Re: GDB output : Problem with PEAP auth using xp clients
atul dhingra" <[EMAIL PROTECTED]> wrote: > Please find below the gdb output, would appreciate your comments: ... > (gdb) bt > #0 0x401420d7 in BIO_read () from /lib/libcrypto.so.0.9.7 > #1 0x40290ffe in tls_handshake_send (ssn=0x40290798) at tls.c:230 Look at the parameters passed by that line of code to the BIO_read function. See if any are NULL, and if so, why. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
GDB output : Problem with PEAP auth using xp clients
So you're still getting the core dump. Let me guess... you have two versions of OpenSSL installed, and you built the server without using "--disable-shared". >> Fix one of those two problems, and it will work. >> Alan DeKok. I am still getting the same dump, I have used --disable-shared while building the radius server Please find below the gdb output, would appreciate your comments: auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 4 rlm_eap: Request found, released from the list rlm_eap: EAP/peap rlm_eap: processing type peap rlm_eap_peap: Authenticate rlm_eap_tls: processing TLS rlm_eap_tls: Received EAP-TLS ACK message rlm_eap_tls: ack handshake is finished eaptls_verify returned 3 eaptls_process returned 3 Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 1076225856 (LWP 17733)] 0x401420d7 in BIO_read () from /lib/libcrypto.so.0.9.7 (gdb) bt #0 0x401420d7 in BIO_read () from /lib/libcrypto.so.0.9.7 #1 0x40290ffe in tls_handshake_send (ssn=0x40290798) at tls.c:230 #2 0x40295852 in eappeap_authenticate (arg=0x8194920, handler=0x819e4f8) at rlm_eap_peap.c:192 #3 0x4027b46d in eaptype_call (atype=0x8174b70, handler=0x819e4f8) at eap.c:170 #4 0x4027b5ce in eaptype_select (inst=0x81571b0, handler=0x819e4f8) at eap.c:353 #5 0x4027ab80 in eap_authenticate (instance=0x81571b0, request=0x81c1d80) at rlm_eap.c:289 #6 0x0805423c in call_modsingle (component=0, sp=0x8156730, request=0x81c1d80, default_result=0) at modcall.c:226 #7 0x080543a2 in modcall (component=0, c=0x8156730, request=0x81c1d80) at modcall.c:353 #8 0x0805432d in call_modgroup (component=0, g=0x57e58955, request=0x81c1d80, default_result=0) at modcall.c:261 #9 0x08054419 in modcall (component=0, c=0x8197120, request=0x81c1d80) at modcall.c:344 #10 0x08053f17 in module_authenticate (auth_type=6, request=0x81c1d80) at modules.c:907 #11 0x0805129c in rad_check_password (request=0x81c1d80) at auth.c:324 #12 0x080516af in rad_authenticate (request=0x81c1d80) at auth.c:586 #13 0x0804d17d in rad_respond (request=0x81c1d80, fun=0x80515c8 ) at radiusd.c:1555 ---Type to continue, or q to quit--- #14 0x0804cd85 in main (argc=2, argv=0x81c1d80) at radiusd.c:1327 #15 0x42015574 in __libc_start_main () from /lib/tls/libc.so.6 _ Sports, sports and more sports! Keep up with all thats happening! http://www.msn.co.in/sports/ Stay connected with MSN Sports! - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Problem with PEAP auth using xp clients
So you're still getting the core dump. Let me guess... you have two versions of OpenSSL installed, and you built the server without using "--disable-shared". >> Fix one of those two problems, and it will work. >> Alan DeKok. I am still getting the same dump, I have used --disable-shared while building the radius server Please find below the gdb output, would appreciate your comments: auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 4 rlm_eap: Request found, released from the list rlm_eap: EAP/peap rlm_eap: processing type peap rlm_eap_peap: Authenticate rlm_eap_tls: processing TLS rlm_eap_tls: Received EAP-TLS ACK message rlm_eap_tls: ack handshake is finished eaptls_verify returned 3 eaptls_process returned 3 Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 1076225856 (LWP 17733)] 0x401420d7 in BIO_read () from /lib/libcrypto.so.0.9.7 (gdb) bt #0 0x401420d7 in BIO_read () from /lib/libcrypto.so.0.9.7 #1 0x40290ffe in tls_handshake_send (ssn=0x40290798) at tls.c:230 #2 0x40295852 in eappeap_authenticate (arg=0x8194920, handler=0x819e4f8) at rlm_eap_peap.c:192 #3 0x4027b46d in eaptype_call (atype=0x8174b70, handler=0x819e4f8) at eap.c:170 #4 0x4027b5ce in eaptype_select (inst=0x81571b0, handler=0x819e4f8) at eap.c:353 #5 0x4027ab80 in eap_authenticate (instance=0x81571b0, request=0x81c1d80) at rlm_eap.c:289 #6 0x0805423c in call_modsingle (component=0, sp=0x8156730, request=0x81c1d80, default_result=0) at modcall.c:226 #7 0x080543a2 in modcall (component=0, c=0x8156730, request=0x81c1d80) at modcall.c:353 #8 0x0805432d in call_modgroup (component=0, g=0x57e58955, request=0x81c1d80, default_result=0) at modcall.c:261 #9 0x08054419 in modcall (component=0, c=0x8197120, request=0x81c1d80) at modcall.c:344 #10 0x08053f17 in module_authenticate (auth_type=6, request=0x81c1d80) at modules.c:907 #11 0x0805129c in rad_check_password (request=0x81c1d80) at auth.c:324 #12 0x080516af in rad_authenticate (request=0x81c1d80) at auth.c:586 #13 0x0804d17d in rad_respond (request=0x81c1d80, fun=0x80515c8 ) at radiusd.c:1555 ---Type to continue, or q to quit--- #14 0x0804cd85 in main (argc=2, argv=0x81c1d80) at radiusd.c:1327 #15 0x42015574 in __libc_start_main () from /lib/tls/libc.so.6 _ Sports, sports and more sports! Keep up with all thats happening! http://www.msn.co.in/sports/ Stay connected with MSN Sports! - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Subject: Re: Problem with PEAP auth using xp clients
"atul dhingra" <[EMAIL PROTECTED]> wrote: > I am still getting the same dump, I have used --disable-shared while > building the radius server > Would appreciate your comments gdb and/or valgrind. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Subject: Re: Problem with PEAP auth using xp clients
atul dhingra" <[EMAIL PROTECTED]> wrote: Following is the crux of what I am stuck on now: ... So you're still getting the core dump. Let me guess... you have two versions of OpenSSL installed, and you built the server without using "--disable-shared". > Fix one of those two problems, and it will work. > Alan DeKok. I am still getting the same dump, I have used --disable-shared while building the radius server Would appreciate your comments Thanks and regards AD _ Get head-hunted by 10,500 recruiters. http://www.naukri.com/msn/index.php?source=hottag Post your CV on naukri.com today. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Problem with PEAP auth using xp clients
"atul dhingra" <[EMAIL PROTECTED]> wrote: > Following is the crux of what I am stuck on now: ... So you're still getting the core dump. Let me guess... you have two versions of OpenSSL installed, and you built the server without using "--disable-shared". Fix one of those two problems, and it will work. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Problem with PEAP auth using xp clients
Hello, Following is the crux of what I am stuck on now: I am trying to use freeradius for xp clients, I get following messages when trying to use peap as default eap type (full log attched) : First i recieve all the success logs as follows: ...truncated... TLS_accept: SSLv3 write finished A TLS_accept: SSLv3 flush data (other): SSL negotiation finished successfully SSL Connection Established eaptls_process returned 13 rlm_eap_peap: EAPTLS_HANDLED modcall[authenticate]: module "eap" returns handled for request 3 modcall: group authenticate returns handled for request 3 Sending Access-Challenge of id 161 to 172.26.6.62:44530 EAP-Message = 0x0106003119001403010001011603010020dcd1f01332d46809f26364 888ab19d2259e9d6cbda6cd4bfad8f3da4a2bdfbbf Message-Authenticator = 0x State = 0xa70046675337ee5045cb375a4b7466a0 Finished request 3 Going to the next request Waking up in 6 seconds... - And when I click on certificate prompt that says click to provide logon information I get following logs: - rlm_eap: Request found, released from the list rlm_eap: EAP/peap rlm_eap: processing type peap rlm_eap_peap: Authenticate rlm_eap_tls: processing TLS rlm_eap_tls: Received EAP-TLS ACK message rlm_eap_tls: ack handshake is finished eaptls_verify returned 3 eaptls_process returned 3 Segmentation fault These are the steps I have followed : 1. installed openssl openssl-0.9.7b 2. installed freeradius freeradius-snapshot-20041006 3. imported certificate root.der to xp client and did the set up as in 'how to' document at freeradius web site TIA AD _ Buy or Sell. http://ads2.baazee.com/cgi-bin/banners/redirect.pl?id=1124 New and Used Items. rad_recv: Access-Request packet from host 172.26.6.62:44530, id=158, length=140 EAP-Message = 0x0202000d01737572696e646572 Calling-Station-Id = "00-09-5B-67-59-5B" Called-Station-Id = "00-85-A0-01-01-01:Viking" User-Name = "surinder" NAS-IP-Address = 172.26.6.62 NAS-Port = 3866625 NAS-Port-Type = Wireless-802.11 NAS-Port-Id = "wlan-0" Framed-MTU = 1300 Message-Authenticator = 0xbd075cd5ef2ee84b8d1ec889c3893e1b Processing the authorize section of radiusd.conf modcall: entering group authorize for request 0 modcall[authorize]: module "preprocess" returns ok for request 0 modcall[authorize]: module "chap" returns noop for request 0 modcall[authorize]: module "mschap" returns noop for request 0 rlm_realm: No '@' in User-Name = "surinder", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop for request 0 rlm_eap: EAP packet type response id 2 length 13 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 0 users: Matched DEFAULT at 152 modcall[authorize]: module "files" returns ok for request 0 modcall[authorize]: module "expiration" returns noop for request 0 modcall[authorize]: module "logintime" returns noop for request 0 modcall: group authorize returns updated for request 0 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 0 rlm_eap: EAP Identity rlm_eap: processing type tls rlm_eap_tls: Initiate rlm_eap_tls: Start returned 1 modcall[authenticate]: module "eap" returns handled for request 0 modcall: group authenticate returns handled for request 0 Sending Access-Challenge of id 158 to 172.26.6.62:44530 EAP-Message = 0x010300061920 Message-Authenticator = 0x State = 0x38f2f52a431bdbaabd3cd770f91831b0 Finished request 0 Going to the next request --- Walking the entire request list --- Waking up in 6 seconds... rad_recv: Access-Request packet from host 172.26.6.62:44530, id=159, length=225 EAP-Message = 0x02030050198000461603010041013d0301416a7618bf49c1 0fde73665508a9676474635f287049af08d36883af96c6a64a1600040005000a000900640062 000300060013001200630100 Calling-Station-Id = "00-09-5B-67-59-5B" Called-Station-Id = "00-85-A0-01-01-01:Viking" User-Name = "surinder" NAS-IP-Address = 172.26.6.62 NAS-Port = 3866625 NAS-Port-Type = Wireless-802.11 NAS-Port-Id = "wlan-0" Framed-MTU = 1300 State = 0x38f2f52a431bdbaabd3cd770f91831b0 Message-Authenticator = 0x84cbbd34d0c669b5bf2d268398eaae3c Processing the authorize section of radiusd.conf modcall: entering group authorize for request 1 modcall[authorize]: module "preprocess" returns ok for request 1 modcall[authorize]: module "chap" returns noop for request 1 modcall[authorize]: module "mschap" returns noop for request 1 rlm_realm: No '@' in User-Name = "surinder", looking up realm NULL