Re: (RADIATOR) BUG? EAP TLS hangs
Thanks Mike, I'll download the patches and carry out my tests again... Ken - Original Message - From: "Mike McCauley" <[EMAIL PROTECTED]> To: "Ken Wolstencroft" <[EMAIL PROTECTED]>; "Denis Pavani" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Tuesday, July 01, 2003 12:38 AM Subject: Re: (RADIATOR) BUG? EAP TLS hangs > Hello all, > > > On Tue, 1 Jul 2003 04:27 am, Ken Wolstencroft wrote: > > Hi Denis, > > > > I had the same problem and spent ages recompiling OpenSSL with all the ssl > > version work arounds etc. > > > > The way I finally solved it was to add the following to the EAPTLS AuthBy: > > > > EAPTLS_SessionResumption 0 > > > > Can anyone suggest why this happens in the first place and why stopping > > session resumption seems to solve the problem. > > We made a patch recently for a similar issue. It occured after a failed > attempt to resume a session, so thats why setting EAPTLS_SessionResumption 0 > fixed it. > > Cheers. > > > > > All the best, > > Ken > > MyZones Ltd > > > > - Original Message - > > From: "Denis Pavani" <[EMAIL PROTECTED]> > > To: <[EMAIL PROTECTED]> > > Sent: Monday, June 30, 2003 4:44 PM > > Subject: (RADIATOR) BUG? EAP TLS hangs > > > > > Hello, I got a strange behaviour from Radiator 3.6, on Solaris with > > > OpenSSL 0.9.7a > > > Most of time, all authentication are OK, but sometimes EAP-TLS stop > > > working, and gives errors as below. > > > Restarting the daemon (sending an HUP signal does not work, I must kill > > > process and restart) fixes the situation. > > > Any idea? > > > > > > Mon Jun 30 17:30:17 2003: DEBUG: Handling with Radius::AuthLDAP2: > > > Mon Jun 30 17:30:17 2003: DEBUG: Handling with EAP: code 2, 33, 98 > > > Mon Jun 30 17:30:17 2003: DEBUG: Response type 13 > > > Mon Jun 30 17:30:17 2003: ERR: EAP TLS error: -1, 1, 24576, 10385: 1 - > > > error:14 > > > 0A4044:SSL routines:SSL_clear:internal error > > > 10385: 2 - error:14080044:SSL routines:SSL3_ACCEPT:internal error > > > > > > Mon Jun 30 17:30:17 2003: DEBUG: Handling with Radius::AuthFILE: > > > Mon Jun 30 17:30:17 2003: DEBUG: Handling with EAP: code 2, 33, 98 > > > Mon Jun 30 17:30:17 2003: DEBUG: Response type 13 > > > Mon Jun 30 17:30:17 2003: ERR: EAP TLS error: -1, 1, 24576, 10385: 1 - > > > error:14 > > > 0A4044:SSL routines:SSL_clear:internal error > > > 10385: 2 - error:14080044:SSL routines:SSL3_ACCEPT:internal error > > > > > > Mon Jun 30 17:30:17 2003: INFO: Access rejected for [EMAIL PROTECTED]: > > > EAP TLS > > > error > > > > > > -- > > > > > > Denis Pavani > > > > > > CINECA-Comunicazioni e Sistemi Distribuiti > > > NOC - Network Operations Center > > > > > > phone:+39 0516171953 / fax:+39 0516132198 > > > http://www.cineca.it > > > > > > "Siamo pagati per adattarci, improvvisare e raggiungere lo scopo" > > > -- Gunny Highway > > > > > > > > > === > > > Archive at http://www.open.com.au/archives/radiator/ > > > Announcements on [EMAIL PROTECTED] > > > To unsubscribe, email '[EMAIL PROTECTED]' with > > > 'unsubscribe radiator' in the body of the message. > > > > --- > > Outgoing mail is certified Virus Free. > > Checked by AVG anti-virus system (http://www.grisoft.com). > > Version: 6.0.493 / Virus Database: 292 - Release Date: 6/25/2003 > > > > === > > Archive at http://www.open.com.au/archives/radiator/ > > Announcements on [EMAIL PROTECTED] > > To unsubscribe, email '[EMAIL PROTECTED]' with > > 'unsubscribe radiator' in the body of the message. > > -- > Mike McCauley [EMAIL PROTECTED] > Open System Consultants Pty. LtdUnix, Perl, Motif, C++, WWW > 24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au > Phone +61 3 9598-0985 Fax +61 3 9598-0955 > > Radiator: the most portable, flexible and configurable RADIUS server > anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, > Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, > TTLS, PEAP etc on Unix, Windows, MacOS etc. > --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.495 / Virus Database: 294 - Release Date: 6/30/2003 === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) BUG? EAP TLS hangs
Hello Denis, On Tue, 1 Jul 2003 01:44 am, Denis Pavani wrote: > Hello, I got a strange behaviour from Radiator 3.6, on Solaris with > OpenSSL 0.9.7a > Most of time, all authentication are OK, but sometimes EAP-TLS stop > working, and gives errors as below. > Restarting the daemon (sending an HUP signal does not work, I must kill > process and restart) fixes the situation. > Any idea? Do you have the _latest_ patches for 3.6. I think an issue similar to that was addressed recently. Cheers. > > Mon Jun 30 17:30:17 2003: DEBUG: Handling with Radius::AuthLDAP2: > Mon Jun 30 17:30:17 2003: DEBUG: Handling with EAP: code 2, 33, 98 > Mon Jun 30 17:30:17 2003: DEBUG: Response type 13 > Mon Jun 30 17:30:17 2003: ERR: EAP TLS error: -1, 1, 24576, 10385: 1 - > error:14 > 0A4044:SSL routines:SSL_clear:internal error > 10385: 2 - error:14080044:SSL routines:SSL3_ACCEPT:internal error > > Mon Jun 30 17:30:17 2003: DEBUG: Handling with Radius::AuthFILE: > Mon Jun 30 17:30:17 2003: DEBUG: Handling with EAP: code 2, 33, 98 > Mon Jun 30 17:30:17 2003: DEBUG: Response type 13 > Mon Jun 30 17:30:17 2003: ERR: EAP TLS error: -1, 1, 24576, 10385: 1 - > error:14 > 0A4044:SSL routines:SSL_clear:internal error > 10385: 2 - error:14080044:SSL routines:SSL3_ACCEPT:internal error > > Mon Jun 30 17:30:17 2003: INFO: Access rejected for [EMAIL PROTECTED]: > EAP TLS > error -- Mike McCauley [EMAIL PROTECTED] Open System Consultants Pty. LtdUnix, Perl, Motif, C++, WWW 24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au Phone +61 3 9598-0985 Fax +61 3 9598-0955 Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, TTLS, PEAP etc on Unix, Windows, MacOS etc. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) BUG? EAP TLS hangs
Hello all, On Tue, 1 Jul 2003 04:27 am, Ken Wolstencroft wrote: > Hi Denis, > > I had the same problem and spent ages recompiling OpenSSL with all the ssl > version work arounds etc. > > The way I finally solved it was to add the following to the EAPTLS AuthBy: > > EAPTLS_SessionResumption 0 > > Can anyone suggest why this happens in the first place and why stopping > session resumption seems to solve the problem. We made a patch recently for a similar issue. It occured after a failed attempt to resume a session, so thats why setting EAPTLS_SessionResumption 0 fixed it. Cheers. > > All the best, > Ken > MyZones Ltd > > - Original Message - > From: "Denis Pavani" <[EMAIL PROTECTED]> > To: <[EMAIL PROTECTED]> > Sent: Monday, June 30, 2003 4:44 PM > Subject: (RADIATOR) BUG? EAP TLS hangs > > > Hello, I got a strange behaviour from Radiator 3.6, on Solaris with > > OpenSSL 0.9.7a > > Most of time, all authentication are OK, but sometimes EAP-TLS stop > > working, and gives errors as below. > > Restarting the daemon (sending an HUP signal does not work, I must kill > > process and restart) fixes the situation. > > Any idea? > > > > Mon Jun 30 17:30:17 2003: DEBUG: Handling with Radius::AuthLDAP2: > > Mon Jun 30 17:30:17 2003: DEBUG: Handling with EAP: code 2, 33, 98 > > Mon Jun 30 17:30:17 2003: DEBUG: Response type 13 > > Mon Jun 30 17:30:17 2003: ERR: EAP TLS error: -1, 1, 24576, 10385: 1 - > > error:14 > > 0A4044:SSL routines:SSL_clear:internal error > > 10385: 2 - error:14080044:SSL routines:SSL3_ACCEPT:internal error > > > > Mon Jun 30 17:30:17 2003: DEBUG: Handling with Radius::AuthFILE: > > Mon Jun 30 17:30:17 2003: DEBUG: Handling with EAP: code 2, 33, 98 > > Mon Jun 30 17:30:17 2003: DEBUG: Response type 13 > > Mon Jun 30 17:30:17 2003: ERR: EAP TLS error: -1, 1, 24576, 10385: 1 - > > error:14 > > 0A4044:SSL routines:SSL_clear:internal error > > 10385: 2 - error:14080044:SSL routines:SSL3_ACCEPT:internal error > > > > Mon Jun 30 17:30:17 2003: INFO: Access rejected for [EMAIL PROTECTED]: > > EAP TLS > > error > > > > -- > > > > Denis Pavani > > > > CINECA-Comunicazioni e Sistemi Distribuiti > > NOC - Network Operations Center > > > > phone:+39 0516171953 / fax:+39 0516132198 > > http://www.cineca.it > > > > "Siamo pagati per adattarci, improvvisare e raggiungere lo scopo" > > -- Gunny Highway > > > > > > === > > Archive at http://www.open.com.au/archives/radiator/ > > Announcements on [EMAIL PROTECTED] > > To unsubscribe, email '[EMAIL PROTECTED]' with > > 'unsubscribe radiator' in the body of the message. > > --- > Outgoing mail is certified Virus Free. > Checked by AVG anti-virus system (http://www.grisoft.com). > Version: 6.0.493 / Virus Database: 292 - Release Date: 6/25/2003 > > === > Archive at http://www.open.com.au/archives/radiator/ > Announcements on [EMAIL PROTECTED] > To unsubscribe, email '[EMAIL PROTECTED]' with > 'unsubscribe radiator' in the body of the message. -- Mike McCauley [EMAIL PROTECTED] Open System Consultants Pty. LtdUnix, Perl, Motif, C++, WWW 24 Bateman St Hampton, VIC 3188 Australia http://www.open.com.au Phone +61 3 9598-0985 Fax +61 3 9598-0955 Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, TTLS, PEAP etc on Unix, Windows, MacOS etc. === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
Re: (RADIATOR) BUG? EAP TLS hangs
Hi Denis, I had the same problem and spent ages recompiling OpenSSL with all the ssl version work arounds etc. The way I finally solved it was to add the following to the EAPTLS AuthBy: EAPTLS_SessionResumption 0 Can anyone suggest why this happens in the first place and why stopping session resumption seems to solve the problem. All the best, Ken MyZones Ltd - Original Message - From: "Denis Pavani" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, June 30, 2003 4:44 PM Subject: (RADIATOR) BUG? EAP TLS hangs > Hello, I got a strange behaviour from Radiator 3.6, on Solaris with > OpenSSL 0.9.7a > Most of time, all authentication are OK, but sometimes EAP-TLS stop > working, and gives errors as below. > Restarting the daemon (sending an HUP signal does not work, I must kill > process and restart) fixes the situation. > Any idea? > > Mon Jun 30 17:30:17 2003: DEBUG: Handling with Radius::AuthLDAP2: > Mon Jun 30 17:30:17 2003: DEBUG: Handling with EAP: code 2, 33, 98 > Mon Jun 30 17:30:17 2003: DEBUG: Response type 13 > Mon Jun 30 17:30:17 2003: ERR: EAP TLS error: -1, 1, 24576, 10385: 1 - > error:14 > 0A4044:SSL routines:SSL_clear:internal error > 10385: 2 - error:14080044:SSL routines:SSL3_ACCEPT:internal error > > Mon Jun 30 17:30:17 2003: DEBUG: Handling with Radius::AuthFILE: > Mon Jun 30 17:30:17 2003: DEBUG: Handling with EAP: code 2, 33, 98 > Mon Jun 30 17:30:17 2003: DEBUG: Response type 13 > Mon Jun 30 17:30:17 2003: ERR: EAP TLS error: -1, 1, 24576, 10385: 1 - > error:14 > 0A4044:SSL routines:SSL_clear:internal error > 10385: 2 - error:14080044:SSL routines:SSL3_ACCEPT:internal error > > Mon Jun 30 17:30:17 2003: INFO: Access rejected for [EMAIL PROTECTED]: > EAP TLS > error > > -- > > Denis Pavani > > CINECA-Comunicazioni e Sistemi Distribuiti > NOC - Network Operations Center > > phone:+39 0516171953 / fax:+39 0516132198 > http://www.cineca.it > > "Siamo pagati per adattarci, improvvisare e raggiungere lo scopo" > -- Gunny Highway > > > === > Archive at http://www.open.com.au/archives/radiator/ > Announcements on [EMAIL PROTECTED] > To unsubscribe, email '[EMAIL PROTECTED]' with > 'unsubscribe radiator' in the body of the message. --- Outgoing mail is certified Virus Free. Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.493 / Virus Database: 292 - Release Date: 6/25/2003 === Archive at http://www.open.com.au/archives/radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
