_auth: RADIUS server XXX.XXX.XXX.251 failed to respond Dec 17 08:07:37 systemA login: pam_radius_auth: packet from RADIUS server XXX.XXX.XXX.238 fails verification: The shared secret is probably incorrect. Dec 17 08:07:37 systemA login: pam_radius_auth: All RADIUS servers failed to respond. Dec 17 08:07:37 systemA login: pam_radius_auth: authentication failed Dec 17 08:07:37 systemA login: pam_authenticate: error Can not retrieve authentication info Dec 17 08:07:45 systemA login: pam_setcred: error Can not retrieve authentication info The Linux server XXX.XXX.XXX.238 is running with -X option and produces the following messages: rad_recv: Access-Request packet from host XXX.XXX.XXX.150:14570, id=39, length=101 User-Name = test User-Password = \311\260\020\\Q\245\306f}\025\224R\334?\016\275 NAS-IP-Address = XXX.XXX.XXX.150 NAS-Identifier = login NAS-Port = 13545 NAS-Port-Type = Virtual Service-Type = Authenticate-Only Calling-Station-Id = clientA modcall: entering group authorize for request 0 users: Matched DEFAULT at 5 modcall[authorize]: module files returns ok for request 0 modcall: group authorize returns ok for request 0 Sending Access-Request of id 1 to XXX.XXX.XXX.72:1645 User-Name = test User-Password = \311\260\020\\Q\245\306f}\025\224R\334?\016\275 NAS-IP-Address = XXX.XXX.XXX.150 NAS-Identifier = login NAS-Port = 13545 NAS-Port-Type = Virtual Service-Type = Authenticate-Only Calling-Station-Id = clientA Proxy-State = 0x3339 --- Walking the entire request list --- Re-sending Access-Request of id 1 to XXX.XXX.XXX.72:1645 User-Name = test User-Password = \263\316+\025\312p\t\000\234\273l,\336)L~ NAS-IP-Address = XXX.XXX.XXX.150 NAS-Identifier = login NAS-Port = 13545 NAS-Port-Type = Virtual Service-Type = Authenticate-Only Calling-Station-Id = clientA Realm = realm1 Proxy-State = 0x3339 Waking up in 1 seconds... --- Walking the entire request list --- Server rejecting request 0. Waking up in 1 seconds... --- Walking the entire request list --- Sending Access-Reject of id 39 to XXX.XXX.XXX.150:14570 Cleaning up request 0 ID 39 with timestamp 3fe08909 Nothing to do. Sleeping until we see a request. Now, I have triple checked the correctness of the shared secret and I have also manually recreated this file twice, typing the entries by hand, but I still continue to get the shared secret is incorrect message. It appears that the problem is related to MD5 hashing of the shared secret and the user's password. Can anybody shed some light on this? Regards, Jim Lynch [EMAIL PROTECTED] - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: problem with pam_radius_auth version 1.3.16 on HP-UX 11.11
The Linux server XXX.XXX.XXX.238 is running with -X option and produces the following messages: rad_recv: Access-Request packet from host XXX.XXX.XXX.150:14570, id=39, length=101 User-Name = test User-Password = \311\260\020\\Q\245\306f}\025\224R\334?\016\275 Hiya That mangled mess in the password suggests to me that the shared secret isn't correct. Check that you have that right at both ends. hope thats of help -- - Graeme Hinchliffe (BSc) Core Team Member Zen Internet (http://www.zen.co.uk) ICQ 3842605 (link) Direct: 0845 058 9074 Main : 0845 058 9000 Fax : 0845 058 9005 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
problem compiling on hp-ux
hi!
i have a problem compiling freeradius 0.81 on hp-ux 11.00:
---cut---
Server:/var/spool/depots/freeradius-0.8.1 # ./configure -prefix=/opt/radius
--localstatedir=/var --sysconfdir=/opt/radius/conf
--with-logdir=/opt/radius/logs --with-raddbdir=/opt/radius/raddb
--without-rlm_x99_token
--disable-ltdl-install
creating cache ./config.cache
checking for gcc... gcc
checking whether the C compiler (gcc ) works... yes
checking whether the C compiler (gcc ) is a cross-compiler... no
checking whether we are using GNU C... yes
checking whether gcc accepts -g... yes
checking how to run the C preprocessor... gcc -E
checking whether gcc needs -traditional... no
checking whether we are using SUNPro C... no
checking for ranlib... ranlib
checking for AIX... no
checking for gmake... yes
checking for gmake... /opt/make/bin/gmake
checking for lt_dlinit in -lltdl... no
configure: warning: libltdl not installed, but installation disabled
checking for Cygwin environment... no
checking for mingw32 environment... no
checking host system type... hppa1.1-hp-hpux11.00
checking build system type... hppa1.1-hp-hpux11.00
checking for ld used by GCC... /usr/ccs/bin/ld
checking if the linker (/usr/ccs/bin/ld) is GNU ld... no
checking for /usr/ccs/bin/ld option to reload object files... -r
checking for BSD-compatible nm... /usr/bin/nm -p
checking whether ln -s works... yes
checking how to recognise dependant libraries... file_magic
(s[0-9][0-9][0-9]|PA-RISC[0-9].[0-9]) shared library
checking for object suffix... o
checking for executable suffix... no
checking command to parse /usr/bin/nm -p output... ok
checking for dlfcn.h... yes
checking for ranlib... (cached) ranlib
checking for strip... strip
checking for objdir... .libs
checking for gcc option to produce PIC... -fPIC
checking if gcc PIC flag -fPIC works... yes
checking if gcc static flag -static works... yes
checking if gcc supports -c -o file.o... yes
checking if gcc supports -c -o file.lo... yes
checking if gcc supports -fno-rtti -fno-exceptions... yes
checking whether the linker (/usr/ccs/bin/ld) supports shared libraries...
yes
checking how to hardcode library paths into programs... relink
checking whether stripping libraries is possible... no
checking dynamic linker characteristics... hpux11.00 dld.sl
checking if libtool supports shared libraries... yes
checking whether to build shared libraries... yes
checking whether to build static libraries... yes
checking for shl_load... yes
creating libtool
checking logdir... /opt/radius/logs
checking radacctdir... ${logdir}/radacct
checking raddbdir... /opt/radius/raddb
checking for perl... /usr/local/bin/perl
checking for snmpget... /usr/local/bin/snmpget
checking for snmpwalk... /usr/local/bin/snmpwalk
checking for rusers... /usr/bin/rusers
checking for working aclocal... missing
checking for working autoconf... missing
checking for working autoheader... missing
checking for locate... no
checking for dirname... /usr/bin/dirname
checking for grep... /usr/bin/grep
checking for pthread.h... yes
checking for pthread_create in -lpthread... no
checking for pthread_create in -lc_r... no
checking for getsockname in -lsocket... no
checking for inet_aton in -lresolv... no
checking for inet_ntoa in -lnsl... yes
checking for dirent.h that defines DIR... yes
checking for opendir in -ldir... no
checking for ANSI C header files... yes
checking whether time.h and sys/time.h may both be included... yes
checking for sys/wait.h that is POSIX.1 compatible... yes
checking for unistd.h... yes
checking for crypt.h... yes
checking for errno.h... yes
checking for resource.h... no
checking for getopt.h... no
checking for malloc.h... yes
checking for utmp.h... yes
checking for utmpx.h... yes
checking for signal.h... yes
checking for sys/select.h... no
checking for syslog.h... yes
checking for inttypes.h... yes
checking for stdint.h... no
checking for stdio.h... yes
checking for netdb.h... yes
checking for semaphore.h... yes
checking for arpa/inet.h... yes
checking for netinet/in.h... yes
checking for sys/types.h... yes
checking for sys/socket.h... yes
checking for sys/time.h... yes
checking for sys/wait.h... (cached) yes
checking for sys/security.h... no
checking for fcntl.h... yes
checking for sys/fcntl.h... yes
checking for prot.h... yes
checking for sia.h... no
checking for siad.h... no
checking for regex.h... yes
checking for off_t... yes
checking for pid_t... yes
checking for size_t... yes
checking for uid_t in sys/types.h... yes
checking for socklen_t... yes
checking for uint8_t... yes
checking for uint16_t... yes
checking for uint32_t... yes
checking for getopt_long... no
checking for lockf... yes
checking for strsignal... no
checking for sigaction... yes
checking for sigprocmask... yes
checking for pthread_sigmask... no
checking for snprintf... yes
checking for vsnprintf... yes
checking for setsid... yes
checking for strncasecmp... yes
checking for strcasecmp... yes
checking for localtime_r... yes
checking for ctime_r... yes
checking
Re: problem compiling on hp-ux
[EMAIL PROTECTED] wrote: i have a problem compiling freeradius 0.81 on hp-ux 11.00: ... Was it really necessary to post 1000's of lines of output to the list, when only the last few mattered? rlm_detail.c:28:31: sys/select.h: No such file or directory Hmm... I don't think that the detail module needs to use select(). 1. am i right that the compilation aborts due to the missing file? 2. if yes, where can i get that file? in theory, it is provided by the glibc utils, but they are not ported to hp-ux until now. and to be honest, i don't intend to port them by myself. Try deleting that line from rlm_detail.c Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
MD5 problem on HP-UX
I compiled the pam_radius_auth on HP-UX 11 (PA-RISC 1.1 processor), but the password doesn't get encrypted correctly. When I decrypt the password on the server using the secret it just shows random characters. Could this be due to the md5 module ?? Thanks, Walter. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: MD5 problem on HP-UX
Lecossois, Walter [EMAIL PROTECTED] wrote: I compiled the pam_radius_auth on HP-UX 11 (PA-RISC 1.1 processor), but the password doesn't get encrypted correctly. When I decrypt the password on the server using the secret it just shows random characters. Could this be due to the md5 module ?? Maybe the shared secret is wrong. If not, it may be an HPUX specific bug. I know there's at least one platform which ships with broken MD5 functions, but I don't know if HPUX does the same. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: HP-UX
Erling Paulsen [EMAIL PROTECTED] wrote: Has anyone managed to compile FreeRADIUS under any version of HP-(s)UX? Yes, but it may require small amounts of editing header files. If you can supply patches, we will integrate them to make it easier for other people to build on HP-UX. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: HP-UX
At 11:05 AM 5/2/2002 +, Erling Paulsen wrote: Has anyone managed to compile FreeRADIUS under any version of HP-(s)UX? I believe people have attempted to do so in the past. I do not know of any recent posts to the list. If you have HP-UX/Tru-64/whatever you may want to give it a try yourself. Please post your results here, and we can attempt to help make any changes that might be needed to enable it to compile. -Chris -- \\\|||/// \ StarNet Inc. \Chris Parker \ ~ ~ / \ WX *is* Wireless!\ Director, Engineering | |\ http://www.starnetwx.net \ (847) 963-0116 oOo---(_)---oOo--\-- \ Wholesale Internet Services - http://www.megapop.net - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
HP-UX
Has anyone managed to compile FreeRADIUS under any version of HP-(s)UX? - Erling Paulsen - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Compiling pam_radius module on HP-UX
Hi, Does anybody have some experience or hints on how to get the pam_radius module compiled on HP-UX (10.20 and 11) ? Thanks, Walter. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Installation of FREERADIUS 3.0 on HP-UX 11
Luis Azevedo [EMAIL PROTECTED] wrote: I'm trying to build freeradius 3.0 in a HP-UX 11. I'm using GCC and GMAKE 3.79.1 The problem is: I get the compilation aborted due to strange source errors... HPUX is a strange system... raduse.c: In function `listnas': raduse.c:93: structure has no member named `ut_tv' OK... so we need to find out what the structure *is* called. It sounds like a umtp/utmpx issue. HP (like AIX) is a very *odd* kind of Unix, to put it politely. Anyone ever compiled freeradius on this platform? Yes, but probably not for a while. As always, patches are welcome. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
HP-UX 11 FreeRadius0.3 compilation problems...
Hi all, Im trying to compile and install FREERADIUS0.3 on a HP-UX 11.0 Im using gcc3.0 and gmake. The problem is the following: -- gcc -g -O2 -D_REENTRANT -Wall -D_GNU_SOURCE -DNDEBUG -I../include -c -o raduse.o raduse.c In file included from raduse.c:27: /opt/gcc/lib/gcc-lib/hppa2.0n-hp-hpux11.00/2.95.3/include/stdlib.h:28: warning: `__va__list' redefined /opt/gcc/lib/gcc-lib/hppa2.0n-hp-hpux11.00/2.95.3/include/stdio.h:30: warning: this is the location of t he previous definition In file included from /opt/gcc/lib/gcc-lib/hppa2.0n-hp-hpux11.00/2.95.3/include/sys/types.h:11, from /opt/gcc/lib/gcc-lib/hppa2.0n-hp-hpux11.00/2.95.3/include/stdio.h:33, from raduse.c:26: /opt/gcc/lib/gcc-lib/hppa2.0n-hp-hpux11.00/2.95.3/include/sys/_inttypes.h:38 : warning: empty declaration /opt/gcc/lib/gcc-lib/hppa2.0n-hp-hpux11.00/2.95.3/include/sys/_inttypes.h:42 : warning: empty declaration raduse.c: In function `listnas': raduse.c:93: structure has no member named `ut_tv' raduse.c: In function `fillstruct': raduse.c:151: structure has no member named `ut_tv' raduse.c:183: structure has no member named `ut_tv' raduse.c:192: structure has no member named `ut_tv' make[4]: *** [raduse.o] Error 1 make[4]: Leaving directory `/users/npmsi/freeradius-0.3/src/main' make[3]: *** [common] Error 1 make[3]: Leaving directory `/users/npmsi/freeradius-0.3/src' make[2]: *** [all] Error 2 make[2]: Leaving directory `/users/npmsi/freeradius-0.3/src' make[1]: *** [common] Error 1 make[1]: Leaving directory `/users/npmsi/freeradius-0.3' make: *** [all] Error 2 --- If one take a look at raduse.c line 93 the following appears: fread(ut, UTSIZE, 1, fp); if (ut.ut_time stop) break; There is no ut_tv member... The same with the other lines... What could be wrong here? Thanks, Luis. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: Installation of FREERADIUS 3.0 on HP-UX 11
Hi Alan, It seems that is a UTMP detection bug related with HP-UX... We found the procedure that is described in BUG#125: Incorrect UTMP detection on HP-UX. It's installed now! Let's see if new surprises arises... Thanks a lot for your prompt response, Luis. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] Sent: Tuesday, October 30, 2001 3:51 PM To: [EMAIL PROTECTED] Subject: Re: Installation of FREERADIUS 3.0 on HP-UX 11 Luis Azevedo [EMAIL PROTECTED] wrote: I'm trying to build freeradius 3.0 in a HP-UX 11. I'm using GCC and GMAKE 3.79.1 The problem is: I get the compilation aborted due to strange source errors... HPUX is a strange system... raduse.c: In function `listnas': raduse.c:93: structure has no member named `ut_tv' OK... so we need to find out what the structure *is* called. It sounds like a umtp/utmpx issue. HP (like AIX) is a very *odd* kind of Unix, to put it politely. Anyone ever compiled freeradius on this platform? Yes, but probably not for a while. As always, patches are welcome. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
