Hi All:

I'm testing 802.1X - EAP TLS functionality with:
* freeRADIUS-0.8 and the latest beta version of 
  OPENSSL -(openssl-0.9.7-beta4) on the server; 
* Linux machine as a client, and
* Cisco's AP350 as the authenticator.

I generated the server and client certificates. 
I get a "TLS_accept" error in SSLv3 read client
certificate B. I also get SSL_read Error which can
be omitted. (Please see the attached radius server
log). 

* Any pointers would be highly appreciated?
* How are certificates A different from certificates
B?

======================================================
run_radius -X -A > radius_log
+ LD_LIBRARY_PATH=/usr/local/openssl-beta-latest/lib
+
LD_PRELOAD=/usr/local/openssl-beta-latest/lib/libcrypto.so
+ export LD_LIBRARY_PATH LD_PRELOAD
+ /usr/local/sbin/radiusd -X -A
 
Starting - reading configuration files ...
reread_config:  reading radiusd.conf
Config:   including file: /etc/raddb/proxy.conf
Config:   including file: /etc/raddb/clients.conf
Config:   including file: /etc/raddb/snmp.conf
Config:   including file: /etc/raddb/sql.conf
 main: prefix = "/usr/local"
 main: localstatedir = "/usr/local/var"
 main: logdir = "/usr/local/var/log/radius"
 main: libdir = "/usr/local/lib"
 main: radacctdir =
"/usr/local/var/log/radius/radacct"
 main: hostname_lookups = no
 main: max_request_time = 30
 main: cleanup_delay = 5
 main: max_requests = 1024
 main: delete_blocked_requests = 0
 main: port = 0
 main: allow_core_dumps = no
 main: log_stripped_names = no
 main: log_file =
"/usr/local/var/log/radius/radius.log"
 main: log_auth = no
 main: log_auth_badpass = no
 main: log_auth_goodpass = no
 main: pidfile =
"/usr/local/var/run/radiusd/radiusd.pid"
 main: user = "(null)"
 main: group = "(null)"
 main: usercollide = no
 main: lower_user = "no"
 main: lower_pass = "no"
 main: nospace_user = "no"
 main: nospace_pass = "no"
 main: checkrad = "/usr/local/sbin/checkrad"
 main: proxy_requests = yes
 proxy: retry_delay = 5
 proxy: retry_count = 3
 proxy: synchronous = no
 proxy: default_fallback = yes
 proxy: dead_time = 120
 proxy: servers_per_realm = 15
 security: max_attributes = 200
 security: reject_delay = 1
 security: status_server = no
 main: debug_level = 0
read_config_files:  reading dictionary
read_config_files:  reading naslist
read_config_files:  reading clients
read_config_files:  reading realms
radiusd:  entering modules setup
Module: Library search path is /usr/local/lib
Module: Loaded expr
Module: Instantiated expr (expr)
Module: Loaded System
 unix: cache = no
 unix: passwd = "(null)"
 unix: shadow = "(null)"
 unix: group = "(null)"
 unix: radwtmp = "/usr/local/var/log/radius/radwtmp"
 unix: usegroup = no
 unix: cache_reload = 600
Module: Instantiated unix (unix)
Module: Loaded eap
 eap: default_eap_type = "tls"
 eap: timer_expire = 60
 tls: rsa_key_exchange = no
 tls: dh_key_exchange = yes
 tls: rsa_key_length = 512
 tls: dh_key_length = 512
 tls: verify_depth = 0
 tls: CA_path = "(null)"
 tls: pem_file_type = yes
 tls: private_key_file = "/etc/1x/tstpc11.pem"
 tls: certificate_file = "/etc/1x/tstpc11.pem"
 tls: CA_file = "/etc/1x/root.pem"
 tls: private_key_password = "whatever"
 tls: dh_file = "/etc/1x/DH"
 tls: random_file = "/etc/1x/random"
 tls: fragment_size = 1024
 tls: include_length = yes
rlm_eap_tls: conf N ctx stored
rlm_eap: Loaded and initialized the type tls
Module: Instantiated eap (eap)
Module: Loaded preprocess
 preprocess: huntgroups = "/etc/raddb/huntgroups"
 preprocess: hints = "/etc/raddb/hints"
 preprocess: with_ascend_hack = no
 preprocess: ascend_channels_per_line = 23
 preprocess: with_ntdomain_hack = no
 preprocess: with_specialix_jetstream_hack = no
 preprocess: with_cisco_vsa_hack = no
Module: Instantiated preprocess (preprocess)
Module: Loaded realm
 realm: format = "suffix"
 realm: delimiter = "@"
Module: Instantiated realm (suffix)
Module: Loaded files
 files: usersfile = "/etc/raddb/users"
 files: acctusersfile = "/etc/raddb/acct_users"
 files: preproxy_usersfile =
"/etc/raddb/preproxy_users"
 files: compat = "no"
Module: Instantiated files (files)
Module: Loaded Acct-Unique-Session-Id
 acct_unique: key = "User-Name, Acct-Session-Id,
NAS-IP-Address, Client-IP-Address, NAS-Port-Id"
Module: Instantiated acct_unique (acct_unique)
Module: Loaded detail
 detail: detailfile =
"/usr/local/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d"
 detail: detailperm = 384
 detail: dirperm = 493
 detail: locking = no
Module: Instantiated detail (detail)
Module: Loaded radutmp
 radutmp: filename =
"/usr/local/var/log/radius/radutmp"
 radutmp: username = "%{User-Name}"
 radutmp: perm = 384
 radutmp: callerid = yes
Module: Instantiated radutmp (radutmp)
 main: smux_password = ""
 main: snmp_write_access = no
SMUX connect try 1
Can't connect to SNMP agent with SMUX: Connection
refused
Listening on IP address *, ports 1812/udp and
1813/udp, with proxy on 1814/udp.
Ready to process requests.
rad_recv: Access-Request packet from host
192.168.11.20:1549, id=13, length=116
        User-Name = "Cisco"
        NAS-IP-Address = 192.168.11.20
        Called-Station-Id = "004096577e54"
        Calling-Station-Id = "000809000097"
        NAS-Identifier = "AP350"
        NAS-Port = 29
        Framed-MTU = 1400
        NAS-Port-Type = Wireless-802.11
        EAP-Message = "\002\322\000\n\001Cisco"
        Message-Authenticator =
0x0c3403cb0c28aafd81d7fc2e32045520
modcall: entering group authorize
  hints: Matched DEFAULT at 41
  modcall[authorize]: module "preprocess" returns ok
  modcall[authorize]: module "eap" returns updated
    rlm_realm: No '@' in User-Name = "isco", looking
up realm NULL
    rlm_realm: No such realm NULL
  modcall[authorize]: module "suffix" returns noop
    users: Matched isco at 98
  modcall[authorize]: module "files" returns ok
modcall: group authorize returns updated
  rad_check_password:  Found Auth-Type EAP
auth: type "EAP"
modcall: entering group authenticate
rlm_eap: processing type tls
  modcall[authenticate]: module "eap" returns ok
modcall: group authenticate returns ok
Sending Access-Challenge of id 13 to
192.168.11.20:1549
        EAP-Message = "\001\323\000\006\r "
        Message-Authenticator =
0x00000000000000000000000000000000
        State =
0xf1e747542fcc3e706437c06a25733c0576eee43d7881c0587f27665892ede9d6518f95a6
Finished request 0
Going to the next request
SMUX connect try 2
Can't connect to SNMP agent with SMUX: Connection
refused
--- Walking the entire request list ---
Waking up in 6 seconds...
rad_recv: Access-Request packet from host
192.168.11.20:1550, id=14, length=206
        User-Name = "Cisco"
        NAS-IP-Address = 192.168.11.20
        Called-Station-Id = "004096577e54"
        Calling-Station-Id = "000809000097"
        NAS-Identifier = "AP350"
        NAS-Port = 29
        Framed-MTU = 1400
        State =
0xf1e747542fcc3e706437c06a25733c0576eee43d7881c0587f27665892ede9d6518f95a6
        NAS-Port-Type = Wireless-802.11
        EAP-Message =
"\002\323\000>\r\200\000\000\0004\026\003\001\000/\001\000\000+\003\001=\344\356\202\317\347\207E\261\307\235\353E\325\374\366@{\201N\260\230\003\266\271\271\261\307n\023\n\211\000\000\004\000\004\000\005\001"
        Message-Authenticator =
0x40b59c0a85b4083294b01652176fd47a
modcall: entering group authorize
  hints: Matched DEFAULT at 41
  modcall[authorize]: module "preprocess" returns ok
  modcall[authorize]: module "eap" returns updated
    rlm_realm: No '@' in User-Name = "isco", looking
up realm NULL
    rlm_realm: No such realm NULL
  modcall[authorize]: module "suffix" returns noop
    users: Matched isco at 98
  modcall[authorize]: module "files" returns ok
modcall: group authorize returns updated
  rad_check_password:  Found Auth-Type EAP
auth: type "EAP"
modcall: entering group authenticate
rlm_eap: Request found, released from the list
rlm_eap: EAP_TYPE - tls
rlm_eap: processing type tls
rlm_eap_tls:  Length Included
undefined: before/accept initialization
TLS_accept: before/accept initialization
<<< TLS 1.0 Handshake [length 002f], ClientHello
 
TLS_accept: SSLv3 read client hello A
>>> TLS 1.0 Handshake [length 004a], ServerHello
 
TLS_accept: SSLv3 write server hello A
>>> TLS 1.0 Handshake [length 07fd], Certificate
 
TLS_accept: SSLv3 write certificate A
>>> TLS 1.0 Handshake [length 00bf],
CertificateRequest
 
TLS_accept: SSLv3 write certificate request A
TLS_accept: SSLv3 flush data
TLS_accept:error in SSLv3 read client certificate A
rlm_eap_tls: SSL_read Error
 Error code is ..... 2
 SSL Error ..... 2
  modcall[authenticate]: module "eap" returns ok
modcall: group authenticate returns ok
Sending Access-Challenge of id 14 to
192.168.11.20:1550
        EAP-Message =
"\001\324\004\n\r\300\000\000\t\025\026\003\001\000J\002\000\000F\003\001=\344\356v\201\335o{\335O\202\262\335P\246\215$\253\023c`M&\360r\355\342s@\0018\307
\330]\244\323:\262JI\035\324\262\254w\304\006;\0055@O\250T\317\025\303V\265\205b\230\317\356\000\004\000\026\003\001\007\375\013\000\007\371\000\007\366\000\004\n0\202\004\0060\202\003o\240\003\002\001\002\002\001\0010\r\006\t*\206H\206\367\r\001\001\004\005\0000\201\2551\0130\t\006\003U\004\006\023\002GE1\0170\r\006\003U\004\010\023\006Saxony1\0200\016"
        EAP-Message = "ikhil
Chauhan1,0*\006\t*\206H\206\367\r\001\t\001\026\[EMAIL PROTECTED]\036\027\r021122161454Z\027\r031122161454Z0\201\2461\0130\t\006\003U\004\006\023\002GE1\0170\r\006\003U\004\010\023\006Saxony1\0200\016\006\003U\004\007\023\007Dresden1\0260\024\006\003U\004\n\023\rSystemonic
AG1\0340\032\006\003U\004\013\024\023Protocols &
Drivers1\0200\016\006\003U\004\003\023\007tstpc111,0*\006\t*\206H\206\367\r\001\t\001\026\035nikhil.chauhan@system"
        EAP-Message =
"onic.com0\201\2370\r\006\t*\206H\206\367\r\001\001\001\005\000\003\201\215\0000\201\211\002\201\201\000\302OKi'"\233\007Z\266;R\312_\005\036\261\331\222\272x\263Pd\267\014\345\354\325P\360\377Z\200\353)\202\313\01424\307}\353B\212\005\251\215
p\005\016\335xkD\276jw{\013\365\267\302Lpo\333@
\353\376C\273\371\332}+\237n_\377\233\335\225\341G\226\375a\250\270\025\tDJj\222@\244\276~\326\351\365WE\356\366\355<w\302^B0/j]\331\2343\355\266\227TW\002\003\001\000\001\243\202\00190\202\00150\t\006\003U\035\023\004\002"
        EAP-Message =
"/u\243\267\212\206"\344\225\201D\025j+0\201\332\006\003U\035#\004\201\3220\201\317\200\024w]fY\241\036\265\007\027\217\310\322\330\2068<\352b\302\360\241\201\263\244\201\2600\201\2551\0130\t\006\003U\004\006\023\002GE1\0170\r\006\003U\004\010\023\006Saxony1\0200\016\006\003U\004\007\023\007Dresden1\0260\024\006\003U\004\n\023\rSystemonic
AG1\0340\032\006\003U\004\013\024\023Protocols &
Drivers1\0270\025\006\003U\004\003\023\016Nikhil
Chauhan1,0*\006\t*\206H\206\367\r\001\t\001\026\035nikhil.chauhan@system"
        EAP-Message =
"\201\000\300\376<\214\231\224\233\321a\210\031185|\251`l\255\t`\344\320\373"
        Message-Authenticator =
0x00000000000000000000000000000000
        State =
0xfeb25e5fb0f5c7e4dc929bc5955699ed76eee43d05ed317c5acd9bc48fe5ae9ae4420cef
Finished request 1
Going to the next request
SMUX connect try 3
Can't connect to SNMP agent with SMUX: Connection
refused
Waking up in 6 seconds...
rad_recv: Access-Request packet from host
192.168.11.20:1551, id=15, length=150
        User-Name = "Cisco"
        NAS-IP-Address = 192.168.11.20
        Called-Station-Id = "004096577e54"
        Calling-Station-Id = "000809000097"
        NAS-Identifier = "AP350"
        NAS-Port = 29
        Framed-MTU = 1400
        State =
0xfeb25e5fb0f5c7e4dc929bc5955699ed76eee43d05ed317c5acd9bc48fe5ae9ae4420cef
        NAS-Port-Type = Wireless-802.11
        EAP-Message = "\002\324\000\006\r"
        Message-Authenticator =
0x883c7198a2f628a052cc7e62a189525d
modcall: entering group authorize
  hints: Matched DEFAULT at 41
  modcall[authorize]: module "preprocess" returns ok
  modcall[authorize]: module "eap" returns updated
    rlm_realm: No '@' in User-Name = "isco", looking
up realm NULL
    rlm_realm: No such realm NULL
  modcall[authorize]: module "suffix" returns noop
    users: Matched isco at 98
  modcall[authorize]: module "files" returns ok
modcall: group authorize returns updated
  rad_check_password:  Found Auth-Type EAP
auth: type "EAP"
modcall: entering group authenticate
rlm_eap: Request found, released from the list
rlm_eap: EAP_TYPE - tls
rlm_eap: processing type tls
rlm_eap_tls: Received EAP-TLS ACK message
  modcall[authenticate]: module "eap" returns ok
modcall: group authenticate returns ok
Sending Access-Challenge of id 15 to
192.168.11.20:1551
        EAP-Message =
"\001\325\004\n\r\300\000\000\t\025\371\250n\365\330\001\304\352'Y\0215\260\036\252\022\355\274\331\377\2619:\210d\201\035\007\360\3650\375)\306}\030b\230\037\373\2774j\363\262\347\266\235\340\373\0020\334\002\373\036\332y\035\213<d\352\371M\010\016kz\276\337\020\210o_\332\345R\020\000\260\272\305o\355T\016\351\344p\346A\310\013\373\346Q\027\014\310\224R\277\320\000\003\3460\202\003\3420\202\003K\240\003\002\001\002\002\001\0000\r\006\t*\206H\206\367\r\001\001\004\005\0000\201\2551\0130\t\006\003U\004\006\023"
        EAP-Message =
"s1\0270\025\006\003U\004\003\023\016Nikhil
Chauhan1,0*\006\t*\206H\206\367\r\001\t\001\026\[EMAIL PROTECTED]\036\027\r021122160949Z\027\r021222160949Z0\201\2551\0130\t\006\003U\004\006\023\002GE1\0170\r\006\003U\004\010\023\006Saxony1\0200\016\006\003U\004\007\023\007Dresden1\0260\024\006\003U\004\n\023\rSystemonic
AG1\0340\032\006\003U\004\013\024\023Protocols &
Drivers1\0270\025\006\003U\004\003\023\016Nikhil
Chauhan1,0*\006\t*\206H\206\367\r\001\t\001\026\035n"
        EAP-Message =
"[EMAIL PROTECTED]\201\2370\r\006\t*\206H\206\367\r\001\001\001\005\000\003\201\215\0000\201\211\002\201\201\000\301\344=\313\366U\003x;\021\335\375\032\001S\321\2751\014\373\033|\266t\001z\361Y\232G\247\275jk\341g{a\200<.k)=3\225\235\314\322\022\013\344WvXo3\363\323:\022\312|&\217\244q\276\347\373\023\014\246\3573y\036W[\245\367%h5\214\345\034\311v\227\235\371\372\275\377\360\277tF\227\3578%\355\333e39\343(T\321"\254\344q[\251l2\373\317\271r2!\236K\002\003\001\000\001\243\202\001\0160\202\001\n"
        EAP-Message =
"\007\027\217\310\322\330\2068<\352b\302\360\241\201\263\244\201\2600\201\2551\0130\t\006\003U\004\006\023\002GE1\0170\r\006\003U\004\010\023\006Saxony1\0200\016\006\003U\004\007\023\007Dresden1\0260\024\006\003U\004\n\023\rSystemonic
AG1\0340\032\006\003U\004\013\024\023Protocols &
Drivers1\0270\025\006\003U\004\003\023\016Nikhil
Chauhan1,0*\006\t*\206H\206\367\r\001\t\001\026\[EMAIL PROTECTED]\202\001\0000\014\006\003U\035\023\004\0050\003\001\001\3770\r\006\t*\206H\206\367\r\001\001\004\005"
        EAP-Message =
"\304_\003@\227\263\351\247Mb5\371=\271\3715r^\372\363Y+\317\3301\246"
        Message-Authenticator =
0x00000000000000000000000000000000
        State =
0xd44bc1219076d11e89ea96e1678b29e476eee43d35ff168437897ced968771357d776abd
Finished request 2
Going to the next request
Waking up in 6 seconds...
rad_recv: Access-Request packet from host
192.168.11.20:1552, id=16, length=150
        User-Name = "Cisco"
        NAS-IP-Address = 192.168.11.20
        Called-Station-Id = "004096577e54"
        Calling-Station-Id = "000809000097"
        NAS-Identifier = "AP350"
        NAS-Port = 29
        Framed-MTU = 1400
        State =
0xd44bc1219076d11e89ea96e1678b29e476eee43d35ff168437897ced968771357d776abd
        NAS-Port-Type = Wireless-802.11
        EAP-Message = "\002\325\000\006\r"
        Message-Authenticator =
0xe20f9cc81e4a9c2d61532aeb10d06971
modcall: entering group authorize
  hints: Matched DEFAULT at 41
  modcall[authorize]: module "preprocess" returns ok
  modcall[authorize]: module "eap" returns updated
    rlm_realm: No '@' in User-Name = "isco", looking
up realm NULL
    rlm_realm: No such realm NULL
  modcall[authorize]: module "suffix" returns noop
    users: Matched isco at 98
  modcall[authorize]: module "files" returns ok
modcall: group authorize returns updated
  rad_check_password:  Found Auth-Type EAP
auth: type "EAP"
modcall: entering group authenticate
rlm_eap: Request found, released from the list
rlm_eap: EAP_TYPE - tls
rlm_eap: processing type tls
rlm_eap_tls: Received EAP-TLS ACK message
  modcall[authenticate]: module "eap" returns ok
modcall: group authenticate returns ok
Sending Access-Challenge of id 16 to
192.168.11.20:1552
        EAP-Message =
"\001\326\001\037\r\200\000\000\t\025\243\013sd\250^\213\362\037@\031\207X\233\277\240;\213;\2450\227\366S\204\247\036%v\332)\315\0051h\n\324\346e\206O\335%\370\205\335\232\305%\\FL\230\014\032=\365\276\255,\225\264(\222\023\345\033\250\336Eq\222\311\335C\320~`\226\247(\026\003\001\000\277\r\000\000\267\002\001\002\000\262\000\2600\201\2551\0130\t\006\003U\004\006\023\002GE1\0170\r\006\003U\004\010\023\006Saxony1\0200\016\006\003U\004\007\023\007Dresden1\0260\024\006\003U\004\n\023\rSystemonic
AG1\0340\032"
        EAP-Message =
"\026\[EMAIL PROTECTED]\016\000\000"
        Message-Authenticator =
0x00000000000000000000000000000000
        State =
0x61edb378dbea35f051cd94a36bb1292c76eee43d16b0f52b809c2806a8cad669ddbc1e38
Finished request 3
Going to the next request
Waking up in 6 seconds...
rad_recv: Access-Request packet from host
192.168.11.20:1553, id=17, length=1562       
User-Name = "Cisco"
        NAS-IP-Address = 192.168.11.20
        Called-Station-Id = "004096577e54"
        Calling-Station-Id = "000809000097"
        NAS-Identifier = "AP350"
        NAS-Port = 29
        Framed-MTU = 1400
        State =
0x61edb378dbea35f051cd94a36bb1292c76eee43d16b0f52b809c2806a8cad669ddbc1e38
        NAS-Port-Type = Wireless-802.11
        EAP-Message =
"\002\326\005\200\r\300\000\000\006\332\026\003\001\006\252\013\000\005\232\000\005\227\000\005\2240~B^D^D0~B^Cm|
^C^B^A^B^B^A^C0^M^F
\n*~FH~F\367^M^A^A^D^E^@0~A\2551^K0   
\n^F^CU^D^F^S^BGE1^O0^M^F^CU^D^H^S^FSaxony1^P0^N^F^CU^D^G^S^GDresden1^V0^T^F^CU^D\n^S^MSystemonic
AG1^\\0^Z^F^CU^D^K^T^SProtocols
&\nDrivers1^W0^U^F^CU^D^C^S^NNi"
        EAP-Message = "khil Chauhan1,0*^F
\n*~FH~F\367^M^A   
\n^A^V^][EMAIL PROTECTED]^^^W^M021126140730Z^W^M031126140730Z0~A\2441^K0\n
    
\n^F^CU^D^F^S^BGE1^O0^M^F^CU^D^H^S^FSaxony1^P0^N^F^CU^D^G^S^GDresden1^V0^T^F^CU^D\n^S^MSystemonic
AG1^\\0^Z^F^CU^D^K^T^SProtocols &\nD"
        EAP-Message =
"rivers1^N0^L^F^CU^D^C^S^ECisco1,0*^F   *~FH~F\367^M^A
  \n ^A^V^][EMAIL PROTECTED]~A~_0^M^F 
\n*~FH~F\367^M^A^A^A^E^@^C~A~M^@0~A~I^B~A~A^@\277\347\315S\313\366\260My\327~V\350AgA~]{^Ll!B\245\361\370+\253\340>~Sc\322o~D~X\3403\350!#p%R;]\306R\316~]\326~J\377\345~_s^D{B\367\316^[,\352^C~WG\350~H^XG~Q|,t\312^_\373\356\244\373\313\303^S\335~M\307\323\306\3475\326a"
        EAP-Message =
"^N*\335\366\352~JC\310\241^Q\267=\354K\246~[^S\353\326\307\360A*a,:M^T^HS\254^UJiP,m^B^C^A^@^A\243~B^A90~B^A50\n
   
^F^CU^]^S^D^B0^@0,^F\n`~FH^A~F\370B^A^M^D^_^V^]OpenSSL
Generated\nCertificate0^]^F^CU^]^N^D^V^D^T[~SQ\373\353Z~V~Q~A~I~G%0^X^@\321g\310\255~I0~A\332^F^CU^]#^D~A\3220~A\317~@^Tw]fY\241^^\265^G^W~O\310\322\330~F8<\352b\302\360\241~A\263\244~A\260"
        EAP-Message =
"0~A\2551^K0\n\n^F^CU^D^F^S^BGE1^O0^M^F^CU^D^H^S^FSaxony1^P0^N^F^CU^D^G^S^GDresden1^V0^T^F^CU^D\n^S^MSystemonic
AG1^\\0^Z^F^CU^D^K^T^SProtocols
&\nDrivers1^W0^U^F^CU^D^C^S^NNikhil Chauhan1,0*^F
\n*~FH~F\367^M^A   
\n^A^V^][EMAIL PROTECTED]~B^A^@0^M^F\n*~FH"
        EAP-Message =
"~F\367^M^A^A^D^E^@^C~A~A^@P^Qr\257L^\323\365&\302\332^?^O^?^V\326\373\357'T\301rz\303~M;\255VX~[^T~Yj~EC~F~@M\252\313)^?\323)A^Y]8H\342#\363;^K^]~_]>~\\I[/\272q{\\^T~Q^P\316G~R~@M\316\345\323^_^[\332H^[m\325\275\262e\334\3041\362^@^"
        Message-Authenticator =
0x257a72ec776eefe33b7573a5b6f0877b
modcall: entering group authorize
  hints: Matched DEFAULT at 41
  modcall[authorize]: module "preprocess" returns ok
  modcall[authorize]: module "eap" returns updated
    rlm_realm: No '@' in User-Name = "isco", looking
up realm NULL
    rlm_realm: No such realm NULL
  modcall[authorize]: module "suffix" returns noop
    users: Matched isco at 98
  modcall[authorize]: module "files" returns ok
modcall: group authorize returns updated
  rad_check_password:  Found Auth-Type EAP
auth: type "EAP"
modcall: entering group authenticate
rlm_eap: Multiple EAP_Message attributes found
rlm_eap: Request found, released from the list
rlm_eap: EAP_TYPE - tls
rlm_eap: processing type tls
rlm_eap_tls:  Received EAP-TLS First Fragment of the
message
Total Length Included
  modcall[authenticate]: module "eap" returns ok
modcall: group authenticate returns ok
Sending Access-Challenge of id 17 to
192.168.11.20:1553
        EAP-Message = "\001\327\000\006\r"
        Message-Authenticator =
0x00000000000000000000000000000000
        State =
0x3f4b54e72fa1f2db3910b101a2028b2576eee43d7db4e9f0e339917e1fbeec117b00e7c1
Finished request 4
Going to the next request
Waking up in 6 seconds...
rad_recv: Access-Request packet from host
192.168.11.20:1554, id=18, length=508
        User-Name = "Cisco"
        NAS-IP-Address = 192.168.11.20
        Called-Station-Id = "004096577e54"
        Calling-Station-Id = "000809000097"
        NAS-Identifier = "AP350"
        NAS-Port = 29
        Framed-MTU = 1400
        State =
0x3f4b54e72fa1f2db3910b101a2028b2576eee43d7db4e9f0e339917e1fbeec117b00e7c1
        NAS-Port-Type = Wireless-802.11
        EAP-Message =
"\002\327\001j\r\000S\242^]h^^\241Z~WO\371\271\262\271^TGt^^S\354\276\376\373~L1\344'H~K<\244\345\375\304^RR.\n\020\000\000\202\000\200\225\353\230\333md\0054&E\023\304z\333E=d\200\350\231\036\357\225;u\317\242\006Y\335\303HE\324\367$\343X\222\347\203PV@\036\247\030\035\304\206z\324B\033{)\375\027\316X\034\242\002
<*y{\305\203SQ\377%\374\023Y\255\323\017\311\016\227\373\006^\030Q\320@JX\312\205\256\001\253D\200\240`\3379\226\340\332]i>\206\253\346\210\020E\251\324\316[\341z\373\337f\311\025&\322\017\000\000"
        EAP-Message =
"~\313\331\342\261\020+DeMN\374\277\265\235\310\307\021&hz\312?\244{\344\024e\361\353p\026\017\t-\245\343\372\203\000\221\323\320\024\351eq\007\2608\300\234\270/bD\331\246\343\241@\314\250\3504\362\024\003\001\000\001\001\026\003\001\000
\360V\246\212\273\255\003\343.`\356\342\027=oF2Q\234J"\r\246\000\321\312j\r\274\36502"
        Message-Authenticator =
0xb92331c45d16d64742cb1d123417a56c
modcall: entering group authorize
  hints: Matched DEFAULT at 41
  modcall[authorize]: module "preprocess" returns ok
  modcall[authorize]: module "eap" returns updated
    rlm_realm: No '@' in User-Name = "isco", looking
up realm NULL
    rlm_realm: No such realm NULL
  modcall[authorize]: module "suffix" returns noop
    users: Matched isco at 98
  modcall[authorize]: module "files" returns ok
modcall: group authorize returns updated
  rad_check_password:  Found Auth-Type EAP
auth: type "EAP"
modcall: entering group authenticate
rlm_eap: Multiple EAP_Message attributes found
rlm_eap: Request found, released from the list
rlm_eap: EAP_TYPE - tls
rlm_eap: processing type tls
<<< TLS 1.0 Handshake [length 059e], Certificate
 
TLS_accept:error in SSLv3 read client certificate B
rlm_eap_tls: SSL_read Error
 Error code is ..... 5
 Error in SSL ..... 5
rlm_eap_tls: BIO_read Error
 Error code is ..... 5
 Error in SSL ..... 5
  modcall[authenticate]: module "eap" returns ok
modcall: group authenticate returns ok
Delaying request 5 for 1 seconds
Finished request 5
Going to the next request
Waking up in 6 seconds...
rad_recv: Access-Request packet from host
192.168.11.20:1554, id=18, length=508
Sending Access-Reject of id 18 to 192.168.11.20:1554
        EAP-Message = "\004\327\000\004"
        Message-Authenticator =
0x00000000000000000000000000000000
--- Walking the entire request list ---
Waking up in 5 seconds...
--- Walking the entire request list ---
Cleaning up request 0 ID 13 with timestamp 3de4ee76
Cleaning up request 1 ID 14 with timestamp 3de4ee76
Cleaning up request 2 ID 15 with timestamp 3de4ee76
Cleaning up request 3 ID 16 with timestamp 3de4ee76
Cleaning up request 4 ID 17 with timestamp 3de4ee76
Cleaning up request 5 ID 18 with timestamp 3de4ee76
Nothing to do.  Sleeping until we see a request.
26066:error:0D0680A8:asn1 encoding
routines:ASN1_CHECK_TLEN:wrong tag:tasn_dec.c:939:
26066:error:0D07803A:asn1 encoding
routines:ASN1_ITEM_EX_D2I:nested asn1
error:tasn_dec.c:304:Type=X509_CINF
26066:error:0D08303A:asn1 encoding
routines:ASN1_TEMPLATE_D2I:nested asn1
error:tasn_dec.c:566:Field=cert_info, Type=X509
26066:error:1408900D:SSL
routines:SSL3_GET_CLIENT_CERTIFICATE:ASN1
lib:s3_srvr.c:1947:
=======================================================




__________________________________________________
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to