FreeBSD Port: freeradius-2.2.0
Magnuson, Steve
Steve.Magnuson2 at boeing.com
Thu Jan 3 23:19:35 UTC 2013
Hello,
Please advise if I need to post this elsewhere. I'm having problems with FreeBSD FreeRADIUS 2.2.0 port segfaulting.
I've upgraded (using portupgrade) the FreeRADIUS port from 2.1.12 to 2.2.0 and now EAP-TLS clients are causing FreeRADIUS to segfault at the very end of the authentication process. The odd thing is that I upgraded another server from FR 2.1.12 to 2.2.0 and that server authenticates the same clients fine. Both servers are virtual (VMware) and configured with identical memory, OS, etc.
Here are the particulars for *both* servers:
# uname -a
FreeBSD wan231s1.wan.lab 9.0-RELEASE-p3 FreeBSD 9.0-RELEASE-p3 #0: Tue Jun 12 01:47:53 UTC 2012 root at i386-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC i386
# pkg_info -r freeradius-2.2.0
Information for freeradius-2.2.0:
Depends on:
Dependency: openssl-1.0.1_4
Dependency: perl-5.16.2
Dependency: libltdl-2.4.2
Dependency: gdbm-1.9.1
Dependency: libiconv-1.14
Dependency: gettext-0.18.1.1
Dependency: python27-2.7.3_5
The FreeRADIUS port on both servers was build with these config options:
# make showconfig
===> The following configuration options are available for freeradius-2.2.0:
DEVELOPER=off: Enable developer options
DHCP=off: With DHCP support (EXPERIMENTAL)
EDIR=off: Enable eDirectory support (implies LDAP)
EXPERIMENTAL=on: Build experimental modules
FIREBIRD=off: With Firebird database support (EXPERIMENTAL)
HEIMDAL=off: With Heimdal Kerberos support
HEIMDAL_PATCH=off: Enhanced Heimdal support (specify SPN/keytab)
HEIMDAL_PORT=off: With Heimdal Kerberos from ports
KERBEROS=off: Kerberos support
LDAP=off: LDAP support
MYSQL=off: MySQL database
OCI8=off: With Oracle support (currently experimental)
PERL=on: Perl scripting language
PGSQL=off: PostgreSQL database
PYTHON=on: Python bindings
RUBY=off: Ruby binding/support
UDPFROMTO=off: Compile in UDPFROMTO support
UNIXODBC=off: With unixODBC database support
USER=on: Run as user freeradius, group freeradius
===> Use 'make config' to modify these settings
When I run radius -X under gdb, the error I get is:
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 28804300 (LWP 101549/radiusd)]
0x28489873 in eaptls_gen_mppe_keys (reply_vps=0x28bc4230, s=0x288b7400,
prf_label=0x2849a8ff "client EAP encryption") at mppe_keys.c:147
147 PRF(s->session->master_key, s->session->master_key_length,
I cannot figure out why this server exhibits this behavior and the other server does not. When I portdowngrade back to 2.1.12, the clients authenticate with no problems.
Any suggestions?
Full output follows:
============================================================
# gdb /usr/local/sbin/radiusd
GNU gdb 6.1.1 [FreeBSD]
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for details.
This GDB was configured as "i386-marcel-freebsd"...(no debugging symbols found)...
(gdb) run -X
Starting program: /usr/local/sbin/radiusd -X
(no debugging symbols found)...(no debugging symbols found)...[New LWP 101549]
(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...
(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...
[New Thread 28804300 (LWP 101549/radiusd)]
FreeRADIUS Version 2.2.0, for host i386-portbld-freebsd9.0, built on Jan 3 2013 at 20:39:43
Copyright (C) 1999-2012 The FreeRADIUS server project and contributors.
There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE.
You may redistribute copies of FreeRADIUS under the terms of the
GNU General Public License v2.
Starting - reading configuration files ...
including configuration file /usr/local/etc/raddb/radiusd.conf
including configuration file /usr/local/etc/raddb/proxy.conf
including configuration file /usr/local/etc/raddb/clients.conf
including files in directory /usr/local/etc/raddb/modules/
including configuration file /usr/local/etc/raddb/modules/wimax
including configuration file /usr/local/etc/raddb/modules/always
including configuration file /usr/local/etc/raddb/modules/attr_filter
including configuration file /usr/local/etc/raddb/modules/attr_rewrite
including configuration file /usr/local/etc/raddb/modules/cache
including configuration file /usr/local/etc/raddb/modules/chap
including configuration file /usr/local/etc/raddb/modules/checkval
including configuration file /usr/local/etc/raddb/modules/counter
including configuration file /usr/local/etc/raddb/modules/cui
including configuration file /usr/local/etc/raddb/modules/detail
including configuration file /usr/local/etc/raddb/modules/detail.example.com
including configuration file /usr/local/etc/raddb/modules/detail.log
including configuration file /usr/local/etc/raddb/modules/dhcp_sqlippool
including configuration file /usr/local/etc/raddb/sql/mysql/ippool-dhcp.conf
including configuration file /usr/local/etc/raddb/modules/digest
including configuration file /usr/local/etc/raddb/modules/dynamic_clients
including configuration file /usr/local/etc/raddb/modules/echo
including configuration file /usr/local/etc/raddb/modules/etc_group
including configuration file /usr/local/etc/raddb/modules/exec
including configuration file /usr/local/etc/raddb/modules/expiration
including configuration file /usr/local/etc/raddb/modules/expr
including configuration file /usr/local/etc/raddb/modules/files
including configuration file /usr/local/etc/raddb/modules/inner-eap
including configuration file /usr/local/etc/raddb/modules/ippool
including configuration file /usr/local/etc/raddb/modules/krb5
including configuration file /usr/local/etc/raddb/modules/ldap
including configuration file /usr/local/etc/raddb/modules/linelog
including configuration file /usr/local/etc/raddb/modules/otp
including configuration file /usr/local/etc/raddb/modules/logintime
including configuration file /usr/local/etc/raddb/modules/mac2ip
including configuration file /usr/local/etc/raddb/modules/mac2vlan
including configuration file /usr/local/etc/raddb/modules/mschap
including configuration file /usr/local/etc/raddb/modules/ntlm_auth
including configuration file /usr/local/etc/raddb/modules/opendirectory
including configuration file /usr/local/etc/raddb/modules/pam
including configuration file /usr/local/etc/raddb/modules/pap
including configuration file /usr/local/etc/raddb/modules/passwd
including configuration file /usr/local/etc/raddb/modules/perl
including configuration file /usr/local/etc/raddb/modules/policy
including configuration file /usr/local/etc/raddb/modules/preprocess
including configuration file /usr/local/etc/raddb/modules/radrelay
including configuration file /usr/local/etc/raddb/modules/radutmp
including configuration file /usr/local/etc/raddb/modules/realm
including configuration file /usr/local/etc/raddb/modules/redis
including configuration file /usr/local/etc/raddb/modules/rediswho
including configuration file /usr/local/etc/raddb/modules/replicate
including configuration file /usr/local/etc/raddb/modules/smbpasswd
including configuration file /usr/local/etc/raddb/modules/smsotp
including configuration file /usr/local/etc/raddb/modules/soh
including configuration file /usr/local/etc/raddb/modules/sql_log
including configuration file /usr/local/etc/raddb/modules/sqlcounter_expire_on_login
including configuration file /usr/local/etc/raddb/modules/sradutmp
including configuration file /usr/local/etc/raddb/modules/unix
including configuration file /usr/local/etc/raddb/modules/acct_unique
including configuration file /usr/local/etc/raddb/eap.conf
including configuration file /usr/local/etc/raddb/policy.conf
including files in directory /usr/local/etc/raddb/sites-enabled/
including configuration file /usr/local/etc/raddb/sites-enabled/default
main {
user = "freeradius"
group = "freeradius"
allow_core_dumps = no
}
including dictionary file /usr/local/etc/raddb/dictionary
main {
name = "radiusd"
prefix = "/usr/local"
localstatedir = "/var"
sbindir = "/usr/local/sbin"
logdir = "/var/log"
run_dir = "/var/run/radiusd"
libdir = "/usr/local/lib/freeradius-2.2.0"
radacctdir = "/var/log/radacct"
hostname_lookups = no
max_request_time = 30
cleanup_delay = 5
max_requests = 1024
pidfile = "/var/run/radiusd/radiusd.pid"
checkrad = "/usr/local/sbin/checkrad"
debug_level = 0
proxy_requests = no
log {
stripped_names = no
auth = yes
auth_badpass = no
auth_goodpass = no
}
security {
max_attributes = 200
reject_delay = 1
status_server = yes
}
}
radiusd: #### Loading Realms and Home Servers ####
proxy server {
retry_delay = 5
retry_count = 3
default_fallback = no
dead_time = 120
wake_all_if_all_dead = no
}
home_server localhost {
ipaddr = 127.0.0.1
port = 1812
type = "auth"
secret = "testing123"
response_window = 20
max_outstanding = 65536
require_message_authenticator = yes
zombie_period = 40
status_check = "status-server"
ping_interval = 30
check_interval = 30
num_answers_to_alive = 3
num_pings_to_alive = 3
revive_interval = 120
status_check_timeout = 4
coa {
irt = 2
mrt = 16
mrc = 5
mrd = 30
}
}
home_server_pool my_auth_failover {
type = fail-over
home_server = localhost
}
realm example.com {
auth_pool = my_auth_failover
}
realm LOCAL {
}
radiusd: #### Loading Clients ####
client localhost {
ipaddr = 127.0.0.1
require_message_authenticator = no
secret = "testing123"
nastype = "other"
}
client 10.128.0.100 {
require_message_authenticator = no
secret = "redacted"
shortname = "nms231s1-eapol-test"
nastype = "other"
}
radiusd: #### Instantiating modules ####
instantiate {
(no debugging symbols found)... Module: Linked to module rlm_exec
Module: Instantiating module "exec" from file /usr/local/etc/raddb/modules/exec
exec {
wait = no
input_pairs = "request"
shell_escape = yes
}
Module: Linked to module rlm_expr
Module: Instantiating module "expr" from file /usr/local/etc/raddb/modules/expr
Module: Linked to module rlm_expiration
Module: Instantiating module "expiration" from file /usr/local/etc/raddb/modules/expiration
expiration {
reply-message = "Password Has Expired "
}
Module: Linked to module rlm_logintime
Module: Instantiating module "logintime" from file /usr/local/etc/raddb/modules/logintime
logintime {
reply-message = "You are calling outside your allowed timespan "
minimum-timeout = 60
}
}
radiusd: #### Loading Virtual Servers ####
server { # from file /usr/local/etc/raddb/radiusd.conf
modules {
Module: Creating Auth-Type = digest
Module: Creating Post-Auth-Type = REJECT
Module: Checking authenticate {...} for more modules to load
Module: Linked to module rlm_pap
Module: Instantiating module "pap" from file /usr/local/etc/raddb/modules/pap
pap {
encryption_scheme = "auto"
auto_header = no
}
Module: Linked to module rlm_chap
Module: Instantiating module "chap" from file /usr/local/etc/raddb/modules/chap
Module: Linked to module rlm_mschap
Module: Instantiating module "mschap" from file /usr/local/etc/raddb/modules/mschap
mschap {
use_mppe = yes
require_encryption = no
require_strong = no
with_ntdomain_hack = no
allow_retry = yes
}
Module: Linked to module rlm_digest
Module: Instantiating module "digest" from file /usr/local/etc/raddb/modules/digest
Module: Linked to module rlm_unix
Module: Instantiating module "unix" from file /usr/local/etc/raddb/modules/unix
unix {
radwtmp = "/var/log/radwtmp"
}
Module: Linked to module rlm_eap
Module: Instantiating module "eap" from file /usr/local/etc/raddb/eap.conf
eap {
default_eap_type = "tls"
timer_expire = 60
ignore_unknown_eap_types = no
cisco_accounting_username_bug = no
max_sessions = 4096
}
Module: Linked to sub-module rlm_eap_md5
Module: Instantiating eap-md5
Module: Linked to sub-module rlm_eap_leap
Module: Instantiating eap-leap
Module: Linked to sub-module rlm_eap_gtc
Module: Instantiating eap-gtc
gtc {
challenge = "Password: "
auth_type = "PAP"
}
Module: Linked to sub-module rlm_eap_tls
Module: Instantiating eap-tls
tls {
rsa_key_exchange = no
dh_key_exchange = yes
rsa_key_length = 512
dh_key_length = 512
verify_depth = 0
CA_path = "/usr/local/etc/raddb/certs/CA"
pem_file_type = yes
private_key_file = "/usr/local/etc/raddb/certs/gatelink822-wan231s1_key.pem"
certificate_file = "/usr/local/etc/raddb/certs/gatelink822-wan231s1_cert.pem"
private_key_password = "redacted"
dh_file = "/usr/local/etc/raddb/certs/dh"
random_file = "/usr/local/etc/raddb/certs/random"
fragment_size = 1024
include_length = yes
check_crl = no
cipher_list = "DEFAULT"
make_cert_command = "/usr/local/etc/raddb/certs/bootstrap"
ecdh_curve = "prime256v1"
cache {
enable = no
lifetime = 24
max_entries = 255
}
verify {
}
ocsp {
enable = no
override_cert_url = yes
url = "http://127.0.0.1/ocsp/"
use_nonce = yes
timeout = 0
softfail = no
}
}
Module: Linked to sub-module rlm_eap_ttls
Module: Instantiating eap-ttls
ttls {
default_eap_type = "md5"
copy_request_to_tunnel = no
use_tunneled_reply = no
virtual_server = "inner-tunnel"
include_length = yes
}
Module: Linked to sub-module rlm_eap_peap
Module: Instantiating eap-peap
peap {
default_eap_type = "mschapv2"
copy_request_to_tunnel = no
use_tunneled_reply = no
proxy_tunneled_request_as_eap = yes
virtual_server = "inner-tunnel"
soh = no
}
Module: Linked to sub-module rlm_eap_mschapv2
Module: Instantiating eap-mschapv2
mschapv2 {
with_ntdomain_hack = no
send_error = no
}
Module: Checking authorize {...} for more modules to load
Module: Linked to module rlm_preprocess
Module: Instantiating module "preprocess" from file /usr/local/etc/raddb/modules/preprocess
preprocess {
huntgroups = "/usr/local/etc/raddb/huntgroups"
hints = "/usr/local/etc/raddb/hints"
with_ascend_hack = no
ascend_channels_per_line = 23
with_ntdomain_hack = no
with_specialix_jetstream_hack = no
with_cisco_vsa_hack = no
with_alvarion_vsa_hack = no
}
reading pairlist file /usr/local/etc/raddb/huntgroups
reading pairlist file /usr/local/etc/raddb/hints
Module: Linked to module rlm_realm
Module: Instantiating module "suffix" from file /usr/local/etc/raddb/modules/realm
realm suffix {
format = "suffix"
delimiter = "@"
ignore_default = no
ignore_null = no
}
Module: Linked to module rlm_files
Module: Instantiating module "files" from file /usr/local/etc/raddb/modules/files
files {
usersfile = "/usr/local/etc/raddb/users"
acctusersfile = "/usr/local/etc/raddb/acct_users"
preproxy_usersfile = "/usr/local/etc/raddb/preproxy_users"
compat = "no"
}
reading pairlist file /usr/local/etc/raddb/users
reading pairlist file /usr/local/etc/raddb/acct_users
reading pairlist file /usr/local/etc/raddb/preproxy_users
Module: Checking preacct {...} for more modules to load
Module: Linked to module rlm_acct_unique
Module: Instantiating module "acct_unique" from file /usr/local/etc/raddb/modules/acct_unique
acct_unique {
key = "User-Name, Acct-Session-Id, NAS-IP-Address, NAS-Identifier, NAS-Port"
}
Module: Checking accounting {...} for more modules to load
Module: Linked to module rlm_detail
Module: Instantiating module "detail" from file /usr/local/etc/raddb/modules/detail
detail {
detailfile = "/var/log/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/detail-%Y%m%d"
header = "%t"
detailperm = 384
dirperm = 493
locking = no
log_packet_header = no
}
Module: Linked to module rlm_attr_filter
Module: Instantiating module "attr_filter.accounting_response" from file /usr/local/etc/raddb/modules/attr_fi lter
attr_filter attr_filter.accounting_response {
attrsfile = "/usr/local/etc/raddb/attrs.accounting_response"
key = "%{User-Name}"
relaxed = no
}
reading pairlist file /usr/local/etc/raddb/attrs.accounting_response
Module: Checking session {...} for more modules to load
Module: Linked to module rlm_radutmp
Module: Instantiating module "radutmp" from file /usr/local/etc/raddb/modules/radutmp
radutmp {
filename = "/var/log/radutmp"
username = "%{User-Name}"
case_sensitive = yes
check_with_nas = yes
perm = 384
callerid = yes
}
Module: Checking post-proxy {...} for more modules to load
Module: Checking post-auth {...} for more modules to load
Module: Instantiating module "attr_filter.access_reject" from file /usr/local/etc/raddb/modules/attr_filter
attr_filter attr_filter.access_reject {
attrsfile = "/usr/local/etc/raddb/attrs.access_reject"
key = "%{User-Name}"
relaxed = no
}
reading pairlist file /usr/local/etc/raddb/attrs.access_reject
} # modules
} # server
radiusd: #### Opening IP addresses and Ports ####
listen {
type = "auth"
ipaddr = *
port = 0
}
listen {
type = "acct"
ipaddr = *
port = 0
}
Listening on authentication address * port 1812
Listening on accounting address * port 1813
Ready to process requests.
rad_recv: Access-Request packet from host 10.128.0.100 port 37626, id=0, length=158
User-Name = "MaintenanceControlDisplay"
NAS-IP-Address = 127.0.0.1
Calling-Station-Id = "02-00-00-00-00-01"
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
Connect-Info = "CONNECT 11Mbps 802.11b"
EAP-Message = 0x0200001e014d61696e74656e616e6365436f6e74726f6c446973706c6179
Message-Authenticator = 0xad8a60fa6b73d53acb5ce659eff3da36
# Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authorize {...}
[preprocess] expand: %{User-Name} -> MaintenanceControlDisplay
[preprocess] hints: Matched DEFAULT at 78
[preprocess] expand: %{Calling-Station-Id}@%{Cisco-AVPair[0]} -> 02-00-00-00-00-01@
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] No '@' in User-Name = "MaintenanceControlDisplay", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 0 length 30
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[files] returns noop
++[expiration] returns noop
++[logintime] returns noop
[pap] WARNING! No "known good" password found for the user. Authentication may fail because of this.
++[pap] returns noop
Found Auth-Type = EAP
# Executing group from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authenticate {...}
[eap] EAP Identity
[eap] processing type tls
[tls] Requiring client certificate
[tls] Initiate
[tls] Start returned 1
++[eap] returns handled
Sending Access-Challenge of id 0 to 10.128.0.100 port 37626
EAP-Message = 0x010100060d20
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x513c3c87513d316c3a43028be40032ff
Finished request 0.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 10.128.0.100 port 37626, id=1, length=258
User-Name = "MaintenanceControlDisplay"
NAS-IP-Address = 127.0.0.1
Calling-Station-Id = "02-00-00-00-00-01"
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
Connect-Info = "CONNECT 11Mbps 802.11b"
EAP-Message = 0x020100700d00160301006501000061030150e5f39860827a0411cfb562ef8e20af61649f10290355949974 ed309594e83f00003400390038003500880087008400160013000a00330032002f00450044004100050004001500120009001400110008 0006000300ff0100000400230000
State = 0x513c3c87513d316c3a43028be40032ff
Message-Authenticator = 0x0633be04de5c0102ddc9fa927ed47610
# Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authorize {...}
[preprocess] expand: %{User-Name} -> MaintenanceControlDisplay
[preprocess] hints: Matched DEFAULT at 78
[preprocess] expand: %{Calling-Station-Id}@%{Cisco-AVPair[0]} -> 02-00-00-00-00-01@
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] No '@' in User-Name = "MaintenanceControlDisplay", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 1 length 112
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[files] returns noop
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns noop
Found Auth-Type = EAP
# Executing group from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/tls
[eap] processing type tls
[tls] Authenticate
[tls] processing EAP-TLS
[tls] eaptls_verify returned 7
[tls] Done initial handshake
[tls] (other): before/accept initialization
[tls] TLS_accept: before/accept initialization
[tls] <<< TLS 1.0 Handshake [length 0065], ClientHello
[tls] TLS_accept: SSLv3 read client hello A
[tls] >>> TLS 1.0 Handshake [length 0031], ServerHello
[tls] TLS_accept: SSLv3 write server hello A
[tls] >>> TLS 1.0 Handshake [length 1756], Certificate
[tls] TLS_accept: SSLv3 write certificate A
[tls] >>> TLS 1.0 Handshake [length 020d], ServerKeyExchange
[tls] TLS_accept: SSLv3 write key exchange A
[tls] >>> TLS 1.0 Handshake [length 0010], CertificateRequest
[tls] TLS_accept: SSLv3 write certificate request A
[tls] TLS_accept: SSLv3 flush data
[tls] TLS_accept: Need to read more data: SSLv3 read client certificate A
In SSL Handshake Phase
In SSL Accept mode
[tls] eaptls_process returned 13
++[eap] returns handled
Sending Access-Challenge of id 1 to 10.128.0.100 port 37626
EAP-Message = 0x010204000dc0000019b816030100310200002d030150e5f3981aa9077b62c7c34d9eb90bd512eac8348779 1227b2d8e289befa6edf000039000005ff0100010016030117560b00175200174f000489308204853082036da003020102020a4b426b00 000100000d22300d06092a864886f70d0101050500305b31133011060a0992268993f22c6401191603636f6d31163014060a0992268993 f22c6401191606626f65696e6731133011060a0992268993f22c6401191603666c79311730150603550403130e45534444497373756572 32303438301e170d3132303331343139343732395a170d3134303131383036333331365a308191310b30090603
EAP-Message = 0x55040613025553310b30090603550408130257413110300e0603550407130753656174746c65311b301906 0355040a131254686520426f65696e6720436f6d70616e79311f301d060355040b1316466f72205465737420507572706f736573204f6e 6c79312530230603550403131c676174656c696e6b3832322e77616e32333173312e77616e2e6c616230820122300d06092a864886f70d 01010105000382010f003082010a0282010100c175642cacaf0313bb775762d65e844208b24fe044be27d2523ff76cb718dec7f17eb3ee 320f859c8a03a5d34400a1783e2b543e8398d1785daa255073353c5d13ffa304f26019b8b859368bae5c65d617
EAP-Message = 0x93e77241750f6fc8e2ffbff4b8fefbdd0321433512b07d0180c2271de6c5fa9458579163d21f4c26f7ced4 30868b3c0d344b85a2f5d37adcda8fb477d64b4c0c2a978946081e0e52e47f4ddb0cb82c02f8a704f6f169b46c63f1db7e0403f7e0989d 73546ddfe6823a83310c68ea5722997a969fa9b0858799de63fab0f941b510fb826d581823ef6f0eb6e59dc96a434f18fa2288574a6de1 53a979ce2fc2b31e06dbd12bce17213019db711b563d0203010001a38201123082010e301d0603551d0e04160414afc898ac5da8d7db13 80f5ca855cff669aa3035c300e0603551d0f0101ff04040302078030130603551d25040c300a06082b06010505
EAP-Message = 0x070301301f0603551d230418301680147b3f3d89d72bac972c086ada7233f64a074ea0a1303d0603551d1f 043630343032a030a02e862c687474703a2f2f63726c2e626f65696e672e636f6d2f63726c2f45534444497373756572323034382e6372 6c300c0603551d130101ff04023000303d06092b06010401823715070430302e06262b0601040182371508acc31f85e0d61c87dd892487 e6e83681a1f354814681b4812e84aaae09020164020105301b06092b060104018237150a040e300c300a06082b06010505070301300d06 092a864886f70d01010505000382010100702d7a1bde789d5af9c5d5ba6afed07c0f23bd794b1e54aa6ac6ed3b
EAP-Message = 0x634ee662bd183641cf537132
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x513c3c87503e316c3a43028be40032ff
Finished request 1.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 10.128.0.100 port 37626, id=2, length=152
User-Name = "MaintenanceControlDisplay"
NAS-IP-Address = 127.0.0.1
Calling-Station-Id = "02-00-00-00-00-01"
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
Connect-Info = "CONNECT 11Mbps 802.11b"
EAP-Message = 0x020200060d00
State = 0x513c3c87503e316c3a43028be40032ff
Message-Authenticator = 0xb498e0ab471b0fe82149a213e502cc78
# Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authorize {...}
[preprocess] expand: %{User-Name} -> MaintenanceControlDisplay
[preprocess] hints: Matched DEFAULT at 78
[preprocess] expand: %{Calling-Station-Id}@%{Cisco-AVPair[0]} -> 02-00-00-00-00-01@
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] No '@' in User-Name = "MaintenanceControlDisplay", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 2 length 6
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[files] returns noop
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns noop
Found Auth-Type = EAP
# Executing group from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/tls
[eap] processing type tls
[tls] Authenticate
[tls] processing EAP-TLS
[tls] Received TLS ACK
[tls] ACK handshake fragment handler
[tls] eaptls_verify returned 1
[tls] eaptls_process returned 13
++[eap] returns handled
Sending Access-Challenge of id 2 to 10.128.0.100 port 37626
EAP-Message = 0x010304000dc0000019b8322dbdd1145b65fc9a838c88b38578712aee8672f594dbb51c82d3b2b239171e2b c6816740828370ab131a9f6e7cdbc9ce1af59564ab13f6084b2f7dfbc59766edeb710de9be3c3820775d69539962c845f60c47fcaf3c43 d021eea95f86ab7bfecab3ae917a9d8fa792195be052d27c8e2d7cdd72d743d89cfff56a500f9face99c5563972d19ead292a4ebda615f f2c89a07dd30c1c06f25bc476090e077f5a6af2d1e618208bfd018a56abb362b8bce884976f6d3adb093d2eeae7bd59063ae8a868fb1cd c19c990d818216e7f1e68c5c7c1495bb1bc800057a308205763082035ea003020102020a61395bb70001000000
EAP-Message = 0x0a300d06092a864886f70d0101050500305a31133011060a0992268993f22c6401191603636f6d31163014 060a0992268993f22c6401191606626f65696e6731133011060a0992268993f22c6401191603666c79311630140603550403130d455344 44496e74657234303936301e170d3039303131393037303632315a170d3134303131383036333331365a305b31133011060a0992268993 f22c6401191603636f6d31163014060a0992268993f22c6401191606626f65696e6731133011060a0992268993f22c6401191603666c79 311730150603550403130e455344444973737565723230343830820122300d06092a864886f70d010101050003
EAP-Message = 0x82010f003082010a02820101009ede837e52ce12f2f315c72da8adbaf7828db60d09392a3cf133c5f11a49 7d7bd90f1e1eddcdb23058de50acad29c809b5036f4ce1b0307609a68c92c47bb3a089b236e8e05e3275170369ab25371f4bc684324ac5 4ad223a046a4eb84964daaf1c2244edec54b03ef4137634d55afc4e118031d822efd491b7cf9d6530362297ccff6616dfe1f0ebaebaf4f 84ff9edce03a9189f34ca257ce621e20aeaf539e5f91fcae83e89219e587fde80e5c86666d5fd5fdc364f47ab4bda8b62f6233a18e1ddc f109c90234bec8def2d14c026d557b14cd764a677f91c3e5a096bc0f216a6aa60365dad3b4bbe2616ef038a6d2
EAP-Message = 0x610bf15597e4fb288472028530c054f10203010001a382013b30820137300f0603551d130101ff04053003 0101ff301d0603551d0e041604147b3f3d89d72bac972c086ada7233f64a074ea0a1300b0603551d0f040403020186301006092b060104 01823715010403020101302306092b060104018237150204160414249ba6c4888fd87d96ab95594e6637dd6e25632f301906092b060104 0182371402040c1e0a00530075006200430041301f0603551d2304183016801443b1f625d530e7f847f0bfcb526b9b4fe1fe72b9303c06 03551d1f043530333031a02fa02d862b687474703a2f2f63726c2e626f65696e672e636f6d2f63726c2f455344
EAP-Message = 0x44496e746572343039362e63
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x513c3c87533f316c3a43028be40032ff
Finished request 2.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 10.128.0.100 port 37626, id=3, length=152
User-Name = "MaintenanceControlDisplay"
NAS-IP-Address = 127.0.0.1
Calling-Station-Id = "02-00-00-00-00-01"
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
Connect-Info = "CONNECT 11Mbps 802.11b"
EAP-Message = 0x020300060d00
State = 0x513c3c87533f316c3a43028be40032ff
Message-Authenticator = 0xbfd7afb5cc827e4dfe0e545087c18bdd
# Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authorize {...}
[preprocess] expand: %{User-Name} -> MaintenanceControlDisplay
[preprocess] hints: Matched DEFAULT at 78
[preprocess] expand: %{Calling-Station-Id}@%{Cisco-AVPair[0]} -> 02-00-00-00-00-01@
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] No '@' in User-Name = "MaintenanceControlDisplay", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 3 length 6
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[files] returns noop
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns noop
Found Auth-Type = EAP
# Executing group from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/tls
[eap] processing type tls
[tls] Authenticate
[tls] processing EAP-TLS
[tls] Received TLS ACK
[tls] ACK handshake fragment handler
[tls] eaptls_verify returned 1
[tls] eaptls_process returned 13
++[eap] returns handled
Sending Access-Challenge of id 3 to 10.128.0.100 port 37626
EAP-Message = 0x010404000dc0000019b8726c304706082b06010505070101043b3039303706082b06010505073002862b68 7474703a2f2f63726c2e626f65696e672e636f6d2f63726c2f45534444496e746572343039362e637274300d06092a864886f70d010105 050003820201006bd3c23ef41bc64c3383a89e90f53061c5b5f03e2040ebc07377fedd37e6ea3f8ce247d0459c1889138a0c63c9b5b5b3 05e8696de327c1658330193d784233a5343e00e03ccce0e77960a69b0f9a547a193d6a6502ec30fe65c6365aab74304517f7fea0ce3a07 896d13492d59f11ff187aae8d743897f92efa32b18a86a8c02d4e909e17e97417d5c676d546785540ebdf85336
EAP-Message = 0x6842f38e66b0d9a00bc6cf2a25777f0def04b8971ebce5b776400e121455288ae22c65c6d23fbcd243a9be 7182f6969f0d6061dc4f786eb6eb2fbfd89c807c990eb67a595fb2717599cc0262dfe8483f7e4f010c8bf6e8c9e02de0a3ccb594e8a1ee 52cfd051e13642a34f0325c6c767548c6102d4e4311a37b08d44164afff6a0a67af3f971ad402ee75a8835d5fa76731958078d4b3f483f 412fbb36b888e5416ec598487402187b049bd80f79fa8d53f6476999c2cf3b82646d2777fd7c6c0ce31b3c330693d78b8960d784840ff1 0e784e078023b73ad81e0fd6fdc7bf66bf09cf8118d3852613bd4cf23f384191bdd292050490c3bfde93230dba
EAP-Message = 0x380f1391aaf299bd7c4288e0758c9132df0250d269f10da91b51fb1cd3238828cfc140f801ba777248759e 0fdb13e10e08560616d5d7dd7b4cd5a091b28ffba665665648e98da44682f17430ada59a3a4b889250ae64a1d4f112a3a83fab8bcaf308 087ff97a820a6844c8e64ac929000676308206723082045aa003020102020a611b280600000000000c300d06092a864886f70d01010505 00305931133011060a0992268993f22c6401191603636f6d31163014060a0992268993f22c6401191606626f65696e6731133011060a09 92268993f22c6401191603666c79311530130603550403130c45534444526f6f7434303936301e170d30393031
EAP-Message = 0x31393036333331365a170d3134303131383036333331365a305a31133011060a0992268993f22c64011916 03636f6d31163014060a0992268993f22c6401191606626f65696e6731133011060a0992268993f22c6401191603666c79311630140603 550403130d45534444496e7465723430393630820222300d06092a864886f70d01010105000382020f003082020a02820201009f550e60 c398442453191759d44c49d10f2a9e1a27f47675f419fe64086a65ff77d075fbbbb7239ca1fd75d1dc0edc36c967a6ea0bd640e7cea54d 41b0cb877f320f987db51ef21dbad0e6b248c8bc4473b4a39f180bc2b8427c69bfecc87f56d43bceacb6b6fed6
EAP-Message = 0x27d3d06b2c391f698a19dcc9
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x513c3c875238316c3a43028be40032ff
Finished request 3.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 10.128.0.100 port 37626, id=4, length=152
User-Name = "MaintenanceControlDisplay"
NAS-IP-Address = 127.0.0.1
Calling-Station-Id = "02-00-00-00-00-01"
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
Connect-Info = "CONNECT 11Mbps 802.11b"
EAP-Message = 0x020400060d00
State = 0x513c3c875238316c3a43028be40032ff
Message-Authenticator = 0x6fcf451c592fb99c374d0321cdc02af7
# Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authorize {...}
[preprocess] expand: %{User-Name} -> MaintenanceControlDisplay
[preprocess] hints: Matched DEFAULT at 78
[preprocess] expand: %{Calling-Station-Id}@%{Cisco-AVPair[0]} -> 02-00-00-00-00-01@
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] No '@' in User-Name = "MaintenanceControlDisplay", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 4 length 6
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[files] returns noop
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns noop
Found Auth-Type = EAP
# Executing group from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/tls
[eap] processing type tls
[tls] Authenticate
[tls] processing EAP-TLS
[tls] Received TLS ACK
[tls] ACK handshake fragment handler
[tls] eaptls_verify returned 1
[tls] eaptls_process returned 13
++[eap] returns handled
Sending Access-Challenge of id 4 to 10.128.0.100 port 37626
EAP-Message = 0x010504000dc0000019b818b1a01850edb9a3f1c949732ec57efb446b43e596e64a768bab47d95f225af8d8 c5ae7de5f79fddcaf339bc7d98ac0d09d0c82360ab3ab9208403293f45606176d518eb96ecd05d09ddce6b4740583074d5f6b4315fd1a1 599941102a313f6ca1689620d6bc8101088ac513e2d20b333d60617ae64f68af26146da6b94180f0ee7031bd05d03d03abc66ca3b6a283 21b0e409107c1b867cf999bb1aaca9d29d85295c57b27c29cab526a8da538e6a449f253a44ad71e2d3ac3769fe8c6ce37e1298ff4f96d9 1f9ccd37d21a763b9e508d11a964dfbe19c6f4a51d2562ef397940ed309f29427f85ade6fc8015e56090fa480b
EAP-Message = 0xa5b8225807f6d9804f0812390cea201da3a955473b5f19dfd3223b1341e9e36b72b28c82c75b6c5da59751 8f2f7b6c9fe052f98590c8c3225ea11c1b2805077251f5ac84fef400f43ad9940338c1b66b158dcf3b31649ce753edbd8b38bda0d50387 81dc638111474a99a932a144c6b3ac153f1d3d0d61117cd2cb590d424b39e8b3164ef536f1c2860dc7e8889e3ae9412bc0422e5b7923c5 0203010001a382013930820135300f0603551d130101ff040530030101ff301d0603551d0e0416041443b1f625d530e7f847f0bfcb526b 9b4fe1fe72b9300b0603551d0f040403020186301006092b06010401823715010403020101302306092b060104
EAP-Message = 0x018237150204160414d31f074108cfac5cc47ed111d3a2712f219c9012301906092b060104018237140204 0c1e0a00530075006200430041301f0603551d230418301680141e4e1c8a14ef89a83391ee997b1cabed3f47eaa6303b0603551d1f0434 30323030a02ea02c862a687474703a2f2f63726c2e626f65696e672e636f6d2f63726c2f45534444526f6f74343039362e63726c304606 082b06010505070101043a3038303606082b06010505073002862a687474703a2f2f63726c2e626f65696e672e636f6d2f63726c2f4553 4444526f6f74343039362e637274300d06092a864886f70d01010505000382020100976a48f45eed37c7312614
EAP-Message = 0x76bba7a6b705e7d169a8fbad7b380e5f75f32761bb56e803864ee663cac722b7c1a9ea1d6b2a0c06f952c9 1e4b7b2d99724f0330cd81d4800cf17842bceeaed7285a45f90879667e3a18f70b3464a3d0d6d514173a98b9678e998b8d9a494cfe9243 e300c2832a35df610158cd396b1f280db73d94c58709c200b1d702aee8c2a8ebb7b07ff2acbc547bdc9889122128abeaeb1f5750264529 52e0e9c51292bd2ef1eff30468f418406c0860cd36806e73fc3e13fb5f3cccc7cd8fb934c2f06f94e83a8be6d9985b53b884c8236135e8 8e63ba8dd36b4708cff97de8f14e4a035a02e9aef78670e90101f725f08e02ea7beaf85acf6e722216671b0074
EAP-Message = 0x9643ef995a71e0e0f21dd9f5
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x513c3c875539316c3a43028be40032ff
Finished request 4.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 10.128.0.100 port 37626, id=5, length=152
User-Name = "MaintenanceControlDisplay"
NAS-IP-Address = 127.0.0.1
Calling-Station-Id = "02-00-00-00-00-01"
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
Connect-Info = "CONNECT 11Mbps 802.11b"
EAP-Message = 0x020500060d00
State = 0x513c3c875539316c3a43028be40032ff
Message-Authenticator = 0x66eccf08ef53f2b5ae2dbbb2933ccbf3
# Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authorize {...}
[preprocess] expand: %{User-Name} -> MaintenanceControlDisplay
[preprocess] hints: Matched DEFAULT at 78
[preprocess] expand: %{Calling-Station-Id}@%{Cisco-AVPair[0]} -> 02-00-00-00-00-01@
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] No '@' in User-Name = "MaintenanceControlDisplay", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 5 length 6
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[files] returns noop
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns noop
Found Auth-Type = EAP
# Executing group from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/tls
[eap] processing type tls
[tls] Authenticate
[tls] processing EAP-TLS
[tls] Received TLS ACK
[tls] ACK handshake fragment handler
[tls] eaptls_verify returned 1
[tls] eaptls_process returned 13
++[eap] returns handled
Sending Access-Challenge of id 5 to 10.128.0.100 port 37626
EAP-Message = 0x010604000dc0000019b8282ddba71c014fea56097bdf2c60cdc6056d3cea13ba4aae1782860adaebd34a89 6186d5840355a6e80e91b21bfa283bed2bbb4c67b198e212875081fd305ec7d6d74af01bf6780355aea3a1ee8cd3e506224829321aade7 c25d915394eb31db8310834e1724d5ca7dfccfff1d18935ddb264b199bda870f3954c4243e82b167acdd96fb2091a99de16a1710007885 b0f9e045d7bc8ab34af0041db6e8009a20d0ba835517ea46b6e95b6a47b993c8ba1ad606a030f40102b8c02b226bce7e64d4a2a705a08f e4c4cb51519be63c4455c0a6e8871658c1f20195a7d7efeecd530454602d8d6ac6cb81540d180006ca308206c6
EAP-Message = 0x308204aea003020102021056886f61a89e888c4face278a0aabf44300d06092a864886f70d010105050030 5931133011060a0992268993f22c6401191603636f6d31163014060a0992268993f22c6401191606626f65696e6731133011060a099226 8993f22c6401191603666c79311530130603550403130c45534444526f6f7434303936301e170d3037313231373233333632385a170d32 37313231373233343335395a305931133011060a0992268993f22c6401191603636f6d31163014060a0992268993f22c6401191606626f 65696e6731133011060a0992268993f22c6401191603666c79311530130603550403130c45534444526f6f7434
EAP-Message = 0x30393630820222300d06092a864886f70d01010105000382020f003082020a0282020100a893f9fa5409d6 8e7a33cfcd03bc0578efac41770a34a84b1d78ba3b554ef6a3b40722737a757b7db9e9e9f24fbb3d065e30a8ff8834e8e0c1b864c8d365 10289b131150730708492a06254d96761937a485841420ea2a80c539e68e8adac2a5242c0281659c60169a50b6a926be06544eee5901f9 073377613af43616575be42d8a2fa8184a5bb0740fc13203bbc397b154725415586ae6554dce245015f13b42c85358f46aff90ade72f86 4789cb9739f179efbaabb0be436bbaeeb6bc8ba42e35497e4f02c0fd47515a6d354553e23ff3c9b4654094f7a1
EAP-Message = 0x09e81f95a131b619b94fdeaba656439b470f3f2e4c4679ce6b3b19d3cdc132dda580ef80f98af9ddfdcb50 d59a335f8bd4de4a3ce7f493fc4a942659b3b35c0f67b7d2e7b21609e9ea84ca7b5bb9f8db4904e7353c8f32a8f04091df845c69df0631 2eac02e25621f08615ccb20cab61b9703c9150a3a5c13cec3f590a8258950ac680d5c578aa6ccb5f27effdabdeb10d7ff6dc49b4441f6e 29b88283a446ca910e90c9e6572f595c3476eaf515efe2793ac6d7b7a4891f4c655926fb4e2a76d90d8a8ab6b062aabf7aab2bc6354b1b a8161d71ea4b54ab72547e20129f1e7947333165e07900b1b50fb9b482786124dedbe293e98b9386bf666129ea
EAP-Message = 0xf95088b9f7ecd25158dc52fd
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x513c3c87543a316c3a43028be40032ff
Finished request 5.
Going to the next request
Waking up in 1.9 seconds.
rad_recv: Access-Request packet from host 10.128.0.100 port 37626, id=6, length=152
User-Name = "MaintenanceControlDisplay"
NAS-IP-Address = 127.0.0.1
Calling-Station-Id = "02-00-00-00-00-01"
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
Connect-Info = "CONNECT 11Mbps 802.11b"
EAP-Message = 0x020600060d00
State = 0x513c3c87543a316c3a43028be40032ff
Message-Authenticator = 0xbf530521aed3b6bee2217fd16706c847
# Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authorize {...}
[preprocess] expand: %{User-Name} -> MaintenanceControlDisplay
[preprocess] hints: Matched DEFAULT at 78
[preprocess] expand: %{Calling-Station-Id}@%{Cisco-AVPair[0]} -> 02-00-00-00-00-01@
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] No '@' in User-Name = "MaintenanceControlDisplay", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 6 length 6
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[files] returns noop
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns noop
Found Auth-Type = EAP
# Executing group from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/tls
[eap] processing type tls
[tls] Authenticate
[tls] processing EAP-TLS
[tls] Received TLS ACK
[tls] ACK handshake fragment handler
[tls] eaptls_verify returned 1
[tls] eaptls_process returned 13
++[eap] returns handled
Sending Access-Challenge of id 6 to 10.128.0.100 port 37626
EAP-Message = 0x010704000dc0000019b874ad9397665c795e18dbb69521343c7c7cf0c9c79720006e6707bc5fa3cf020301 0001a382018830820184301306092b060104018237140204061e0400430041300b0603551d0f040403020186300f0603551d130101ff04 0530030101ff301d0603551d0e041604141e4e1c8a14ef89a83391ee997b1cabed3f47eaa63082011c0603551d1f048201133082010f30 82010ba0820107a08201038681bf6c6461703a2f2f2f434e3d45534444526f6f74343039362c434e3d706b692d746573742d3738376d2c 434e3d4344502c434e3d5075626c69632532304b657925323053657276696365732c434e3d5365727669636573
EAP-Message = 0x2c434e3d436f6e66696775726174696f6e2c44433d666c792c44433d626f65696e672c44433d636f6d3f63 657274696669636174655265766f636174696f6e4c6973743f626173653f6f626a656374436c6173733d63524c44697374726962757469 6f6e506f696e74863f687474703a2f2f706b692d746573742d3738376d2e666c792e626f65696e672e636f6d2f43657274456e726f6c6c 2f45534444526f6f74343039362e63726c301006092b06010401823715010403020100300d06092a864886f70d01010505000382020100 89d0fd7533e496888b2ac6b9cedabf4da5fa5c734b99eca89061b28b303050d210ea6b591dfee0c4efc644244a
EAP-Message = 0x55b135a226d9597c71f777a1bee950cdc582f70f1afd54ad92a7f9d13b697c2e77777bfe33c5b486af6b82 2e97d9efdc82a072c3935760378f9faa5be09ac1026c0bf10b3f88bd8b6fb1366829a61ba8496a5f204ba82f88fcc05f8275de0addc828 7bb6c9e8c931a223475d7b29c414992ab24512048a99033f4a82fd82b68ae58129e7d3c7a4e60e26a8b5591098b9a9cde9fe2a3d17964e 686d8fccbb897fda38447ddd014fed04c06e4de165ffb3afe93e17a0bd63973b0a261e1eaf839060b716cdb7891fe872a2a45181c88842 27c94d290a3620ddbfe38a9e2da706250c49ec0413ad0cfb4440b1cf70fbad7668685ccd4146677001b560850e
EAP-Message = 0x8eba09cc6280711eb067230a81d461bcde5ceb4c33956460a20303d68d0219f5cc3bef1d14c94f632a9400 06cf1b90da3e8e37de8440d2079c6a5f4cde66fa9d045d6fcdc04250079b7e1387e0320f40e08d40f013f0d26b22d826a229b1460b64cc 447a34d86687a297b5fe04865b0fb328cd18d8abfa1ea4b1c58ae57f311567069d521fb42e9918aa3cbf6ca91db5eeae294156426a4249 cfd6d3750506a3bb8f98b9e5d839b7fd939293fb96483aaa2ff99110fff680e1117cd11c183cfdeb0aa91b26e89043e33d2ef03588b568 7b47727e3622160301020d0c0002090080dd92a7065d8e5c198f2ac94683f6016182a6c9d6ba13d1c40605fce5
EAP-Message = 0x6f7cd0bb7873bf1b9cb9e92f
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x513c3c87573b316c3a43028be40032ff
Finished request 6.
Going to the next request
Waking up in 1.8 seconds.
rad_recv: Access-Request packet from host 10.128.0.100 port 37626, id=7, length=152
User-Name = "MaintenanceControlDisplay"
NAS-IP-Address = 127.0.0.1
Calling-Station-Id = "02-00-00-00-00-01"
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
Connect-Info = "CONNECT 11Mbps 802.11b"
EAP-Message = 0x020700060d00
State = 0x513c3c87573b316c3a43028be40032ff
Message-Authenticator = 0x06ae2cc57b97003ec0e8eac545dbfb0c
# Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authorize {...}
[preprocess] expand: %{User-Name} -> MaintenanceControlDisplay
[preprocess] hints: Matched DEFAULT at 78
[preprocess] expand: %{Calling-Station-Id}@%{Cisco-AVPair[0]} -> 02-00-00-00-00-01@
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] No '@' in User-Name = "MaintenanceControlDisplay", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 7 length 6
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[files] returns noop
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns noop
Found Auth-Type = EAP
# Executing group from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/tls
[eap] processing type tls
[tls] Authenticate
[tls] processing EAP-TLS
[tls] Received TLS ACK
[tls] ACK handshake fragment handler
[tls] eaptls_verify returned 1
[tls] eaptls_process returned 13
++[eap] returns handled
Sending Access-Challenge of id 7 to 10.128.0.100 port 37626
EAP-Message = 0x010801fe0d80000019b8544530c61e8a23e3590282c0ebba4fc54b2d29238cb7f36aef2cbab2aec5ba9a45 71e9c70452124f67982ee113094defee5efa0bccfa2370fbd4ce688f6bc87b7c19984a674679dded04265157ea403bf20afa80f983b843 00010200805b50c049e7191c5c308f9d08f146209d6e66fda2e79fcde8b3765984ce53e4a99e3c900efaff208fdd7895025afac839f9f8 e19d69bca8c19aba5618c1536001d26494c8cedfd8c5797fa60619922bf49b071db2088e732b4ce94e73f123a076d2f9b1d128b235a095 39c98f263dcb092111fb7e1f1638283f6d4b66f8a1315d01000ec6225e068fc52890b70cd59e8cfecf8f4e57ac
EAP-Message = 0x8dc359de5994463c15c9e624ef85895cb1da4aa68a7e8a09454fbbdfb4469ba590aafe3672b340e5526ade b5186ca5e1e74e7fa38d9d394fa07944f31fb0a1b55e0e5ed92e20b7efdf543921e00a8a8e6a6efd2d90d1ccb35e5e140b97eb81ecc1a9 9f22c1eecbee017a724ec50bcbc0d89c64e877654f1a689986b1e192560ab2ebc8ca66cb3c3f7f7d97fb3fb5981f4dc7589a8ddf3f4147 e4c5b98786f2363f23383af6c50533f41c3a393cb68ffd2709816fde6408d945dc32e460918c36297894053fb6ce68f3a6f2fa0476bba5 9873c0cb03879687b89b2bec3166fabbe01d2d5b3965ba949c63b00016030100100d0000080503040102400000
EAP-Message = 0x0e000000
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x513c3c875634316c3a43028be40032ff
Finished request 7.
Going to the next request
Waking up in 1.8 seconds.
rad_recv: Access-Request packet from host 10.128.0.100 port 37626, id=8, length=1188
User-Name = "MaintenanceControlDisplay"
NAS-IP-Address = 127.0.0.1
Calling-Station-Id = "02-00-00-00-00-01"
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
Connect-Info = "CONNECT 11Mbps 802.11b"
EAP-Message = 0x0208040a0dc00000194c16030117760b00177200176f0004a9308204a53082038da003020102020a3e173b a1000100000d47300d06092a864886f70d0101050500305b31133011060a0992268993f22c6401191603636f6d31163014060a09922689 93f22c6401191606626f65696e6731133011060a0992268993f22c6401191603666c79311730150603550403130e455344444973737565 7232303438301e170d3132303433303233333030315a170d3134303131383036333331365a3081bf3111300f060355042d130841343033 36353235311b3019060355040d131243726577576972656c657373446576696365310b30090603550406130255
EAP-Message = 0x53313b3039060355040a1e320042004f0045005f00490054004c0020004100690072006c0069006e006500 7300200043006f002e0020004c00740064002e311f301d060355040b1316466f72205465737420507572706f736573204f6e6c79312230 20060355040313194d61696e74656e616e6365436f6e74726f6c446973706c617930820122300d06092a864886f70d0101010500038201 0f003082010a0282010100bb3bcec2944ed1d3fc8ac41562f821490aed9d0f94f8f287c607d8996a2687eb23f6b2ee59b525245e542b78 6dfd538078617b79923e0d80373a6c3ce49b3e4bedefc10d2f2cb045a7c03b1fe435d96f888cd388c1fa5acab9
EAP-Message = 0xd1a2b16fb1058b3ede15cd1be6bab2332201d884e276323a13180df7e56b14337910fc1bb70283e81da756 c47d934521842fa253f5243a175626324bf3aa886b391cde87206d0549d1d798994c87fa663d6fb76f28eeebe6228dcf30d24a7657c8e3 2dfea928cc37f4ad1787fc585fd2c0a6a7f600acb2acf5f4bae81dbf5d7fee78e2fa79b6d01d705930e7b6672a31e81959068105992392 fb4a91fded9d31f7bb2d7c01a7ab0203010001a382010430820100301d0603551d0e0416041489e6897d59dded56f52a300000aceac02c fc277a30130603551d25040c300a06082b06010505070302300e0603551d0f0101ff0404030205a0301f060355
EAP-Message = 0x1d230418301680147b3f3d89d72bac972c086ada7233f64a074ea0a1303d0603551d1f043630343032a030 a02e862c687474703a2f2f63726c2e626f65696e672e636f6d2f63726c2f45534444497373756572323034382e63726c303d06092b0601 0401823715070430302e06262b0601040182371508acc31f85e0d61c87dd892487e6e83681a1f354814687e8e46882f8d1190201640201 05301b06092b060104018237150a040e300c300a06082b06010505070302300d06092a864886f70d0101050500038201010004e19b0cfd 1d67050634a01adc74f1bf85a0fea2fba20aafdf51982415ce03664873d92731d65e2db6430c0fe9be3d6c3cdd
EAP-Message = 0xdacb8c60528ee06450f501b12ce84c5251ce30137e56
State = 0x513c3c875634316c3a43028be40032ff
Message-Authenticator = 0x9d6744dd03fb0ae72889cac849b5ede0
# Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authorize {...}
[preprocess] expand: %{User-Name} -> MaintenanceControlDisplay
[preprocess] hints: Matched DEFAULT at 78
[preprocess] expand: %{Calling-Station-Id}@%{Cisco-AVPair[0]} -> 02-00-00-00-00-01@
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] No '@' in User-Name = "MaintenanceControlDisplay", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 8 length 253
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[files] returns noop
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns noop
Found Auth-Type = EAP
# Executing group from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/tls
[eap] processing type tls
[tls] Authenticate
[tls] processing EAP-TLS
TLS Length 6476
[tls] Received EAP-TLS First Fragment of the message
[tls] eaptls_verify returned 9
[tls] eaptls_process returned 13
++[eap] returns handled
Sending Access-Challenge of id 8 to 10.128.0.100 port 37626
EAP-Message = 0x010900060d00
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x513c3c875935316c3a43028be40032ff
Finished request 8.
Going to the next request
Waking up in 1.8 seconds.
rad_recv: Access-Request packet from host 10.128.0.100 port 37626, id=9, length=1184
User-Name = "MaintenanceControlDisplay"
NAS-IP-Address = 127.0.0.1
Calling-Station-Id = "02-00-00-00-00-01"
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
Connect-Info = "CONNECT 11Mbps 802.11b"
EAP-Message = 0x020904060d40f35e9f31776548e380f13528708a648379fdce4901097a09426161485c1979bfcf3dfdc298 064f55d31f3db6d49ff38efb1e4ab36ce653696f663393f4a1a3370b8b63907c7888e2e7c7ba959804a22e18401bbf150bf8ee1e26a848 df7e61cb98fcf9dc67e5dd9d7dfbc9acf5451e7adbd50d14593439b45a9d79372b40c91b6d0f11dcad36a8f6fe0250ba5bbd3d277a2d17 8d2af8be7503bd65921740988796656199be2677eb8d1c1b2c3cfa840e4cd76884055803770006ca308206c6308204aea0030201020210 56886f61a89e888c4face278a0aabf44300d06092a864886f70d0101050500305931133011060a0992268993f2
EAP-Message = 0x2c6401191603636f6d31163014060a0992268993f22c6401191606626f65696e6731133011060a09922689 93f22c6401191603666c79311530130603550403130c45534444526f6f7434303936301e170d3037313231373233333632385a170d3237 313231373233343335395a305931133011060a0992268993f22c6401191603636f6d31163014060a0992268993f22c6401191606626f65 696e6731133011060a0992268993f22c6401191603666c79311530130603550403130c45534444526f6f743430393630820222300d0609 2a864886f70d01010105000382020f003082020a0282020100a893f9fa5409d68e7a33cfcd03bc0578efac4177
EAP-Message = 0x0a34a84b1d78ba3b554ef6a3b40722737a757b7db9e9e9f24fbb3d065e30a8ff8834e8e0c1b864c8d36510 289b131150730708492a06254d96761937a485841420ea2a80c539e68e8adac2a5242c0281659c60169a50b6a926be06544eee5901f907 3377613af43616575be42d8a2fa8184a5bb0740fc13203bbc397b154725415586ae6554dce245015f13b42c85358f46aff90ade72f8647 89cb9739f179efbaabb0be436bbaeeb6bc8ba42e35497e4f02c0fd47515a6d354553e23ff3c9b4654094f7a109e81f95a131b619b94fde aba656439b470f3f2e4c4679ce6b3b19d3cdc132dda580ef80f98af9ddfdcb50d59a335f8bd4de4a3ce7f493fc
EAP-Message = 0x4a942659b3b35c0f67b7d2e7b21609e9ea84ca7b5bb9f8db4904e7353c8f32a8f04091df845c69df06312e ac02e25621f08615ccb20cab61b9703c9150a3a5c13cec3f590a8258950ac680d5c578aa6ccb5f27effdabdeb10d7ff6dc49b4441f6e29 b88283a446ca910e90c9e6572f595c3476eaf515efe2793ac6d7b7a4891f4c655926fb4e2a76d90d8a8ab6b062aabf7aab2bc6354b1ba8 161d71ea4b54ab72547e20129f1e7947333165e07900b1b50fb9b482786124dedbe293e98b9386bf666129eaf95088b9f7ecd25158dc52 fd74ad9397665c795e18dbb69521343c7c7cf0c9c79720006e6707bc5fa3cf0203010001a38201883082018430
EAP-Message = 0x1306092b060104018237140204061e040043
State = 0x513c3c875935316c3a43028be40032ff
Message-Authenticator = 0xd56f46711110d24c271fb50b6ef77742
# Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authorize {...}
[preprocess] expand: %{User-Name} -> MaintenanceControlDisplay
[preprocess] hints: Matched DEFAULT at 78
[preprocess] expand: %{Calling-Station-Id}@%{Cisco-AVPair[0]} -> 02-00-00-00-00-01@
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] No '@' in User-Name = "MaintenanceControlDisplay", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 9 length 253
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[files] returns noop
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns noop
Found Auth-Type = EAP
# Executing group from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/tls
[eap] processing type tls
[tls] Authenticate
[tls] processing EAP-TLS
[tls] More fragments to follow
[tls] eaptls_verify returned 10
[tls] eaptls_process returned 13
++[eap] returns handled
Sending Access-Challenge of id 9 to 10.128.0.100 port 37626
EAP-Message = 0x010a00060d00
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x513c3c875836316c3a43028be40032ff
Finished request 9.
Going to the next request
Waking up in 1.8 seconds.
rad_recv: Access-Request packet from host 10.128.0.100 port 37626, id=10, length=1184
User-Name = "MaintenanceControlDisplay"
NAS-IP-Address = 127.0.0.1
Calling-Station-Id = "02-00-00-00-00-01"
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
Connect-Info = "CONNECT 11Mbps 802.11b"
EAP-Message = 0x020a04060d400041300b0603551d0f040403020186300f0603551d130101ff040530030101ff301d060355 1d0e041604141e4e1c8a14ef89a83391ee997b1cabed3f47eaa63082011c0603551d1f048201133082010f3082010ba0820107a0820103 8681bf6c6461703a2f2f2f434e3d45534444526f6f74343039362c434e3d706b692d746573742d3738376d2c434e3d4344502c434e3d50 75626c69632532304b657925323053657276696365732c434e3d53657276696365732c434e3d436f6e66696775726174696f6e2c44433d 666c792c44433d626f65696e672c44433d636f6d3f63657274696669636174655265766f636174696f6e4c6973
EAP-Message = 0x743f626173653f6f626a656374436c6173733d63524c446973747269627574696f6e506f696e74863f6874 74703a2f2f706b692d746573742d3738376d2e666c792e626f65696e672e636f6d2f43657274456e726f6c6c2f45534444526f6f743430 39362e63726c301006092b06010401823715010403020100300d06092a864886f70d0101050500038202010089d0fd7533e496888b2ac6 b9cedabf4da5fa5c734b99eca89061b28b303050d210ea6b591dfee0c4efc644244a55b135a226d9597c71f777a1bee950cdc582f70f1a fd54ad92a7f9d13b697c2e77777bfe33c5b486af6b822e97d9efdc82a072c3935760378f9faa5be09ac1026c0b
EAP-Message = 0xf10b3f88bd8b6fb1366829a61ba8496a5f204ba82f88fcc05f8275de0addc8287bb6c9e8c931a223475d7b 29c414992ab24512048a99033f4a82fd82b68ae58129e7d3c7a4e60e26a8b5591098b9a9cde9fe2a3d17964e686d8fccbb897fda38447d dd014fed04c06e4de165ffb3afe93e17a0bd63973b0a261e1eaf839060b716cdb7891fe872a2a45181c8884227c94d290a3620ddbfe38a 9e2da706250c49ec0413ad0cfb4440b1cf70fbad7668685ccd4146677001b560850e8eba09cc6280711eb067230a81d461bcde5ceb4c33 956460a20303d68d0219f5cc3bef1d14c94f632a940006cf1b90da3e8e37de8440d2079c6a5f4cde66fa9d045d
EAP-Message = 0x6fcdc04250079b7e1387e0320f40e08d40f013f0d26b22d826a229b1460b64cc447a34d86687a297b5fe04 865b0fb328cd18d8abfa1ea4b1c58ae57f311567069d521fb42e9918aa3cbf6ca91db5eeae294156426a4249cfd6d3750506a3bb8f98b9 e5d839b7fd939293fb96483aaa2ff99110fff680e1117cd11c183cfdeb0aa91b26e89043e33d2ef03588b5687b47727e36220006763082 06723082045aa003020102020a611b280600000000000c300d06092a864886f70d0101050500305931133011060a0992268993f22c6401 191603636f6d31163014060a0992268993f22c6401191606626f65696e6731133011060a0992268993f22c6401
EAP-Message = 0x191603666c79311530130603550403130c45
State = 0x513c3c875836316c3a43028be40032ff
Message-Authenticator = 0x84fe071ee7e336ed9305a724469d8da0
# Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authorize {...}
[preprocess] expand: %{User-Name} -> MaintenanceControlDisplay
[preprocess] hints: Matched DEFAULT at 78
[preprocess] expand: %{Calling-Station-Id}@%{Cisco-AVPair[0]} -> 02-00-00-00-00-01@
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] No '@' in User-Name = "MaintenanceControlDisplay", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 10 length 253
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[files] returns noop
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns noop
Found Auth-Type = EAP
# Executing group from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/tls
[eap] processing type tls
[tls] Authenticate
[tls] processing EAP-TLS
[tls] More fragments to follow
[tls] eaptls_verify returned 10
[tls] eaptls_process returned 13
++[eap] returns handled
Sending Access-Challenge of id 10 to 10.128.0.100 port 37626
EAP-Message = 0x010b00060d00
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x513c3c875b37316c3a43028be40032ff
Finished request 10.
Going to the next request
Waking up in 1.8 seconds.
rad_recv: Access-Request packet from host 10.128.0.100 port 37626, id=11, length=1184
User-Name = "MaintenanceControlDisplay"
NAS-IP-Address = 127.0.0.1
Calling-Station-Id = "02-00-00-00-00-01"
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
Connect-Info = "CONNECT 11Mbps 802.11b"
EAP-Message = 0x020b04060d40534444526f6f7434303936301e170d3039303131393036333331365a170d31343031313830 36333331365a305a31133011060a0992268993f22c6401191603636f6d31163014060a0992268993f22c6401191606626f65696e673113 3011060a0992268993f22c6401191603666c79311630140603550403130d45534444496e7465723430393630820222300d06092a864886 f70d01010105000382020f003082020a02820201009f550e60c398442453191759d44c49d10f2a9e1a27f47675f419fe64086a65ff77d0 75fbbbb7239ca1fd75d1dc0edc36c967a6ea0bd640e7cea54d41b0cb877f320f987db51ef21dbad0e6b248c8bc
EAP-Message = 0x4473b4a39f180bc2b8427c69bfecc87f56d43bceacb6b6fed627d3d06b2c391f698a19dcc918b1a01850ed b9a3f1c949732ec57efb446b43e596e64a768bab47d95f225af8d8c5ae7de5f79fddcaf339bc7d98ac0d09d0c82360ab3ab9208403293f 45606176d518eb96ecd05d09ddce6b4740583074d5f6b4315fd1a1599941102a313f6ca1689620d6bc8101088ac513e2d20b333d60617a e64f68af26146da6b94180f0ee7031bd05d03d03abc66ca3b6a28321b0e409107c1b867cf999bb1aaca9d29d85295c57b27c29cab526a8 da538e6a449f253a44ad71e2d3ac3769fe8c6ce37e1298ff4f96d91f9ccd37d21a763b9e508d11a964dfbe19c6
EAP-Message = 0xf4a51d2562ef397940ed309f29427f85ade6fc8015e56090fa480ba5b8225807f6d9804f0812390cea201d a3a955473b5f19dfd3223b1341e9e36b72b28c82c75b6c5da597518f2f7b6c9fe052f98590c8c3225ea11c1b2805077251f5ac84fef400 f43ad9940338c1b66b158dcf3b31649ce753edbd8b38bda0d5038781dc638111474a99a932a144c6b3ac153f1d3d0d61117cd2cb590d42 4b39e8b3164ef536f1c2860dc7e8889e3ae9412bc0422e5b7923c50203010001a382013930820135300f0603551d130101ff0405300301 01ff301d0603551d0e0416041443b1f625d530e7f847f0bfcb526b9b4fe1fe72b9300b0603551d0f0404030201
EAP-Message = 0x86301006092b06010401823715010403020101302306092b060104018237150204160414d31f074108cfac 5cc47ed111d3a2712f219c9012301906092b0601040182371402040c1e0a00530075006200430041301f0603551d230418301680141e4e 1c8a14ef89a83391ee997b1cabed3f47eaa6303b0603551d1f043430323030a02ea02c862a687474703a2f2f63726c2e626f65696e672e 636f6d2f63726c2f45534444526f6f74343039362e63726c304606082b06010505070101043a3038303606082b06010505073002862a68 7474703a2f2f63726c2e626f65696e672e636f6d2f63726c2f45534444526f6f74343039362e637274300d0609
EAP-Message = 0x2a864886f70d01010505000382020100976a
State = 0x513c3c875b37316c3a43028be40032ff
Message-Authenticator = 0x0ad1596cf779061d296f593b2dfd3c51
# Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authorize {...}
[preprocess] expand: %{User-Name} -> MaintenanceControlDisplay
[preprocess] hints: Matched DEFAULT at 78
[preprocess] expand: %{Calling-Station-Id}@%{Cisco-AVPair[0]} -> 02-00-00-00-00-01@
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] No '@' in User-Name = "MaintenanceControlDisplay", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 11 length 253
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[files] returns noop
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns noop
Found Auth-Type = EAP
# Executing group from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/tls
[eap] processing type tls
[tls] Authenticate
[tls] processing EAP-TLS
[tls] More fragments to follow
[tls] eaptls_verify returned 10
[tls] eaptls_process returned 13
++[eap] returns handled
Sending Access-Challenge of id 11 to 10.128.0.100 port 37626
EAP-Message = 0x010c00060d00
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x513c3c875a30316c3a43028be40032ff
Finished request 11.
Going to the next request
Waking up in 1.8 seconds.
rad_recv: Access-Request packet from host 10.128.0.100 port 37626, id=12, length=1184
User-Name = "MaintenanceControlDisplay"
NAS-IP-Address = 127.0.0.1
Calling-Station-Id = "02-00-00-00-00-01"
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
Connect-Info = "CONNECT 11Mbps 802.11b"
EAP-Message = 0x020c04060d4048f45eed37c731261476bba7a6b705e7d169a8fbad7b380e5f75f32761bb56e803864ee663 cac722b7c1a9ea1d6b2a0c06f952c91e4b7b2d99724f0330cd81d4800cf17842bceeaed7285a45f90879667e3a18f70b3464a3d0d6d514 173a98b9678e998b8d9a494cfe9243e300c2832a35df610158cd396b1f280db73d94c58709c200b1d702aee8c2a8ebb7b07ff2acbc547b dc9889122128abeaeb1f575026452952e0e9c51292bd2ef1eff30468f418406c0860cd36806e73fc3e13fb5f3cccc7cd8fb934c2f06f94 e83a8be6d9985b53b884c8236135e88e63ba8dd36b4708cff97de8f14e4a035a02e9aef78670e90101f725f08e
EAP-Message = 0x02ea7beaf85acf6e722216671b00749643ef995a71e0e0f21dd9f5282ddba71c014fea56097bdf2c60cdc6 056d3cea13ba4aae1782860adaebd34a896186d5840355a6e80e91b21bfa283bed2bbb4c67b198e212875081fd305ec7d6d74af01bf678 0355aea3a1ee8cd3e506224829321aade7c25d915394eb31db8310834e1724d5ca7dfccfff1d18935ddb264b199bda870f3954c4243e82 b167acdd96fb2091a99de16a1710007885b0f9e045d7bc8ab34af0041db6e8009a20d0ba835517ea46b6e95b6a47b993c8ba1ad606a030 f40102b8c02b226bce7e64d4a2a705a08fe4c4cb51519be63c4455c0a6e8871658c1f20195a7d7efeecd530454
EAP-Message = 0x602d8d6ac6cb81540d1800057a308205763082035ea003020102020a61395bb700010000000a300d06092a 864886f70d0101050500305a31133011060a0992268993f22c6401191603636f6d31163014060a0992268993f22c6401191606626f6569 6e6731133011060a0992268993f22c6401191603666c79311630140603550403130d45534444496e74657234303936301e170d30393031 31393037303632315a170d3134303131383036333331365a305b31133011060a0992268993f22c6401191603636f6d31163014060a0992 268993f22c6401191606626f65696e6731133011060a0992268993f22c6401191603666c793117301506035504
EAP-Message = 0x03130e455344444973737565723230343830820122300d06092a864886f70d01010105000382010f003082 010a02820101009ede837e52ce12f2f315c72da8adbaf7828db60d09392a3cf133c5f11a497d7bd90f1e1eddcdb23058de50acad29c809 b5036f4ce1b0307609a68c92c47bb3a089b236e8e05e3275170369ab25371f4bc684324ac54ad223a046a4eb84964daaf1c2244edec54b 03ef4137634d55afc4e118031d822efd491b7cf9d6530362297ccff6616dfe1f0ebaebaf4f84ff9edce03a9189f34ca257ce621e20aeaf 539e5f91fcae83e89219e587fde80e5c86666d5fd5fdc364f47ab4bda8b62f6233a18e1ddcf109c90234bec8de
EAP-Message = 0xf2d14c026d557b14cd764a677f91c3e5a096
State = 0x513c3c875a30316c3a43028be40032ff
Message-Authenticator = 0x83805531ac628b23e32fce49a71392bd
# Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authorize {...}
[preprocess] expand: %{User-Name} -> MaintenanceControlDisplay
[preprocess] hints: Matched DEFAULT at 78
[preprocess] expand: %{Calling-Station-Id}@%{Cisco-AVPair[0]} -> 02-00-00-00-00-01@
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] No '@' in User-Name = "MaintenanceControlDisplay", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 12 length 253
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[files] returns noop
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns noop
Found Auth-Type = EAP
# Executing group from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/tls
[eap] processing type tls
[tls] Authenticate
[tls] processing EAP-TLS
[tls] More fragments to follow
[tls] eaptls_verify returned 10
[tls] eaptls_process returned 13
++[eap] returns handled
Sending Access-Challenge of id 12 to 10.128.0.100 port 37626
EAP-Message = 0x010d00060d00
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x513c3c875d31316c3a43028be40032ff
Finished request 12.
Going to the next request
Waking up in 1.8 seconds.
rad_recv: Access-Request packet from host 10.128.0.100 port 37626, id=13, length=1184
User-Name = "MaintenanceControlDisplay"
NAS-IP-Address = 127.0.0.1
Calling-Station-Id = "02-00-00-00-00-01"
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
Connect-Info = "CONNECT 11Mbps 802.11b"
EAP-Message = 0x020d04060d40bc0f216a6aa60365dad3b4bbe2616ef038a6d2610bf15597e4fb288472028530c054f10203 010001a382013b30820137300f0603551d130101ff040530030101ff301d0603551d0e041604147b3f3d89d72bac972c086ada7233f64a 074ea0a1300b0603551d0f040403020186301006092b06010401823715010403020101302306092b060104018237150204160414249ba6 c4888fd87d96ab95594e6637dd6e25632f301906092b0601040182371402040c1e0a00530075006200430041301f0603551d2304183016 801443b1f625d530e7f847f0bfcb526b9b4fe1fe72b9303c0603551d1f043530333031a02fa02d862b68747470
EAP-Message = 0x3a2f2f63726c2e626f65696e672e636f6d2f63726c2f45534444496e746572343039362e63726c30470608 2b06010505070101043b3039303706082b06010505073002862b687474703a2f2f63726c2e626f65696e672e636f6d2f63726c2f455344 44496e746572343039362e637274300d06092a864886f70d010105050003820201006bd3c23ef41bc64c3383a89e90f53061c5b5f03e20 40ebc07377fedd37e6ea3f8ce247d0459c1889138a0c63c9b5b5b305e8696de327c1658330193d784233a5343e00e03ccce0e77960a69b 0f9a547a193d6a6502ec30fe65c6365aab74304517f7fea0ce3a07896d13492d59f11ff187aae8d743897f92ef
EAP-Message = 0xa32b18a86a8c02d4e909e17e97417d5c676d546785540ebdf853366842f38e66b0d9a00bc6cf2a25777f0d ef04b8971ebce5b776400e121455288ae22c65c6d23fbcd243a9be7182f6969f0d6061dc4f786eb6eb2fbfd89c807c990eb67a595fb271 7599cc0262dfe8483f7e4f010c8bf6e8c9e02de0a3ccb594e8a1ee52cfd051e13642a34f0325c6c767548c6102d4e4311a37b08d44164a fff6a0a67af3f971ad402ee75a8835d5fa76731958078d4b3f483f412fbb36b888e5416ec598487402187b049bd80f79fa8d53f6476999 c2cf3b82646d2777fd7c6c0ce31b3c330693d78b8960d784840ff10e784e078023b73ad81e0fd6fdc7bf66bf09
EAP-Message = 0xcf8118d3852613bd4cf23f384191bdd292050490c3bfde93230dba380f1391aaf299bd7c4288e0758c9132 df0250d269f10da91b51fb1cd3238828cfc140f801ba777248759e0fdb13e10e08560616d5d7dd7b4cd5a091b28ffba665665648e98da4 4682f17430ada59a3a4b889250ae64a1d4f112a3a83fab8bcaf308087ff97a820a6844c8e64ac9291603010086100000820080d5c6f2b2 117a6cbad67d242f4a69802a07cc8aaf5ff59ebf219cf8af7a387d7803fb034db0e6070054f312a26293f461b6de33fa34b7b09a42aea8 c3394d9c7f44c7148e62b6f611dafa44040cb3378f6744dcf4ad54099d59580e2e445697c4ec2348b4552af63e
EAP-Message = 0x247063c1bccceed74889ea590e0da58ce6be
State = 0x513c3c875d31316c3a43028be40032ff
Message-Authenticator = 0xbb1d0ad92f5fd564954baa008cd36db0
# Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authorize {...}
[preprocess] expand: %{User-Name} -> MaintenanceControlDisplay
[preprocess] hints: Matched DEFAULT at 78
[preprocess] expand: %{Calling-Station-Id}@%{Cisco-AVPair[0]} -> 02-00-00-00-00-01@
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] No '@' in User-Name = "MaintenanceControlDisplay", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 13 length 253
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[files] returns noop
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns noop
Found Auth-Type = EAP
# Executing group from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/tls
[eap] processing type tls
[tls] Authenticate
[tls] processing EAP-TLS
[tls] More fragments to follow
[tls] eaptls_verify returned 10
[tls] eaptls_process returned 13
++[eap] returns handled
Sending Access-Challenge of id 13 to 10.128.0.100 port 37626
EAP-Message = 0x010e00060d00
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x513c3c875c32316c3a43028be40032ff
Finished request 13.
Going to the next request
Waking up in 1.8 seconds.
rad_recv: Access-Request packet from host 10.128.0.100 port 37626, id=14, length=486
User-Name = "MaintenanceControlDisplay"
NAS-IP-Address = 127.0.0.1
Calling-Station-Id = "02-00-00-00-00-01"
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
Connect-Info = "CONNECT 11Mbps 802.11b"
EAP-Message = 0x020e01520d00a235d3b7f87016030101060f00010201009c5bae8f60c3882d11a8226db135282ea8065fa1 2587cd72b4beaa29ae85a390117cd3b2cb47dfd94438f6601cc5fd5b2a3ce4805ad3f88bd71df9ff5b2dff640402660699ddd03a645121 14167e1386a1968e46d91749f78cdbd5aace7b1a52a2df2d90c93b76ca567b41734a9ae1f3537cc938ab05e11bc100e9c265a72bc8345f bfdd42242a3a376248f1d641f2ef2e294d4290ff8a216c17a90f43c2a04ec4f29de41bdda9dc8b3d0ac398fcf5c0bb3f2e9fe752aba87c 9c09250c91d2bb39f413765b620c3dea46fc330bcc347488fc0dc23e8f4c63008cdd1ebdbc907fe13f4c5619ab
EAP-Message = 0x6f49b68bd20f7c60ffb52b1f96a61c26aa6415e09dede4d5212c1403010001011603010030e0db5794014c 3d3d69d2bdfd98a304ad9779de997f577a7cd878ed46952ce28eb9918b0e21865ef74572c8e7cf16790d
State = 0x513c3c875c32316c3a43028be40032ff
Message-Authenticator = 0x9c9cc0760618df10c4d942cd95e95c9c
# Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authorize {...}
[preprocess] expand: %{User-Name} -> MaintenanceControlDisplay
[preprocess] hints: Matched DEFAULT at 78
[preprocess] expand: %{Calling-Station-Id}@%{Cisco-AVPair[0]} -> 02-00-00-00-00-01@
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] No '@' in User-Name = "MaintenanceControlDisplay", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 14 length 253
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[files] returns noop
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns noop
Found Auth-Type = EAP
# Executing group from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/tls
[eap] processing type tls
[tls] Authenticate
[tls] processing EAP-TLS
[tls] eaptls_verify returned 7
[tls] Done initial handshake
[tls] <<< TLS 1.0 Handshake [length 1776], Certificate
[tls] chain-depth=3,
[tls] error=0
[tls] --> User-Name = MaintenanceControlDisplay
[tls] --> BUF-Name = ESDDRoot4096
[tls] --> subject = /DC=com/DC=boeing/DC=fly/CN=ESDDRoot4096
[tls] --> issuer = /DC=com/DC=boeing/DC=fly/CN=ESDDRoot4096
[tls] --> verify return:1
[tls] chain-depth=2,
[tls] error=0
[tls] --> User-Name = MaintenanceControlDisplay
[tls] --> BUF-Name = ESDDInter4096
[tls] --> subject = /DC=com/DC=boeing/DC=fly/CN=ESDDInter4096
[tls] --> issuer = /DC=com/DC=boeing/DC=fly/CN=ESDDRoot4096
[tls] --> verify return:1
[tls] chain-depth=1,
[tls] error=0
[tls] --> User-Name = MaintenanceControlDisplay
[tls] --> BUF-Name = ESDDIssuer2048
[tls] --> subject = /DC=com/DC=boeing/DC=fly/CN=ESDDIssuer2048
[tls] --> issuer = /DC=com/DC=boeing/DC=fly/CN=ESDDInter4096
[tls] --> verify return:1
[tls] chain-depth=0,
[tls] error=0
[tls] --> User-Name = MaintenanceControlDisplay
[tls] --> BUF-Name = MaintenanceControlDisplay
[tls] --> subject = /x500UniqueIdentifier=A4036525/description=CrewWirelessDevice/C=US/O=\x00B\x00O\x00E\x00_\ x00I\x00T\x00L\x00 \x00A\x00i\x00r\x00l\x00i\x00n\x00e\x00s\x00 \x00C\x00o\x00.\x00 \x00L\x00t\x00d\x00./OU=Fo r Test Purposes Only/CN=MaintenanceControlDisplay
[tls] --> issuer = /DC=com/DC=boeing/DC=fly/CN=ESDDIssuer2048
[tls] --> verify return:1
[tls] TLS_accept: SSLv3 read client certificate A
[tls] <<< TLS 1.0 Handshake [length 0086], ClientKeyExchange
[tls] TLS_accept: SSLv3 read client key exchange A
[tls] <<< TLS 1.0 Handshake [length 0106], CertificateVerify
[tls] TLS_accept: SSLv3 read certificate verify A
[tls] <<< TLS 1.0 ChangeCipherSpec [length 0001]
[tls] <<< TLS 1.0 Handshake [length 0010], Finished
[tls] TLS_accept: SSLv3 read finished A
[tls] >>> TLS 1.0 ChangeCipherSpec [length 0001]
[tls] TLS_accept: SSLv3 write change cipher spec A
[tls] >>> TLS 1.0 Handshake [length 0010], Finished
[tls] TLS_accept: SSLv3 write finished A
[tls] TLS_accept: SSLv3 flush data
[tls] (other): SSL negotiation finished successfully
SSL Connection Established
[tls] eaptls_process returned 13
++[eap] returns handled
Sending Access-Challenge of id 14 to 10.128.0.100 port 37626
EAP-Message = 0x010f00450d800000003b14030100010116030100302e7324c43c27ba2ca05affb5044cdc80b6fde1835f0a fcacabb0f0eeb818e2397f158ad69090966662002a492e085e48
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x513c3c875f33316c3a43028be40032ff
Finished request 14.
Going to the next request
Waking up in 1.8 seconds.
rad_recv: Access-Request packet from host 10.128.0.100 port 37626, id=15, length=152
User-Name = "MaintenanceControlDisplay"
NAS-IP-Address = 127.0.0.1
Calling-Station-Id = "02-00-00-00-00-01"
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
Connect-Info = "CONNECT 11Mbps 802.11b"
EAP-Message = 0x020f00060d00
State = 0x513c3c875f33316c3a43028be40032ff
Message-Authenticator = 0x434f2ff4845a3da8223675d555c7299c
# Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authorize {...}
[preprocess] expand: %{User-Name} -> MaintenanceControlDisplay
[preprocess] hints: Matched DEFAULT at 78
[preprocess] expand: %{Calling-Station-Id}@%{Cisco-AVPair[0]} -> 02-00-00-00-00-01@
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] No '@' in User-Name = "MaintenanceControlDisplay", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 15 length 6
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[files] returns noop
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns noop
Found Auth-Type = EAP
# Executing group from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/tls
[eap] processing type tls
[tls] Authenticate
[tls] processing EAP-TLS
[tls] Received TLS ACK
[tls] ACK handshake is finished
[tls] eaptls_verify returned 3
[tls] eaptls_process returned 3
[tls] Adding user data to cached session
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 28804300 (LWP 101549/radiusd)]
0x28489873 in eaptls_gen_mppe_keys (reply_vps=0x28bc4230, s=0x288b7400,
prf_label=0x2849a8ff "client EAP encryption") at mppe_keys.c:147
147 PRF(s->session->master_key, s->session->master_key_length,
(gdb) help
List of classes of commands:
aliases -- Aliases of other commands
breakpoints -- Making program stop at certain points
data -- Examining data
files -- Specifying and examining files
internals -- Maintenance commands
obscure -- Obscure features
running -- Running the program
stack -- Examining the stack
status -- Status inquiries
support -- Support facilities
tracepoints -- Tracing of program execution without stopping the program
user-defined -- User-defined commands
Type "help" followed by a class name for a list of commands in that class.
Type "help" followed by command name for full documentation.
Command name abbreviations are allowed if unambiguous.
(gdb) stack
Undefined command: "stack". Try "help".
(gdb) quit
The program is running. Exit anyway? (y or n) y
wan231s1# cat > /home/steve/radiusd-2.2.0-gdb-output.txt
wan231s1# gdb /usr/local/sbin/radiusd
GNU gdb 6.1.1 [FreeBSD]
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for details.
This GDB was configured as "i386-marcel-freebsd"...(no debugging symbols found)...
(gdb) run -X
Starting program: /usr/local/sbin/radiusd -X
(no debugging symbols found)...(no debugging symbols found)...[New LWP 101549]
(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging sym bols found)...(no debugging symbols found)...(no debugging symbols found)...[New Thread 28804300 (LWP 101549/r adiusd)]
FreeRADIUS Version 2.2.0, for host i386-portbld-freebsd9.0, built on Jan 3 2013 at 20:39:43
Copyright (C) 1999-2012 The FreeRADIUS server project and contributors.
There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A
PARTICULAR PURPOSE.
You may redistribute copies of FreeRADIUS under the terms of the
GNU General Public License v2.
Starting - reading configuration files ...
including configuration file /usr/local/etc/raddb/radiusd.conf
including configuration file /usr/local/etc/raddb/proxy.conf
including configuration file /usr/local/etc/raddb/clients.conf
including files in directory /usr/local/etc/raddb/modules/
including configuration file /usr/local/etc/raddb/modules/wimax
including configuration file /usr/local/etc/raddb/modules/always
including configuration file /usr/local/etc/raddb/modules/attr_filter
including configuration file /usr/local/etc/raddb/modules/attr_rewrite
including configuration file /usr/local/etc/raddb/modules/cache
including configuration file /usr/local/etc/raddb/modules/chap
including configuration file /usr/local/etc/raddb/modules/checkval
including configuration file /usr/local/etc/raddb/modules/counter
including configuration file /usr/local/etc/raddb/modules/cui
including configuration file /usr/local/etc/raddb/modules/detail
including configuration file /usr/local/etc/raddb/modules/detail.example.com
including configuration file /usr/local/etc/raddb/modules/detail.log
including configuration file /usr/local/etc/raddb/modules/dhcp_sqlippool
including configuration file /usr/local/etc/raddb/sql/mysql/ippool-dhcp.conf
including configuration file /usr/local/etc/raddb/modules/digest
including configuration file /usr/local/etc/raddb/modules/dynamic_clients
including configuration file /usr/local/etc/raddb/modules/echo
including configuration file /usr/local/etc/raddb/modules/etc_group
including configuration file /usr/local/etc/raddb/modules/exec
including configuration file /usr/local/etc/raddb/modules/expiration
including configuration file /usr/local/etc/raddb/modules/expr
including configuration file /usr/local/etc/raddb/modules/files
including configuration file /usr/local/etc/raddb/modules/inner-eap
including configuration file /usr/local/etc/raddb/modules/ippool
including configuration file /usr/local/etc/raddb/modules/krb5
including configuration file /usr/local/etc/raddb/modules/ldap
including configuration file /usr/local/etc/raddb/modules/linelog
including configuration file /usr/local/etc/raddb/modules/otp
including configuration file /usr/local/etc/raddb/modules/logintime
including configuration file /usr/local/etc/raddb/modules/mac2ip
including configuration file /usr/local/etc/raddb/modules/mac2vlan
including configuration file /usr/local/etc/raddb/modules/mschap
including configuration file /usr/local/etc/raddb/modules/ntlm_auth
including configuration file /usr/local/etc/raddb/modules/opendirectory
including configuration file /usr/local/etc/raddb/modules/pam
including configuration file /usr/local/etc/raddb/modules/pap
including configuration file /usr/local/etc/raddb/modules/passwd
including configuration file /usr/local/etc/raddb/modules/perl
including configuration file /usr/local/etc/raddb/modules/policy
including configuration file /usr/local/etc/raddb/modules/preprocess
including configuration file /usr/local/etc/raddb/modules/radrelay
including configuration file /usr/local/etc/raddb/modules/radutmp
including configuration file /usr/local/etc/raddb/modules/realm
including configuration file /usr/local/etc/raddb/modules/redis
including configuration file /usr/local/etc/raddb/modules/rediswho
including configuration file /usr/local/etc/raddb/modules/replicate
including configuration file /usr/local/etc/raddb/modules/smbpasswd
including configuration file /usr/local/etc/raddb/modules/smsotp
including configuration file /usr/local/etc/raddb/modules/soh
including configuration file /usr/local/etc/raddb/modules/sql_log
including configuration file /usr/local/etc/raddb/modules/sqlcounter_expire_on_login
including configuration file /usr/local/etc/raddb/modules/sradutmp
including configuration file /usr/local/etc/raddb/modules/unix
including configuration file /usr/local/etc/raddb/modules/acct_unique
including configuration file /usr/local/etc/raddb/eap.conf
including configuration file /usr/local/etc/raddb/policy.conf
including files in directory /usr/local/etc/raddb/sites-enabled/
including configuration file /usr/local/etc/raddb/sites-enabled/default
main {
user = "freeradius"
group = "freeradius"
allow_core_dumps = no
}
including dictionary file /usr/local/etc/raddb/dictionary
main {
name = "radiusd"
prefix = "/usr/local"
localstatedir = "/var"
sbindir = "/usr/local/sbin"
logdir = "/var/log"
run_dir = "/var/run/radiusd"
libdir = "/usr/local/lib/freeradius-2.2.0"
radacctdir = "/var/log/radacct"
hostname_lookups = no
max_request_time = 30
cleanup_delay = 5
max_requests = 1024
pidfile = "/var/run/radiusd/radiusd.pid"
checkrad = "/usr/local/sbin/checkrad"
debug_level = 0
proxy_requests = no
log {
stripped_names = no
auth = yes
auth_badpass = no
auth_goodpass = no
}
security {
max_attributes = 200
reject_delay = 1
status_server = yes
}
}
radiusd: #### Loading Realms and Home Servers ####
proxy server {
retry_delay = 5
retry_count = 3
default_fallback = no
dead_time = 120
wake_all_if_all_dead = no
}
home_server localhost {
ipaddr = 127.0.0.1
port = 1812
type = "auth"
secret = "testing123"
response_window = 20
max_outstanding = 65536
require_message_authenticator = yes
zombie_period = 40
status_check = "status-server"
ping_interval = 30
check_interval = 30
num_answers_to_alive = 3
num_pings_to_alive = 3
revive_interval = 120
status_check_timeout = 4
coa {
irt = 2
mrt = 16
mrc = 5
mrd = 30
}
}
home_server_pool my_auth_failover {
type = fail-over
home_server = localhost
}
realm example.com {
auth_pool = my_auth_failover
}
realm LOCAL {
}
radiusd: #### Loading Clients ####
client localhost {
ipaddr = 127.0.0.1
require_message_authenticator = no
secret = "testing123"
nastype = "other"
}
client 10.128.0.100 {
require_message_authenticator = no
secret = "redacted"
shortname = "nms231s1-eapol-test"
nastype = "other"
}
radiusd: #### Instantiating modules ####
instantiate {
(no debugging symbols found)... Module: Linked to module rlm_exec
Module: Instantiating module "exec" from file /usr/local/etc/raddb/modules/exec
exec {
wait = no
input_pairs = "request"
shell_escape = yes
}
Module: Linked to module rlm_expr
Module: Instantiating module "expr" from file /usr/local/etc/raddb/modules/expr
Module: Linked to module rlm_expiration
Module: Instantiating module "expiration" from file /usr/local/etc/raddb/modules/expiration
expiration {
reply-message = "Password Has Expired "
}
Module: Linked to module rlm_logintime
Module: Instantiating module "logintime" from file /usr/local/etc/raddb/modules/logintime
logintime {
reply-message = "You are calling outside your allowed timespan "
minimum-timeout = 60
}
}
radiusd: #### Loading Virtual Servers ####
server { # from file /usr/local/etc/raddb/radiusd.conf
modules {
Module: Creating Auth-Type = digest
Module: Creating Post-Auth-Type = REJECT
Module: Checking authenticate {...} for more modules to load
Module: Linked to module rlm_pap
Module: Instantiating module "pap" from file /usr/local/etc/raddb/modules/pap
pap {
encryption_scheme = "auto"
auto_header = no
}
Module: Linked to module rlm_chap
Module: Instantiating module "chap" from file /usr/local/etc/raddb/modules/chap
Module: Linked to module rlm_mschap
Module: Instantiating module "mschap" from file /usr/local/etc/raddb/modules/mschap
mschap {
use_mppe = yes
require_encryption = no
require_strong = no
with_ntdomain_hack = no
allow_retry = yes
}
Module: Linked to module rlm_digest
Module: Instantiating module "digest" from file /usr/local/etc/raddb/modules/digest
Module: Linked to module rlm_unix
Module: Instantiating module "unix" from file /usr/local/etc/raddb/modules/unix
unix {
radwtmp = "/var/log/radwtmp"
}
Module: Linked to module rlm_eap
Module: Instantiating module "eap" from file /usr/local/etc/raddb/eap.conf
eap {
default_eap_type = "tls"
timer_expire = 60
ignore_unknown_eap_types = no
cisco_accounting_username_bug = no
max_sessions = 4096
}
Module: Linked to sub-module rlm_eap_md5
Module: Instantiating eap-md5
Module: Linked to sub-module rlm_eap_leap
Module: Instantiating eap-leap
Module: Linked to sub-module rlm_eap_gtc
Module: Instantiating eap-gtc
gtc {
challenge = "Password: "
auth_type = "PAP"
}
Module: Linked to sub-module rlm_eap_tls
Module: Instantiating eap-tls
tls {
rsa_key_exchange = no
dh_key_exchange = yes
rsa_key_length = 512
dh_key_length = 512
verify_depth = 0
CA_path = "/usr/local/etc/raddb/certs/CA"
pem_file_type = yes
private_key_file = "/usr/local/etc/raddb/certs/gatelink822-wan231s1_key.pem"
certificate_file = "/usr/local/etc/raddb/certs/gatelink822-wan231s1_cert.pem"
private_key_password = "redacted"
dh_file = "/usr/local/etc/raddb/certs/dh"
random_file = "/usr/local/etc/raddb/certs/random"
fragment_size = 1024
include_length = yes
check_crl = no
cipher_list = "DEFAULT"
make_cert_command = "/usr/local/etc/raddb/certs/bootstrap"
ecdh_curve = "prime256v1"
cache {
enable = no
lifetime = 24
max_entries = 255
}
verify {
}
ocsp {
enable = no
override_cert_url = yes
url = "http://127.0.0.1/ocsp/"
use_nonce = yes
timeout = 0
softfail = no
}
}
Module: Linked to sub-module rlm_eap_ttls
Module: Instantiating eap-ttls
ttls {
default_eap_type = "md5"
copy_request_to_tunnel = no
use_tunneled_reply = no
virtual_server = "inner-tunnel"
include_length = yes
}
Module: Linked to sub-module rlm_eap_peap
Module: Instantiating eap-peap
peap {
default_eap_type = "mschapv2"
copy_request_to_tunnel = no
use_tunneled_reply = no
proxy_tunneled_request_as_eap = yes
virtual_server = "inner-tunnel"
soh = no
}
Module: Linked to sub-module rlm_eap_mschapv2
Module: Instantiating eap-mschapv2
mschapv2 {
with_ntdomain_hack = no
send_error = no
}
Module: Checking authorize {...} for more modules to load
Module: Linked to module rlm_preprocess
Module: Instantiating module "preprocess" from file /usr/local/etc/raddb/modules/preprocess
preprocess {
huntgroups = "/usr/local/etc/raddb/huntgroups"
hints = "/usr/local/etc/raddb/hints"
with_ascend_hack = no
ascend_channels_per_line = 23
with_ntdomain_hack = no
with_specialix_jetstream_hack = no
with_cisco_vsa_hack = no
with_alvarion_vsa_hack = no
}
reading pairlist file /usr/local/etc/raddb/huntgroups
reading pairlist file /usr/local/etc/raddb/hints
Module: Linked to module rlm_realm
Module: Instantiating module "suffix" from file /usr/local/etc/raddb/modules/realm
realm suffix {
format = "suffix"
delimiter = "@"
ignore_default = no
ignore_null = no
}
Module: Linked to module rlm_files
Module: Instantiating module "files" from file /usr/local/etc/raddb/modules/files
files {
usersfile = "/usr/local/etc/raddb/users"
acctusersfile = "/usr/local/etc/raddb/acct_users"
preproxy_usersfile = "/usr/local/etc/raddb/preproxy_users"
compat = "no"
}
reading pairlist file /usr/local/etc/raddb/users
reading pairlist file /usr/local/etc/raddb/acct_users
reading pairlist file /usr/local/etc/raddb/preproxy_users
Module: Checking preacct {...} for more modules to load
Module: Linked to module rlm_acct_unique
Module: Instantiating module "acct_unique" from file /usr/local/etc/raddb/modules/acct_unique
acct_unique {
key = "User-Name, Acct-Session-Id, NAS-IP-Address, NAS-Identifier, NAS-Port"
}
Module: Checking accounting {...} for more modules to load
Module: Linked to module rlm_detail
Module: Instantiating module "detail" from file /usr/local/etc/raddb/modules/detail
detail {
detailfile = "/var/log/radacct/%{%{Packet-Src-IP-Address}:-%{Packet-Src-IPv6-Address}}/detail-%Y%m%d"
header = "%t"
detailperm = 384
dirperm = 493
locking = no
log_packet_header = no
}
Module: Linked to module rlm_attr_filter
Module: Instantiating module "attr_filter.accounting_response" from file /usr/local/etc/raddb/modules/attr_fi lter
attr_filter attr_filter.accounting_response {
attrsfile = "/usr/local/etc/raddb/attrs.accounting_response"
key = "%{User-Name}"
relaxed = no
}
reading pairlist file /usr/local/etc/raddb/attrs.accounting_response
Module: Checking session {...} for more modules to load
Module: Linked to module rlm_radutmp
Module: Instantiating module "radutmp" from file /usr/local/etc/raddb/modules/radutmp
radutmp {
filename = "/var/log/radutmp"
username = "%{User-Name}"
case_sensitive = yes
check_with_nas = yes
perm = 384
callerid = yes
}
Module: Checking post-proxy {...} for more modules to load
Module: Checking post-auth {...} for more modules to load
Module: Instantiating module "attr_filter.access_reject" from file /usr/local/etc/raddb/modules/attr_filter
attr_filter attr_filter.access_reject {
attrsfile = "/usr/local/etc/raddb/attrs.access_reject"
key = "%{User-Name}"
relaxed = no
}
reading pairlist file /usr/local/etc/raddb/attrs.access_reject
} # modules
} # server
radiusd: #### Opening IP addresses and Ports ####
listen {
type = "auth"
ipaddr = *
port = 0
}
listen {
type = "acct"
ipaddr = *
port = 0
}
Listening on authentication address * port 1812
Listening on accounting address * port 1813
Ready to process requests.
rad_recv: Access-Request packet from host 10.128.0.100 port 37626, id=0, length=158
User-Name = "MaintenanceControlDisplay"
NAS-IP-Address = 127.0.0.1
Calling-Station-Id = "02-00-00-00-00-01"
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
Connect-Info = "CONNECT 11Mbps 802.11b"
EAP-Message = 0x0200001e014d61696e74656e616e6365436f6e74726f6c446973706c6179
Message-Authenticator = 0xad8a60fa6b73d53acb5ce659eff3da36
# Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authorize {...}
[preprocess] expand: %{User-Name} -> MaintenanceControlDisplay
[preprocess] hints: Matched DEFAULT at 78
[preprocess] expand: %{Calling-Station-Id}@%{Cisco-AVPair[0]} -> 02-00-00-00-00-01@
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] No '@' in User-Name = "MaintenanceControlDisplay", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 0 length 30
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[files] returns noop
++[expiration] returns noop
++[logintime] returns noop
[pap] WARNING! No "known good" password found for the user. Authentication may fail because of this.
++[pap] returns noop
Found Auth-Type = EAP
# Executing group from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authenticate {...}
[eap] EAP Identity
[eap] processing type tls
[tls] Requiring client certificate
[tls] Initiate
[tls] Start returned 1
++[eap] returns handled
Sending Access-Challenge of id 0 to 10.128.0.100 port 37626
EAP-Message = 0x010100060d20
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x513c3c87513d316c3a43028be40032ff
Finished request 0.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 10.128.0.100 port 37626, id=1, length=258
User-Name = "MaintenanceControlDisplay"
NAS-IP-Address = 127.0.0.1
Calling-Station-Id = "02-00-00-00-00-01"
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
Connect-Info = "CONNECT 11Mbps 802.11b"
EAP-Message = 0x020100700d00160301006501000061030150e5f39860827a0411cfb562ef8e20af61649f10290355949974 ed309594e83f00003400390038003500880087008400160013000a00330032002f00450044004100050004001500120009001400110008 0006000300ff0100000400230000
State = 0x513c3c87513d316c3a43028be40032ff
Message-Authenticator = 0x0633be04de5c0102ddc9fa927ed47610
# Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authorize {...}
[preprocess] expand: %{User-Name} -> MaintenanceControlDisplay
[preprocess] hints: Matched DEFAULT at 78
[preprocess] expand: %{Calling-Station-Id}@%{Cisco-AVPair[0]} -> 02-00-00-00-00-01@
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] No '@' in User-Name = "MaintenanceControlDisplay", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 1 length 112
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[files] returns noop
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns noop
Found Auth-Type = EAP
# Executing group from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/tls
[eap] processing type tls
[tls] Authenticate
[tls] processing EAP-TLS
[tls] eaptls_verify returned 7
[tls] Done initial handshake
[tls] (other): before/accept initialization
[tls] TLS_accept: before/accept initialization
[tls] <<< TLS 1.0 Handshake [length 0065], ClientHello
[tls] TLS_accept: SSLv3 read client hello A
[tls] >>> TLS 1.0 Handshake [length 0031], ServerHello
[tls] TLS_accept: SSLv3 write server hello A
[tls] >>> TLS 1.0 Handshake [length 1756], Certificate
[tls] TLS_accept: SSLv3 write certificate A
[tls] >>> TLS 1.0 Handshake [length 020d], ServerKeyExchange
[tls] TLS_accept: SSLv3 write key exchange A
[tls] >>> TLS 1.0 Handshake [length 0010], CertificateRequest
[tls] TLS_accept: SSLv3 write certificate request A
[tls] TLS_accept: SSLv3 flush data
[tls] TLS_accept: Need to read more data: SSLv3 read client certificate A
In SSL Handshake Phase
In SSL Accept mode
[tls] eaptls_process returned 13
++[eap] returns handled
Sending Access-Challenge of id 1 to 10.128.0.100 port 37626
EAP-Message = 0x010204000dc0000019b816030100310200002d030150e5f3981aa9077b62c7c34d9eb90bd512eac8348779 1227b2d8e289befa6edf000039000005ff0100010016030117560b00175200174f000489308204853082036da003020102020a4b426b00 000100000d22300d06092a864886f70d0101050500305b31133011060a0992268993f22c6401191603636f6d31163014060a0992268993 f22c6401191606626f65696e6731133011060a0992268993f22c6401191603666c79311730150603550403130e45534444497373756572 32303438301e170d3132303331343139343732395a170d3134303131383036333331365a308191310b30090603
EAP-Message = 0x55040613025553310b30090603550408130257413110300e0603550407130753656174746c65311b301906 0355040a131254686520426f65696e6720436f6d70616e79311f301d060355040b1316466f72205465737420507572706f736573204f6e 6c79312530230603550403131c676174656c696e6b3832322e77616e32333173312e77616e2e6c616230820122300d06092a864886f70d 01010105000382010f003082010a0282010100c175642cacaf0313bb775762d65e844208b24fe044be27d2523ff76cb718dec7f17eb3ee 320f859c8a03a5d34400a1783e2b543e8398d1785daa255073353c5d13ffa304f26019b8b859368bae5c65d617
EAP-Message = 0x93e77241750f6fc8e2ffbff4b8fefbdd0321433512b07d0180c2271de6c5fa9458579163d21f4c26f7ced4 30868b3c0d344b85a2f5d37adcda8fb477d64b4c0c2a978946081e0e52e47f4ddb0cb82c02f8a704f6f169b46c63f1db7e0403f7e0989d 73546ddfe6823a83310c68ea5722997a969fa9b0858799de63fab0f941b510fb826d581823ef6f0eb6e59dc96a434f18fa2288574a6de1 53a979ce2fc2b31e06dbd12bce17213019db711b563d0203010001a38201123082010e301d0603551d0e04160414afc898ac5da8d7db13 80f5ca855cff669aa3035c300e0603551d0f0101ff04040302078030130603551d25040c300a06082b06010505
EAP-Message = 0x070301301f0603551d230418301680147b3f3d89d72bac972c086ada7233f64a074ea0a1303d0603551d1f 043630343032a030a02e862c687474703a2f2f63726c2e626f65696e672e636f6d2f63726c2f45534444497373756572323034382e6372 6c300c0603551d130101ff04023000303d06092b06010401823715070430302e06262b0601040182371508acc31f85e0d61c87dd892487 e6e83681a1f354814681b4812e84aaae09020164020105301b06092b060104018237150a040e300c300a06082b06010505070301300d06 092a864886f70d01010505000382010100702d7a1bde789d5af9c5d5ba6afed07c0f23bd794b1e54aa6ac6ed3b
EAP-Message = 0x634ee662bd183641cf537132
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x513c3c87503e316c3a43028be40032ff
Finished request 1.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 10.128.0.100 port 37626, id=2, length=152
User-Name = "MaintenanceControlDisplay"
NAS-IP-Address = 127.0.0.1
Calling-Station-Id = "02-00-00-00-00-01"
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
Connect-Info = "CONNECT 11Mbps 802.11b"
EAP-Message = 0x020200060d00
State = 0x513c3c87503e316c3a43028be40032ff
Message-Authenticator = 0xb498e0ab471b0fe82149a213e502cc78
# Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authorize {...}
[preprocess] expand: %{User-Name} -> MaintenanceControlDisplay
[preprocess] hints: Matched DEFAULT at 78
[preprocess] expand: %{Calling-Station-Id}@%{Cisco-AVPair[0]} -> 02-00-00-00-00-01@
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] No '@' in User-Name = "MaintenanceControlDisplay", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 2 length 6
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[files] returns noop
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns noop
Found Auth-Type = EAP
# Executing group from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/tls
[eap] processing type tls
[tls] Authenticate
[tls] processing EAP-TLS
[tls] Received TLS ACK
[tls] ACK handshake fragment handler
[tls] eaptls_verify returned 1
[tls] eaptls_process returned 13
++[eap] returns handled
Sending Access-Challenge of id 2 to 10.128.0.100 port 37626
EAP-Message = 0x010304000dc0000019b8322dbdd1145b65fc9a838c88b38578712aee8672f594dbb51c82d3b2b239171e2b c6816740828370ab131a9f6e7cdbc9ce1af59564ab13f6084b2f7dfbc59766edeb710de9be3c3820775d69539962c845f60c47fcaf3c43 d021eea95f86ab7bfecab3ae917a9d8fa792195be052d27c8e2d7cdd72d743d89cfff56a500f9face99c5563972d19ead292a4ebda615f f2c89a07dd30c1c06f25bc476090e077f5a6af2d1e618208bfd018a56abb362b8bce884976f6d3adb093d2eeae7bd59063ae8a868fb1cd c19c990d818216e7f1e68c5c7c1495bb1bc800057a308205763082035ea003020102020a61395bb70001000000
EAP-Message = 0x0a300d06092a864886f70d0101050500305a31133011060a0992268993f22c6401191603636f6d31163014 060a0992268993f22c6401191606626f65696e6731133011060a0992268993f22c6401191603666c79311630140603550403130d455344 44496e74657234303936301e170d3039303131393037303632315a170d3134303131383036333331365a305b31133011060a0992268993 f22c6401191603636f6d31163014060a0992268993f22c6401191606626f65696e6731133011060a0992268993f22c6401191603666c79 311730150603550403130e455344444973737565723230343830820122300d06092a864886f70d010101050003
EAP-Message = 0x82010f003082010a02820101009ede837e52ce12f2f315c72da8adbaf7828db60d09392a3cf133c5f11a49 7d7bd90f1e1eddcdb23058de50acad29c809b5036f4ce1b0307609a68c92c47bb3a089b236e8e05e3275170369ab25371f4bc684324ac5 4ad223a046a4eb84964daaf1c2244edec54b03ef4137634d55afc4e118031d822efd491b7cf9d6530362297ccff6616dfe1f0ebaebaf4f 84ff9edce03a9189f34ca257ce621e20aeaf539e5f91fcae83e89219e587fde80e5c86666d5fd5fdc364f47ab4bda8b62f6233a18e1ddc f109c90234bec8def2d14c026d557b14cd764a677f91c3e5a096bc0f216a6aa60365dad3b4bbe2616ef038a6d2
EAP-Message = 0x610bf15597e4fb288472028530c054f10203010001a382013b30820137300f0603551d130101ff04053003 0101ff301d0603551d0e041604147b3f3d89d72bac972c086ada7233f64a074ea0a1300b0603551d0f040403020186301006092b060104 01823715010403020101302306092b060104018237150204160414249ba6c4888fd87d96ab95594e6637dd6e25632f301906092b060104 0182371402040c1e0a00530075006200430041301f0603551d2304183016801443b1f625d530e7f847f0bfcb526b9b4fe1fe72b9303c06 03551d1f043530333031a02fa02d862b687474703a2f2f63726c2e626f65696e672e636f6d2f63726c2f455344
EAP-Message = 0x44496e746572343039362e63
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x513c3c87533f316c3a43028be40032ff
Finished request 2.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 10.128.0.100 port 37626, id=3, length=152
User-Name = "MaintenanceControlDisplay"
NAS-IP-Address = 127.0.0.1
Calling-Station-Id = "02-00-00-00-00-01"
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
Connect-Info = "CONNECT 11Mbps 802.11b"
EAP-Message = 0x020300060d00
State = 0x513c3c87533f316c3a43028be40032ff
Message-Authenticator = 0xbfd7afb5cc827e4dfe0e545087c18bdd
# Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authorize {...}
[preprocess] expand: %{User-Name} -> MaintenanceControlDisplay
[preprocess] hints: Matched DEFAULT at 78
[preprocess] expand: %{Calling-Station-Id}@%{Cisco-AVPair[0]} -> 02-00-00-00-00-01@
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] No '@' in User-Name = "MaintenanceControlDisplay", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 3 length 6
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[files] returns noop
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns noop
Found Auth-Type = EAP
# Executing group from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/tls
[eap] processing type tls
[tls] Authenticate
[tls] processing EAP-TLS
[tls] Received TLS ACK
[tls] ACK handshake fragment handler
[tls] eaptls_verify returned 1
[tls] eaptls_process returned 13
++[eap] returns handled
Sending Access-Challenge of id 3 to 10.128.0.100 port 37626
EAP-Message = 0x010404000dc0000019b8726c304706082b06010505070101043b3039303706082b06010505073002862b68 7474703a2f2f63726c2e626f65696e672e636f6d2f63726c2f45534444496e746572343039362e637274300d06092a864886f70d010105 050003820201006bd3c23ef41bc64c3383a89e90f53061c5b5f03e2040ebc07377fedd37e6ea3f8ce247d0459c1889138a0c63c9b5b5b3 05e8696de327c1658330193d784233a5343e00e03ccce0e77960a69b0f9a547a193d6a6502ec30fe65c6365aab74304517f7fea0ce3a07 896d13492d59f11ff187aae8d743897f92efa32b18a86a8c02d4e909e17e97417d5c676d546785540ebdf85336
EAP-Message = 0x6842f38e66b0d9a00bc6cf2a25777f0def04b8971ebce5b776400e121455288ae22c65c6d23fbcd243a9be 7182f6969f0d6061dc4f786eb6eb2fbfd89c807c990eb67a595fb2717599cc0262dfe8483f7e4f010c8bf6e8c9e02de0a3ccb594e8a1ee 52cfd051e13642a34f0325c6c767548c6102d4e4311a37b08d44164afff6a0a67af3f971ad402ee75a8835d5fa76731958078d4b3f483f 412fbb36b888e5416ec598487402187b049bd80f79fa8d53f6476999c2cf3b82646d2777fd7c6c0ce31b3c330693d78b8960d784840ff1 0e784e078023b73ad81e0fd6fdc7bf66bf09cf8118d3852613bd4cf23f384191bdd292050490c3bfde93230dba
EAP-Message = 0x380f1391aaf299bd7c4288e0758c9132df0250d269f10da91b51fb1cd3238828cfc140f801ba777248759e 0fdb13e10e08560616d5d7dd7b4cd5a091b28ffba665665648e98da44682f17430ada59a3a4b889250ae64a1d4f112a3a83fab8bcaf308 087ff97a820a6844c8e64ac929000676308206723082045aa003020102020a611b280600000000000c300d06092a864886f70d01010505 00305931133011060a0992268993f22c6401191603636f6d31163014060a0992268993f22c6401191606626f65696e6731133011060a09 92268993f22c6401191603666c79311530130603550403130c45534444526f6f7434303936301e170d30393031
EAP-Message = 0x31393036333331365a170d3134303131383036333331365a305a31133011060a0992268993f22c64011916 03636f6d31163014060a0992268993f22c6401191606626f65696e6731133011060a0992268993f22c6401191603666c79311630140603 550403130d45534444496e7465723430393630820222300d06092a864886f70d01010105000382020f003082020a02820201009f550e60 c398442453191759d44c49d10f2a9e1a27f47675f419fe64086a65ff77d075fbbbb7239ca1fd75d1dc0edc36c967a6ea0bd640e7cea54d 41b0cb877f320f987db51ef21dbad0e6b248c8bc4473b4a39f180bc2b8427c69bfecc87f56d43bceacb6b6fed6
EAP-Message = 0x27d3d06b2c391f698a19dcc9
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x513c3c875238316c3a43028be40032ff
Finished request 3.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 10.128.0.100 port 37626, id=4, length=152
User-Name = "MaintenanceControlDisplay"
NAS-IP-Address = 127.0.0.1
Calling-Station-Id = "02-00-00-00-00-01"
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
Connect-Info = "CONNECT 11Mbps 802.11b"
EAP-Message = 0x020400060d00
State = 0x513c3c875238316c3a43028be40032ff
Message-Authenticator = 0x6fcf451c592fb99c374d0321cdc02af7
# Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authorize {...}
[preprocess] expand: %{User-Name} -> MaintenanceControlDisplay
[preprocess] hints: Matched DEFAULT at 78
[preprocess] expand: %{Calling-Station-Id}@%{Cisco-AVPair[0]} -> 02-00-00-00-00-01@
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] No '@' in User-Name = "MaintenanceControlDisplay", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 4 length 6
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[files] returns noop
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns noop
Found Auth-Type = EAP
# Executing group from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/tls
[eap] processing type tls
[tls] Authenticate
[tls] processing EAP-TLS
[tls] Received TLS ACK
[tls] ACK handshake fragment handler
[tls] eaptls_verify returned 1
[tls] eaptls_process returned 13
++[eap] returns handled
Sending Access-Challenge of id 4 to 10.128.0.100 port 37626
EAP-Message = 0x010504000dc0000019b818b1a01850edb9a3f1c949732ec57efb446b43e596e64a768bab47d95f225af8d8 c5ae7de5f79fddcaf339bc7d98ac0d09d0c82360ab3ab9208403293f45606176d518eb96ecd05d09ddce6b4740583074d5f6b4315fd1a1 599941102a313f6ca1689620d6bc8101088ac513e2d20b333d60617ae64f68af26146da6b94180f0ee7031bd05d03d03abc66ca3b6a283 21b0e409107c1b867cf999bb1aaca9d29d85295c57b27c29cab526a8da538e6a449f253a44ad71e2d3ac3769fe8c6ce37e1298ff4f96d9 1f9ccd37d21a763b9e508d11a964dfbe19c6f4a51d2562ef397940ed309f29427f85ade6fc8015e56090fa480b
EAP-Message = 0xa5b8225807f6d9804f0812390cea201da3a955473b5f19dfd3223b1341e9e36b72b28c82c75b6c5da59751 8f2f7b6c9fe052f98590c8c3225ea11c1b2805077251f5ac84fef400f43ad9940338c1b66b158dcf3b31649ce753edbd8b38bda0d50387 81dc638111474a99a932a144c6b3ac153f1d3d0d61117cd2cb590d424b39e8b3164ef536f1c2860dc7e8889e3ae9412bc0422e5b7923c5 0203010001a382013930820135300f0603551d130101ff040530030101ff301d0603551d0e0416041443b1f625d530e7f847f0bfcb526b 9b4fe1fe72b9300b0603551d0f040403020186301006092b06010401823715010403020101302306092b060104
EAP-Message = 0x018237150204160414d31f074108cfac5cc47ed111d3a2712f219c9012301906092b060104018237140204 0c1e0a00530075006200430041301f0603551d230418301680141e4e1c8a14ef89a83391ee997b1cabed3f47eaa6303b0603551d1f0434 30323030a02ea02c862a687474703a2f2f63726c2e626f65696e672e636f6d2f63726c2f45534444526f6f74343039362e63726c304606 082b06010505070101043a3038303606082b06010505073002862a687474703a2f2f63726c2e626f65696e672e636f6d2f63726c2f4553 4444526f6f74343039362e637274300d06092a864886f70d01010505000382020100976a48f45eed37c7312614
EAP-Message = 0x76bba7a6b705e7d169a8fbad7b380e5f75f32761bb56e803864ee663cac722b7c1a9ea1d6b2a0c06f952c9 1e4b7b2d99724f0330cd81d4800cf17842bceeaed7285a45f90879667e3a18f70b3464a3d0d6d514173a98b9678e998b8d9a494cfe9243 e300c2832a35df610158cd396b1f280db73d94c58709c200b1d702aee8c2a8ebb7b07ff2acbc547bdc9889122128abeaeb1f5750264529 52e0e9c51292bd2ef1eff30468f418406c0860cd36806e73fc3e13fb5f3cccc7cd8fb934c2f06f94e83a8be6d9985b53b884c8236135e8 8e63ba8dd36b4708cff97de8f14e4a035a02e9aef78670e90101f725f08e02ea7beaf85acf6e722216671b0074
EAP-Message = 0x9643ef995a71e0e0f21dd9f5
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x513c3c875539316c3a43028be40032ff
Finished request 4.
Going to the next request
Waking up in 4.9 seconds.
rad_recv: Access-Request packet from host 10.128.0.100 port 37626, id=5, length=152
User-Name = "MaintenanceControlDisplay"
NAS-IP-Address = 127.0.0.1
Calling-Station-Id = "02-00-00-00-00-01"
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
Connect-Info = "CONNECT 11Mbps 802.11b"
EAP-Message = 0x020500060d00
State = 0x513c3c875539316c3a43028be40032ff
Message-Authenticator = 0x66eccf08ef53f2b5ae2dbbb2933ccbf3
# Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authorize {...}
[preprocess] expand: %{User-Name} -> MaintenanceControlDisplay
[preprocess] hints: Matched DEFAULT at 78
[preprocess] expand: %{Calling-Station-Id}@%{Cisco-AVPair[0]} -> 02-00-00-00-00-01@
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] No '@' in User-Name = "MaintenanceControlDisplay", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 5 length 6
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[files] returns noop
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns noop
Found Auth-Type = EAP
# Executing group from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/tls
[eap] processing type tls
[tls] Authenticate
[tls] processing EAP-TLS
[tls] Received TLS ACK
[tls] ACK handshake fragment handler
[tls] eaptls_verify returned 1
[tls] eaptls_process returned 13
++[eap] returns handled
Sending Access-Challenge of id 5 to 10.128.0.100 port 37626
EAP-Message = 0x010604000dc0000019b8282ddba71c014fea56097bdf2c60cdc6056d3cea13ba4aae1782860adaebd34a89 6186d5840355a6e80e91b21bfa283bed2bbb4c67b198e212875081fd305ec7d6d74af01bf6780355aea3a1ee8cd3e506224829321aade7 c25d915394eb31db8310834e1724d5ca7dfccfff1d18935ddb264b199bda870f3954c4243e82b167acdd96fb2091a99de16a1710007885 b0f9e045d7bc8ab34af0041db6e8009a20d0ba835517ea46b6e95b6a47b993c8ba1ad606a030f40102b8c02b226bce7e64d4a2a705a08f e4c4cb51519be63c4455c0a6e8871658c1f20195a7d7efeecd530454602d8d6ac6cb81540d180006ca308206c6
EAP-Message = 0x308204aea003020102021056886f61a89e888c4face278a0aabf44300d06092a864886f70d010105050030 5931133011060a0992268993f22c6401191603636f6d31163014060a0992268993f22c6401191606626f65696e6731133011060a099226 8993f22c6401191603666c79311530130603550403130c45534444526f6f7434303936301e170d3037313231373233333632385a170d32 37313231373233343335395a305931133011060a0992268993f22c6401191603636f6d31163014060a0992268993f22c6401191606626f 65696e6731133011060a0992268993f22c6401191603666c79311530130603550403130c45534444526f6f7434
EAP-Message = 0x30393630820222300d06092a864886f70d01010105000382020f003082020a0282020100a893f9fa5409d6 8e7a33cfcd03bc0578efac41770a34a84b1d78ba3b554ef6a3b40722737a757b7db9e9e9f24fbb3d065e30a8ff8834e8e0c1b864c8d365 10289b131150730708492a06254d96761937a485841420ea2a80c539e68e8adac2a5242c0281659c60169a50b6a926be06544eee5901f9 073377613af43616575be42d8a2fa8184a5bb0740fc13203bbc397b154725415586ae6554dce245015f13b42c85358f46aff90ade72f86 4789cb9739f179efbaabb0be436bbaeeb6bc8ba42e35497e4f02c0fd47515a6d354553e23ff3c9b4654094f7a1
EAP-Message = 0x09e81f95a131b619b94fdeaba656439b470f3f2e4c4679ce6b3b19d3cdc132dda580ef80f98af9ddfdcb50 d59a335f8bd4de4a3ce7f493fc4a942659b3b35c0f67b7d2e7b21609e9ea84ca7b5bb9f8db4904e7353c8f32a8f04091df845c69df0631 2eac02e25621f08615ccb20cab61b9703c9150a3a5c13cec3f590a8258950ac680d5c578aa6ccb5f27effdabdeb10d7ff6dc49b4441f6e 29b88283a446ca910e90c9e6572f595c3476eaf515efe2793ac6d7b7a4891f4c655926fb4e2a76d90d8a8ab6b062aabf7aab2bc6354b1b a8161d71ea4b54ab72547e20129f1e7947333165e07900b1b50fb9b482786124dedbe293e98b9386bf666129ea
EAP-Message = 0xf95088b9f7ecd25158dc52fd
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x513c3c87543a316c3a43028be40032ff
Finished request 5.
Going to the next request
Waking up in 1.9 seconds.
rad_recv: Access-Request packet from host 10.128.0.100 port 37626, id=6, length=152
User-Name = "MaintenanceControlDisplay"
NAS-IP-Address = 127.0.0.1
Calling-Station-Id = "02-00-00-00-00-01"
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
Connect-Info = "CONNECT 11Mbps 802.11b"
EAP-Message = 0x020600060d00
State = 0x513c3c87543a316c3a43028be40032ff
Message-Authenticator = 0xbf530521aed3b6bee2217fd16706c847
# Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authorize {...}
[preprocess] expand: %{User-Name} -> MaintenanceControlDisplay
[preprocess] hints: Matched DEFAULT at 78
[preprocess] expand: %{Calling-Station-Id}@%{Cisco-AVPair[0]} -> 02-00-00-00-00-01@
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] No '@' in User-Name = "MaintenanceControlDisplay", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 6 length 6
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[files] returns noop
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns noop
Found Auth-Type = EAP
# Executing group from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/tls
[eap] processing type tls
[tls] Authenticate
[tls] processing EAP-TLS
[tls] Received TLS ACK
[tls] ACK handshake fragment handler
[tls] eaptls_verify returned 1
[tls] eaptls_process returned 13
++[eap] returns handled
Sending Access-Challenge of id 6 to 10.128.0.100 port 37626
EAP-Message = 0x010704000dc0000019b874ad9397665c795e18dbb69521343c7c7cf0c9c79720006e6707bc5fa3cf020301 0001a382018830820184301306092b060104018237140204061e0400430041300b0603551d0f040403020186300f0603551d130101ff04 0530030101ff301d0603551d0e041604141e4e1c8a14ef89a83391ee997b1cabed3f47eaa63082011c0603551d1f048201133082010f30 82010ba0820107a08201038681bf6c6461703a2f2f2f434e3d45534444526f6f74343039362c434e3d706b692d746573742d3738376d2c 434e3d4344502c434e3d5075626c69632532304b657925323053657276696365732c434e3d5365727669636573
EAP-Message = 0x2c434e3d436f6e66696775726174696f6e2c44433d666c792c44433d626f65696e672c44433d636f6d3f63 657274696669636174655265766f636174696f6e4c6973743f626173653f6f626a656374436c6173733d63524c44697374726962757469 6f6e506f696e74863f687474703a2f2f706b692d746573742d3738376d2e666c792e626f65696e672e636f6d2f43657274456e726f6c6c 2f45534444526f6f74343039362e63726c301006092b06010401823715010403020100300d06092a864886f70d01010505000382020100 89d0fd7533e496888b2ac6b9cedabf4da5fa5c734b99eca89061b28b303050d210ea6b591dfee0c4efc644244a
EAP-Message = 0x55b135a226d9597c71f777a1bee950cdc582f70f1afd54ad92a7f9d13b697c2e77777bfe33c5b486af6b82 2e97d9efdc82a072c3935760378f9faa5be09ac1026c0bf10b3f88bd8b6fb1366829a61ba8496a5f204ba82f88fcc05f8275de0addc828 7bb6c9e8c931a223475d7b29c414992ab24512048a99033f4a82fd82b68ae58129e7d3c7a4e60e26a8b5591098b9a9cde9fe2a3d17964e 686d8fccbb897fda38447ddd014fed04c06e4de165ffb3afe93e17a0bd63973b0a261e1eaf839060b716cdb7891fe872a2a45181c88842 27c94d290a3620ddbfe38a9e2da706250c49ec0413ad0cfb4440b1cf70fbad7668685ccd4146677001b560850e
EAP-Message = 0x8eba09cc6280711eb067230a81d461bcde5ceb4c33956460a20303d68d0219f5cc3bef1d14c94f632a9400 06cf1b90da3e8e37de8440d2079c6a5f4cde66fa9d045d6fcdc04250079b7e1387e0320f40e08d40f013f0d26b22d826a229b1460b64cc 447a34d86687a297b5fe04865b0fb328cd18d8abfa1ea4b1c58ae57f311567069d521fb42e9918aa3cbf6ca91db5eeae294156426a4249 cfd6d3750506a3bb8f98b9e5d839b7fd939293fb96483aaa2ff99110fff680e1117cd11c183cfdeb0aa91b26e89043e33d2ef03588b568 7b47727e3622160301020d0c0002090080dd92a7065d8e5c198f2ac94683f6016182a6c9d6ba13d1c40605fce5
EAP-Message = 0x6f7cd0bb7873bf1b9cb9e92f
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x513c3c87573b316c3a43028be40032ff
Finished request 6.
Going to the next request
Waking up in 1.8 seconds.
rad_recv: Access-Request packet from host 10.128.0.100 port 37626, id=7, length=152
User-Name = "MaintenanceControlDisplay"
NAS-IP-Address = 127.0.0.1
Calling-Station-Id = "02-00-00-00-00-01"
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
Connect-Info = "CONNECT 11Mbps 802.11b"
EAP-Message = 0x020700060d00
State = 0x513c3c87573b316c3a43028be40032ff
Message-Authenticator = 0x06ae2cc57b97003ec0e8eac545dbfb0c
# Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authorize {...}
[preprocess] expand: %{User-Name} -> MaintenanceControlDisplay
[preprocess] hints: Matched DEFAULT at 78
[preprocess] expand: %{Calling-Station-Id}@%{Cisco-AVPair[0]} -> 02-00-00-00-00-01@
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] No '@' in User-Name = "MaintenanceControlDisplay", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 7 length 6
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[files] returns noop
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns noop
Found Auth-Type = EAP
# Executing group from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/tls
[eap] processing type tls
[tls] Authenticate
[tls] processing EAP-TLS
[tls] Received TLS ACK
[tls] ACK handshake fragment handler
[tls] eaptls_verify returned 1
[tls] eaptls_process returned 13
++[eap] returns handled
Sending Access-Challenge of id 7 to 10.128.0.100 port 37626
EAP-Message = 0x010801fe0d80000019b8544530c61e8a23e3590282c0ebba4fc54b2d29238cb7f36aef2cbab2aec5ba9a45 71e9c70452124f67982ee113094defee5efa0bccfa2370fbd4ce688f6bc87b7c19984a674679dded04265157ea403bf20afa80f983b843 00010200805b50c049e7191c5c308f9d08f146209d6e66fda2e79fcde8b3765984ce53e4a99e3c900efaff208fdd7895025afac839f9f8 e19d69bca8c19aba5618c1536001d26494c8cedfd8c5797fa60619922bf49b071db2088e732b4ce94e73f123a076d2f9b1d128b235a095 39c98f263dcb092111fb7e1f1638283f6d4b66f8a1315d01000ec6225e068fc52890b70cd59e8cfecf8f4e57ac
EAP-Message = 0x8dc359de5994463c15c9e624ef85895cb1da4aa68a7e8a09454fbbdfb4469ba590aafe3672b340e5526ade b5186ca5e1e74e7fa38d9d394fa07944f31fb0a1b55e0e5ed92e20b7efdf543921e00a8a8e6a6efd2d90d1ccb35e5e140b97eb81ecc1a9 9f22c1eecbee017a724ec50bcbc0d89c64e877654f1a689986b1e192560ab2ebc8ca66cb3c3f7f7d97fb3fb5981f4dc7589a8ddf3f4147 e4c5b98786f2363f23383af6c50533f41c3a393cb68ffd2709816fde6408d945dc32e460918c36297894053fb6ce68f3a6f2fa0476bba5 9873c0cb03879687b89b2bec3166fabbe01d2d5b3965ba949c63b00016030100100d0000080503040102400000
EAP-Message = 0x0e000000
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x513c3c875634316c3a43028be40032ff
Finished request 7.
Going to the next request
Waking up in 1.8 seconds.
rad_recv: Access-Request packet from host 10.128.0.100 port 37626, id=8, length=1188
User-Name = "MaintenanceControlDisplay"
NAS-IP-Address = 127.0.0.1
Calling-Station-Id = "02-00-00-00-00-01"
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
Connect-Info = "CONNECT 11Mbps 802.11b"
EAP-Message = 0x0208040a0dc00000194c16030117760b00177200176f0004a9308204a53082038da003020102020a3e173b a1000100000d47300d06092a864886f70d0101050500305b31133011060a0992268993f22c6401191603636f6d31163014060a09922689 93f22c6401191606626f65696e6731133011060a0992268993f22c6401191603666c79311730150603550403130e455344444973737565 7232303438301e170d3132303433303233333030315a170d3134303131383036333331365a3081bf3111300f060355042d130841343033 36353235311b3019060355040d131243726577576972656c657373446576696365310b30090603550406130255
EAP-Message = 0x53313b3039060355040a1e320042004f0045005f00490054004c0020004100690072006c0069006e006500 7300200043006f002e0020004c00740064002e311f301d060355040b1316466f72205465737420507572706f736573204f6e6c79312230 20060355040313194d61696e74656e616e6365436f6e74726f6c446973706c617930820122300d06092a864886f70d0101010500038201 0f003082010a0282010100bb3bcec2944ed1d3fc8ac41562f821490aed9d0f94f8f287c607d8996a2687eb23f6b2ee59b525245e542b78 6dfd538078617b79923e0d80373a6c3ce49b3e4bedefc10d2f2cb045a7c03b1fe435d96f888cd388c1fa5acab9
EAP-Message = 0xd1a2b16fb1058b3ede15cd1be6bab2332201d884e276323a13180df7e56b14337910fc1bb70283e81da756 c47d934521842fa253f5243a175626324bf3aa886b391cde87206d0549d1d798994c87fa663d6fb76f28eeebe6228dcf30d24a7657c8e3 2dfea928cc37f4ad1787fc585fd2c0a6a7f600acb2acf5f4bae81dbf5d7fee78e2fa79b6d01d705930e7b6672a31e81959068105992392 fb4a91fded9d31f7bb2d7c01a7ab0203010001a382010430820100301d0603551d0e0416041489e6897d59dded56f52a300000aceac02c fc277a30130603551d25040c300a06082b06010505070302300e0603551d0f0101ff0404030205a0301f060355
EAP-Message = 0x1d230418301680147b3f3d89d72bac972c086ada7233f64a074ea0a1303d0603551d1f043630343032a030 a02e862c687474703a2f2f63726c2e626f65696e672e636f6d2f63726c2f45534444497373756572323034382e63726c303d06092b0601 0401823715070430302e06262b0601040182371508acc31f85e0d61c87dd892487e6e83681a1f354814687e8e46882f8d1190201640201 05301b06092b060104018237150a040e300c300a06082b06010505070302300d06092a864886f70d0101050500038201010004e19b0cfd 1d67050634a01adc74f1bf85a0fea2fba20aafdf51982415ce03664873d92731d65e2db6430c0fe9be3d6c3cdd
EAP-Message = 0xdacb8c60528ee06450f501b12ce84c5251ce30137e56
State = 0x513c3c875634316c3a43028be40032ff
Message-Authenticator = 0x9d6744dd03fb0ae72889cac849b5ede0
# Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authorize {...}
[preprocess] expand: %{User-Name} -> MaintenanceControlDisplay
[preprocess] hints: Matched DEFAULT at 78
[preprocess] expand: %{Calling-Station-Id}@%{Cisco-AVPair[0]} -> 02-00-00-00-00-01@
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] No '@' in User-Name = "MaintenanceControlDisplay", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 8 length 253
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[files] returns noop
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns noop
Found Auth-Type = EAP
# Executing group from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/tls
[eap] processing type tls
[tls] Authenticate
[tls] processing EAP-TLS
TLS Length 6476
[tls] Received EAP-TLS First Fragment of the message
[tls] eaptls_verify returned 9
[tls] eaptls_process returned 13
++[eap] returns handled
Sending Access-Challenge of id 8 to 10.128.0.100 port 37626
EAP-Message = 0x010900060d00
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x513c3c875935316c3a43028be40032ff
Finished request 8.
Going to the next request
Waking up in 1.8 seconds.
rad_recv: Access-Request packet from host 10.128.0.100 port 37626, id=9, length=1184
User-Name = "MaintenanceControlDisplay"
NAS-IP-Address = 127.0.0.1
Calling-Station-Id = "02-00-00-00-00-01"
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
Connect-Info = "CONNECT 11Mbps 802.11b"
EAP-Message = 0x020904060d40f35e9f31776548e380f13528708a648379fdce4901097a09426161485c1979bfcf3dfdc298 064f55d31f3db6d49ff38efb1e4ab36ce653696f663393f4a1a3370b8b63907c7888e2e7c7ba959804a22e18401bbf150bf8ee1e26a848 df7e61cb98fcf9dc67e5dd9d7dfbc9acf5451e7adbd50d14593439b45a9d79372b40c91b6d0f11dcad36a8f6fe0250ba5bbd3d277a2d17 8d2af8be7503bd65921740988796656199be2677eb8d1c1b2c3cfa840e4cd76884055803770006ca308206c6308204aea0030201020210 56886f61a89e888c4face278a0aabf44300d06092a864886f70d0101050500305931133011060a0992268993f2
EAP-Message = 0x2c6401191603636f6d31163014060a0992268993f22c6401191606626f65696e6731133011060a09922689 93f22c6401191603666c79311530130603550403130c45534444526f6f7434303936301e170d3037313231373233333632385a170d3237 313231373233343335395a305931133011060a0992268993f22c6401191603636f6d31163014060a0992268993f22c6401191606626f65 696e6731133011060a0992268993f22c6401191603666c79311530130603550403130c45534444526f6f743430393630820222300d0609 2a864886f70d01010105000382020f003082020a0282020100a893f9fa5409d68e7a33cfcd03bc0578efac4177
EAP-Message = 0x0a34a84b1d78ba3b554ef6a3b40722737a757b7db9e9e9f24fbb3d065e30a8ff8834e8e0c1b864c8d36510 289b131150730708492a06254d96761937a485841420ea2a80c539e68e8adac2a5242c0281659c60169a50b6a926be06544eee5901f907 3377613af43616575be42d8a2fa8184a5bb0740fc13203bbc397b154725415586ae6554dce245015f13b42c85358f46aff90ade72f8647 89cb9739f179efbaabb0be436bbaeeb6bc8ba42e35497e4f02c0fd47515a6d354553e23ff3c9b4654094f7a109e81f95a131b619b94fde aba656439b470f3f2e4c4679ce6b3b19d3cdc132dda580ef80f98af9ddfdcb50d59a335f8bd4de4a3ce7f493fc
EAP-Message = 0x4a942659b3b35c0f67b7d2e7b21609e9ea84ca7b5bb9f8db4904e7353c8f32a8f04091df845c69df06312e ac02e25621f08615ccb20cab61b9703c9150a3a5c13cec3f590a8258950ac680d5c578aa6ccb5f27effdabdeb10d7ff6dc49b4441f6e29 b88283a446ca910e90c9e6572f595c3476eaf515efe2793ac6d7b7a4891f4c655926fb4e2a76d90d8a8ab6b062aabf7aab2bc6354b1ba8 161d71ea4b54ab72547e20129f1e7947333165e07900b1b50fb9b482786124dedbe293e98b9386bf666129eaf95088b9f7ecd25158dc52 fd74ad9397665c795e18dbb69521343c7c7cf0c9c79720006e6707bc5fa3cf0203010001a38201883082018430
EAP-Message = 0x1306092b060104018237140204061e040043
State = 0x513c3c875935316c3a43028be40032ff
Message-Authenticator = 0xd56f46711110d24c271fb50b6ef77742
# Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authorize {...}
[preprocess] expand: %{User-Name} -> MaintenanceControlDisplay
[preprocess] hints: Matched DEFAULT at 78
[preprocess] expand: %{Calling-Station-Id}@%{Cisco-AVPair[0]} -> 02-00-00-00-00-01@
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] No '@' in User-Name = "MaintenanceControlDisplay", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 9 length 253
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[files] returns noop
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns noop
Found Auth-Type = EAP
# Executing group from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/tls
[eap] processing type tls
[tls] Authenticate
[tls] processing EAP-TLS
[tls] More fragments to follow
[tls] eaptls_verify returned 10
[tls] eaptls_process returned 13
++[eap] returns handled
Sending Access-Challenge of id 9 to 10.128.0.100 port 37626
EAP-Message = 0x010a00060d00
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x513c3c875836316c3a43028be40032ff
Finished request 9.
Going to the next request
Waking up in 1.8 seconds.
rad_recv: Access-Request packet from host 10.128.0.100 port 37626, id=10, length=1184
User-Name = "MaintenanceControlDisplay"
NAS-IP-Address = 127.0.0.1
Calling-Station-Id = "02-00-00-00-00-01"
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
Connect-Info = "CONNECT 11Mbps 802.11b"
EAP-Message = 0x020a04060d400041300b0603551d0f040403020186300f0603551d130101ff040530030101ff301d060355 1d0e041604141e4e1c8a14ef89a83391ee997b1cabed3f47eaa63082011c0603551d1f048201133082010f3082010ba0820107a0820103 8681bf6c6461703a2f2f2f434e3d45534444526f6f74343039362c434e3d706b692d746573742d3738376d2c434e3d4344502c434e3d50 75626c69632532304b657925323053657276696365732c434e3d53657276696365732c434e3d436f6e66696775726174696f6e2c44433d 666c792c44433d626f65696e672c44433d636f6d3f63657274696669636174655265766f636174696f6e4c6973
EAP-Message = 0x743f626173653f6f626a656374436c6173733d63524c446973747269627574696f6e506f696e74863f6874 74703a2f2f706b692d746573742d3738376d2e666c792e626f65696e672e636f6d2f43657274456e726f6c6c2f45534444526f6f743430 39362e63726c301006092b06010401823715010403020100300d06092a864886f70d0101050500038202010089d0fd7533e496888b2ac6 b9cedabf4da5fa5c734b99eca89061b28b303050d210ea6b591dfee0c4efc644244a55b135a226d9597c71f777a1bee950cdc582f70f1a fd54ad92a7f9d13b697c2e77777bfe33c5b486af6b822e97d9efdc82a072c3935760378f9faa5be09ac1026c0b
EAP-Message = 0xf10b3f88bd8b6fb1366829a61ba8496a5f204ba82f88fcc05f8275de0addc8287bb6c9e8c931a223475d7b 29c414992ab24512048a99033f4a82fd82b68ae58129e7d3c7a4e60e26a8b5591098b9a9cde9fe2a3d17964e686d8fccbb897fda38447d dd014fed04c06e4de165ffb3afe93e17a0bd63973b0a261e1eaf839060b716cdb7891fe872a2a45181c8884227c94d290a3620ddbfe38a 9e2da706250c49ec0413ad0cfb4440b1cf70fbad7668685ccd4146677001b560850e8eba09cc6280711eb067230a81d461bcde5ceb4c33 956460a20303d68d0219f5cc3bef1d14c94f632a940006cf1b90da3e8e37de8440d2079c6a5f4cde66fa9d045d
EAP-Message = 0x6fcdc04250079b7e1387e0320f40e08d40f013f0d26b22d826a229b1460b64cc447a34d86687a297b5fe04 865b0fb328cd18d8abfa1ea4b1c58ae57f311567069d521fb42e9918aa3cbf6ca91db5eeae294156426a4249cfd6d3750506a3bb8f98b9 e5d839b7fd939293fb96483aaa2ff99110fff680e1117cd11c183cfdeb0aa91b26e89043e33d2ef03588b5687b47727e36220006763082 06723082045aa003020102020a611b280600000000000c300d06092a864886f70d0101050500305931133011060a0992268993f22c6401 191603636f6d31163014060a0992268993f22c6401191606626f65696e6731133011060a0992268993f22c6401
EAP-Message = 0x191603666c79311530130603550403130c45
State = 0x513c3c875836316c3a43028be40032ff
Message-Authenticator = 0x84fe071ee7e336ed9305a724469d8da0
# Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authorize {...}
[preprocess] expand: %{User-Name} -> MaintenanceControlDisplay
[preprocess] hints: Matched DEFAULT at 78
[preprocess] expand: %{Calling-Station-Id}@%{Cisco-AVPair[0]} -> 02-00-00-00-00-01@
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] No '@' in User-Name = "MaintenanceControlDisplay", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 10 length 253
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[files] returns noop
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns noop
Found Auth-Type = EAP
# Executing group from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/tls
[eap] processing type tls
[tls] Authenticate
[tls] processing EAP-TLS
[tls] More fragments to follow
[tls] eaptls_verify returned 10
[tls] eaptls_process returned 13
++[eap] returns handled
Sending Access-Challenge of id 10 to 10.128.0.100 port 37626
EAP-Message = 0x010b00060d00
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x513c3c875b37316c3a43028be40032ff
Finished request 10.
Going to the next request
Waking up in 1.8 seconds.
rad_recv: Access-Request packet from host 10.128.0.100 port 37626, id=11, length=1184
User-Name = "MaintenanceControlDisplay"
NAS-IP-Address = 127.0.0.1
Calling-Station-Id = "02-00-00-00-00-01"
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
Connect-Info = "CONNECT 11Mbps 802.11b"
EAP-Message = 0x020b04060d40534444526f6f7434303936301e170d3039303131393036333331365a170d31343031313830 36333331365a305a31133011060a0992268993f22c6401191603636f6d31163014060a0992268993f22c6401191606626f65696e673113 3011060a0992268993f22c6401191603666c79311630140603550403130d45534444496e7465723430393630820222300d06092a864886 f70d01010105000382020f003082020a02820201009f550e60c398442453191759d44c49d10f2a9e1a27f47675f419fe64086a65ff77d0 75fbbbb7239ca1fd75d1dc0edc36c967a6ea0bd640e7cea54d41b0cb877f320f987db51ef21dbad0e6b248c8bc
EAP-Message = 0x4473b4a39f180bc2b8427c69bfecc87f56d43bceacb6b6fed627d3d06b2c391f698a19dcc918b1a01850ed b9a3f1c949732ec57efb446b43e596e64a768bab47d95f225af8d8c5ae7de5f79fddcaf339bc7d98ac0d09d0c82360ab3ab9208403293f 45606176d518eb96ecd05d09ddce6b4740583074d5f6b4315fd1a1599941102a313f6ca1689620d6bc8101088ac513e2d20b333d60617a e64f68af26146da6b94180f0ee7031bd05d03d03abc66ca3b6a28321b0e409107c1b867cf999bb1aaca9d29d85295c57b27c29cab526a8 da538e6a449f253a44ad71e2d3ac3769fe8c6ce37e1298ff4f96d91f9ccd37d21a763b9e508d11a964dfbe19c6
EAP-Message = 0xf4a51d2562ef397940ed309f29427f85ade6fc8015e56090fa480ba5b8225807f6d9804f0812390cea201d a3a955473b5f19dfd3223b1341e9e36b72b28c82c75b6c5da597518f2f7b6c9fe052f98590c8c3225ea11c1b2805077251f5ac84fef400 f43ad9940338c1b66b158dcf3b31649ce753edbd8b38bda0d5038781dc638111474a99a932a144c6b3ac153f1d3d0d61117cd2cb590d42 4b39e8b3164ef536f1c2860dc7e8889e3ae9412bc0422e5b7923c50203010001a382013930820135300f0603551d130101ff0405300301 01ff301d0603551d0e0416041443b1f625d530e7f847f0bfcb526b9b4fe1fe72b9300b0603551d0f0404030201
EAP-Message = 0x86301006092b06010401823715010403020101302306092b060104018237150204160414d31f074108cfac 5cc47ed111d3a2712f219c9012301906092b0601040182371402040c1e0a00530075006200430041301f0603551d230418301680141e4e 1c8a14ef89a83391ee997b1cabed3f47eaa6303b0603551d1f043430323030a02ea02c862a687474703a2f2f63726c2e626f65696e672e 636f6d2f63726c2f45534444526f6f74343039362e63726c304606082b06010505070101043a3038303606082b06010505073002862a68 7474703a2f2f63726c2e626f65696e672e636f6d2f63726c2f45534444526f6f74343039362e637274300d0609
EAP-Message = 0x2a864886f70d01010505000382020100976a
State = 0x513c3c875b37316c3a43028be40032ff
Message-Authenticator = 0x0ad1596cf779061d296f593b2dfd3c51
# Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authorize {...}
[preprocess] expand: %{User-Name} -> MaintenanceControlDisplay
[preprocess] hints: Matched DEFAULT at 78
[preprocess] expand: %{Calling-Station-Id}@%{Cisco-AVPair[0]} -> 02-00-00-00-00-01@
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] No '@' in User-Name = "MaintenanceControlDisplay", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 11 length 253
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[files] returns noop
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns noop
Found Auth-Type = EAP
# Executing group from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/tls
[eap] processing type tls
[tls] Authenticate
[tls] processing EAP-TLS
[tls] More fragments to follow
[tls] eaptls_verify returned 10
[tls] eaptls_process returned 13
++[eap] returns handled
Sending Access-Challenge of id 11 to 10.128.0.100 port 37626
EAP-Message = 0x010c00060d00
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x513c3c875a30316c3a43028be40032ff
Finished request 11.
Going to the next request
Waking up in 1.8 seconds.
rad_recv: Access-Request packet from host 10.128.0.100 port 37626, id=12, length=1184
User-Name = "MaintenanceControlDisplay"
NAS-IP-Address = 127.0.0.1
Calling-Station-Id = "02-00-00-00-00-01"
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
Connect-Info = "CONNECT 11Mbps 802.11b"
EAP-Message = 0x020c04060d4048f45eed37c731261476bba7a6b705e7d169a8fbad7b380e5f75f32761bb56e803864ee663 cac722b7c1a9ea1d6b2a0c06f952c91e4b7b2d99724f0330cd81d4800cf17842bceeaed7285a45f90879667e3a18f70b3464a3d0d6d514 173a98b9678e998b8d9a494cfe9243e300c2832a35df610158cd396b1f280db73d94c58709c200b1d702aee8c2a8ebb7b07ff2acbc547b dc9889122128abeaeb1f575026452952e0e9c51292bd2ef1eff30468f418406c0860cd36806e73fc3e13fb5f3cccc7cd8fb934c2f06f94 e83a8be6d9985b53b884c8236135e88e63ba8dd36b4708cff97de8f14e4a035a02e9aef78670e90101f725f08e
EAP-Message = 0x02ea7beaf85acf6e722216671b00749643ef995a71e0e0f21dd9f5282ddba71c014fea56097bdf2c60cdc6 056d3cea13ba4aae1782860adaebd34a896186d5840355a6e80e91b21bfa283bed2bbb4c67b198e212875081fd305ec7d6d74af01bf678 0355aea3a1ee8cd3e506224829321aade7c25d915394eb31db8310834e1724d5ca7dfccfff1d18935ddb264b199bda870f3954c4243e82 b167acdd96fb2091a99de16a1710007885b0f9e045d7bc8ab34af0041db6e8009a20d0ba835517ea46b6e95b6a47b993c8ba1ad606a030 f40102b8c02b226bce7e64d4a2a705a08fe4c4cb51519be63c4455c0a6e8871658c1f20195a7d7efeecd530454
EAP-Message = 0x602d8d6ac6cb81540d1800057a308205763082035ea003020102020a61395bb700010000000a300d06092a 864886f70d0101050500305a31133011060a0992268993f22c6401191603636f6d31163014060a0992268993f22c6401191606626f6569 6e6731133011060a0992268993f22c6401191603666c79311630140603550403130d45534444496e74657234303936301e170d30393031 31393037303632315a170d3134303131383036333331365a305b31133011060a0992268993f22c6401191603636f6d31163014060a0992 268993f22c6401191606626f65696e6731133011060a0992268993f22c6401191603666c793117301506035504
EAP-Message = 0x03130e455344444973737565723230343830820122300d06092a864886f70d01010105000382010f003082 010a02820101009ede837e52ce12f2f315c72da8adbaf7828db60d09392a3cf133c5f11a497d7bd90f1e1eddcdb23058de50acad29c809 b5036f4ce1b0307609a68c92c47bb3a089b236e8e05e3275170369ab25371f4bc684324ac54ad223a046a4eb84964daaf1c2244edec54b 03ef4137634d55afc4e118031d822efd491b7cf9d6530362297ccff6616dfe1f0ebaebaf4f84ff9edce03a9189f34ca257ce621e20aeaf 539e5f91fcae83e89219e587fde80e5c86666d5fd5fdc364f47ab4bda8b62f6233a18e1ddcf109c90234bec8de
EAP-Message = 0xf2d14c026d557b14cd764a677f91c3e5a096
State = 0x513c3c875a30316c3a43028be40032ff
Message-Authenticator = 0x83805531ac628b23e32fce49a71392bd
# Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authorize {...}
[preprocess] expand: %{User-Name} -> MaintenanceControlDisplay
[preprocess] hints: Matched DEFAULT at 78
[preprocess] expand: %{Calling-Station-Id}@%{Cisco-AVPair[0]} -> 02-00-00-00-00-01@
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] No '@' in User-Name = "MaintenanceControlDisplay", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 12 length 253
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[files] returns noop
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns noop
Found Auth-Type = EAP
# Executing group from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/tls
[eap] processing type tls
[tls] Authenticate
[tls] processing EAP-TLS
[tls] More fragments to follow
[tls] eaptls_verify returned 10
[tls] eaptls_process returned 13
++[eap] returns handled
Sending Access-Challenge of id 12 to 10.128.0.100 port 37626
EAP-Message = 0x010d00060d00
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x513c3c875d31316c3a43028be40032ff
Finished request 12.
Going to the next request
Waking up in 1.8 seconds.
rad_recv: Access-Request packet from host 10.128.0.100 port 37626, id=13, length=1184
User-Name = "MaintenanceControlDisplay"
NAS-IP-Address = 127.0.0.1
Calling-Station-Id = "02-00-00-00-00-01"
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
Connect-Info = "CONNECT 11Mbps 802.11b"
EAP-Message = 0x020d04060d40bc0f216a6aa60365dad3b4bbe2616ef038a6d2610bf15597e4fb288472028530c054f10203 010001a382013b30820137300f0603551d130101ff040530030101ff301d0603551d0e041604147b3f3d89d72bac972c086ada7233f64a 074ea0a1300b0603551d0f040403020186301006092b06010401823715010403020101302306092b060104018237150204160414249ba6 c4888fd87d96ab95594e6637dd6e25632f301906092b0601040182371402040c1e0a00530075006200430041301f0603551d2304183016 801443b1f625d530e7f847f0bfcb526b9b4fe1fe72b9303c0603551d1f043530333031a02fa02d862b68747470
EAP-Message = 0x3a2f2f63726c2e626f65696e672e636f6d2f63726c2f45534444496e746572343039362e63726c30470608 2b06010505070101043b3039303706082b06010505073002862b687474703a2f2f63726c2e626f65696e672e636f6d2f63726c2f455344 44496e746572343039362e637274300d06092a864886f70d010105050003820201006bd3c23ef41bc64c3383a89e90f53061c5b5f03e20 40ebc07377fedd37e6ea3f8ce247d0459c1889138a0c63c9b5b5b305e8696de327c1658330193d784233a5343e00e03ccce0e77960a69b 0f9a547a193d6a6502ec30fe65c6365aab74304517f7fea0ce3a07896d13492d59f11ff187aae8d743897f92ef
EAP-Message = 0xa32b18a86a8c02d4e909e17e97417d5c676d546785540ebdf853366842f38e66b0d9a00bc6cf2a25777f0d ef04b8971ebce5b776400e121455288ae22c65c6d23fbcd243a9be7182f6969f0d6061dc4f786eb6eb2fbfd89c807c990eb67a595fb271 7599cc0262dfe8483f7e4f010c8bf6e8c9e02de0a3ccb594e8a1ee52cfd051e13642a34f0325c6c767548c6102d4e4311a37b08d44164a fff6a0a67af3f971ad402ee75a8835d5fa76731958078d4b3f483f412fbb36b888e5416ec598487402187b049bd80f79fa8d53f6476999 c2cf3b82646d2777fd7c6c0ce31b3c330693d78b8960d784840ff10e784e078023b73ad81e0fd6fdc7bf66bf09
EAP-Message = 0xcf8118d3852613bd4cf23f384191bdd292050490c3bfde93230dba380f1391aaf299bd7c4288e0758c9132 df0250d269f10da91b51fb1cd3238828cfc140f801ba777248759e0fdb13e10e08560616d5d7dd7b4cd5a091b28ffba665665648e98da4 4682f17430ada59a3a4b889250ae64a1d4f112a3a83fab8bcaf308087ff97a820a6844c8e64ac9291603010086100000820080d5c6f2b2 117a6cbad67d242f4a69802a07cc8aaf5ff59ebf219cf8af7a387d7803fb034db0e6070054f312a26293f461b6de33fa34b7b09a42aea8 c3394d9c7f44c7148e62b6f611dafa44040cb3378f6744dcf4ad54099d59580e2e445697c4ec2348b4552af63e
EAP-Message = 0x247063c1bccceed74889ea590e0da58ce6be
State = 0x513c3c875d31316c3a43028be40032ff
Message-Authenticator = 0xbb1d0ad92f5fd564954baa008cd36db0
# Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authorize {...}
[preprocess] expand: %{User-Name} -> MaintenanceControlDisplay
[preprocess] hints: Matched DEFAULT at 78
[preprocess] expand: %{Calling-Station-Id}@%{Cisco-AVPair[0]} -> 02-00-00-00-00-01@
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] No '@' in User-Name = "MaintenanceControlDisplay", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 13 length 253
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[files] returns noop
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns noop
Found Auth-Type = EAP
# Executing group from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/tls
[eap] processing type tls
[tls] Authenticate
[tls] processing EAP-TLS
[tls] More fragments to follow
[tls] eaptls_verify returned 10
[tls] eaptls_process returned 13
++[eap] returns handled
Sending Access-Challenge of id 13 to 10.128.0.100 port 37626
EAP-Message = 0x010e00060d00
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x513c3c875c32316c3a43028be40032ff
Finished request 13.
Going to the next request
Waking up in 1.8 seconds.
rad_recv: Access-Request packet from host 10.128.0.100 port 37626, id=14, length=486
User-Name = "MaintenanceControlDisplay"
NAS-IP-Address = 127.0.0.1
Calling-Station-Id = "02-00-00-00-00-01"
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
Connect-Info = "CONNECT 11Mbps 802.11b"
EAP-Message = 0x020e01520d00a235d3b7f87016030101060f00010201009c5bae8f60c3882d11a8226db135282ea8065fa1 2587cd72b4beaa29ae85a390117cd3b2cb47dfd94438f6601cc5fd5b2a3ce4805ad3f88bd71df9ff5b2dff640402660699ddd03a645121 14167e1386a1968e46d91749f78cdbd5aace7b1a52a2df2d90c93b76ca567b41734a9ae1f3537cc938ab05e11bc100e9c265a72bc8345f bfdd42242a3a376248f1d641f2ef2e294d4290ff8a216c17a90f43c2a04ec4f29de41bdda9dc8b3d0ac398fcf5c0bb3f2e9fe752aba87c 9c09250c91d2bb39f413765b620c3dea46fc330bcc347488fc0dc23e8f4c63008cdd1ebdbc907fe13f4c5619ab
EAP-Message = 0x6f49b68bd20f7c60ffb52b1f96a61c26aa6415e09dede4d5212c1403010001011603010030e0db5794014c 3d3d69d2bdfd98a304ad9779de997f577a7cd878ed46952ce28eb9918b0e21865ef74572c8e7cf16790d
State = 0x513c3c875c32316c3a43028be40032ff
Message-Authenticator = 0x9c9cc0760618df10c4d942cd95e95c9c
# Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authorize {...}
[preprocess] expand: %{User-Name} -> MaintenanceControlDisplay
[preprocess] hints: Matched DEFAULT at 78
[preprocess] expand: %{Calling-Station-Id}@%{Cisco-AVPair[0]} -> 02-00-00-00-00-01@
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] No '@' in User-Name = "MaintenanceControlDisplay", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 14 length 253
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[files] returns noop
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns noop
Found Auth-Type = EAP
# Executing group from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/tls
[eap] processing type tls
[tls] Authenticate
[tls] processing EAP-TLS
[tls] eaptls_verify returned 7
[tls] Done initial handshake
[tls] <<< TLS 1.0 Handshake [length 1776], Certificate
[tls] chain-depth=3,
[tls] error=0
[tls] --> User-Name = MaintenanceControlDisplay
[tls] --> BUF-Name = ESDDRoot4096
[tls] --> subject = /DC=com/DC=boeing/DC=fly/CN=ESDDRoot4096
[tls] --> issuer = /DC=com/DC=boeing/DC=fly/CN=ESDDRoot4096
[tls] --> verify return:1
[tls] chain-depth=2,
[tls] error=0
[tls] --> User-Name = MaintenanceControlDisplay
[tls] --> BUF-Name = ESDDInter4096
[tls] --> subject = /DC=com/DC=boeing/DC=fly/CN=ESDDInter4096
[tls] --> issuer = /DC=com/DC=boeing/DC=fly/CN=ESDDRoot4096
[tls] --> verify return:1
[tls] chain-depth=1,
[tls] error=0
[tls] --> User-Name = MaintenanceControlDisplay
[tls] --> BUF-Name = ESDDIssuer2048
[tls] --> subject = /DC=com/DC=boeing/DC=fly/CN=ESDDIssuer2048
[tls] --> issuer = /DC=com/DC=boeing/DC=fly/CN=ESDDInter4096
[tls] --> verify return:1
[tls] chain-depth=0,
[tls] error=0
[tls] --> User-Name = MaintenanceControlDisplay
[tls] --> BUF-Name = MaintenanceControlDisplay
[tls] --> subject = /x500UniqueIdentifier=A4036525/description=CrewWirelessDevice/C=US/O=\x00B\x00O\x00E\x00_\ x00I\x00T\x00L\x00 \x00A\x00i\x00r\x00l\x00i\x00n\x00e\x00s\x00 \x00C\x00o\x00.\x00 \x00L\x00t\x00d\x00./OU=Fo r Test Purposes Only/CN=MaintenanceControlDisplay
[tls] --> issuer = /DC=com/DC=boeing/DC=fly/CN=ESDDIssuer2048
[tls] --> verify return:1
[tls] TLS_accept: SSLv3 read client certificate A
[tls] <<< TLS 1.0 Handshake [length 0086], ClientKeyExchange
[tls] TLS_accept: SSLv3 read client key exchange A
[tls] <<< TLS 1.0 Handshake [length 0106], CertificateVerify
[tls] TLS_accept: SSLv3 read certificate verify A
[tls] <<< TLS 1.0 ChangeCipherSpec [length 0001]
[tls] <<< TLS 1.0 Handshake [length 0010], Finished
[tls] TLS_accept: SSLv3 read finished A
[tls] >>> TLS 1.0 ChangeCipherSpec [length 0001]
[tls] TLS_accept: SSLv3 write change cipher spec A
[tls] >>> TLS 1.0 Handshake [length 0010], Finished
[tls] TLS_accept: SSLv3 write finished A
[tls] TLS_accept: SSLv3 flush data
[tls] (other): SSL negotiation finished successfully
SSL Connection Established
[tls] eaptls_process returned 13
++[eap] returns handled
Sending Access-Challenge of id 14 to 10.128.0.100 port 37626
EAP-Message = 0x010f00450d800000003b14030100010116030100302e7324c43c27ba2ca05affb5044cdc80b6fde1835f0a fcacabb0f0eeb818e2397f158ad69090966662002a492e085e48
Message-Authenticator = 0x00000000000000000000000000000000
State = 0x513c3c875f33316c3a43028be40032ff
Finished request 14.
Going to the next request
Waking up in 1.8 seconds.
rad_recv: Access-Request packet from host 10.128.0.100 port 37626, id=15, length=152
User-Name = "MaintenanceControlDisplay"
NAS-IP-Address = 127.0.0.1
Calling-Station-Id = "02-00-00-00-00-01"
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
Connect-Info = "CONNECT 11Mbps 802.11b"
EAP-Message = 0x020f00060d00
State = 0x513c3c875f33316c3a43028be40032ff
Message-Authenticator = 0x434f2ff4845a3da8223675d555c7299c
# Executing section authorize from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authorize {...}
[preprocess] expand: %{User-Name} -> MaintenanceControlDisplay
[preprocess] hints: Matched DEFAULT at 78
[preprocess] expand: %{Calling-Station-Id}@%{Cisco-AVPair[0]} -> 02-00-00-00-00-01@
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
++[digest] returns noop
[suffix] No '@' in User-Name = "MaintenanceControlDisplay", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] EAP packet type response id 15 length 6
[eap] No EAP Start, assuming it's an on-going EAP conversation
++[eap] returns updated
++[files] returns noop
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns noop
Found Auth-Type = EAP
# Executing group from file /usr/local/etc/raddb/sites-enabled/default
+- entering group authenticate {...}
[eap] Request found, released from the list
[eap] EAP/tls
[eap] processing type tls
[tls] Authenticate
[tls] processing EAP-TLS
[tls] Received TLS ACK
[tls] ACK handshake is finished
[tls] eaptls_verify returned 3
[tls] eaptls_process returned 3
[tls] Adding user data to cached session
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 28804300 (LWP 101549/radiusd)]
0x28489873 in eaptls_gen_mppe_keys (reply_vps=0x28bc4230, s=0x288b7400,
prf_label=0x2849a8ff "client EAP encryption") at mppe_keys.c:147
147 PRF(s->session->master_key, s->session->master_key_length,
(gdb)
Steve Magnuson
Boeing Commercial Airplanes
More information about the freebsd-ports
mailing list