Hi Alan DeKok Thanks for Answers, actually I was replied for your questions but those were bouncing back. So you have mistaken. Any how sorry for that.
Thanks & Regards Ravi -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] Sent: Saturday, September 02, 2006 10:08 PM To: [email protected] Subject: Freeradius-Users Digest, Vol 17, Issue 8 Send Freeradius-Users mailing list submissions to [email protected] To subscribe or unsubscribe via the World Wide Web, visit http://lists.freeradius.org/mailman/listinfo/freeradius-users or, via email, send a message with subject or body 'help' to [EMAIL PROTECTED] You can reach the person managing the list at [EMAIL PROTECTED] When replying, please edit your Subject line so it is more specific than "Re: Contents of Freeradius-Users digest..." Today's Topics: 1. Re: Everything lookslike it works, but PC is not authentified (Alexandros Gougousoudis) 2. Re: Everything lookslike it works, but PC is not authentified (Alexandros Gougousoudis) 3. Regarding handling of threads (Ravi S M) 4. Re: Everything lookslike it works, but PC is not authentified (Alan DeKok) 5. Re: Regarding handling of threads (Alan DeKok) 6. Proxy IP Address (Doug Hardie) ---------------------------------------------------------------------- Message: 1 Date: Sat, 02 Sep 2006 12:58:48 +0200 From: Alexandros Gougousoudis <[EMAIL PROTECTED]> Subject: Re: Everything lookslike it works, but PC is not authentified To: FreeRadius users mailing list <[email protected]> Message-ID: <[EMAIL PROTECTED]> Content-Type: text/plain; charset=ISO-8859-15; format=flowed Hi, Stefan Winter schrieb: > this list, is that the server cert doesn't have the MS TLS Web Server > Authentication OID in the cert. Please read the various documentation about Nope, the cert has this extension. I checked that again and again. Server is in DNS and the CN of the cert is the FQDN of the server. The CN of the PC is the netbios-name. Both certs have their extenstion (Webserver and Client). Maybe it's something else? TIA Alex -- ServiceCenter IT - Alexandros Gougousoudis (Leiter) Gemeinsame Einrichtung der Kunsthochschule Berlin-Weissensee, Hochschule für Musik "Hanns Eisler" und der Hochschule für Schauspielkunst "Ernst Busch". Tel.: 030 / 477 05 - 444 * Fax.: 030 / 477 05 - 445 ------------------------------ Message: 2 Date: Sat, 02 Sep 2006 13:03:29 +0200 From: Alexandros Gougousoudis <[EMAIL PROTECTED]> Subject: Re: Everything lookslike it works, but PC is not authentified To: FreeRadius users mailing list <[email protected]> Message-ID: <[EMAIL PROTECTED]> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Hi, K. Hoercher schrieb: > 1. Don't set Auth-Type. See > http://deployingradius.com/documents/configuration/auth_type.html Thanks to your reply. The problem is, there are now a lot of partial howtos in the net, but not even one covers all. I did that, because it was in an howto... I'll try something else. and finally what the supplicant sends. What is "host/vinfo-t1" > supposed to be? vinfo-t1 is the netbiosname of the client, the realm(?) host/ comes from Windows or the AP, I don't know. Probably it breaks the cert, because the name differs and this bothers EAP/TLS. But I don't know how to handle or shorten this. Maybe somebody has a good idea to handle that. TIA Alex -- ServiceCenter IT - Alexandros Gougousoudis (Leiter) Gemeinsame Einrichtung der Kunsthochschule Berlin-Weissensee, Hochschule für Musik "Hanns Eisler" und der Hochschule für Schauspielkunst "Ernst Busch". Tel.: 030 / 477 05 - 444 * Fax.: 030 / 477 05 - 445 ------------------------------ Message: 3 Date: Sat, 2 Sep 2006 16:53:32 +0530 From: "Ravi S M" <[EMAIL PROTECTED]> Subject: Regarding handling of threads To: <[email protected]> Cc: [EMAIL PROTECTED] Message-ID: <[EMAIL PROTECTED]> Content-Type: text/plain; charset="us-ascii" Hi I have some doubts regarding free radius server. 1) When we run server parent exits by spawning a child to handle client's requests, so during this time purify also exits but shows 95 leaks. (leak report shows from "src/main/modules.c" from line num "207") * My doubt is whether these leaks which are shown with purify are freed in child or how these leaks get rid off?? * Or when parents calls exit(0), do all memory are freed ?? 2) For handling multiple requests, is threads implemented? If so how? 3) If threads are not implemented how multiple requests are handled? Please I am grateful if you can provide some information. Thanks & Regards Ravi.S.M ============================================================================================================================ Tech Mahindra, formerly Mahindra-British Telecom. Disclaimer: This message and the information contained herein is proprietary and confidential and subject to the Tech Mahindra policy statement, you may review at <a href="http://www.techmahindra.com/Disclaimer.html";>http://www.techmahindra.com/Disclaimer.html</a> externally and <a href="http://tim.techmahindra.com/Disclaimer.html";>http://tim.techmahindra.com/Disclaimer.html</a> internally within Tech Mahindra. ============================================================================================================================ -------------- next part -------------- An HTML attachment was scrubbed... URL: https://list.xs4all.nl/pipermail/freeradius-users/attachments/20060902/ca7ae9fa/attachment-0001.html ------------------------------ Message: 4 Date: Sat, 02 Sep 2006 10:11:42 -0400 From: "Alan DeKok" <[EMAIL PROTECTED]> Subject: Re: Everything lookslike it works, but PC is not authentified To: FreeRadius users mailing list <[email protected]> Message-ID: <[EMAIL PROTECTED]> Alexandros Gougousoudis <[EMAIL PROTECTED]> wrote: > vinfo-t1 is the netbiosname of the client, the realm(?) host/ comes from > Windows or the AP, I don't know. Probably it breaks the cert, because > the name differs and this bothers EAP/TLS. But I don't know how to > handle or shorten this. Maybe somebody has a good idea to handle that. It looks like it is doing machine authentication, in which case the certs (both client and server) need the machine authentication OIDs, and not the normal user OIDs. From the CVS head version of 'xpextensions': # # Add this to the PKCS#7 keybag attributes holding the client's private key # for machine authentication. # # the presence of this OID tells Windows XP that the cert is intended # for use by the computer itself, and not by an end-user. # # The other solution is to use Microsoft's web certificate server # to generate these certs. # # 1.3.6.1.4.1.311.17.2 Alan DeKok. -- http://deployingradius.com - The web site of the book http://deployingradius.com/blog/ - The blog ------------------------------ Message: 5 Date: Sat, 02 Sep 2006 10:14:09 -0400 From: "Alan DeKok" <[EMAIL PROTECTED]> Subject: Re: Regarding handling of threads To: FreeRadius users mailing list <[email protected]> Message-ID: <[EMAIL PROTECTED]> "Ravi S M" <[EMAIL PROTECTED]> wrote: > 1) When we run server parent exits by spawning a child to handle > client's requests, so during this time purify also exits but shows 95 > leaks. (leak report shows from "src/main/modules.c" from line num "207") If the "leaks" happen when the program exits, they are not really leaks. > * My doubt is whether these leaks which are shown with purify > are freed in child or how these leaks get rid off?? They are not leaked in the child, because the child is still using that memory. > * Or when parents calls exit(0), do all memory are freed ?? That's how operating systems work. > 2) For handling multiple requests, is threads implemented? If so > how? Uh... go read the source code. > Please I am grateful if you can provide some information. I think I'll stop responding to your messages. You haven't responded to any of my questions, so there's no point in me continuing. Alan DeKok. -- http://deployingradius.com - The web site of the book http://deployingradius.com/blog/ - The blog ------------------------------ Message: 6 Date: Sat, 2 Sep 2006 09:18:53 -0700 From: Doug Hardie <[EMAIL PROTECTED]> Subject: Proxy IP Address To: FreeRadius users mailing list <[email protected]> Message-ID: <[EMAIL PROTECTED]> Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed I have a situation where all my authentication requests are proxied to me. I have 4 different groups of users that require unique local polieies and have been using a fairly complicated parsing of the Called ID phone number and a couple other fields to figure out which group a request is in. However, I just found out that each of the 4 groups is being proxied through different proxy servers. It would be real easy to distinguish the group from the IP address that the proxy request is being sent from. However, I have not been able to find a variable that contains that information. Have I missed it? ------------------------------ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html End of Freeradius-Users Digest, Vol 17, Issue 8 *********************************************** ============================================================================================================================ Tech Mahindra, formerly Mahindra-British Telecom. Disclaimer: This message and the information contained herein is proprietary and confidential and subject to the Tech Mahindra policy statement, you may review at <a href="http://www.techmahindra.com/Disclaimer.html";>http://www.techmahindra.com/Disclaimer.html</a> externally and <a href="http://tim.techmahindra.com/Disclaimer.html";>http://tim.techmahindra.com/Disclaimer.html</a> internally within Tech Mahindra. ============================================================================================================================ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
