eap-tls problem segmentation fault............
Dan Williams
dcbw
Thu Jun 7 10:20:35 PDT 2007
On Thu, 2007-06-07 at 22:39 +0530, shantanu choudhary wrote:
> now i am recieving a segmentation fault i am sending client hello then
> it stops abruptly.
> right now i m using .pem extensions with all those certificates!!!
> can u tell me problem........
> here i am able to load private key successfully but still there are
> lot able of issues related to certificates which i m not able to
> figure out....................(please i am open for any advise and
> guidence!!!)
Please run wpa_supplicant under GDB and get a backtrace of where the
segfault occurs. That makes it much easier to diagnose the issue.
For example:
[root at localhost ~]# gdb wpa_supplicant
GNU gdb Red Hat Linux (6.5-15.fc6rh)
Copyright (C) 2006 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for details.
This GDB was configured as "i386-redhat-linux-gnu"...
(no debugging symbols found)
Using host libthread_db library "/lib/libthread_db.so.1".
(gdb) set args -Dwext -iath0 -c /etc/wpa_supplicant/WPA_EAP_TLS.conf -dd
(gdb) run
... segfaults
(gdb) backtrace
Then send the output to this list.
Dan
> [root at localhost ~]# wpa_supplicant -Dwext -iath0
> -c /etc/wpa_supplicant/WPA_EAP_TLS.conf -dd
> Initializing interface 'ath0' conf
> '/etc/wpa_supplicant/WPA_EAP_TLS.conf' driver 'wext' ctrl_interface
> 'N/A' bridge 'N/A'
> Configuration file '/etc/wpa_supplicant/WPA_EAP_TLS.conf' ->
> '/etc/wpa_supplicant/WPA_EAP_TLS.conf'
> Reading configuration file '/etc/wpa_supplicant/WPA_EAP_TLS.conf'
> ctrl_interface='/var/run/wpa_supplicant'
> ctrl_interface_group='wheel' (DEPRECATED)
> Line: 4 - start of a new network block
> ssid - hexdump_ascii(len=6):
> 41 54 48 31 38 33
> ATH183
> scan_ssid=1 (0x1)
> key_mgmt: 0x1
> eap methods - hexdump(len=16): 00 00 00 00 0d 00 00 00 00 00 00 00 00
> 00 00 00
> identity - hexdump_ascii(len=8):
> 73 68 61 6e 74 61 6e 75
> shantanu
> ca_cert - hexdump_ascii(len=57):
> 2f 72 6f 6f 74 2f 44 2f 72 61 64 69 75 73 2f
> 77 /root/D/radius/w 70 61 5f 68 65 6c 70 65 72 5f 70 61 63 6b 61
> 67 pa_helper_packag 65 2f 63 65 72 74 73 2f 64 65 6d 6f 43 41 2f
> 63 e/certs/demoCA/c 61 63 65 72 74 2e 70 65 6d
> acert.pem
> client_cert - hexdump_ascii(len=52):
> 2f 72 6f 6f 74 2f 44 2f 72 61 64 69 75 73 2f
> 77 /root/D/radius/w 70 61 5f 68 65 6c 70 65 72 5f 70 61 63 6b 61
> 67 pa_helper_packag 65 2f 63 65 72 74 73 2f 63 65 72 74 2d 63 6c
> 74 e/certs/cert-clt 2e 70 65
> 6d .pem
> private_key - hexdump_ascii(len=52):
> 2f 72 6f 6f 74 2f 44 2f 72 61 64 69 75 73 2f
> 77 /root/D/radius/w 70 61 5f 68 65 6c 70 65 72 5f 70 61 63 6b 61
> 67 pa_helper_packag 65 2f 63 65 72 74 73 2f 63 65 72 74 2d 63 6c
> 74 e/certs/cert-clt 2e 70 65
> 6d .pem
> password - hexdump_ascii(len=8): [REMOVED]
>
> Priority group 0
> id=0 ssid='ATH183'
> Initializing interface (2) 'ath0'
> EAPOL: SUPP_PAE entering state DISCONNECTED
> EAPOL: KEY_RX entering state NO_KEY_RECEIVE
> EAPOL: SUPP_BE entering state INITIALIZE
> EAP: EAP entering state DISABLED
> EAPOL: External notification - portEnabled=0
> EAPOL: External notification - portValid=0
> ---------------------------------------------------------------------------------------
> EAP: EAP entering state RECEIVED
> EAP: Received EAP-Request id=1 method=13 vendor=0 vendorMethod=0
> EAP: EAP entering state GET_METHOD
> EAP: Initialize selected EAP method: vendor 0 method 13 (TLS)
> TLS: Trusted root certificate(s) loaded
> OpenSSL: tls_connection_client_cert - SSL_use_certificate_file (DER)
> failed error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
> OpenSSL: pending error: error:0D07803A:asn1 encoding
> routines:ASN1_ITEM_EX_D2I:nested asn1 error
> OpenSSL: pending error: error:140C800D:SSL
> routines:SSL_use_certificate_file:ASN1 lib
> OpenSSL: SSL_use_certificate_file (PEM) --> OK
> OpenSSL: tls_connection_private_key - SSL_use_PrivateKey_File (DER)
> failed error:0D094065:asn1 encoding routines:d2i_ASN1_SET:bad class
> OpenSSL: pending error: error:0D0680A8:asn1 encoding
> routines:ASN1_CHECK_TLEN:wrong tag
> OpenSSL: pending error: error:0D07803A:asn1 encoding
> routines:ASN1_ITEM_EX_D2I:nested asn1 error
> OpenSSL: pending error: error:0D09A00D:asn1 encoding
> routines:d2i_PrivateKey:ASN1 lib
> OpenSSL: pending error: error:140CB00D:SSL
> routines:SSL_use_PrivateKey_file:ASN1 lib
> OpenSSL: tls_connection_private_key - SSL_use_PrivateKey_File (PEM)
> failed error:0906A068:PEM routines:PEM_do_header:bad password read
> OpenSSL: pending error: error:140CB009:SSL
> routines:SSL_use_PrivateKey_file:PEM lib
> OpenSSL: tls_read_pkcs12 - Failed to use PKCS#12 file
> error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
> OpenSSL: pending error: error:0D07803A:asn1 encoding
> routines:ASN1_ITEM_EX_D2I:nested asn1 error
> OpenSSL: Failed to load private key
> TLS: Failed to load private key
> '/root/D/radius/wpa_helper_package/certs/cert-clt.pem'
> TLS: Failed to set TLS connection parameters
> EAP-TLS: Failed to initialize SSL.
> ENGINE: engine deinit
> EAP-TLS: Requesting private key passphrase
> CTRL-REQ-PASSPHRASE-0:Private key passphrase needed for SSID ATH183
> CTRL_IFACE monitor send - hexdump(len=22): 2f 74 6d 70 2f 77 70 61 5f
> 63 74 72 6c 5f 38 39 38 37 2d 35 37 00
> EAP: Failed to initialize EAP method: vendor 0 method 13 (TLS)
> CTRL_IFACE monitor send - hexdump(len=22): 2f 74 6d 70 2f 77 70 61 5f
> 63 74 72 6c 5f 38 39 38 37 2d 35 37 00
> EAP: Pending PIN/passphrase request - skip Nak
> EAP: EAP entering state SEND_RESPONSE
> EAP: EAP entering state IDLE
> --------------------------------------------------------------------------------------------------------------
> EAPOL: received control response (user input) notification - retrying
> pending EAP Request
> EAP: EAP entering state RECEIVED
> EAP: Received EAP-Request id=1 method=13 vendor=0 vendorMethod=0
> EAP: EAP entering state GET_METHOD
> EAP: Initialize selected EAP method: vendor 0 method 13 (TLS)
> TLS: Trusted root certificate(s) loaded
> TLS - SSL error: error:0B07C065:x509 certificate
> routines:X509_STORE_add_cert:cert already in hash table
> OpenSSL: tls_connection_client_cert - SSL_use_certificate_file (DER)
> failed error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
> OpenSSL: pending error: error:0D07803A:asn1 encoding
> routines:ASN1_ITEM_EX_D2I:nested asn1 error
> OpenSSL: pending error: error:140C800D:SSL
> routines:SSL_use_certificate_file:ASN1 lib
> OpenSSL: SSL_use_certificate_file (PEM) --> OK
> OpenSSL: tls_connection_private_key - SSL_use_PrivateKey_File (DER)
> failed error:0D094065:asn1 encoding routines:d2i_ASN1_SET:bad class
> OpenSSL: pending error: error:0D0680A8:asn1 encoding
> routines:ASN1_CHECK_TLEN:wrong tag
> OpenSSL: pending error: error:0D07803A:asn1 encoding
> routines:ASN1_ITEM_EX_D2I:nested asn1 error
> OpenSSL: pending error: error:0D09A00D:asn1 encoding
> routines:d2i_PrivateKey:ASN1 lib
> OpenSSL: pending error: error:140CB00D:SSL
> routines:SSL_use_PrivateKey_file:ASN1 lib
> OpenSSL: SSL_use_PrivateKey_File (PEM) --> OK
> SSL: Private key loaded successfully
> CTRL-EVENT-EAP-METHOD EAP vendor 0 method 13 (TLS) selected
> CTRL_IFACE monitor send - hexdump(len=22): 2f 74 6d 70 2f 77 70 61 5f
> 63 74 72 6c 5f 38 39 38 37 2d 35 37 00
> EAP: EAP entering state METHOD
> SSL: Received packet(len=6) - Flags 0x20
> EAP-TLS: Start
> SSL: (where=0x10 ret=0x1)
> SSL: (where=0x1001 ret=0x1)
> SSL: SSL_connect:before/connect initialization
> SSL: (where=0x1001 ret=0x1)
> SSL: SSL_connect:SSLv3 write client hello A
> SSL: (where=0x1002 ret=0xffffffff)
> SSL: SSL_connect:error in SSLv3 read server hello A
> SSL: SSL_connect - want more data
> SSL: 101 bytes pending from ssl_out
> SSL: 101 bytes left to be sent out (of total 101 bytes)
> EAP: method process -> ignore=FALSE methodState=MAY_CONT decision=FAIL
> EAP: EAP entering state SEND_RESPONSE
> EAP: EAP entering state IDLE
> EAPOL: SUPP_BE entering state RESPONSE
> EAPOL: txSuppRsp
> TX EAPOL - hexdump(len=111): 01 00 00 6b 02 01 00 6b 0d 00 16 03 01 00
> 60 01 00 00 5c 03 01 46 68 32 90 d4 00 a4 73 e0 54 02 a2 18 ba 25 b5
> d0 a2 0d 10 9a b4 16 3e fb c5 28 9f 65 8e 09 b5 00 00 34 00 39 00 38
> 00 35 00 16 00 13 00 0a 00 33 00 32 00 2f 00 66 00 05 00 04 00 63 00
> 62 00 61 00 15 00 12 00 09 00 65 00 64 00 60 00 14 00 11 00 08 00 06
> 00 03 02 01 00
> EAPOL: SUPP_BE entering state RECEIVE
> RX EAPOL from 00:03:7f:09:60:7e
> RX EAPOL - hexdump(len=1038): 01 00 04 0a 01 02 04 0a 0d c0 00 00 07
> 9e 16 03 01 00 4a 02 00 00 46 03 01 46 68 2f 2f cd bd 4c fc e4 96 4f
> f5 16 d1 55 b0 05 e2 78 46 c8 b9 32 aa c0 fd bd d4 f8 7b 01 12 20 b7
> 00 9e 04 12 2e e1 6f 6f c1 7f 12 40 9b 15 60 44 62 10 84 f9 95 2e 0f
> 84 aa 75 c2 aa 1e fe a6 00 35 00 16 03 01 06 94 0b 00 06 90 00 06 8d
> 00 02 cd 30 82 02 c9 30 82 02 32 a0 03 02 01 02 02 01 02 30 0d 06 09
> 2a 86 48 86 f7 0d 01 01 04 05 00 30 81 9f 31 0b 30 09 06 03 55 04 06
> 13 02 43 41 31 11 30 0f 06 03 55 04 08 13 08 50 72 6f 76 69 6e 63 65
> 31 12 30 10 06 03 55 04 07 13 09 53 6f 6d 65 20 43 69 74 79 31 15 30
> 13 06 03 55 04 0a 13 0c 4f 72 67 61 6e 69 7a 61 74 69 6f 6e 31 12 30
> 10 06 03 55 04 0b 13 09 6c 6f 63 61 6c 68 6f 73 74 31 1b 30 19 06 03
> 55 04 03 13 12 43 6c 69 65 6e 74 20 63 65 72 74 69 66 69 63 61 74 65
> 31 21 30 1f 06 09 2a 86 48 86 f7 0d 01 09 01 16 12 63 6c 69 65 6e 74
> 40 65 78 61 6d 70 6c 65 2e 63 6f 6d 30 1e 17 0d 30 34 30 31 32 35 31
> 33 32 36 31 30 5a 17 0d 30 35 30 31 32 34 31 33 32 36 31 30 5a 30 81
> 9b 31 0b 30 09 06 03 55 04 06 13 02 43 41 31 11 30 0f 06 03 55 04 08
> 13 08 50 72 6f 76 69 6e 63 65 31 12 30 10 06 03 55 04 07 13 09 53 6f
> 6d 65 20 43 69 74 79 31 15 30 13 06 03 55 04 0a 13 0c 4f 72 67 61 6e
> 69 7a 61 74 69 6f 6e 31 12 30 10 06 03 55 04 0b 13 09 6c 6f 63 61 6c
> 68 6f 73 74 31 19 30 17 06 03 55 04 03 13 10 52 6f 6f 74 20 63 65 72
> 74 69 66 69 63 61 74 65 31 1f 30 1d 06 09 2a 86 48 86 f7 0d 01 09 01
> 16 10 72 6f 6f 74 40 65 78 61 6d 70 6c 65 2e 63 6f 6d 30 81 9f 30 0d
> 06 09 2a 86 48 86 f7 0d 01 01 01 05 00 03 81 8d 00 30 81 89 02 81 81
> 00 da c5 25 42 2b fe db 08 26 29 a2 cb a4 4b 34 49 c9 0d 0a b4 62 fb
> 72 c8 43 4a 78 20 98 86 3d 7e b7 d7 e7 00 28 c2 b7 ad 55 5a 51 cc 75
> 6c f4 fa 1d 70 91 61 5a b4 50 d5 28 95 53 ae 66 16 af f0 14 a5 50 85
> d6 b8 fb 4a ee 98 63 8e 42 61 75 cd d3 6c 66 5c 63 cd a1 77 d3 49 20
> eb 30 58 5e dc 87 73 99 9c 29 80 f8 1a d4 63 8b bb ea 1c 82 d0 54 02
> 3d b7 ef 24 a3 ec 1c 3f 62 41 a9 03 d7 f3 02 03 01 00 01 a3 17 30 15
> 30 13 06 03 55 1d 25 04 0c 30 0a 06 08 2b 06 01 05 05 07 03 01 30 0d
> 06 09 2a 86 48 86 f7 0d 01 01 04 05 00 03 81 81 00 7a 2d 92 1b 1c f1
> 3b f2 98 2a 91 78 ec 9e de 6d 88 ed c1 78 a2 e8 bd 40 a0 a0 6f b6 f0
> 76 99 57 88 4c d7 08 45 37 08 34 96 fd 18 41 65 29 3f 58 3c 8e 82 40
> eb 68 e0 42 c9 4b 15 75 2e 4c 07 e8 0d 09 77 9a fa 3d d5 5c 24 fa 54
> ac 29 2d 77 20 5d 1c 24 77 ed 30 d5 9f 57 ca f9 bd 21 ff 2a 8d 16 cc
> 09 11 c5 0e 4f 29 57 63 fc b6 0e fa 3c 3d 2d 0e 43 85 0f 6e 6f be 28
> 49 02 f6 e8 35 03 65 00 03 ba 30 82 03 b6 30 82 03 1f a0 03 02 01 02
> 02 01 00 30 0d 06 09 2a 86 48 86 f7 0d 01 01 04 05 00 30 81 9f 31 0b
> 30 09 06 03 55 04 06 13 02 43 41 31 11 30 0f 06 03 55 04 08 13 08 50
> 72 6f 76 69 6e 63 65 31 12 30 10 06 03 55 04 07 13 09 53 6f 6d 65 20
> 43 69 74 79 31 15 30 13 06 03 55 04 0a 13 0c 4f 72 67 61 6e 69 7a 61
> 74 69 6f 6e 31 12 30 10 06 03 55 04 0b 13 09 6c 6f 63 61 6c 68 6f 73
> 74 31 1b 30 19 06 03 55 04 03 13 12 43 6c 69 65 6e 74 20 63 65 72 74
> 69 66 69 63 61 74 65 31 21 30 1f 06 09 2a 86 48 86 f7 0d 01 09 01 16
> 12 63 6c 69 65 6e 74 40 65 78 61 6d 70 6c 65 2e 63 6f 6d 30 1e 17 0d
> 30 34 30 31 32 35 31 33 32 36 30 37 5a
> Segmentation fault
>
> regards
> shantanu
>
>
>
> ______________________________________________________________________
> Looking for people who are YOUR TYPE? Find them here!
> _______________________________________________
> HostAP mailing list
> HostAP at shmoo.com
> http://lists.shmoo.com/mailman/listinfo/hostap
More information about the Hostap
mailing list