recvmsg: Connection timed out (when dual auth)
Nikos Mavrogiannopoulos
n.mavrogiannopoulos at gmail.com
Wed Sep 14 23:39:34 PDT 2016
On Wed, Sep 14, 2016 at 4:58 PM, Nux! <nux at li.nux.ro> wrote:
> Hello,
> While getting PAM to talk to both Radius and Duo is still not solved, I managed to install the Duo proxy software which acts like a local RADIUS client; in the background it checks both our RADIUS server in the LAN and DUO's 2FA service.
>
> All good and well, I can connect with my RADIUS password and the DUO application on my mobile asks for approval, but unless I'm really quick with the approval the auth fails. It must be something like 5 seconds max.
> I tried specifying "auth-timeout = 30" in ocserv.conf to give me more time, but it doesn't seem to fix the issue.
>
> Any ideas?
>
> ocserv[7916]: radius-auth: communicating username (foobar) and password
> ocserv[7922]: common.c:609: recvmsg: Connection timed out
> ocserv[7922]: worker: 172.16.5.34 worker-auth.c:688: error receiving auth reply message
That seems to be in the communication between the worker process and
the security module process. I guess that you have to type your reply
before the worker thinks that the security module is stuck providing
its response, that's by default 10 secs.
Does this address your issue?
https://gitlab.com/ocserv/ocserv/commit/ede5d97be86cf94f5e88cccc850f3626295f9028
regards,
Nikos
More information about the openconnect-devel
mailing list