help !something about hostap-xsupplicant-freeradius!!

tan keen keentan_coldfire
Tue Mar 25 19:45:10 PST 2003


continue :       freeradius 

 

####### run-radius -X -A  

i got:

   Starting - reading configuration files ...
reread_config:  reading radiusd.conf
Config:   including file: /usr/local/radius/etc/raddb/proxy.conf
Config:   including file: /usr/local/radius/etc/raddb/clients.conf
Config:   including file: /usr/local/radius/etc/raddb/snmp.conf
Config:   including file: /usr/local/radius/etc/raddb/sql.conf
 main: prefix = "/usr/local/radius"
 main: localstatedir = "/usr/local/radius/var"
 main: logdir = "/usr/local/radius/var/log/radius"
 main: libdir = "/usr/local/radius/lib"
 main: radacctdir = "/usr/local/radius/var/log/radius/radacct"
 main: hostname_lookups = no
 main: snmp = no
 main: max_request_time = 30
 main: cleanup_delay = 5
 main: max_requests = 1024
 main: delete_blocked_requests = 0
 main: port = 0
 main: allow_core_dumps = no
 main: log_stripped_names = no
 main: log_file = "/usr/local/radius/var/log/radius/radius.log"
 main: log_auth = no
 main: log_auth_badpass = no
 main: log_auth_goodpass = no
 main: pidfile = "/usr/local/radius/var/run/radiusd/radiusd.pid"
 main: user = "(null)"
 main: group = "(null)"
 main: usercollide = no
 main: lower_user = "no"
 main: lower_pass = "no"
 main: nospace_user = "no"
 main: nospace_pass = "no"
 main: checkrad = "/usr/local/radius/sbin/checkrad"
 main: proxy_requests = yes
 proxy: retry_delay = 5
 proxy: retry_count = 3
 proxy: synchronous = no
 proxy: default_fallback = yes
 proxy: dead_time = 120
 proxy: post_proxy_authorize = yes
 security: max_attributes = 200
 security: reject_delay = 1
 security: status_server = no
 main: debug_level = 0
read_config_files:  reading dictionary
read_config_files:  reading naslist
read_config_files:  reading clients
read_config_files:  reading realms
radiusd:  entering modules setup
Module: Library search path is /usr/local/radius/lib
Module: Loaded expr 
Module: Instantiated expr (expr) 
Module: Loaded PAP 
 pap: encryption_scheme = "crypt"
Module: Instantiated pap (pap) 
Module: Loaded CHAP 
Module: Instantiated chap (chap) 
Module: Loaded MS-CHAP 
 mschap: ignore_password = no
 mschap: use_mppe = yes
 mschap: require_encryption = no
 mschap: require_strong = no
 mschap: passwd = "(null)"
 mschap: authtype = "MS-CHAP"
Module: Instantiated mschap (mschap) 
Module: Loaded System 
 unix: cache = no
 unix: passwd = "/etc/passwd"
 unix: shadow = "/etc/shadow"
 unix: group = "/etc/group"
 unix: radwtmp = "/usr/local/radius/var/log/radius/radwtmp"
 unix: usegroup = no
 unix: cache_reload = 600
Module: Instantiated unix (unix) 
Module: Loaded eap 
 eap: default_eap_type = "tls"
 eap: timer_expire = 60
rlm_eap: Loaded and initialized the type md5
rlm_eap: Loaded and initialized the type leap
 tls: rsa_key_exchange = no
 tls: dh_key_exchange = yes
 tls: rsa_key_length = 512
 tls: dh_key_length = 512
 tls: verify_depth = 0
 tls: CA_path = "(null)"
 tls: pem_file_type = yes
 tls: private_key_file = "/etc/1x/r/cert-srv.pem"
 tls: certificate_file = "/etc/1x/r/cert-srv.pem"
 tls: CA_file = "/etc/1x/r/root.pem"
 tls: private_key_password = "whatever"
 tls: dh_file = "/etc/1x/r/dh"
 tls: random_file = "/etc/1x/r/random"
 tls: fragment_size = 1024
 tls: include_length = yes
rlm_eap_tls: conf N ctx stored 
rlm_eap: Loaded and initialized the type tls
Module: Instantiated eap (eap) 
Module: Loaded preprocess 
 preprocess: huntgroups = "/usr/local/radius/etc/raddb/huntgroups"
 preprocess: hints = "/usr/local/radius/etc/raddb/hints"
 preprocess: with_ascend_hack = no
 preprocess: ascend_channels_per_line = 23
 preprocess: with_ntdomain_hack = no
 preprocess: with_specialix_jetstream_hack = no
 preprocess: with_cisco_vsa_hack = no
Module: Instantiated preprocess (preprocess) 
Module: Loaded realm 
 realm: format = "suffix"
 realm: delimiter = "@"
Module: Instantiated realm (suffix) 
Module: Loaded files 
 files: usersfile = "/usr/local/radius/etc/raddb/users"
 files: acctusersfile = "/usr/local/radius/etc/raddb/acct_users"
 files: preproxy_usersfile = "/usr/local/radius/etc/raddb/preproxy_users"
 files: compat = "no"
Module: Instantiated files (files) 
Module: Loaded Acct-Unique-Session-Id 
 acct_unique: key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port-Id"
Module: Instantiated acct_unique (acct_unique) 
Module: Loaded detail 
 detail: detailfile = "/usr/local/radius/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d"
 detail: detailperm = 384
 detail: dirperm = 493
 detail: locking = no
Module: Instantiated detail (detail) 
Module: Loaded radutmp 
 radutmp: filename = "/usr/local/radius/var/log/radius/radutmp"
 radutmp: username = "%{User-Name}"
 radutmp: case_sensitive = yes
 radutmp: check_with_nas = yes
 radutmp: perm = 384
 radutmp: callerid = yes
Module: Instantiated radutmp (radutmp) 
Listening on IP address *, ports 1812/udp and 1813/udp, with proxy on 1814/udp.
Ready to process requests.
rad_recv: Access-Request packet from host 192.168.2.155:1386, id=0, length=154
 User-Name = "adam-ctl"
 NAS-IP-Address = 192.168.2.155
 NAS-Port = 1
 Called-Station-Id = "00-40-05-AF-05-14:test"
 Calling-Station-Id = "00-40-05-AF-05-2E"
 Framed-MTU = 1500
 NAS-Port-Type = Wireless-802.11
 Connect-Info = "CONNECT 11Mbps 802.11b"
 EAP-Message = 0x0201000d016164616d2d63746c
 Message-Authenticator = 0x1d2a7f0c2d0c4f1c71a1005ecae2ab7b
modcall: entering group authorize
  modcall[authorize]: module "preprocess" returns ok
rlm_chap: Could not find proper Chap-Password attribute in request
  modcall[authorize]: module "chap" returns noop
  rlm_eap: EAP packet type notification id 1 length 13
  modcall[authorize]: module "eap" returns updated
    rlm_realm: No '@' in User-Name = "adam-ctl", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop
    users: Matched adam-ctl at 97
  modcall[authorize]: module "files" returns ok
modcall: group authorize returns updated
  rad_check_password:  Found Auth-Type EAP
auth: type "EAP"
modcall: entering group authenticate
  rlm_eap: EAP packet type notification id 1 length 13
  rlm_eap: processing type tls
  modcall[authenticate]: module "eap" returns ok
modcall: group authenticate returns ok
Sending Access-Challenge of id 0 to 192.168.2.155:1386
 EAP-Message = 0x010200060d20
 Message-Authenticator = 0x00000000000000000000000000000000
 State = 0x1de79609653047a7e65e103f693ea0597f1f803ef7585dcdd2d3c255fe999d0b2d0dd409
Finished request 0
Going to the next request
--- Walking the entire request list ---
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 192.168.2.155:1386, id=1, length=241
 User-Name = "adam-ctl"
 NAS-IP-Address = 192.168.2.155
 NAS-Port = 1
 Called-Station-Id = "00-40-05-AF-05-14:test"
 Calling-Station-Id = "00-40-05-AF-05-2E"
 Framed-MTU = 1500
 NAS-Port-Type = Wireless-802.11
 Connect-Info = "CONNECT 11Mbps 802.11b"
 EAP-Message = 0x0202003e0d8000000034160301002f0100002b03013e801df2e50144f
 State = 0x1de79609653047a7e65e103f693ea0597f1f803ef7585dcdd2d3c255fe999d0b2d0dd409
 Message-Authenticator = 0x83283f64915512a8aa1c3832735d8621
modcall: entering group authorize
  modcall[authorize]: module "preprocess" returns ok
rlm_chap: Could not find proper Chap-Password attribute in request
  modcall[authorize]: module "chap" returns noop
  rlm_eap: EAP packet type notification id 2 length 62
  modcall[authorize]: module "eap" returns updated
    rlm_realm: No '@' in User-Name = "adam-ctl", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop
    users: Matched adam-ctl at 97
  modcall[authorize]: module "files" returns ok
modcall: group authorize returns updated
  rad_check_password:  Found Auth-Type EAP
auth: type "EAP"
modcall: entering group authenticate
  rlm_eap: EAP packet type notification id 2 length 62
  rlm_eap: Request found, released from the list
  rlm_eap: EAP_TYPE - tls
  rlm_eap: processing type tls
rlm_eap_tls:  Length Included
undefined: before/accept initialization 
TLS_accept: before/accept initialization 
<<< TLS 1.0 Handshake [length 002f], ClientHello

TLS_accept: SSLv3 read client hello A 
>>> TLS 1.0 Handshake [length 004a], ServerHello

TLS_accept: SSLv3 write server hello A 
>>> TLS 1.0 Handshake [length 07aa], Certificate

TLS_accept: SSLv3 write certificate A 
>>> TLS 1.0 Handshake [length 00b0], CertificateRequest

TLS_accept: SSLv3 write certificate request A 
TLS_accept: SSLv3 flush data 
TLS_accept:error in SSLv3 read client certificate A 
rlm_eap_tls: SSL_read Error
 Error code is ..... 2 
 SSL Error ..... 2 
  modcall[authenticate]: module "eap" returns ok
modcall: group authenticate returns ok
Sending Access-Challenge of id 1 to 192.168.2.155:1386
 EAP-Message = 0x0103040a0dc0000008b3160301004a0200004603013e801f7f0110ec0e4c343049dc7714a3686a845487a1a1b736f5f6af0b7a1bdc204613e53a6ba3c2d5d586ab637b12b5fd73c92d04ec9bcb538b44ff887566e58100040016030107aa0b0007a60007a30003e6308203e23082034ba003020102020102300d06092a864886f70d010104050030819e310b30090603550406130255533111300f060355040813084d6172796c616e64311530130603550407130c436f6c6c656765205061726b311f301d060355040a1316556e6976657273697479206f66204d6172796c616e64310e300c060355040b13054d4953534c3112301006035504031309
 EAP-Message = 0x6164616d2d726f6f743120301e06092a864886f70d01090116116164616d40636661722e756d642e656475301e170d3032303232383038343030375a170d3033303232383038343030375a3081a0310b30090603550406130255533111300f060355040813084d6172796c616e64311530130603550407130c436f6c6c656765205061726b311f301d060355040a1316556e6976657273697479206f66204d6172796c616e64310e300c060355040b13054d4953534c311430120603550403130b6164616d2d7365727665723120301e06092a864886f70d01090116116164616d40636661722e756d642e65647530819f300d06092a864886f70d0101
 EAP-Message = 0x01050003818d0030818902818100bb02c243540c09a20d64a5c8c29bca7727f62a6432265c38fd4900392d5754469617386e959cb43eee77cc98a80c1e8fcfda55813115edc142141b953b5771b79e1a32bbdc2f3b1d0046082db28fe553631f83cd21411388949432c3b0d96cd77c046b32284a939240555ba0a8f38320b0921ef5c8b3cd1a9fadee9c3256c6e50203010001a382012a3082012630090603551d1304023000302c06096086480186f842010d041f161d4f70656e53534c2047656e657261746564204365727469666963617465301d0603551d0e04160414c66c3206e508b305c2353cae6192e9d21dd6b12c3081cb0603551d230481
 EAP-Message = 0xc33081c080146f89584e55edc5d0e6bd2d8b80fe919605897694a181a4a481a130819e310b30090603550406130255533111300f060355040813084d6172796c616e64311530130603550407130c436f6c6c656765205061726b311f301d060355040a1316556e6976657273697479206f66204d6172796c616e64310e300c060355040b13054d4953534c31123010060355040313096164616d2d726f6f743120301e06092a864886f70d01090116116164616d40636661722e756d642e656475820100300d06092a864886f70d01010405000381810002a0ec352165caeffc552e1476b8d0912997c06f287732c00a5b8373d3f2e1f1a985f1851cd3
 EAP-Message = 0xbc7abb38a7d905daa7abb2ae4cbcb6877e437e8be10d
 Message-Authenticator = 0x00000000000000000000000000000000
 State = 0x10fdcee015541c23f6667595678bf5127f1f803ea5d31079e0f98191138d8122ab4eafc0
Finished request 1
Going to the next request
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 192.168.2.155:1386, id=2, length=185
 User-Name = "adam-ctl"
 NAS-IP-Address = 192.168.2.155
 NAS-Port = 1
 Called-Station-Id = "00-40-05-AF-05-14:test"
 Calling-Station-Id = "00-40-05-AF-05-2E"
 Framed-MTU = 1500
 NAS-Port-Type = Wireless-802.11
 Connect-Info = "CONNECT 11Mbps 802.11b"
 EAP-Message = 0x020300060d00
 State = 0x10fdcee015541c23f6667595678bf5127f1f803ea5d31079e0f98191138d8122ab4eafc0
 Message-Authenticator = 0xee6fbaa0944c0ed3a7262ada9cf8f33c
modcall: entering group authorize
  modcall[authorize]: module "preprocess" returns ok
rlm_chap: Could not find proper Chap-Password attribute in request
  modcall[authorize]: module "chap" returns noop
  rlm_eap: EAP packet type notification id 3 length 6
  modcall[authorize]: module "eap" returns updated
    rlm_realm: No '@' in User-Name = "adam-ctl", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop
    users: Matched adam-ctl at 97
  modcall[authorize]: module "files" returns ok
modcall: group authorize returns updated
  rad_check_password:  Found Auth-Type EAP
auth: type "EAP"
modcall: entering group authenticate
  rlm_eap: EAP packet type notification id 3 length 6
  rlm_eap: Request found, released from the list
  rlm_eap: EAP_TYPE - tls
  rlm_eap: processing type tls
rlm_eap_tls: Received EAP-TLS ACK message
  modcall[authenticate]: module "eap" returns ok
modcall: group authenticate returns ok
Sending Access-Challenge of id 2 to 192.168.2.155:1386
 EAP-Message = 0x0104040a0dc0000008b393b9c3a5d96464990a2c72c0efdcd5e5fe040d41a1b4c426acb573ac968e7208d06cfe81b4cf79655a134275d844fc53d6b3a55fdcd5fac17fcee0aa86d3338e9fbc2acc0003b7308203b33082031ca003020102020100300d06092a864886f70d010104050030819e310b30090603550406130255533111300f060355040813084d6172796c616e64311530130603550407130c436f6c6c656765205061726b311f301d060355040a1316556e6976657273697479206f66204d6172796c616e64310e300c060355040b13054d4953534c31123010060355040313096164616d2d726f6f743120301e06092a864886f70d0109
 EAP-Message = 0x0116116164616d40636661722e756d642e656475301e170d3032303232383038333834345a170d3033303232383038333834345a30819e310b30090603550406130255533111300f060355040813084d6172796c616e64311530130603550407130c436f6c6c656765205061726b311f301d060355040a1316556e6976657273697479206f66204d6172796c616e64310e300c060355040b13054d4953534c31123010060355040313096164616d2d726f6f743120301e06092a864886f70d01090116116164616d40636661722e756d642e65647530819f300d06092a864886f70d010101050003818d0030818902818100b76856cbfed7232ee45c3e
 EAP-Message = 0xd43f8040e993252d513b9a045d14f5b7517dba75ea2fb28301f43e365bf24d708896b46b48436b17bcc6373878fb2c92c6355ecefda18e4a6f9b3d22da693e8710841074aba5f4711738aa23248cae7f14eca024366572eefdbf72549e937c977a2ceac764a2c95da163e5c0596e6cb092b4ae11dd0203010001a381fe3081fb301d0603551d0e041604146f89584e55edc5d0e6bd2d8b80fe9196058976943081cb0603551d230481c33081c080146f89584e55edc5d0e6bd2d8b80fe919605897694a181a4a481a130819e310b30090603550406130255533111300f060355040813084d6172796c616e64311530130603550407130c436f6c6c6567
 EAP-Message = 0x65205061726b311f301d060355040a1316556e6976657273697479206f66204d6172796c616e64310e300c060355040b13054d4953534c31123010060355040313096164616d2d726f6f743120301e06092a864886f70d01090116116164616d40636661722e756d642e656475820100300c0603551d13040530030101ff300d06092a864886f70d010104050003818100450e6fd396fb46ec1d9820542ecf1d75363f08b2cc07cb84b6d7451aff714c7a775d3bf1666973fb0c35e7cfd6c31a179d70c085bc459ba1294c1dca22cb9273c76c3b12f519a74318c3ae0d7705d32cfdf75ad32a597fbde29a2780c102ec0751a1adefff8ad463c1f5a175
 EAP-Message = 0x313c998a42537e8114e0bba00898c9963931d64d1603
 Message-Authenticator = 0x00000000000000000000000000000000
 State = 0x9aa445bba75b34a90f20258ea68c699c7f1f803e8e78ac8f7f23c1824f6cae6b45accbd6
Finished request 2
Going to the next request
Waking up in 6 seconds...
rad_recv: Access-Request packet from host 192.168.2.155:1386, id=3, length=185
 User-Name = "adam-ctl"
 NAS-IP-Address = 192.168.2.155
 NAS-Port = 1
 Called-Station-Id = "00-40-05-AF-05-14:test"
 Calling-Station-Id = "00-40-05-AF-05-2E"
 Framed-MTU = 1500
 NAS-Port-Type = Wireless-802.11
 Connect-Info = "CONNECT 11Mbps 802.11b"
 EAP-Message = 0x020400060d00
 State = 0x9aa445bba75b34a90f20258ea68c699c7f1f803e8e78ac8f7f23c1824f6cae6b45accbd6
 Message-Authenticator = 0xde7c08fcf4e7d793c64b85c841c10ba8
modcall: entering group authorize
  modcall[authorize]: module "preprocess" returns ok
rlm_chap: Could not find proper Chap-Password attribute in request
  modcall[authorize]: module "chap" returns noop
  rlm_eap: EAP packet type notification id 4 length 6
  modcall[authorize]: module "eap" returns updated
    rlm_realm: No '@' in User-Name = "adam-ctl", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop
    users: Matched adam-ctl at 97
  modcall[authorize]: module "files" returns ok
modcall: group authorize returns updated
  rad_check_password:  Found Auth-Type EAP
auth: type "EAP"
modcall: entering group authenticate
  rlm_eap: EAP packet type notification id 4 length 6
  rlm_eap: Request found, released from the list
  rlm_eap: EAP_TYPE - tls
  rlm_eap: processing type tls
rlm_eap_tls: Received EAP-TLS ACK message
  modcall[authenticate]: module "eap" returns ok
modcall: group authenticate returns ok
Sending Access-Challenge of id 3 to 192.168.2.155:1386
 EAP-Message = 0x010500bd0d80000008b30100b00d0000a802010200a300a130819e310b30090603550406130255533111300f060355040813084d6172796c616e64311530130603550407130c436f6c6c656765205061726b311f301d060355040a1316556e6976657273697479206f66204d6172796c616e64310e300c060355040b13054d4953534c31123010060355040313096164616d2d726f6f743120301e06092a864886f70d01090116116164616d40636661722e756d642e6564750e000000
 Message-Authenticator = 0x00000000000000000000000000000000
 State = 0x533810a9d53f5cb5ba30e1deb2e11b087f1f803eeffd5b19b9da4a6ed461106596b191a7
Finished request 3
Going to the next request
Waking up in 6 seconds...
--- Walking the entire request list ---
Cleaning up request 0 ID 0 with timestamp 3e801f7f
Cleaning up request 1 ID 1 with timestamp 3e801f7f
Cleaning up request 2 ID 2 with timestamp 3e801f7f
Cleaning up request 3 ID 3 with timestamp 3e801f7f
Nothing to do.  Sleeping until we see a request.

=========================



---------------------------------
Do You Yahoo!?
"?????KTV, ????????OK~~"
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.shmoo.com/pipermail/hostap/attachments/20030326/9f62a5bf/attachment.htm 



More information about the Hostap mailing list