EAP-TLS error: RSA_padding_check_PKCS1_type_1:block type is not 01
I'm using Freeradius server2.1.12 on x86 fedora14. My client is using (armel ubuntu 10.04 lucid) IMX53 board. When I try connecting to radius server I am receiving the following errors. The client is broken. It's not doing SSL correctly. Do we require different certificates for arm boards, as I was able to run without any issues on x86 with same certificates. Because it has different software. May I know, what is that different software? Tue Nov 20 16:48:05 2012 : Error: TLS Alert write:fatal:decrypt error Tue Nov 20 16:48:05 2012 : Error: TLS_accept: failed in SSLv3 read certificate verify B Tue Nov 20 16:48:05 2012 : Error: rlm_eap: SSL error error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block type is not 01 You CANNOT fix this by poking FreeRADIUS. I created certificates with the following commands: This is NOT a certificate issue. Notice that the error is NOT complaining about certificates. And why use your own commands to create certs? The scripts in raddb/certs WORK. Alan DeKok. Regards, Swaraj - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
EAP-TLS error: RSA_padding_check_PKCS1_type_1:block type is not 01
receive handshake failed during operation */Tue Nov 20 16:48:05 2012 : Info: [tls] eaptls_process returned 4 Tue Nov 20 16:48:05 2012 : Info: [eap] Handler failed in EAP/tls Tue Nov 20 16:48:05 2012 : Info: [eap] Failed in EAP select Tue Nov 20 16:48:05 2012 : Info: ++[eap] returns invalid Tue Nov 20 16:48:05 2012 : Info: Failed to authenticate the user. Tue Nov 20 16:48:05 2012 : Info: Delaying reject of request 9 for 1 seconds Tue Nov 20 16:48:05 2012 : Debug: Going to the next request Tue Nov 20 16:48:05 2012 : Debug: Waking up in 0.3 seconds. Tue Nov 20 16:48:05 2012 : Info: Cleaning up request 4 ID 4 with timestamp +1948 Tue Nov 20 16:48:05 2012 : Debug: Waking up in 0.6 seconds. Tue Nov 20 16:48:06 2012 : Info: Sending delayed reject for request 9 Sending Access-Reject of id 9 to 10.0.0.70 port 2050 EAP-Message = 0x04040004 Message-Authenticator = 0x Tue Nov 20 16:48:06 2012 : Debug: Waking up in 3.7 seconds. Tue Nov 20 16:48:10 2012 : Info: Cleaning up request 5 ID 5 with timestamp +1954 I created certificates with the following commands: /* CA root */ */openssl req -new -x509 -extensions v3_ca -keyout private/cakey.pem -out cacert.pem -days 365 -config ./openssl.cnf /* /* Certificates Request */ /*openssl req -new -nodes -out redpine-req.pem -keyout private/redpine-key.pem -days 365 -config ./openssl.cnf */ /* Signing the certificates with ca root certificate generated in section CA root */ /*openssl ca -out redpine-cert.pem -days 365 -config ./openssl.cnf -infiles redpine-req.pem */ /Concatenating all certificates: * cat redpine-key.pem redpine-cert.pem cacert.pem imx53.pem */Thanks Regards, Swaraj /* */ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Freeradius-Devel Digest, Vol 89, Issue 5
On 09/06/2012 03:53 PM, freeradius-devel-requ...@lists.freeradius.org wrote: Send Freeradius-Devel mailing list submissions to freeradius-de...@lists.freeradius.org To subscribe or unsubscribe via the World Wide Web, visit http://lists.freeradius.org/mailman/listinfo/freeradius-devel or, via email, send a message with subject or body 'help' to freeradius-devel-requ...@lists.freeradius.org You can reach the person managing the list at freeradius-devel-ow...@lists.freeradius.org When replying, please edit your Subject line so it is more specific than Re: Contents of Freeradius-Devel digest... Today's Topics: 1. Re: Freeradius 2.1.12 with EAP-FAST compilation issues (Swaraj) -- Message: 1 Date: Thu, 06 Sep 2012 15:53:26 +0530 From: Swarajswaraj.vutt...@redpinesignals.com To: freeradius-de...@lists.freeradius.org Subject: Re: Freeradius 2.1.12 with EAP-FAST compilation issues Message-ID:5048799e.8030...@redpinesignals.com Content-Type: text/plain; charset=iso-8859-1; Format=flowed On 09/05/2012 03:30 PM, freeradius-devel-requ...@lists.freeradius.org wrote: Send Freeradius-Devel mailing list submissions to freeradius-de...@lists.freeradius.org To subscribe or unsubscribe via the World Wide Web, visit http://lists.freeradius.org/mailman/listinfo/freeradius-devel or, via email, send a message with subject or body 'help' to freeradius-devel-requ...@lists.freeradius.org You can reach the person managing the list at freeradius-devel-ow...@lists.freeradius.org When replying, please edit your Subject line so it is more specific than Re: Contents of Freeradius-Devel digest... Today's Topics: 1. Re: Freeradius 2.1.12 with EAP-FAST compilation issues (Swaraj) 2. Re: Freeradius 2.1.12 with EAP-FAST compilation issues (Alan DeKok) -- Message: 1 Date: Wed, 05 Sep 2012 11:31:52 +0530 From: Swarajswaraj.vutt...@redpinesignals.com To:freeradius-de...@lists.freeradius.org Cc: Swarajswaraj.vutt...@redpinesignals.com Subject: Re: Freeradius 2.1.12 with EAP-FAST compilation issues Message-ID:5046ead0.9060...@redpinesignals.com Content-Type: text/plain; charset=iso-8859-1; Format=flowed Hi All, I was using freeradius-server 2.1.12 without any issues till now, but now i wanted to use EAP-FAST in freeradius server. So i started compiling rlm_eap2 module, but i got lot of errors releated to libeap.so. Some how i fixed all issues related to liaeap.so with hostapd. Currently i'm stuck with these kind of errors am unable to proceed further. I require some help to resolve these. I used ./configure --with-experimental-modules --with-rlm_eap2 LIBS=-ldl make I get the following error message: -- gmake[6]: Leaving directory `/backup/freeradius-server-2.1.12/src/modules/rlm_eap' Making all in rlm_eap2... /usr/bin/gmake -w -C rlm_eap2 all gmake[6]: Entering directory `/backup/freeradius-server-2.1.12/src/modules/rlm_eap2' /backup/freeradius-server-2.1.12/libtool --mode=compile gcc -g -O2 -Wall -D_GNU_SOURCE -D_REENTRANT -D_POSIX_PTHREAD_SEMANTICS -DNDEBUG -I/backup/freeradius-server-2.1.12/src -I/backup/freeradius-server-2.1.12/libltdl -I/backup/freeradius-server-2.1.12/libltdl -I/home/livecd/Downloads/hostapd-0.7.3/src/eap_common -I/home/livecd/Downloads/hostapd-0.7.3/src/eap_server -I/home/livecd/Downloads/hostapd-0.7.3/src -I/home/livecd/Downloads/hostapd-0.7.3/src/common -I/home/livecd/Downloads/hostapd-0.7.3/src/utils -c rlm_eap2.c gcc -g -O2 -Wall -D_GNU_SOURCE -D_REENTRANT -D_POSIX_PTHREAD_SEMANTICS -DNDEBUG -I/backup/freeradius-server-2.1.12/src -I/backup/freeradius-server-2.1.12/libltdl -I/backup/freeradius-server-2.1.12/libltdl -I/home/livecd/Downloads/hostapd-0.7.3/src/eap_common -I/home/livecd/Downloads/hostapd-0.7.3/src/eap_server -I/home/livecd/Downloads/hostapd-0.7.3/src -I/home/livecd/Downloads/hostapd-0.7.3/src/common -I/home/livecd/Downloads/hostapd-0.7.3/src/utils -c rlm_eap2.c -fPIC -DPIC -o .libs/rlm_eap2.o rlm_eap2.c: In function 'eap_instantiate': rlm_eap2.c:622:2: warning: implicit declaration of function 'eap_server_register_methods' rlm_eap2.c: In function 'eap_authenticate': rlm_eap2.c:962:41: warning: pointer targets in assignment differ in signedness rlm_eap2.c:963:35: warning: pointer targets in assignment differ in signedness gcc -g -O2 -Wall -D_GNU_SOURCE -D_REENTRANT -D_POSIX_PTHREAD_SEMANTICS -DNDEBUG -I/backup/freeradius-server-2.1.12/src -I/backup/freeradius-server-2.1.12/libltdl -I/backup/freeradius-server-2.1.12/libltdl -I/home/livecd/Downloads/hostapd-0.7.3/src/eap_common -I/home/livecd/Downloads/hostapd-0.7.3/src/eap_server -I/home/livecd/Downloads/hostapd-0.7.3/src -I/home/livecd/Downloads/hostapd-0.7.3/src/common -I/home/livecd/Downloads/hostapd-0.7.3/src/utils -c rlm_eap2.c -o rlm_eap2.o/dev/null
Re: Freeradius 2.1.12 with EAP-FAST compilation issues
On 09/06/2012 03:53 PM, freeradius-devel-requ...@lists.freeradius.org wrote: Send Freeradius-Devel mailing list submissions to freeradius-de...@lists.freeradius.org To subscribe or unsubscribe via the World Wide Web, visit http://lists.freeradius.org/mailman/listinfo/freeradius-devel or, via email, send a message with subject or body 'help' to freeradius-devel-requ...@lists.freeradius.org You can reach the person managing the list at freeradius-devel-ow...@lists.freeradius.org When replying, please edit your Subject line so it is more specific than Re: Contents of Freeradius-Devel digest... Today's Topics: 1. Re: Freeradius 2.1.12 with EAP-FAST compilation issues (Swaraj) -- Message: 1 Date: Thu, 06 Sep 2012 15:53:26 +0530 From: Swarajswaraj.vutt...@redpinesignals.com To:freeradius-de...@lists.freeradius.org Subject: Re: Freeradius 2.1.12 with EAP-FAST compilation issues Message-ID:5048799e.8030...@redpinesignals.com Content-Type: text/plain; charset=iso-8859-1; Format=flowed On 09/05/2012 03:30 PM,freeradius-devel-requ...@lists.freeradius.org wrote: Send Freeradius-Devel mailing list submissions to freeradius-de...@lists.freeradius.org To subscribe or unsubscribe via the World Wide Web, visit http://lists.freeradius.org/mailman/listinfo/freeradius-devel or, via email, send a message with subject or body 'help' to freeradius-devel-requ...@lists.freeradius.org You can reach the person managing the list at freeradius-devel-ow...@lists.freeradius.org When replying, please edit your Subject line so it is more specific than Re: Contents of Freeradius-Devel digest... Today's Topics: 1. Re: Freeradius 2.1.12 with EAP-FAST compilation issues (Swaraj) 2. Re: Freeradius 2.1.12 with EAP-FAST compilation issues (Alan DeKok) -- Message: 1 Date: Wed, 05 Sep 2012 11:31:52 +0530 From: Swarajswaraj.vutt...@redpinesignals.com To:freeradius-de...@lists.freeradius.org Cc: Swarajswaraj.vutt...@redpinesignals.com Subject: Re: Freeradius 2.1.12 with EAP-FAST compilation issues Message-ID:5046ead0.9060...@redpinesignals.com Content-Type: text/plain; charset=iso-8859-1; Format=flowed Hi All, I was using freeradius-server 2.1.12 without any issues till now, but now i wanted to use EAP-FAST in freeradius server. So i started compiling rlm_eap2 module, but i got lot of errors releated to libeap.so. Some how i fixed all issues related to liaeap.so with hostapd. Currently i'm stuck with these kind of errors am unable to proceed further. I require some help to resolve these. I used ./configure --with-experimental-modules --with-rlm_eap2 LIBS=-ldl make I get the following error message: -- gmake[6]: Leaving directory `/backup/freeradius-server-2.1.12/src/modules/rlm_eap' Making all in rlm_eap2... /usr/bin/gmake -w -C rlm_eap2 all gmake[6]: Entering directory `/backup/freeradius-server-2.1.12/src/modules/rlm_eap2' /backup/freeradius-server-2.1.12/libtool --mode=compile gcc -g -O2 -Wall -D_GNU_SOURCE -D_REENTRANT -D_POSIX_PTHREAD_SEMANTICS -DNDEBUG -I/backup/freeradius-server-2.1.12/src -I/backup/freeradius-server-2.1.12/libltdl -I/backup/freeradius-server-2.1.12/libltdl -I/home/livecd/Downloads/hostapd-0.7.3/src/eap_common -I/home/livecd/Downloads/hostapd-0.7.3/src/eap_server -I/home/livecd/Downloads/hostapd-0.7.3/src -I/home/livecd/Downloads/hostapd-0.7.3/src/common -I/home/livecd/Downloads/hostapd-0.7.3/src/utils -c rlm_eap2.c gcc -g -O2 -Wall -D_GNU_SOURCE -D_REENTRANT -D_POSIX_PTHREAD_SEMANTICS -DNDEBUG -I/backup/freeradius-server-2.1.12/src -I/backup/freeradius-server-2.1.12/libltdl -I/backup/freeradius-server-2.1.12/libltdl -I/home/livecd/Downloads/hostapd-0.7.3/src/eap_common -I/home/livecd/Downloads/hostapd-0.7.3/src/eap_server -I/home/livecd/Downloads/hostapd-0.7.3/src -I/home/livecd/Downloads/hostapd-0.7.3/src/common -I/home/livecd/Downloads/hostapd-0.7.3/src/utils -c rlm_eap2.c -fPIC -DPIC -o .libs/rlm_eap2.o rlm_eap2.c: In function 'eap_instantiate': rlm_eap2.c:622:2: warning: implicit declaration of function 'eap_server_register_methods' rlm_eap2.c: In function 'eap_authenticate': rlm_eap2.c:962:41: warning: pointer targets in assignment differ in signedness rlm_eap2.c:963:35: warning: pointer targets in assignment differ in signedness gcc -g -O2 -Wall -D_GNU_SOURCE -D_REENTRANT -D_POSIX_PTHREAD_SEMANTICS -DNDEBUG -I/backup/freeradius-server-2.1.12/src -I/backup/freeradius-server-2.1.12/libltdl -I/backup/freeradius-server-2.1.12/libltdl -I/home/livecd/Downloads/hostapd-0.7.3/src/eap_common -I/home/livecd/Downloads/hostapd-0.7.3/src/eap_server -I/home/livecd/Downloads/hostapd-0.7.3/src -I/home
Freeradius 2.1.12 with EAP-FAST compilation issues
to `eap_server_register_methods' rlm_eap2.c:(.text+0x10f1): undefined reference to `cf_subsection_find_next' rlm_eap2.c:(.text+0x1143): undefined reference to `radlog' rlm_eap2.c:(.text+0x115d): undefined reference to `cf_subsection_find_next' rlm_eap2.c:(.text+0x1173): undefined reference to `cf_section_name1' rlm_eap2.c:(.text+0x12df): undefined reference to `radlog' rlm_eap2.c:(.text+0x12f5): undefined reference to `radlog' rlm_eap2.c:(.text+0x1362): undefined reference to `radlog' rlm_eap2.c:(.text+0x13ac): undefined reference to `radlog' /tmp/cchrL0fh.o: In function `eaplist_add': rlm_eap2.c:(.text+0xfb): undefined reference to `rad_assert_fail' rlm_eap2.c:(.text+0x121): undefined reference to `rad_assert_fail' rlm_eap2.c:(.text+0x2de): undefined reference to `radlog' /tmp/cchrL0fh.o: In function `eaplist_find': rlm_eap2.c:(.text+0x417): undefined reference to `rad_assert_fail' rlm_eap2.c:(.text+0x599): undefined reference to `radlog' /tmp/cchrL0fh.o: In function `eap_example_server_init_tls': rlm_eap2.c:(.text+0x895): undefined reference to `radlog' rlm_eap2.c:(.text+0x8cd): undefined reference to `radlog' /tmp/cchrL0fh.o: In function `eap_instantiate': rlm_eap2.c:(.text+0x935): undefined reference to `cf_section_parse' rlm_eap2.c:(.text+0x9cc): undefined reference to `radlog' rlm_eap2.c:(.text+0x9e6): undefined reference to `eap_server_register_methods' rlm_eap2.c:(.text+0xa2e): undefined reference to `cf_subsection_find_next' rlm_eap2.c:(.text+0xa41): undefined reference to `cf_section_name1' rlm_eap2.c:(.text+0xa6f): undefined reference to `radlog' rlm_eap2.c:(.text+0xb3d): undefined reference to `radlog' rlm_eap2.c:(.text+0xbac): undefined reference to `cf_subsection_find_next' rlm_eap2.c:(.text+0xbe5): undefined reference to `radlog' rlm_eap2.c:(.text+0xc20): undefined reference to `radlog' /tmp/cchrL0fh.o: In function `eap_example_server_step': rlm_eap2.c:(.text+0xdbf): undefined reference to `log_debug' rlm_eap2.c:(.text+0xdff): undefined reference to `log_debug' rlm_eap2.c:(.text+0xe7f): undefined reference to `radius_pairmake' rlm_eap2.c:(.text+0xee6): undefined reference to `radius_pairmake' rlm_eap2.c:(.text+0xf47): undefined reference to `log_debug' /tmp/cchrL0fh.o: In function `eap_vp2data': rlm_eap2.c:(.text+0xfc4): undefined reference to `radlog' rlm_eap2.c:(.text+0xfed): undefined reference to `radlog' rlm_eap2.c:(.text+0x1048): undefined reference to `radlog' rlm_eap2.c:(.text+0x1090): undefined reference to `radlog' rlm_eap2.c:(.text+0x10d9): undefined reference to `radlog' /tmp/cchrL0fh.o:rlm_eap2.c:(.text+0x1116): more undefined references to `radlog' follow /tmp/cchrL0fh.o: In function `eap_authenticate': rlm_eap2.c:(.text+0x165b): undefined reference to `rad_assert_fail' collect2: ld returned 1 exit status gmake[6]: *** [rlm_eap2] Error 1 gmake[6]: Leaving directory `/backup/freeradius-server-2.1.12/src/modules/rlm_eap2' gmake[5]: *** [rlm_eap2] Error 2 gmake[5]: Leaving directory `/backup/freeradius-server-2.1.12/src/modules' gmake[4]: *** [all] Error 2 gmake[4]: Leaving directory `/backup/freeradius-server-2.1.12/src/modules' gmake[3]: *** [modules] Error 2 gmake[3]: Leaving directory `/backup/freeradius-server-2.1.12/src' gmake[2]: *** [all] Error 2 gmake[2]: Leaving directory `/backup/freeradius-server-2.1.12/src' gmake[1]: *** [src] Error 2 gmake[1]: Leaving directory `/backup/freeradius-server-2.1.12' make: *** [all] Error 2 Please help me. If you have some easy procedure for compiling freeradius for EAP-FAST, then please tell me the procedure. -- Regards, Swaraj - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
