API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Aug 29th, 2011
300
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 27.81 KB | None | 0 0
raw download clone embed print report
  1. rad_recv: Access-Request packet from host 10.10.17.123 port 1026, id=61, length=151
  2. User-Name = "vasya"
  3. NAS-IP-Address = 10.10.17.123
  4. NAS-Port = 1
  5. Called-Station-Id = "1C-AF-F7-95-98-58:bristol"
  6. Calling-Station-Id = "AC-81-12-31-25-3F"
  7. Framed-MTU = 1400
  8. NAS-Port-Type = Wireless-802.11
  9. Connect-Info = "CONNECT 54Mbps 802.11g"
  10. EAP-Message = 0x0200000a017661737961
  11. Message-Authenticator = 0x5ddd73fb890f89b61d7afffdb4e12bbe
  12. +- entering group authorize
  13. ++[preprocess] returns ok
  14. ++[chap] returns noop
  15. ++[mschap] returns noop
  16. rlm_realm: No '@' in User-Name = "vasya", looking up realm NULL
  17. rlm_realm: No such realm "NULL"
  18. ++[suffix] returns noop
  19. rlm_eap: EAP packet type response id 0 length 10
  20. rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
  21. ++[eap] returns updated
  22. ++[unix] returns notfound
  23. ++[files] returns noop
  24. expand: %{User-Name} -> vasya
  25. rlm_sql (sql): sql_set_user escaped user --> 'vasya'
  26. rlm_sql (sql): Reserving sql socket id: 4
  27. expand: SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radcheck WHERE username = 'vasya' ORDER BY id
  28.  
  29. rlm_sql (sql): User found in radcheck table
  30. expand: SELECT id, username, attribute, value, op FROM radreply WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radreply WHERE username = 'vasya' ORDER BY id
  31. expand: SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority -> SELECT groupname FROM radusergroup WHERE username = 'vasya' ORDER BY priority
  32. rlm_sql (sql): Released sql socket id: 4
  33. ++[sql] returns ok
  34. ++[expiration] returns noop
  35. ++[logintime] returns noop
  36. rlm_pap: Found existing Auth-Type, not changing it.
  37. ++[pap] returns noop
  38. rad_check_password: Found Auth-Type EAP
  39. auth: type "EAP"
  40. +- entering group authenticate
  41. rlm_eap: EAP Identity
  42. rlm_eap: processing type tls
  43. rlm_eap_tls: Initiate
  44. rlm_eap_tls: Start returned 1
  45. ++[eap] returns handled
  46. Sending Access-Challenge of id 61 to 10.10.17.123 port 1026
  47. EAP-Message = 0x010100061920
  48. Message-Authenticator = 0x00000000000000000000000000000000
  49. State = 0xb2c69c09b2c785c482959ed33c63d6f2
  50. Finished request 0.
  51. Going to the next request
  52. Waking up in 4.9 seconds.
  53. rad_recv: Access-Request packet from host 10.10.17.123 port 1026, id=62, length=264
  54. User-Name = "vasya"
  55. NAS-IP-Address = 10.10.17.123
  56. NAS-Port = 1
  57. Called-Station-Id = "1C-AF-F7-95-98-58:bristol"
  58. Calling-Station-Id = "AC-81-12-31-25-3F"
  59. Framed-MTU = 1400
  60. NAS-Port-Type = Wireless-802.11
  61. Connect-Info = "CONNECT 54Mbps 802.11g"
  62. EAP-Message = 0x0201006919800000005f160301005a0100005603014e5b833646e4e3abf55016d607de64a350e390ef6743d9f7bd8e19b1a3906a9f00002800390038003500160013000a00330032002f000500040015001200090014001100080006000300ff020100000400230000
  63. State = 0xb2c69c09b2c785c482959ed33c63d6f2
  64. Message-Authenticator = 0x6c82a9f1400f3d45ab319824b75788be
  65. +- entering group authorize
  66. ++[preprocess] returns ok
  67. ++[chap] returns noop
  68. ++[mschap] returns noop
  69. rlm_realm: No '@' in User-Name = "vasya", looking up realm NULL
  70. rlm_realm: No such realm "NULL"
  71. ++[suffix] returns noop
  72. rlm_eap: EAP packet type response id 1 length 105
  73. rlm_eap: Continuing tunnel setup.
  74. ++[eap] returns ok
  75. rad_check_password: Found Auth-Type EAP
  76. auth: type "EAP"
  77. +- entering group authenticate
  78. rlm_eap: Request found, released from the list
  79. rlm_eap: EAP/peap
  80. rlm_eap: processing type peap
  81. rlm_eap_peap: Authenticate
  82. rlm_eap_tls: processing TLS
  83. TLS Length 95
  84. rlm_eap_tls: Length Included
  85. eaptls_verify returned 11
  86.  
  87. (other): before/accept initialization
  88. TLS_accept: before/accept initialization
  89. rlm_eap_tls: <<< TLS 1.0 Handshake [length 005a], ClientHello
  90. TLS_accept: SSLv3 read client hello A
  91. rlm_eap_tls: >>> TLS 1.0 Handshake [length 0035], ServerHello
  92. TLS_accept: SSLv3 write server hello A
  93. rlm_eap_tls: >>> TLS 1.0 Handshake [length 085e], Certificate
  94. TLS_accept: SSLv3 write certificate A
  95. rlm_eap_tls: >>> TLS 1.0 Handshake [length 020d], ServerKeyExchange
  96. TLS_accept: SSLv3 write key exchange A
  97. rlm_eap_tls: >>> TLS 1.0 Handshake [length 0004], ServerHelloDone
  98. TLS_accept: SSLv3 write server done A
  99. TLS_accept: SSLv3 flush data
  100. TLS_accept: Need to read more data: SSLv3 read client certificate A
  101. In SSL Handshake Phase
  102. In SSL Accept mode
  103. eaptls_process returned 13
  104. rlm_eap_peap: EAPTLS_HANDLED
  105. ++[eap] returns handled
  106. Sending Access-Challenge of id 62 to 10.10.17.123 port 1026
  107. EAP-Message = 0x0102040019c000000ab816030100350200003103014e5bf4d0c813d6552005dd7ba04457d8509f511fbf1b5b4d7927ec92ac03ef30000039010009ff0100010000230000160301085e0b00085a0008570003a6308203a23082028aa003020102020101300d06092a864886f70d0101040500308193310b3009060355040613024652310f300d060355040813065261646975733112301006035504071309536f6d65776865726531153013060355040a130c4578616d706c6520496e632e3120301e06092a864886f70d010901161161646d696e406578616d706c652e636f6d312630240603550403131d4578616d706c652043657274696669636174
  108. EAP-Message = 0x6520417574686f72697479301e170d3131303732303136313330355a170d3132303731393136313330355a307c310b3009060355040613024652310f300d0603550408130652616469757331153013060355040a130c4578616d706c6520496e632e312330210603550403131a4578616d706c65205365727665722043657274696669636174653120301e06092a864886f70d010901161161646d696e406578616d706c652e636f6d30820122300d06092a864886f70d01010105000382010f003082010a0282010100abddea76a5a657fa8b26a62f74d3f760b8e03d2eac70ac11609294f8c79e4e668516aeadc3d2000931df8602e2838295ac1f67
  109. EAP-Message = 0x9e4679a332e9d249ab274469d266f4e48ccdc54d6700e236ca46deb35731040495fc37b2f0f4f7a4e45eb58e862f3ce1f093d625be1e8dfacae815c378f243d44d4aad1e7d3f1d4bdbd36520224d5037fb001e33f83c28649e80a18cb9f6e2b630c797d179bf3e698bde3588f58e2d900cd9959a1608ee61ffb74b04ec9e9d8f3c883888007ae5dc68b5b62a2ec9b397309739b331ac1d8564e0342e8c4995c3692af187868fe974b698357e1079285872392ffd82d92a601ed6d073f7fae5cbc55d612b1db43ee4009aa62b430203010001a317301530130603551d25040c300a06082b06010505070301300d06092a864886f70d0101040500038201
  110. EAP-Message = 0x01001fcbcd34f02ff8e057fb158e0d1e27a934a6d0673fd753edaddaa7544f5072d0e5b096e4bb63d8705d525b7b32b7526c35fc837333374e510ec9db421eedd690e2ae7ade14b234372edf321195afffe77cdad0b0291c39423ca831c5197b93988abf6141438a448910496d8f9f4089f1cfe7741dd48a4fb25d18de6e6787aed7833b2f70fa4c88dab9a046a40250f5798ed37f985ba28fb7533af59b345caf8d2936f4e54648deefd8d42cf13e51f382e4ca93f8ab13f0aaf194a51ba1829eece2a8922decfa7bd7ba6bf5e5909775d09b58ae395b7066d39b9be56b7f2346b4de17b2bc9e001120962cfa673de929cef952ed442c744a615acfc0
  111. EAP-Message = 0x174305e5620004ab308204a7
  112. Message-Authenticator = 0x00000000000000000000000000000000
  113. State = 0xb2c69c09b3c485c482959ed33c63d6f2
  114. Finished request 1.
  115. Going to the next request
  116. Waking up in 4.9 seconds.
  117.  
  118. rad_recv: Access-Request packet from host 10.10.17.123 port 1026, id=63, length=165
  119. User-Name = "vasya"
  120. NAS-IP-Address = 10.10.17.123
  121. NAS-Port = 1
  122. Called-Station-Id = "1C-AF-F7-95-98-58:bristol"
  123. Calling-Station-Id = "AC-81-12-31-25-3F"
  124. Framed-MTU = 1400
  125. NAS-Port-Type = Wireless-802.11
  126. Connect-Info = "CONNECT 54Mbps 802.11g"
  127. EAP-Message = 0x020200061900
  128. State = 0xb2c69c09b3c485c482959ed33c63d6f2
  129. Message-Authenticator = 0x6d96a8fd615020746f88e54717e4e5a5
  130. +- entering group authorize
  131. ++[preprocess] returns ok
  132. ++[chap] returns noop
  133. ++[mschap] returns noop
  134. rlm_realm: No '@' in User-Name = "vasya", looking up realm NULL
  135. rlm_realm: No such realm "NULL"
  136. ++[suffix] returns noop
  137. rlm_eap: EAP packet type response id 2 length 6
  138. rlm_eap: Continuing tunnel setup.
  139. ++[eap] returns ok
  140. rad_check_password: Found Auth-Type EAP
  141. auth: type "EAP"
  142. +- entering group authenticate
  143. rlm_eap: Request found, released from the list
  144. rlm_eap: EAP/peap
  145. rlm_eap: processing type peap
  146. rlm_eap_peap: Authenticate
  147. rlm_eap_tls: processing TLS
  148. rlm_eap_tls: Received EAP-TLS ACK message
  149. rlm_eap_tls: ack handshake fragment handler
  150. eaptls_verify returned 1
  151. eaptls_process returned 13
  152. rlm_eap_peap: EAPTLS_HANDLED
  153. ++[eap] returns handled
  154. Sending Access-Challenge of id 63 to 10.10.17.123 port 1026
  155. EAP-Message = 0x010303fc19403082038fa003020102020900efb7b51f0e8be143300d06092a864886f70d0101050500308193310b3009060355040613024652310f300d060355040813065261646975733112301006035504071309536f6d65776865726531153013060355040a130c4578616d706c6520496e632e3120301e06092a864886f70d010901161161646d696e406578616d706c652e636f6d312630240603550403131d4578616d706c6520436572746966696361746520417574686f72697479301e170d3131303732303136313330345a170d3131303831393136313330345a308193310b3009060355040613024652310f300d06035504081306526164
  156. EAP-Message = 0x6975733112301006035504071309536f6d65776865726531153013060355040a130c4578616d706c6520496e632e3120301e06092a864886f70d010901161161646d696e406578616d706c652e636f6d312630240603550403131d4578616d706c6520436572746966696361746520417574686f7269747930820122300d06092a864886f70d01010105000382010f003082010a0282010100d662a4bb6eee9df4dc7d0409a32f82a4c4d53905c53ba678c80559790099eee21f587c625711916bcb0f448d67f8b069c0791af3e4160f4b3a7977e3d3b8af2b9d02b6eb923cce839e168fb27247a8bba58b0c858bade4e80858409cb534b147907dad87
  157. EAP-Message = 0x495372095ef221d72c5c5fce0ee6ae9c4cf7b29e52f9ec2ab2da3c05a53cb3e8f4b9a64a71c08e27657b1cb6d18b47da4abdf53d99b37ebc34c7b26b13745280a2fd980c31301012ca0494f805ae988f74ff5c8016dc2dc571353a72dc7600f14d18982afb6158b70e0eaac4ac89132d0d3fb217ffdb1fd5818bf208b610e1829c6a2b5fb8653e324c4912f9474a1612bc713b9887f6478e3d0472070203010001a381fb3081f8301d0603551d0e0416041449fba2d9c26bd229b750d43daaef397f3a3e3d203081c80603551d230481c03081bd801449fba2d9c26bd229b750d43daaef397f3a3e3d20a18199a48196308193310b3009060355040613
  158. EAP-Message = 0x024652310f300d060355040813065261646975733112301006035504071309536f6d65776865726531153013060355040a130c4578616d706c6520496e632e3120301e06092a864886f70d010901161161646d696e406578616d706c652e636f6d312630240603550403131d4578616d706c6520436572746966696361746520417574686f72697479820900efb7b51f0e8be143300c0603551d13040530030101ff300d06092a864886f70d01010505000382010100504315e1fca21b4651f288c343a7aff9b4f6d1cf2e401bd4f1e0581f2ecc54fd260f6465e6a58fc847d0cba3c1420cca7fa37b133ff2ecee24f92908853543ea73a5ceb457b057
  159. EAP-Message = 0x9a1829bf97df5858
  160. Message-Authenticator = 0x00000000000000000000000000000000
  161. State = 0xb2c69c09b0c585c482959ed33c63d6f2
  162. Finished request 2.
  163. Going to the next request
  164. Waking up in 4.9 seconds.
  165. rad_recv: Access-Request packet from host 10.10.17.123 port 1026, id=64, length=165
  166. User-Name = "vasya"
  167. NAS-IP-Address = 10.10.17.123
  168. NAS-Port = 1
  169. Called-Station-Id = "1C-AF-F7-95-98-58:bristol"
  170. Calling-Station-Id = "AC-81-12-31-25-3F"
  171. Framed-MTU = 1400
  172. NAS-Port-Type = Wireless-802.11
  173. Connect-Info = "CONNECT 54Mbps 802.11g"
  174. EAP-Message = 0x020300061900
  175. State = 0xb2c69c09b0c585c482959ed33c63d6f2
  176. Message-Authenticator = 0xadb5a0e490dd81377619ef565752d704
  177. +- entering group authorize
  178. ++[preprocess] returns ok
  179. ++[chap] returns noop
  180. ++[mschap] returns noop
  181. rlm_realm: No '@' in User-Name = "vasya", looking up realm NULL
  182. rlm_realm: No such realm "NULL"
  183. ++[suffix] returns noop
  184. rlm_eap: EAP packet type response id 3 length 6
  185. rlm_eap: Continuing tunnel setup.
  186. ++[eap] returns ok
  187. rad_check_password: Found Auth-Type EAP
  188. auth: type "EAP"
  189. +- entering group authenticate
  190. rlm_eap: Request found, released from the list
  191. rlm_eap: EAP/peap
  192. rlm_eap: processing type peap
  193. rlm_eap_peap: Authenticate
  194. rlm_eap_tls: processing TLS
  195. rlm_eap_tls: Received EAP-TLS ACK message
  196. rlm_eap_tls: ack handshake fragment handler
  197. eaptls_verify returned 1
  198. eaptls_process returned 13
  199. rlm_eap_peap: EAPTLS_HANDLED
  200. ++[eap] returns handled
  201. Sending Access-Challenge of id 64 to 10.10.17.123 port 1026
  202. EAP-Message = 0x010402d21900a222a2c51b8c9036ca3dd278742607a4eb30fc0546f238f6894b40277b56c29bf523c315a2fa832872d1529a7ea3eadf01e58d8dc590601cf35fd5861f74f41f1b04d007cfcab888734736c00eb28e5cbf34836af87a706bc264d0693d182e45f96f073aa33991a896b4d6d6572f6bf590e31dd38ed9ebda31393baf9a3f1d1389c422370c7e3447df3925c578a46e8f956960e95692e4c4d64515d6e1c0e9b317722fe17c2350b88bb8e39b97851bc78f160301020d0c0002090080b813d84b64b82799f534da843a3045b4a705dbbaac2e1c985ffd34174592c5351ebf3bb1c02b922d0eb3b17844836e6f9d50e92544b451a2b23217
  203. EAP-Message = 0x060fcd0abcbd83712d18548be0fa1e8b9a7c83f369c6b1df5ec1b1bcafb5d095081f87b27dfb7f82775a8aafb03491255fb7d5b90cae56199db09629ce127fa301c7b34e53000102008068c7937f7c91e898a9229f959b15adae7a9c657fe32933ea3e50b560ed412068f5d76b6a69a305626fa2d087b329d0e5de717737664be8ba3b55bd286b434d1ce0c31ea81bcc7450ead00c2383303f0a5027a0e8fe94c319c1096718d87638d5de1264840061b72a8ff914aecdfe7087b5d5c620be71c8e77a3e4190f766801c0100547918afac68b8d204cea7f32da007f5d1a8b120ec5b87d150937e1bc92b0fa1eb421850758f8878a76ba53ca7ba5954ab
  204. EAP-Message = 0x558c8506bc13005c47ed124a032aa7075b61e03bb8c02f8f5905d3f9123b5d0b1a3dec3c7e2e188b1ae3cbba6c562c43689cbf6c9c841f747e7db9668a1bff4b18d934a925500d7405ac79c965150d8da2644a3a3a10b5b7c4021eed57aac9a0b138637f2c3c60efca5d824555c30ff79d4f497d0e5525096f19220424195fdc2c86c72e619c7c942097c2abb415cbdbe3a1556c5fe479abefcb977970585bef3f8026618171b1b00707559fbfcf0753b155001c811636a69a0559fa714eaf4e1d519a9b3c5f17cfcd4388cec17c0e16030100040e000000
  205. Message-Authenticator = 0x00000000000000000000000000000000
  206. State = 0xb2c69c09b1c285c482959ed33c63d6f2
  207. Finished request 3.
  208. Going to the next request
  209. Waking up in 4.9 seconds.
  210.  
  211.  
  212. rad_recv: Access-Request packet from host 10.10.17.123 port 1026, id=65, length=367
  213. User-Name = "vasya"
  214. NAS-IP-Address = 10.10.17.123
  215. NAS-Port = 1
  216. Called-Station-Id = "1C-AF-F7-95-98-58:bristol"
  217. Calling-Station-Id = "AC-81-12-31-25-3F"
  218. Framed-MTU = 1400
  219. NAS-Port-Type = Wireless-802.11
  220. Connect-Info = "CONNECT 54Mbps 802.11g"
  221. EAP-Message = 0x020400d01980000000c616030100861000008200806c51dc45a08ed6382a932522c99e8e49c6031824f7313943d815b6612fb1bf1d9a5cc0994c1598a85cdcf961d7363596b65ed0db03fb6d3132d0d4f970570dfd7d17a73edaf93fd25303a4b4a1bf0cc24f0db6ee84ad323a2639001e1a7bfc21654ac4fdfc8040f4e764122b8e7856b3a8fd15aeb12d58e134e28eb5711b5b9414030100010116030100304b9efe800987f450a19ff6e30ae23a1182a5be09061c4d7ea15b5517c1feda09ab9c057d50cd5805e11640d1ee8cddd2
  222. State = 0xb2c69c09b1c285c482959ed33c63d6f2
  223. Message-Authenticator = 0x811c91df35c261614b18638e9c65c0ca
  224. +- entering group authorize
  225. ++[preprocess] returns ok
  226. ++[chap] returns noop
  227. ++[mschap] returns noop
  228. rlm_realm: No '@' in User-Name = "vasya", looking up realm NULL
  229. rlm_realm: No such realm "NULL"
  230. ++[suffix] returns noop
  231. rlm_eap: EAP packet type response id 4 length 208
  232. rlm_eap: Continuing tunnel setup.
  233. ++[eap] returns ok
  234. rad_check_password: Found Auth-Type EAP
  235. auth: type "EAP"
  236. +- entering group authenticate
  237. rlm_eap: Request found, released from the list
  238. rlm_eap: EAP/peap
  239. rlm_eap: processing type peap
  240. rlm_eap_peap: Authenticate
  241. rlm_eap_tls: processing TLS
  242. TLS Length 198
  243. rlm_eap_tls: Length Included
  244. eaptls_verify returned 11
  245. rlm_eap_tls: <<< TLS 1.0 Handshake [length 0086], ClientKeyExchange
  246. TLS_accept: SSLv3 read client key exchange A
  247. rlm_eap_tls: <<< TLS 1.0 ChangeCipherSpec [length 0001]
  248. rlm_eap_tls: <<< TLS 1.0 Handshake [length 0010], Finished
  249. TLS_accept: SSLv3 read finished A
  250. rlm_eap_tls: >>> TLS 1.0 Handshake [length 00aa]???
  251. TLS_accept: SSLv3 write session ticket A
  252. rlm_eap_tls: >>> TLS 1.0 ChangeCipherSpec [length 0001]
  253. TLS_accept: SSLv3 write change cipher spec A
  254. rlm_eap_tls: >>> TLS 1.0 Handshake [length 0010], Finished
  255. TLS_accept: SSLv3 write finished A
  256. TLS_accept: SSLv3 flush data
  257. (other): SSL negotiation finished successfully
  258. SSL Connection Established
  259. eaptls_process returned 13
  260. rlm_eap_peap: EAPTLS_HANDLED
  261. ++[eap] returns handled
  262. Sending Access-Challenge of id 65 to 10.10.17.123 port 1026
  263. EAP-Message = 0x010500f0190016030100aa040000a60000000000a0ba6c66d014e9c13d26d2e0c786809f12dbd90172d25c1e39395355ca3cbc31f51a3c9dc5d1e8346ae47dfdd3d93695ba079875be30530c638954e927b2bd42d6fafa0d3981805c74c5a0ce5843ce7acdc89fca1e4df7226840de9f21088c257a2ab34b5c06e6f204decae21ef64f192a81c5874a3c83af838ceee6519c364b9472790bafa2a866130ccd991069f56395122bc0c0603ce0c90f69e84093aee95e14030100010116030100307321de65fd6761f6eae565066b31bbd92f2b42cf634ff5a83a294a087204c1557e3a5cb91d77ba1e8b0c98e384637bd4
  264. Message-Authenticator = 0x00000000000000000000000000000000
  265. State = 0xb2c69c09b6c385c482959ed33c63d6f2
  266. Finished request 4.
  267. Going to the next request
  268. Waking up in 4.7 seconds.
  269. rad_recv: Access-Request packet from host 10.10.17.123 port 1026, id=66, length=165
  270. User-Name = "vasya"
  271. NAS-IP-Address = 10.10.17.123
  272. NAS-Port = 1
  273. Called-Station-Id = "1C-AF-F7-95-98-58:bristol"
  274. Calling-Station-Id = "AC-81-12-31-25-3F"
  275. Framed-MTU = 1400
  276. NAS-Port-Type = Wireless-802.11
  277. Connect-Info = "CONNECT 54Mbps 802.11g"
  278. EAP-Message = 0x020500061900
  279. State = 0xb2c69c09b6c385c482959ed33c63d6f2
  280. Message-Authenticator = 0x314b0cd58856e634d94897d9f0dcc120
  281. +- entering group authorize
  282. ++[preprocess] returns ok
  283. ++[chap] returns noop
  284. ++[mschap] returns noop
  285. rlm_realm: No '@' in User-Name = "vasya", looking up realm NULL
  286. rlm_realm: No such realm "NULL"
  287. ++[suffix] returns noop
  288. rlm_eap: EAP packet type response id 5 length 6
  289. rlm_eap: Continuing tunnel setup.
  290. ++[eap] returns ok
  291. rad_check_password: Found Auth-Type EAP
  292. auth: type "EAP"
  293. +- entering group authenticate
  294. rlm_eap: Request found, released from the list
  295. rlm_eap: EAP/peap
  296. rlm_eap: processing type peap
  297. rlm_eap_peap: Authenticate
  298. rlm_eap_tls: processing TLS
  299. rlm_eap_tls: Received EAP-TLS ACK message
  300. rlm_eap_tls: ack handshake is finished
  301. eaptls_verify returned 3
  302. eaptls_process returned 3
  303. rlm_eap_peap: EAPTLS_SUCCESS
  304. ++[eap] returns handled
  305. Sending Access-Challenge of id 66 to 10.10.17.123 port 1026
  306. EAP-Message = 0x0106002b19001703010020d7364258b656f654c77890c5fcfc014380056b02207d7aeebc07875abcfb45d4
  307. Message-Authenticator = 0x00000000000000000000000000000000
  308. State = 0xb2c69c09b7c085c482959ed33c63d6f2
  309. Finished request 5.
  310. Going to the next request
  311. Waking up in 4.7 seconds.
  312. rad_recv: Access-Request packet from host 10.10.17.123 port 1026, id=67, length=255
  313. User-Name = "vasya"
  314. NAS-IP-Address = 10.10.17.123
  315. NAS-Port = 1
  316. Called-Station-Id = "1C-AF-F7-95-98-58:bristol"
  317. Calling-Station-Id = "AC-81-12-31-25-3F"
  318. Framed-MTU = 1400
  319. NAS-Port-Type = Wireless-802.11
  320. Connect-Info = "CONNECT 54Mbps 802.11g"
  321. EAP-Message = 0x0206006019001703010020f2e7634b17090d89aca4280f36d325f604996364a61c4fbc9e8859708af08ef117030100305da36c72a7353022b2fca9a188c2674f51e0f2dbff991fbe39f601ba210f3b91c756a233de0272633eeff428a4a49059
  322. State = 0xb2c69c09b7c085c482959ed33c63d6f2
  323. Message-Authenticator = 0x791d34351c3928f9cb3300612209e0cc
  324. +- entering group authorize
  325. ++[preprocess] returns ok
  326. ++[chap] returns noop
  327. ++[mschap] returns noop
  328. rlm_realm: No '@' in User-Name = "vasya", looking up realm NULL
  329. rlm_realm: No such realm "NULL"
  330. ++[suffix] returns noop
  331. rlm_eap: EAP packet type response id 6 length 96
  332. rlm_eap: Continuing tunnel setup.
  333. ++[eap] returns ok
  334. rad_check_password: Found Auth-Type EAP
  335. auth: type "EAP"
  336. +- entering group authenticate
  337. rlm_eap: Request found, released from the list
  338. rlm_eap: EAP/peap
  339. rlm_eap: processing type peap
  340. rlm_eap_peap: Authenticate
  341. rlm_eap_tls: processing TLS
  342. eaptls_verify returned 7
  343. rlm_eap_tls: Done initial handshake
  344. eaptls_process returned 7
  345. rlm_eap_peap: EAPTLS_OK
  346. rlm_eap_peap: Session established. Decoding tunneled attributes.
  347. rlm_eap_peap: Identity - vasya
  348. PEAP: Got tunneled EAP-Message
  349. EAP-Message = 0x0206000a017661737961
  350. PEAP: Got tunneled identity of vasya
  351. PEAP: Setting default EAP type for tunneled EAP session.
  352. PEAP: Setting User-Name to vasya
  353. PEAP: Sending tunneled request
  354. EAP-Message = 0x0206000a017661737961
  355. FreeRADIUS-Proxied-To = 127.0.0.1
  356. User-Name = "vasya"
  357. server inner-tunnel {
  358. +- entering group authorize
  359. ++[chap] returns noop
  360. ++[mschap] returns noop
  361. ++[unix] returns notfound
  362. rlm_realm: No '@' in User-Name = "vasya", looking up realm NULL
  363. rlm_realm: No such realm "NULL"
  364. ++[suffix] returns noop
  365. ++[control] returns noop
  366. rlm_eap: EAP packet type response id 6 length 10
  367. rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
  368. ++[eap] returns updated
  369. ++[files] returns noop
  370. ++[expiration] returns noop
  371. ++[logintime] returns noop
  372. ++[pap] returns noop
  373. rad_check_password: Found Auth-Type EAP
  374. auth: type "EAP"
  375. +- entering group authenticate
  376. rlm_eap: EAP Identity
  377. rlm_eap: processing type mschapv2
  378. rlm_eap_mschapv2: Issuing Challenge
  379. ++[eap] returns handled
  380. } # server inner-tunnel
  381. PEAP: Got tunneled reply RADIUS code 11
  382. EAP-Message = 0x0107001f1a0107001a1062eff966f390f4e4c668b714b5de1f667661737961
  383. Message-Authenticator = 0x00000000000000000000000000000000
  384. State = 0x28886fc5288f75fe170f754596c5fa33
  385. PEAP: Processing from tunneled session code 0x1f24d60 11
  386. EAP-Message = 0x0107001f1a0107001a1062eff966f390f4e4c668b714b5de1f667661737961
  387. Message-Authenticator = 0x00000000000000000000000000000000
  388. State = 0x28886fc5288f75fe170f754596c5fa33
  389. PEAP: Got tunneled Access-Challenge
  390. ++[eap] returns handled
  391. Sending Access-Challenge of id 67 to 10.10.17.123 port 1026
  392. EAP-Message = 0x0107004b19001703010040fe17879e9326c5faab8c54f22f49d335932b736393720980be29a96312d1c84f92a232dc7bf8bffabeff65f007d5f84c20e41d27cde6c29b8576c87d7be99fa3
  393. Message-Authenticator = 0x00000000000000000000000000000000
  394. State = 0xb2c69c09b4c185c482959ed33c63d6f2
  395. Finished request 6.
  396. Going to the next request
  397. Waking up in 4.7 seconds.
  398. rad_recv: Access-Request packet from host 10.10.17.123 port 1026, id=68, length=303
  399. User-Name = "vasya"
  400. NAS-IP-Address = 10.10.17.123
  401. NAS-Port = 1
  402. Called-Station-Id = "1C-AF-F7-95-98-58:bristol"
  403. Calling-Station-Id = "AC-81-12-31-25-3F"
  404. Framed-MTU = 1400
  405. NAS-Port-Type = Wireless-802.11
  406. Connect-Info = "CONNECT 54Mbps 802.11g"
  407. EAP-Message = 0x0207009019001703010020ac0e74568934f02778648dbaf646da7bbb0eddfd541a5880ebc919cf103c03df1703010060e1201f4ccda89ec4a4d230d6fee3e8e854f0f0f5d5b007b11bd4faf7e669286cb4e2f650eef30a986276db5558d5a50ae8287e163b8c65dc476f5a7ae18b3c5065f4565576d51ef5ce9f9d93b1362f5e39086207fb3cbb2bde578121c8730b88
  408. State = 0xb2c69c09b4c185c482959ed33c63d6f2
  409. Message-Authenticator = 0x046efdde14586bb6dbce9a92e2903644
  410. +- entering group authorize
  411. ++[preprocess] returns ok
  412. ++[chap] returns noop
  413. ++[mschap] returns noop
  414. rlm_realm: No '@' in User-Name = "vasya", looking up realm NULL
  415. rlm_realm: No such realm "NULL"
  416. ++[suffix] returns noop
  417. rlm_eap: EAP packet type response id 7 length 144
  418. rlm_eap: Continuing tunnel setup.
  419. ++[eap] returns ok
  420. rad_check_password: Found Auth-Type EAP
  421. auth: type "EAP"
  422. +- entering group authenticate
  423. rlm_eap: Request found, released from the list
  424. rlm_eap: EAP/peap
  425. rlm_eap: processing type peap
  426. rlm_eap_peap: Authenticate
  427. rlm_eap_tls: processing TLS
  428. eaptls_verify returned 7
  429. rlm_eap_tls: Done initial handshake
  430. eaptls_process returned 7
  431. rlm_eap_peap: EAPTLS_OK
  432. rlm_eap_peap: Session established. Decoding tunneled attributes.
  433. rlm_eap_peap: EAP type mschapv2
  434. PEAP: Got tunneled EAP-Message
  435. EAP-Message = 0x020700401a0207003b313ba44feb928654dfa7182cf89113afc60000000000000000c28142cd5cf62b32aa3b37192bb24018df1925ae69178671007661737961
  436. PEAP: Setting User-Name to vasya
  437. PEAP: Sending tunneled request
  438. EAP-Message = 0x020700401a0207003b313ba44feb928654dfa7182cf89113afc60000000000000000c28142cd5cf62b32aa3b37192bb24018df1925ae69178671007661737961
  439. FreeRADIUS-Proxied-To = 127.0.0.1
  440. User-Name = "vasya"
  441. State = 0x28886fc5288f75fe170f754596c5fa33
  442. server inner-tunnel {
  443. +- entering group authorize
  444. ++[chap] returns noop
  445. ++[mschap] returns noop
  446. ++[unix] returns notfound
  447. rlm_realm: No '@' in User-Name = "vasya", looking up realm NULL
  448. rlm_realm: No such realm "NULL"
  449. ++[suffix] returns noop
  450. ++[control] returns noop
  451. rlm_eap: EAP packet type response id 7 length 64
  452. rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
  453. ++[eap] returns updated
  454. ++[files] returns noop
  455. ++[expiration] returns noop
  456. ++[logintime] returns noop
  457. ++[pap] returns noop
  458. rad_check_password: Found Auth-Type EAP
  459. auth: type "EAP"
  460. +- entering group authenticate
  461. rlm_eap: Request found, released from the list
  462. rlm_eap: EAP/mschapv2
  463. rlm_eap: processing type mschapv2
  464. +- entering group MS-CHAP
  465. rlm_mschap: No Cleartext-Password configured. Cannot create LM-Password.
  466. rlm_mschap: No Cleartext-Password configured. Cannot create NT-Password.
  467. rlm_mschap: Told to do MS-CHAPv2 for vasya with NT-Password
  468. rlm_mschap: FAILED: No NT/LM-Password. Cannot perform authentication.
  469. rlm_mschap: FAILED: MS-CHAP2-Response is incorrect
  470. ++[mschap] returns reject
  471. rlm_eap: Freeing handler
  472. ++[eap] returns reject
  473. auth: Failed to validate the user.
  474. } # server inner-tunnel
  475. PEAP: Got tunneled reply RADIUS code 3
  476. MS-CHAP-Error = "\007E=691 R=1"
  477. EAP-Message = 0x04070004
  478. Message-Authenticator = 0x00000000000000000000000000000000
  479. PEAP: Processing from tunneled session code 0x1f4cf30 3
  480. MS-CHAP-Error = "\007E=691 R=1"
  481. EAP-Message = 0x04070004
  482. Message-Authenticator = 0x00000000000000000000000000000000
  483. PEAP: Tunneled authentication was rejected.
  484. rlm_eap_peap: FAILURE
  485. ++[eap] returns handled
  486. Sending Access-Challenge of id 68 to 10.10.17.123 port 1026
  487. EAP-Message = 0x0108003b19001703010030e4e7d667aac1ff51d3db0be50af9914111a52b2d852df45475cff177d276627720c9ca88eb893ce31208da344ddcce6d
  488. Message-Authenticator = 0x00000000000000000000000000000000
  489. State = 0xb2c69c09b5ce85c482959ed33c63d6f2
  490. Finished request 7.
  491. Going to the next request
  492. Waking up in 4.7 seconds.
  493. rad_recv: Access-Request packet from host 10.10.17.123 port 1026, id=69, length=255
  494. User-Name = "vasya"
  495. NAS-IP-Address = 10.10.17.123
  496. NAS-Port = 1
  497. Called-Station-Id = "1C-AF-F7-95-98-58:bristol"
  498. Calling-Station-Id = "AC-81-12-31-25-3F"
  499. Framed-MTU = 1400
  500. NAS-Port-Type = Wireless-802.11
  501. Connect-Info = "CONNECT 54Mbps 802.11g"
  502. EAP-Message = 0x0208006019001703010020e03db57e4716df6ece5842a1299e6f425c0e1bb41afb2efda22ba355c3e6d4cd1703010030fa8704ef2dc26c7de07f81252bbb5e27882e48cc1682779df18657e1562e199d9ec3df29bd33fca6dc9298f2f80c53aa
  503. State = 0xb2c69c09b5ce85c482959ed33c63d6f2
  504. Message-Authenticator = 0x7545baba5be153cbabc0267d220f4f82
  505. +- entering group authorize
  506. ++[preprocess] returns ok
  507. ++[chap] returns noop
  508. ++[mschap] returns noop
  509. rlm_realm: No '@' in User-Name = "vasya", looking up realm NULL
  510. rlm_realm: No such realm "NULL"
  511. ++[suffix] returns noop
  512. rlm_eap: EAP packet type response id 8 length 96
  513. rlm_eap: Continuing tunnel setup.
  514. ++[eap] returns ok
  515. rad_check_password: Found Auth-Type EAP
  516. auth: type "EAP"
  517. +- entering group authenticate
  518. rlm_eap: Request found, released from the list
  519. rlm_eap: EAP/peap
  520. rlm_eap: processing type peap
  521. rlm_eap_peap: Authenticate
  522. rlm_eap_tls: processing TLS
  523. eaptls_verify returned 7
  524. rlm_eap_tls: Done initial handshake
  525. eaptls_process returned 7
  526. rlm_eap_peap: EAPTLS_OK
  527. rlm_eap_peap: Session established. Decoding tunneled attributes.
  528. rlm_eap_peap: Received EAP-TLV response.
  529. rlm_eap_peap: Had sent TLV failure. User was rejected earlier in this session.
  530. rlm_eap: Handler failed in EAP/peap
  531. rlm_eap: Failed in EAP select
  532. ++[eap] returns invalid
  533. auth: Failed to validate the user.
  534. Found Post-Auth-Type Reject
  535. +- entering group REJECT
  536. expand: %{User-Name} -> vasya
  537. attr_filter: Matched entry DEFAULT at line 11
  538. ++[attr_filter.access_reject] returns updated
  539. Sending Access-Reject of id 69 to 10.10.17.123 port 1026
  540. EAP-Message = 0x04080004
  541. Message-Authenticator = 0x00000000000000000000000000000000
  542. Finished request 8.
  543. Going to the next request
  544. Waking up in 4.7 seconds.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!