On Nov 18, 2003, at 8:09 AM, Alan DeKok wrote:
Andreas Wolf <[EMAIL PROTECTED]> wrote:see http://homepage.mac.com/andreaswolf/public/freeradius_installer.html
for the diffs. The modifications are minor.
I'm not sure why patch #1 is necessary. Which C files have problems with the sha1.h file?
a lot of people have reported a "parser error before mk" when compiling snapshots from
last week. I found the same thing. 'uint8_t' did not seem to be defined when it parsed sha1.h.
Maybe it's fixed now, haven't tried newer snapshots.
Patch #2 was added yesterday.
Cool.
Patch #3 was addressed (I thought) by changes to ttls.c on Nov. 6.
I saw your check-in but I still got an error ("Diameter Attribute overflows packet!"). However, by
examining the tunneled attributes the data seemed to be correct.
I think 'data_len' needs to be adjusted when the padding (rounding up to the nearest 4 byte boundary)
is in effect. I think in this case 'data_len < length' is true.
I can work with you directly if you need access to a MacOS X machine. I don't know how I could
give you access to the supplicant, though.
Here is the output of freeradius (including my patch #3)
Mon Nov 17 18:06:14 2003 : Debug: modcall: group authorize returns updated for request 5
Mon Nov 17 18:06:14 2003 : Debug: rad_check_password: Found Auth-Type EAP
Mon Nov 17 18:06:14 2003 : Debug: auth: type "EAP"
Mon Nov 17 18:06:14 2003 : Debug: modcall: entering group authenticate for request 5
Mon Nov 17 18:06:14 2003 : Debug: modsingle[authenticate]: calling eap (rlm_eap) for request 5
Mon Nov 17 18:06:14 2003 : Debug: rlm_eap: Request found, released from the list
Mon Nov 17 18:06:14 2003 : Debug: rlm_eap: EAP_TYPE - ttls
Mon Nov 17 18:06:14 2003 : Debug: rlm_eap: processing type ttls
Mon Nov 17 18:06:14 2003 : Debug: rlm_eap_ttls: Authenticate
Mon Nov 17 18:06:14 2003 : Debug: rlm_eap_tls: processing TLS
Mon Nov 17 18:06:14 2003 : Info: rlm_eap_tls: Length Included
Mon Nov 17 18:06:14 2003 : Debug: eaptls_verify returned 11
Mon Nov 17 18:06:14 2003 : Debug: eaptls_process returned 7
Mon Nov 17 18:06:14 2003 : Debug: rlm_eap_ttls: Session established. Proceeding to decode tunneled attributes.
TTLS tunnel data in 0000: 00 00 00 01 00 00 00 0d 61 64 6d 69 6e 00 00 00
TTLS tunnel data in 0010: 00 00 00 0b 80 00 00 1c 00 00 01 37 79 eb dd a6
TTLS tunnel data in 0020: 4f f9 a4 cc 81 9a 56 ee 99 f5 d0 c9 00 00 00 19
TTLS tunnel data in 0030: 80 00 00 3e 00 00 01 37 da 00 62 bc de 8b 44 2d
TTLS tunnel data in 0040: 20 1b 42 4f 79 de 3b ea 98 a3 00 00 00 00 00 00
TTLS tunnel data in 0050: 00 00 ca 83 c8 df 3d 79 56 e5 12 35 74 d9 b1 df
TTLS tunnel data in 0060: ec 67 c8 1f 31 1e a9 f6 45 01
Mon Nov 17 18:06:14 2003 : Debug: rlm_eap_ttls: ERROR! Diameter attribute overflows packet! -> 62 64
(without Patch #3 it would fail here; data_len = 62, length = 64; allow that assuming padded data is 2 bytes).
TTLS: Got tunneled request
User-Name = "admin"
MS-CHAP-Challenge = 0x79ebdda64ff9a4cc819a56ee99f5d0c9
MS-CHAP2-Response = 0xda0062bcde8b442d201b424f79de3bea98a30000000000000000ca83c8df3d7956e51 23574d9b1dfec67c81f311ea9f64501
Freeradius-Proxied-To = 127.0.0.1
TTLS: Sending tunneled request
User-Name = "admin"
MS-CHAP-Challenge = 0x79ebdda64ff9a4cc819a56ee99f5d0c9
MS-CHAP2-Response = 0xda0062bcde8b442d201b424f79de3bea98a30000000000000000ca83c8df3d7956e51 23574d9b1dfec67c81f311ea9f64501
Freeradius-Proxied-To = 127.0.0.1
-Andreas
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
