hi!
I would like to test your patch but I don't know where I must put it!
Should I have to create a file and put your patch inside? and the file
must be put in which directory?
thanks a lot!
renaud
> It took me a while to figure out what was going on here...
>
> Turns out the problem was not as Alan suspected. Seems that a return
> value got tweaked during a re-structuring of the code.
>
> Anyway here's the (very small) patch:
>
> --- peap.c.orig Fri Jan 16 02:01:45 2004
> +++ peap.c Fri Jan 16 02:02:03 2004
> @@ -267,7 +267,7 @@
> DEBUG2(" PEAP: Tunneled authentication was successful.");
> t->status = PEAP_STATUS_SENT_TLV_SUCCESS;
> eappeap_success(handler, tls_session);
> - rcode = RLM_MODULE_OK;
> + rcode = RLM_MODULE_HANDLED;
>
> /*
> * If we've been told to use the attributes from
>
> I only spotted the change when comparing a version I checked out from
> november which worked ok. I'm not sure if the change was intentional,
> but reversing it gets PEAP working again for me.
>
> Oh btw has something changed in the configure/makefiles recently?
> Just that to compile TLS/TTLS support I currently have to run:
>
> ./configure --with-openssl-includes=/usr/include/
> --with-openssl-libraries=/usr/lib/
>
> It's only started happening recently, perhaps it's something weird in
> my setup, I'm too tired to care right now ;)
>
> Cheers,
>
> Mike
>
> On Thu, Jan 15, 2004 at 09:37:57AM -0500, matt morris wrote:
>> I read a post from a user named Mike Saywell, stating a similar
>> situation
>> with you:
>>
>> >From the RASTLS.log in WinXP:
>> "Failing Auth because we got a success/fail without TLV."
>>
>> The file RASTLS.LOG is the WindowsXP log, obtained by setting the
>> HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\RASTLS\EnableFileTracing
>> flag to 1.
>>
>> And if you got the same thing from the log, here's the answer to Mike
>> from
>> Alan Dekok:
>>
>> >>Mike Saywell <[EMAIL PROTECTED]> wrote:
>> >>I can authenticate with XSupplicant under Linux fine, but Windows
>> fails
>> >>apparently with the error "Failing Auth because we got a success/fail
>> >>without TLV."
>>
>> > Hmm... it looks like the PEAP module puts the data into a buffer, to
>> >be put into the TLS tunnel, but the tls code never looks for it on
>> >success/failure.
>>
>> >The functions in eap_tls.c, eaptls_success() and eaptls_fail() have
>> >to be updated to look a little more like eaptls_request(). i.e. to
>> >call record_minus(), etc, to grab the data from the buffer, and put it
>> >into the tunnel.
>>
>> >>In the peap section I've tried various combinations of the
>> >>copy_request_to_tunnel and use_tunneled_reply flags to no avail -
>> >>including leaving them unspecified.
>>
>> >That won't work, as the code is just wrong.
>>
>> >>Hopefully somebody can spot what is probably a silly mis-configuration
>> >> on my part!
>>
>> >Nope.
>>
>> >PEAP probably works on other systems because they don't look for the
>> >"TLV" response code, like they're supposed to. XP does, so it fails
>> >when the PEAP module doesn't supply the TLV.
>>
>> >Alan DeKok.
>>
>> Hope this helps
>>
>> >From: [EMAIL PROTECTED]
>> >Reply-To: [EMAIL PROTECTED]
>> >To: [EMAIL PROTECTED]
>> >Subject: Re: PEAP authentication very strange problem! PLEASE HELP
>> >Date: Thu, 15 Jan 2004 09:09:34 +0100 (MET)
>> >
>> >Anybody knows about this problem...? please help if you have an idea!!!
>> >thanks a lot
>> >
>> >> hello everyone,
>> >> I have a very strange problem while I try to do PEAP
>> authentication...
>> >> I have successfully made TLS authentication, TTLS also works with
>> >secureW2
>> >> client, but when I tried to do PEAP authentication, I have a very
>> >strange
>> >> problem:
>> >> I am using a snaphot of freeradius from 2004/01/04 ,my supplicant is
>> >> windows XP SP1 with all patch, and when I do PEAP authentication, all
>> is
>> >> fine for freeradius : I have an access accept and MPPE received and
>> send
>> >> key that are printed out. all seems to be good, my AP (which is cisco
>> >ap)
>> >> says in the log : "eap authenticated successfull = username ", the
>> same
>> >> message that I had when TLS and TTLS worked.
>> >> But in the same time, in Windows side, I have already the same
>> message :
>> >> "wait for authentication".... and it's not really authenticated
>> because
>> >I
>> >> can't do a ping or something like that. I dont have the good message
>> :
>> >> authentication successfull, which appeared with TLS and TTLS.
>> >> But why ??? I really dont understand what is not good here... I think
>> >it's
>> >> a problem in windows side, don't you think so?? SI it possible ti be
>> a
>> >> problem with freeradius or my AP ?? please if someone knows, help me!
>> >>
>> >> Renaud Garelli
>> >>
>> >>
>> >> -
>> >> List info/subscribe/unsubscribe? See
>> >> http://www.freeradius.org/list/users.html
>> >>
>> >
>> >
>> >-
>> >List info/subscribe/unsubscribe? See
>> >http://www.freeradius.org/list/users.html
>>
>> _________________________________________________________________
>> The new MSN 8: advanced junk mail protection and 2 months FREE*
>> http://join.msn.com/?page=dept/bcomm&pgmarket=en-ca&RU=http%3a%2f%2fjoin.msn.com%2f%3fpage%3dmisc%2fspecialoffers%26pgmarket%3den-ca
>>
>>
>> -
>> List info/subscribe/unsubscribe? See
>> http://www.freeradius.org/list/users.html
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
