From owner-freebsd-ports@FreeBSD.ORG Thu Jan 3 23:38:17 2013 Return-Path: Delivered-To: ports@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id A7ABD1D1; Thu, 3 Jan 2013 23:38:17 +0000 (UTC) (envelope-from Steve.Magnuson2@boeing.com) Received: from stl-mbsout-02.boeing.com (stl-mbsout-02.boeing.com [130.76.96.170]) by mx1.freebsd.org (Postfix) with ESMTP id 09843DFE; Thu, 3 Jan 2013 23:38:16 +0000 (UTC) Received: from stl-mbsout-02.boeing.com (localhost.localdomain [127.0.0.1]) by stl-mbsout-02.boeing.com (8.14.4/8.14.4/DOWNSTREAM_MBSOUT) with ESMTP id r03NcGEm013743; Thu, 3 Jan 2013 17:38:16 -0600 Received: from XCH-NWHT-05.nw.nos.boeing.com (xch-nwht-05.nw.nos.boeing.com [130.247.25.109]) by stl-mbsout-02.boeing.com (8.14.4/8.14.4/UPSTREAM_MBSOUT) with ESMTP id r03NcEqa013738 (version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=OK); Thu, 3 Jan 2013 17:38:15 -0600 Received: from XCH-NW-01V.nw.nos.boeing.com ([130.247.64.97]) by XCH-NWHT-05.nw.nos.boeing.com ([130.247.25.109]) with mapi; Thu, 3 Jan 2013 15:38:14 -0800 From: "Magnuson, Steve" To: "zi@FreeBSD.org" Date: Thu, 3 Jan 2013 15:38:13 -0800 Subject: RE: FreeBSD Port: freeradius-2.2.0 Thread-Topic: FreeBSD Port: freeradius-2.2.0 Thread-Index: Ac3qCo7Kkdc8aUqtT1CIN628KKicCQAAH3kg Message-ID: <098E1A12860FC546BFB9617D2BEB5E145DE9B2F3BF@XCH-NW-01V.nw.nos.boeing.com> References: <098E1A12860FC546BFB9617D2BEB5E145DE9B2F3AE@XCH-NW-01V.nw.nos.boeing.com> <20130103233151.GA37595@exodus.zi0r.com> In-Reply-To: <20130103233151.GA37595@exodus.zi0r.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: acceptlanguage: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-TM-AS-MML: No Cc: "ports@FreeBSD.org" X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Jan 2013 23:38:17 -0000 Hello, Thanks for the quick reply! I rebuilt freeradius using portmaster per your instructions. The behavior = is the same (segfault during Client EAP encryption). Regards, Steve Steve Magnuson Boeing Commercial Airplanes -----Original Message----- From: zi@FreeBSD.org [mailto:zi@FreeBSD.org] Sent: Thursday, January 03, 2013 3:32 PM To: Magnuson, Steve Cc: ports@FreeBSD.org Subject: Re: FreeBSD Port: freeradius-2.2.0 On (01/03/13 15:17), Magnuson, Steve wrote: > Hello, > > Please advise if I need to post this elsewhere. I'm having problems with= FreeBSD FreeRADIUS 2.2.0 port segfaulting. > Greetings! > I've upgraded (using portupgrade) the FreeRADIUS port from 2.1.12 to 2.2.= 0 and now EAP-TLS clients are causing FreeRADIUS to segfault at the very en= d of the authentication process. The odd thing is that I upgraded another s= erver from FR 2.1.12 to 2.2.0 and that server authenticates the same client= s fine. Both servers are virtual (VMware) and configured with identical me= mory, OS, etc. > Can you please rebuild freeradius on the offending server? Using portmaster, you would run: portmaster freeradius\* Thanks! -r > Here are the particulars for *both* servers: > > # uname -a > FreeBSD wan231s1.wan.lab 9.0-RELEASE-p3 FreeBSD 9.0-RELEASE-p3 #0: Tue Ju= n 12 01:47:53 UTC 2012 root@i386-builder.daemonology.net:/usr/obj/usr/s= rc/sys/GENERIC i386 > > # pkg_info -r freeradius-2.2.0 > Information for freeradius-2.2.0: > > Depends on: > Dependency: openssl-1.0.1_4 > Dependency: perl-5.16.2 > Dependency: libltdl-2.4.2 > Dependency: gdbm-1.9.1 > Dependency: libiconv-1.14 > Dependency: gettext-0.18.1.1 > Dependency: python27-2.7.3_5 > > The FreeRADIUS port on both servers was build with these config options: > > # make showconfig > =3D=3D=3D> The following configuration options are available for freeradi= us-2.2.0: > DEVELOPER=3Doff: Enable developer options > DHCP=3Doff: With DHCP support (EXPERIMENTAL) > EDIR=3Doff: Enable eDirectory support (implies LDAP) > EXPERIMENTAL=3Don: Build experimental modules > FIREBIRD=3Doff: With Firebird database support (EXPERIMENTAL) > HEIMDAL=3Doff: With Heimdal Kerberos support > HEIMDAL_PATCH=3Doff: Enhanced Heimdal support (specify SPN/keytab) > HEIMDAL_PORT=3Doff: With Heimdal Kerberos from ports > KERBEROS=3Doff: Kerberos support > LDAP=3Doff: LDAP support > MYSQL=3Doff: MySQL database > OCI8=3Doff: With Oracle support (currently experimental) > PERL=3Don: Perl scripting language > PGSQL=3Doff: PostgreSQL database > PYTHON=3Don: Python bindings > RUBY=3Doff: Ruby binding/support > UDPFROMTO=3Doff: Compile in UDPFROMTO support > UNIXODBC=3Doff: With unixODBC database support > USER=3Don: Run as user freeradius, group freeradius > =3D=3D=3D> Use 'make config' to modify these settings > > When I run radius -X under gdb, the error I get is: > > Program received signal SIGSEGV, Segmentation fault. > [Switching to Thread 28804300 (LWP 101549/radiusd)] > 0x28489873 in eaptls_gen_mppe_keys (reply_vps=3D0x28bc4230, s=3D0x288b740= 0, > prf_label=3D0x2849a8ff "client EAP encryption") at mppe_keys.c:147 > 147 PRF(s->session->master_key, s->session->master_key_length= , > > I cannot figure out why this server exhibits this behavior and the other = server does not. When I portdowngrade back to 2.1.12, the clients authenti= cate with no problems. > > Any suggestions? > > > Full output follows: > =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D > > > # gdb /usr/local/sbin/radiusd > GNU gdb 6.1.1 [FreeBSD] > Copyright 2004 Free Software Foundation, Inc. > GDB is free software, covered by the GNU General Public License, and you = are > welcome to change it and/or distribute copies of it under certain conditi= ons. > Type "show copying" to see the conditions. > There is absolutely no warranty for GDB. Type "show warranty" for detail= s. > This GDB was configured as "i386-marcel-freebsd"...(no debugging symbols = found)... > (gdb) run -X > Starting program: /usr/local/sbin/radiusd -X > (no debugging symbols found)...(no debugging symbols found)...[New LWP 10= 1549] > (no debugging symbols found)...(no debugging symbols found)...(no debuggi= ng symbols found)... > (no debugging symbols found)...(no debugging symbols found)...(no debuggi= ng symbols found)... > [New Thread 28804300 (LWP 101549/radiusd)] > FreeRADIUS Version 2.2.0, for host i386-portbld-freebsd9.0, built on Jan = 3 2013 at 20:39:43 > Copyright (C) 1999-2012 The FreeRADIUS server project and contributors. > There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A > PARTICULAR PURPOSE. > You may redistribute copies of FreeRADIUS under the terms of the > GNU General Public License v2. > Starting - reading configuration files ... > including configuration file /usr/local/etc/raddb/radiusd.conf > including configuration file /usr/local/etc/raddb/proxy.conf > including configuration file /usr/local/etc/raddb/clients.conf > including files in directory /usr/local/etc/raddb/modules/ > including configuration file /usr/local/etc/raddb/modules/wimax > including configuration file /usr/local/etc/raddb/modules/always > including configuration file /usr/local/etc/raddb/modules/attr_filter > including configuration file /usr/local/etc/raddb/modules/attr_rewrite > including configuration file /usr/local/etc/raddb/modules/cache > including configuration file /usr/local/etc/raddb/modules/chap > including configuration file /usr/local/etc/raddb/modules/checkval > including configuration file /usr/local/etc/raddb/modules/counter > including configuration file /usr/local/etc/raddb/modules/cui > including configuration file /usr/local/etc/raddb/modules/detail > including configuration file /usr/local/etc/raddb/modules/detail.example.= com > including configuration file /usr/local/etc/raddb/modules/detail.log > including configuration file /usr/local/etc/raddb/modules/dhcp_sqlippool > including configuration file /usr/local/etc/raddb/sql/mysql/ippool-dhcp.c= onf > including configuration file /usr/local/etc/raddb/modules/digest > including configuration file /usr/local/etc/raddb/modules/dynamic_clients > including configuration file /usr/local/etc/raddb/modules/echo > including configuration file /usr/local/etc/raddb/modules/etc_group > including configuration file /usr/local/etc/raddb/modules/exec > including configuration file /usr/local/etc/raddb/modules/expiration > including configuration file /usr/local/etc/raddb/modules/expr > including configuration file /usr/local/etc/raddb/modules/files > including configuration file /usr/local/etc/raddb/modules/inner-eap > including configuration file /usr/local/etc/raddb/modules/ippool > including configuration file /usr/local/etc/raddb/modules/krb5 > including configuration file /usr/local/etc/raddb/modules/ldap > including configuration file /usr/local/etc/raddb/modules/linelog > including configuration file /usr/local/etc/raddb/modules/otp > including configuration file /usr/local/etc/raddb/modules/logintime > including configuration file /usr/local/etc/raddb/modules/mac2ip > including configuration file /usr/local/etc/raddb/modules/mac2vlan > including configuration file /usr/local/etc/raddb/modules/mschap > including configuration file /usr/local/etc/raddb/modules/ntlm_auth > including configuration file /usr/local/etc/raddb/modules/opendirectory > including configuration file /usr/local/etc/raddb/modules/pam > including configuration file /usr/local/etc/raddb/modules/pap > including configuration file /usr/local/etc/raddb/modules/passwd > including configuration file /usr/local/etc/raddb/modules/perl > including configuration file /usr/local/etc/raddb/modules/policy > including configuration file /usr/local/etc/raddb/modules/preprocess > including configuration file /usr/local/etc/raddb/modules/radrelay > including configuration file /usr/local/etc/raddb/modules/radutmp > including configuration file /usr/local/etc/raddb/modules/realm > including configuration file /usr/local/etc/raddb/modules/redis > including configuration file /usr/local/etc/raddb/modules/rediswho > including configuration file /usr/local/etc/raddb/modules/replicate > including configuration file /usr/local/etc/raddb/modules/smbpasswd > including configuration file /usr/local/etc/raddb/modules/smsotp > including configuration file /usr/local/etc/raddb/modules/soh > including configuration file /usr/local/etc/raddb/modules/sql_log > including configuration file /usr/local/etc/raddb/modules/sqlcounter_expi= re_on_login > including configuration file /usr/local/etc/raddb/modules/sradutmp > including configuration file /usr/local/etc/raddb/modules/unix > including configuration file /usr/local/etc/raddb/modules/acct_unique > including configuration file /usr/local/etc/raddb/eap.conf > including configuration file /usr/local/etc/raddb/policy.conf > including files in directory /usr/local/etc/raddb/sites-enabled/ > including configuration file /usr/local/etc/raddb/sites-enabled/default > main { > user =3D "freeradius" > group =3D "freeradius" > allow_core_dumps =3D no > } > including dictionary file /usr/local/etc/raddb/dictionary > main { > name =3D "radiusd" > prefix =3D "/usr/local" > localstatedir =3D "/var" > sbindir =3D "/usr/local/sbin" > logdir =3D "/var/log" > run_dir =3D "/var/run/radiusd" > libdir =3D "/usr/local/lib/freeradius-2.2.0" > radacctdir =3D "/var/log/radacct" > hostname_lookups =3D no > max_request_time =3D 30 > cleanup_delay =3D 5 > max_requests =3D 1024 > pidfile =3D "/var/run/radiusd/radiusd.pid" > checkrad =3D "/usr/local/sbin/checkrad" > debug_level =3D 0 > proxy_requests =3D no > log { > stripped_names =3D no > auth =3D yes > auth_badpass =3D no > auth_goodpass =3D no > } > security { > max_attributes =3D 200 > reject_delay =3D 1 > status_server =3D yes > } > } > radiusd: #### Loading Realms and Home Servers #### > proxy server { > retry_delay =3D 5 > retry_count =3D 3 > default_fallback =3D no > dead_time =3D 120 > wake_all_if_all_dead =3D no > } > home_server localhost { > ipaddr =3D 127.0.0.1 > port =3D 1812 > type =3D "auth" > secret =3D "testing123" > response_window =3D 20 > max_outstanding =3D 65536 > require_message_authenticator =3D yes > zombie_period =3D 40 > status_check =3D "status-server" > ping_interval =3D 30 > check_interval =3D 30 > num_answers_to_alive =3D 3 > num_pings_to_alive =3D 3 > revive_interval =3D 120 > status_check_timeout =3D 4 > coa { > irt =3D 2 > mrt =3D 16 > mrc =3D 5 > mrd =3D 30 > } > } > home_server_pool my_auth_failover { > type =3D fail-over > home_server =3D localhost > } > realm example.com { > auth_pool =3D my_auth_failover > } > realm LOCAL { > } > radiusd: #### Loading Clients #### > client localhost { > ipaddr =3D 127.0.0.1 > require_message_authenticator =3D no > secret =3D "testing123" > nastype =3D "other" > } > client 10.128.0.100 { > require_message_authenticator =3D no > secret =3D "redacted" > shortname =3D "nms231s1-eapol-test" > nastype =3D "other" > } > radiusd: #### Instantiating modules #### > instantiate { > (no debugging symbols found)... Module: Linked to module rlm_exec > Module: Instantiating module "exec" from file /usr/local/etc/raddb/modul= es/exec > exec { > wait =3D no > input_pairs =3D "request" > shell_escape =3D yes > } > Module: Linked to module rlm_expr > Module: Instantiating module "expr" from file /usr/local/etc/raddb/modul= es/expr > Module: Linked to module rlm_expiration > Module: Instantiating module "expiration" from file /usr/local/etc/raddb= /modules/expiration > expiration { > reply-message =3D "Password Has Expired " > } > Module: Linked to module rlm_logintime > Module: Instantiating module "logintime" from file /usr/local/etc/raddb/= modules/logintime > logintime { > reply-message =3D "You are calling outside your allowed timespan = " > minimum-timeout =3D 60 > } > } > radiusd: #### Loading Virtual Servers #### > server { # from file /usr/local/etc/raddb/radiusd.conf > modules { > Module: Creating Auth-Type =3D digest > Module: Creating Post-Auth-Type =3D REJECT > Module: Checking authenticate {...} for more modules to load > Module: Linked to module rlm_pap > Module: Instantiating module "pap" from file /usr/local/etc/raddb/module= s/pap > pap { > encryption_scheme =3D "auto" > auto_header =3D no > } > Module: Linked to module rlm_chap > Module: Instantiating module "chap" from file /usr/local/etc/raddb/modul= es/chap > Module: Linked to module rlm_mschap > Module: Instantiating module "mschap" from file /usr/local/etc/raddb/mod= ules/mschap > mschap { > use_mppe =3D yes > require_encryption =3D no > require_strong =3D no > with_ntdomain_hack =3D no > allow_retry =3D yes > } > Module: Linked to module rlm_digest > Module: Instantiating module "digest" from file /usr/local/etc/raddb/mod= ules/digest > Module: Linked to module rlm_unix > Module: Instantiating module "unix" from file /usr/local/etc/raddb/modul= es/unix > unix { > radwtmp =3D "/var/log/radwtmp" > } > Module: Linked to module rlm_eap > Module: Instantiating module "eap" from file /usr/local/etc/raddb/eap.co= nf > eap { > default_eap_type =3D "tls" > timer_expire =3D 60 > ignore_unknown_eap_types =3D no > cisco_accounting_username_bug =3D no > max_sessions =3D 4096 > } > Module: Linked to sub-module rlm_eap_md5 > Module: Instantiating eap-md5 > Module: Linked to sub-module rlm_eap_leap > Module: Instantiating eap-leap > Module: Linked to sub-module rlm_eap_gtc > Module: Instantiating eap-gtc > gtc { > challenge =3D "Password: " > auth_type =3D "PAP" > } > Module: Linked to sub-module rlm_eap_tls > Module: Instantiating eap-tls > tls { > rsa_key_exchange =3D no > dh_key_exchange =3D yes > rsa_key_length =3D 512 > dh_key_length =3D 512 > verify_depth =3D 0 > CA_path =3D "/usr/local/etc/raddb/certs/CA" > pem_file_type =3D yes > private_key_file =3D "/usr/local/etc/raddb/certs/gatelink822-wan2= 31s1_key.pem" > certificate_file =3D "/usr/local/etc/raddb/certs/gatelink822-wan2= 31s1_cert.pem" > private_key_password =3D "redacted" > dh_file =3D "/usr/local/etc/raddb/certs/dh" > random_file =3D "/usr/local/etc/raddb/certs/random" > fragment_size =3D 1024 > include_length =3D yes > check_crl =3D no > cipher_list =3D "DEFAULT" > make_cert_command =3D "/usr/local/etc/raddb/certs/bootstrap" > ecdh_curve =3D "prime256v1" > cache { > enable =3D no > lifetime =3D 24 > max_entries =3D 255 > } > verify { > } > ocsp { > enable =3D no > override_cert_url =3D yes > url =3D "http://127.0.0.1/ocsp/" > use_nonce =3D yes > timeout =3D 0 > softfail =3D no > } > } > Module: Linked to sub-module rlm_eap_ttls > Module: Instantiating eap-ttls > ttls { > default_eap_type =3D "md5" > copy_request_to_tunnel =3D no > use_tunneled_reply =3D no > virtual_server =3D "inner-tunnel" > include_length =3D yes > } > Module: Linked to sub-module rlm_eap_peap > Module: Instantiating eap-peap > peap { > default_eap_type =3D "mschapv2" > copy_request_to_tunnel =3D no > use_tunneled_reply =3D no > proxy_tunneled_request_as_eap =3D yes > virtual_server =3D "inner-tunnel" > soh =3D no > } > Module: Linked to sub-module rlm_eap_mschapv2 > Module: Instantiating eap-mschapv2 > mschapv2 { > with_ntdomain_hack =3D no > send_error =3D no > } > Module: Checking authorize {...} for more modules to load > Module: Linked to module rlm_preprocess > Module: Instantiating module "preprocess" from file /usr/local/etc/raddb= /modules/preprocess > preprocess { > huntgroups =3D "/usr/local/etc/raddb/huntgroups" > hints =3D "/usr/local/etc/raddb/hints" > with_ascend_hack =3D no > ascend_channels_per_line =3D 23 > with_ntdomain_hack =3D no > with_specialix_jetstream_hack =3D no > with_cisco_vsa_hack =3D no > with_alvarion_vsa_hack =3D no > } > reading pairlist file /usr/local/etc/raddb/huntgroups > reading pairlist file /usr/local/etc/raddb/hints > Module: Linked to module rlm_realm > Module: Instantiating module "suffix" from file /usr/local/etc/raddb/mod= ules/realm > realm suffix { > format =3D "suffix" > delimiter =3D "@" > ignore_default =3D no > ignore_null =3D no > } > Module: Linked to module rlm_files > Module: Instantiating module "files" from file /usr/local/etc/raddb/modu= les/files > files { > usersfile =3D "/usr/local/etc/raddb/users" > acctusersfile =3D "/usr/local/etc/raddb/acct_users" > preproxy_usersfile =3D "/usr/local/etc/raddb/preproxy_users" > compat =3D "no" > } > reading pairlist file /usr/local/etc/raddb/users > reading pairlist file /usr/local/etc/raddb/acct_users > reading pairlist file /usr/local/etc/raddb/preproxy_users > Module: Checking preacct {...} for more modules to load > Module: Linked to module rlm_acct_unique > Module: Instantiating module "acct_unique" from file /usr/local/etc/radd= b/modules/acct_unique > acct_unique { > key =3D "User-Name, Acct-Session-Id, NAS-IP-Address, NAS-Identifi= er, NAS-Port" > } > Module: Checking accounting {...} for more modules to load > Module: Linked to module rlm_detail > Module: Instantiating module "detail" from file /usr/local/etc/raddb/mod= ules/detail > detail { > detailfile =3D "/var/log/radacct/%{%{Packet-Src-IP-Address}:-%{Pa= cket-Src-IPv6-Address}}/detail-%Y%m%d" > header =3D "%t" > detailperm =3D 384 > dirperm =3D 493 > locking =3D no > log_packet_header =3D no > } > Module: Linked to module rlm_attr_filter > Module: Instantiating module "attr_filter.accounting_response" from file= /usr/local/etc/raddb/modules/attr_fi = lter > attr_filter attr_filter.accounting_response { > attrsfile =3D "/usr/local/etc/raddb/attrs.accounting_response" > key =3D "%{User-Name}" > relaxed =3D no > } > reading pairlist file /usr/local/etc/raddb/attrs.accounting_response > Module: Checking session {...} for more modules to load > Module: Linked to module rlm_radutmp > Module: Instantiating module "radutmp" from file /usr/local/etc/raddb/mo= dules/radutmp > radutmp { > filename =3D "/var/log/radutmp" > username =3D "%{User-Name}" > case_sensitive =3D yes > check_with_nas =3D yes > perm =3D 384 > callerid =3D yes > } > Module: Checking post-proxy {...} for more modules to load > Module: Checking post-auth {...} for more modules to load > Module: Instantiating module "attr_filter.access_reject" from file /usr/= local/etc/raddb/modules/attr_filter > attr_filter attr_filter.access_reject { > attrsfile =3D "/usr/local/etc/raddb/attrs.access_reject" > key =3D "%{User-Name}" > relaxed =3D no > } > reading pairlist file /usr/local/etc/raddb/attrs.access_reject > } # modules > } # server > radiusd: #### Opening IP addresses and Ports #### > listen { > type =3D "auth" > ipaddr =3D * > port =3D 0 > } > listen { > type =3D "acct" > ipaddr =3D * > port =3D 0 > } > Listening on authentication address * port 1812 > Listening on accounting address * port 1813 > Ready to process requests. > rad_recv: Access-Request packet from host 10.128.0.100 port 37626, id=3D0= , length=3D158 > User-Name =3D "MaintenanceControlDisplay" > NAS-IP-Address =3D 127.0.0.1 > Calling-Station-Id =3D "02-00-00-00-00-01" > Framed-MTU =3D 1400 > NAS-Port-Type =3D Wireless-802.11 > Connect-Info =3D "CONNECT 11Mbps 802.11b" > EAP-Message =3D 0x0200001e014d61696e74656e616e6365436f6e74726f6c4= 46973706c6179 > Message-Authenticator =3D 0xad8a60fa6b73d53acb5ce659eff3da36 > # Executing section authorize from file /usr/local/etc/raddb/sites-enable= d/default > +- entering group authorize {...} > [preprocess] expand: %{User-Name} -> MaintenanceControlDisplay > [preprocess] hints: Matched DEFAULT at 78 > [preprocess] expand: %{Calling-Station-Id}@%{Cisco-AVPair[0]} -> 02-00= -00-00-00-01@ > ++[preprocess] returns ok > ++[chap] returns noop > ++[mschap] returns noop > ++[digest] returns noop > [suffix] No '@' in User-Name =3D "MaintenanceControlDisplay", looking up = realm NULL > [suffix] No such realm "NULL" > ++[suffix] returns noop > [eap] EAP packet type response id 0 length 30 > [eap] No EAP Start, assuming it's an on-going EAP conversation > ++[eap] returns updated > ++[files] returns noop > ++[expiration] returns noop > ++[logintime] returns noop > [pap] WARNING! No "known good" password found for the user. Authenticati= on may fail because of this. > ++[pap] returns noop > Found Auth-Type =3D EAP > # Executing group from file /usr/local/etc/raddb/sites-enabled/default > +- entering group authenticate {...} > [eap] EAP Identity > [eap] processing type tls > [tls] Requiring client certificate > [tls] Initiate > [tls] Start returned 1 > ++[eap] returns handled > Sending Access-Challenge of id 0 to 10.128.0.100 port 37626 > EAP-Message =3D 0x010100060d20 > Message-Authenticator =3D 0x00000000000000000000000000000000 > State =3D 0x513c3c87513d316c3a43028be40032ff > Finished request 0. > Going to the next request > Waking up in 4.9 seconds. > rad_recv: Access-Request packet from host 10.128.0.100 port 37626, id=3D1= , length=3D258 > User-Name =3D "MaintenanceControlDisplay" > NAS-IP-Address =3D 127.0.0.1 > Calling-Station-Id =3D "02-00-00-00-00-01" > Framed-MTU =3D 1400 > NAS-Port-Type =3D Wireless-802.11 > Connect-Info =3D "CONNECT 11Mbps 802.11b" > EAP-Message =3D 0x020100700d00160301006501000061030150e5f39860827= a0411cfb562ef8e20af61649f10290355949974 = ed309594e83f00003400390038003500880087008= 400160013000a00330032002f00450044004100050004001500120009001400110008 = 0006000300f= f0100000400230000 > State =3D 0x513c3c87513d316c3a43028be40032ff > Message-Authenticator =3D 0x0633be04de5c0102ddc9fa927ed47610 > # Executing section authorize from file /usr/local/etc/raddb/sites-enable= d/default > +- entering group authorize {...} > [preprocess] expand: %{User-Name} -> MaintenanceControlDisplay > [preprocess] hints: Matched DEFAULT at 78 > [preprocess] expand: %{Calling-Station-Id}@%{Cisco-AVPair[0]} -> 02-00= -00-00-00-01@ > ++[preprocess] returns ok > ++[chap] returns noop > ++[mschap] returns noop > ++[digest] returns noop > [suffix] No '@' in User-Name =3D "MaintenanceControlDisplay", looking up = realm NULL > [suffix] No such realm "NULL" > ++[suffix] returns noop > [eap] EAP packet type response id 1 length 112 > [eap] No EAP Start, assuming it's an on-going EAP conversation > ++[eap] returns updated > ++[files] returns noop > ++[expiration] returns noop > ++[logintime] returns noop > ++[pap] returns noop > Found Auth-Type =3D EAP > # Executing group from file /usr/local/etc/raddb/sites-enabled/default > +- entering group authenticate {...} > [eap] Request found, released from the list > [eap] EAP/tls > [eap] processing type tls > [tls] Authenticate > [tls] processing EAP-TLS > [tls] eaptls_verify returned 7 > [tls] Done initial handshake > [tls] (other): before/accept initialization > [tls] TLS_accept: before/accept initialization > [tls] <<< TLS 1.0 Handshake [length 0065], ClientHello > [tls] TLS_accept: SSLv3 read client hello A > [tls] >>> TLS 1.0 Handshake [length 0031], ServerHello > [tls] TLS_accept: SSLv3 write server hello A > [tls] >>> TLS 1.0 Handshake [length 1756], Certificate > [tls] TLS_accept: SSLv3 write certificate A > [tls] >>> TLS 1.0 Handshake [length 020d], ServerKeyExchange > [tls] TLS_accept: SSLv3 write key exchange A > [tls] >>> TLS 1.0 Handshake [length 0010], CertificateRequest > [tls] TLS_accept: SSLv3 write certificate request A > [tls] TLS_accept: SSLv3 flush data > [tls] TLS_accept: Need to read more data: SSLv3 read client certifica= te A > In SSL Handshake Phase > In SSL Accept mode > [tls] eaptls_process returned 13 > ++[eap] returns handled > Sending Access-Challenge of id 1 to 10.128.0.100 port 37626 > EAP-Message =3D 0x010204000dc0000019b816030100310200002d030150e5f= 3981aa9077b62c7c34d9eb90bd512eac8348779 = 1227b2d8e289befa6edf000039000005ff0100010= 016030117560b00175200174f000489308204853082036da003020102020a4b426b00 = 000100000d2= 2300d06092a864886f70d0101050500305b31133011060a0992268993f22c6401191603636f= 6d31163014060a0992268993 = f22c6401191606626f65696e6731133011060a0992268993f22c6401= 191603666c79311730150603550403130e45534444497373756572 = 32303438301e170d3132303331= 343139343732395a170d3134303131383036333331365a308191310b30090603 > EAP-Message =3D 0x55040613025553310b30090603550408130257413110300= e0603550407130753656174746c65311b301906 = 0355040a131254686520426f65696e6720436f6d7= 0616e79311f301d060355040b1316466f72205465737420507572706f736573204f6e = 6c793125302= 30603550403131c676174656c696e6b3832322e77616e32333173312e77616e2e6c61623082= 0122300d06092a864886f70d = 01010105000382010f003082010a0282010100c175642cacaf0313bb= 775762d65e844208b24fe044be27d2523ff76cb718dec7f17eb3ee = 320f859c8a03a5d34400a1783e= 2b543e8398d1785daa255073353c5d13ffa304f26019b8b859368bae5c65d617 > EAP-Message =3D 0x93e77241750f6fc8e2ffbff4b8fefbdd0321433512b07d0= 180c2271de6c5fa9458579163d21f4c26f7ced4 = 30868b3c0d344b85a2f5d37adcda8fb477d64b4c0= c2a978946081e0e52e47f4ddb0cb82c02f8a704f6f169b46c63f1db7e0403f7e0989d = 73546ddfe68= 23a83310c68ea5722997a969fa9b0858799de63fab0f941b510fb826d581823ef6f0eb6e59d= c96a434f18fa2288574a6de1 = 53a979ce2fc2b31e06dbd12bce17213019db711b563d0203010001a3= 8201123082010e301d0603551d0e04160414afc898ac5da8d7db13 = 80f5ca855cff669aa3035c300e= 0603551d0f0101ff04040302078030130603551d25040c300a06082b06010505 > EAP-Message =3D 0x070301301f0603551d230418301680147b3f3d89d72bac9= 72c086ada7233f64a074ea0a1303d0603551d1f = 043630343032a030a02e862c687474703a2f2f637= 26c2e626f65696e672e636f6d2f63726c2f45534444497373756572323034382e6372 = 6c300c06035= 51d130101ff04023000303d06092b06010401823715070430302e06262b0601040182371508= acc31f85e0d61c87dd892487 = e6e83681a1f354814681b4812e84aaae09020164020105301b06092b= 060104018237150a040e300c300a06082b06010505070301300d06 = 092a864886f70d010105050003= 82010100702d7a1bde789d5af9c5d5ba6afed07c0f23bd794b1e54aa6ac6ed3b > EAP-Message =3D 0x634ee662bd183641cf537132 > Message-Authenticator =3D 0x00000000000000000000000000000000 > State =3D 0x513c3c87503e316c3a43028be40032ff > Finished request 1. > Going to the next request > Waking up in 4.9 seconds. > rad_recv: Access-Request packet from host 10.128.0.100 port 37626, id=3D2= , length=3D152 > User-Name =3D "MaintenanceControlDisplay" > NAS-IP-Address =3D 127.0.0.1 > Calling-Station-Id =3D "02-00-00-00-00-01" > Framed-MTU =3D 1400 > NAS-Port-Type =3D Wireless-802.11 > Connect-Info =3D "CONNECT 11Mbps 802.11b" > EAP-Message =3D 0x020200060d00 > State =3D 0x513c3c87503e316c3a43028be40032ff > Message-Authenticator =3D 0xb498e0ab471b0fe82149a213e502cc78 > # Executing section authorize from file /usr/local/etc/raddb/sites-enable= d/default > +- entering group authorize {...} > [preprocess] expand: %{User-Name} -> MaintenanceControlDisplay > [preprocess] hints: Matched DEFAULT at 78 > [preprocess] expand: %{Calling-Station-Id}@%{Cisco-AVPair[0]} -> 02-00= -00-00-00-01@ > ++[preprocess] returns ok > ++[chap] returns noop > ++[mschap] returns noop > ++[digest] returns noop > [suffix] No '@' in User-Name =3D "MaintenanceControlDisplay", looking up = realm NULL > [suffix] No such realm "NULL" > ++[suffix] returns noop > [eap] EAP packet type response id 2 length 6 > [eap] No EAP Start, assuming it's an on-going EAP conversation > ++[eap] returns updated > ++[files] returns noop > ++[expiration] returns noop > ++[logintime] returns noop > ++[pap] returns noop > Found Auth-Type =3D EAP > # Executing group from file /usr/local/etc/raddb/sites-enabled/default > +- entering group authenticate {...} > [eap] Request found, released from the list > [eap] EAP/tls > [eap] processing type tls > [tls] Authenticate > [tls] processing EAP-TLS > [tls] Received TLS ACK > [tls] ACK handshake fragment handler > [tls] eaptls_verify returned 1 > [tls] eaptls_process returned 13 > ++[eap] returns handled > Sending Access-Challenge of id 2 to 10.128.0.100 port 37626 > EAP-Message =3D 0x010304000dc0000019b8322dbdd1145b65fc9a838c88b38= 578712aee8672f594dbb51c82d3b2b239171e2b = c6816740828370ab131a9f6e7cdbc9ce1af59564a= b13f6084b2f7dfbc59766edeb710de9be3c3820775d69539962c845f60c47fcaf3c43 = d021eea95f8= 6ab7bfecab3ae917a9d8fa792195be052d27c8e2d7cdd72d743d89cfff56a500f9face99c55= 63972d19ead292a4ebda615f = f2c89a07dd30c1c06f25bc476090e077f5a6af2d1e618208bfd018a5= 6abb362b8bce884976f6d3adb093d2eeae7bd59063ae8a868fb1cd = c19c990d818216e7f1e68c5c7c= 1495bb1bc800057a308205763082035ea003020102020a61395bb70001000000 > EAP-Message =3D 0x0a300d06092a864886f70d0101050500305a31133011060= a0992268993f22c6401191603636f6d31163014 = 060a0992268993f22c6401191606626f65696e673= 1133011060a0992268993f22c6401191603666c79311630140603550403130d455344 = 44496e74657= 234303936301e170d3039303131393037303632315a170d3134303131383036333331365a30= 5b31133011060a0992268993 = f22c6401191603636f6d31163014060a0992268993f22c6401191606= 626f65696e6731133011060a0992268993f22c6401191603666c79 = 311730150603550403130e4553= 44444973737565723230343830820122300d06092a864886f70d010101050003 > EAP-Message =3D 0x82010f003082010a02820101009ede837e52ce12f2f315c= 72da8adbaf7828db60d09392a3cf133c5f11a49 = 7d7bd90f1e1eddcdb23058de50acad29c809b5036= f4ce1b0307609a68c92c47bb3a089b236e8e05e3275170369ab25371f4bc684324ac5 = 4ad223a046a= 4eb84964daaf1c2244edec54b03ef4137634d55afc4e118031d822efd491b7cf9d653036229= 7ccff6616dfe1f0ebaebaf4f = 84ff9edce03a9189f34ca257ce621e20aeaf539e5f91fcae83e89219= e587fde80e5c86666d5fd5fdc364f47ab4bda8b62f6233a18e1ddc = f109c90234bec8def2d14c026d= 557b14cd764a677f91c3e5a096bc0f216a6aa60365dad3b4bbe2616ef038a6d2 > EAP-Message =3D 0x610bf15597e4fb288472028530c054f10203010001a3820= 13b30820137300f0603551d130101ff04053003 = 0101ff301d0603551d0e041604147b3f3d89d72ba= c972c086ada7233f64a074ea0a1300b0603551d0f040403020186301006092b060104 = 01823715010= 403020101302306092b060104018237150204160414249ba6c4888fd87d96ab95594e6637dd= 6e25632f301906092b060104 = 0182371402040c1e0a00530075006200430041301f0603551d230418= 3016801443b1f625d530e7f847f0bfcb526b9b4fe1fe72b9303c06 = 03551d1f043530333031a02fa0= 2d862b687474703a2f2f63726c2e626f65696e672e636f6d2f63726c2f455344 > EAP-Message =3D 0x44496e746572343039362e63 > Message-Authenticator =3D 0x00000000000000000000000000000000 > State =3D 0x513c3c87533f316c3a43028be40032ff > Finished request 2. > Going to the next request > Waking up in 4.9 seconds. > rad_recv: Access-Request packet from host 10.128.0.100 port 37626, id=3D3= , length=3D152 > User-Name =3D "MaintenanceControlDisplay" > NAS-IP-Address =3D 127.0.0.1 > Calling-Station-Id =3D "02-00-00-00-00-01" > Framed-MTU =3D 1400 > NAS-Port-Type =3D Wireless-802.11 > Connect-Info =3D "CONNECT 11Mbps 802.11b" > EAP-Message =3D 0x020300060d00 > State =3D 0x513c3c87533f316c3a43028be40032ff > Message-Authenticator =3D 0xbfd7afb5cc827e4dfe0e545087c18bdd > # Executing section authorize from file /usr/local/etc/raddb/sites-enable= d/default > +- entering group authorize {...} > [preprocess] expand: %{User-Name} -> MaintenanceControlDisplay > [preprocess] hints: Matched DEFAULT at 78 > [preprocess] expand: %{Calling-Station-Id}@%{Cisco-AVPair[0]} -> 02-00= -00-00-00-01@ > ++[preprocess] returns ok > ++[chap] returns noop > ++[mschap] returns noop > ++[digest] returns noop > [suffix] No '@' in User-Name =3D "MaintenanceControlDisplay", looking up = realm NULL > [suffix] No such realm "NULL" > ++[suffix] returns noop > [eap] EAP packet type response id 3 length 6 > [eap] No EAP Start, assuming it's an on-going EAP conversation > ++[eap] returns updated > ++[files] returns noop > ++[expiration] returns noop > ++[logintime] returns noop > ++[pap] returns noop > Found Auth-Type =3D EAP > # Executing group from file /usr/local/etc/raddb/sites-enabled/default > +- entering group authenticate {...} > [eap] Request found, released from the list > [eap] EAP/tls > [eap] processing type tls > [tls] Authenticate > [tls] processing EAP-TLS > [tls] Received TLS ACK > [tls] ACK handshake fragment handler > [tls] eaptls_verify returned 1 > [tls] eaptls_process returned 13 > ++[eap] returns handled > Sending Access-Challenge of id 3 to 10.128.0.100 port 37626 > EAP-Message =3D 0x010404000dc0000019b8726c304706082b0601050507010= 1043b3039303706082b06010505073002862b68 = 7474703a2f2f63726c2e626f65696e672e636f6d2= f63726c2f45534444496e746572343039362e637274300d06092a864886f70d010105 = 05000382020= 1006bd3c23ef41bc64c3383a89e90f53061c5b5f03e2040ebc07377fedd37e6ea3f8ce247d0= 459c1889138a0c63c9b5b5b3 = 05e8696de327c1658330193d784233a5343e00e03ccce0e77960a69b= 0f9a547a193d6a6502ec30fe65c6365aab74304517f7fea0ce3a07 = 896d13492d59f11ff187aae8d7= 43897f92efa32b18a86a8c02d4e909e17e97417d5c676d546785540ebdf85336 > EAP-Message =3D 0x6842f38e66b0d9a00bc6cf2a25777f0def04b8971ebce5b= 776400e121455288ae22c65c6d23fbcd243a9be = 7182f6969f0d6061dc4f786eb6eb2fbfd89c807c9= 90eb67a595fb2717599cc0262dfe8483f7e4f010c8bf6e8c9e02de0a3ccb594e8a1ee = 52cfd051e13= 642a34f0325c6c767548c6102d4e4311a37b08d44164afff6a0a67af3f971ad402ee75a8835= d5fa76731958078d4b3f483f = 412fbb36b888e5416ec598487402187b049bd80f79fa8d53f6476999= c2cf3b82646d2777fd7c6c0ce31b3c330693d78b8960d784840ff1 = 0e784e078023b73ad81e0fd6fd= c7bf66bf09cf8118d3852613bd4cf23f384191bdd292050490c3bfde93230dba > EAP-Message =3D 0x380f1391aaf299bd7c4288e0758c9132df0250d269f10da= 91b51fb1cd3238828cfc140f801ba777248759e = 0fdb13e10e08560616d5d7dd7b4cd5a091b28ffba= 665665648e98da44682f17430ada59a3a4b889250ae64a1d4f112a3a83fab8bcaf308 = 087ff97a820= a6844c8e64ac929000676308206723082045aa003020102020a611b280600000000000c300d= 06092a864886f70d01010505 = 00305931133011060a0992268993f22c6401191603636f6d31163014= 060a0992268993f22c6401191606626f65696e6731133011060a09 = 92268993f22c6401191603666c= 79311530130603550403130c45534444526f6f7434303936301e170d30393031 > EAP-Message =3D 0x31393036333331365a170d3134303131383036333331365= a305a31133011060a0992268993f22c64011916 = 03636f6d31163014060a0992268993f22c6401191= 606626f65696e6731133011060a0992268993f22c6401191603666c79311630140603 = 550403130d4= 5534444496e7465723430393630820222300d06092a864886f70d01010105000382020f0030= 82020a02820201009f550e60 = c398442453191759d44c49d10f2a9e1a27f47675f419fe64086a65ff= 77d075fbbbb7239ca1fd75d1dc0edc36c967a6ea0bd640e7cea54d = 41b0cb877f320f987db51ef21d= bad0e6b248c8bc4473b4a39f180bc2b8427c69bfecc87f56d43bceacb6b6fed6 > EAP-Message =3D 0x27d3d06b2c391f698a19dcc9 > Message-Authenticator =3D 0x00000000000000000000000000000000 > State =3D 0x513c3c875238316c3a43028be40032ff > Finished request 3. > Going to the next request > Waking up in 4.9 seconds. > rad_recv: Access-Request packet from host 10.128.0.100 port 37626, id=3D4= , length=3D152 > User-Name =3D "MaintenanceControlDisplay" > NAS-IP-Address =3D 127.0.0.1 > Calling-Station-Id =3D "02-00-00-00-00-01" > Framed-MTU =3D 1400 > NAS-Port-Type =3D Wireless-802.11 > Connect-Info =3D "CONNECT 11Mbps 802.11b" > EAP-Message =3D 0x020400060d00 > State =3D 0x513c3c875238316c3a43028be40032ff > Message-Authenticator =3D 0x6fcf451c592fb99c374d0321cdc02af7 > # Executing section authorize from file /usr/local/etc/raddb/sites-enable= d/default > +- entering group authorize {...} > [preprocess] expand: %{User-Name} -> MaintenanceControlDisplay > [preprocess] hints: Matched DEFAULT at 78 > [preprocess] expand: %{Calling-Station-Id}@%{Cisco-AVPair[0]} -> 02-00= -00-00-00-01@ > ++[preprocess] returns ok > ++[chap] returns noop > ++[mschap] returns noop > ++[digest] returns noop > [suffix] No '@' in User-Name =3D "MaintenanceControlDisplay", looking up = realm NULL > [suffix] No such realm "NULL" > ++[suffix] returns noop > [eap] EAP packet type response id 4 length 6 > [eap] No EAP Start, assuming it's an on-going EAP conversation > ++[eap] returns updated > ++[files] returns noop > ++[expiration] returns noop > ++[logintime] returns noop > ++[pap] returns noop > Found Auth-Type =3D EAP > # Executing group from file /usr/local/etc/raddb/sites-enabled/default > +- entering group authenticate {...} > [eap] Request found, released from the list > [eap] EAP/tls > [eap] processing type tls > [tls] Authenticate > [tls] processing EAP-TLS > [tls] Received TLS ACK > [tls] ACK handshake fragment handler > [tls] eaptls_verify returned 1 > [tls] eaptls_process returned 13 > ++[eap] returns handled > Sending Access-Challenge of id 4 to 10.128.0.100 port 37626 > EAP-Message =3D 0x010504000dc0000019b818b1a01850edb9a3f1c949732ec= 57efb446b43e596e64a768bab47d95f225af8d8 = c5ae7de5f79fddcaf339bc7d98ac0d09d0c82360a= b3ab9208403293f45606176d518eb96ecd05d09ddce6b4740583074d5f6b4315fd1a1 = 599941102a3= 13f6ca1689620d6bc8101088ac513e2d20b333d60617ae64f68af26146da6b94180f0ee7031= bd05d03d03abc66ca3b6a283 = 21b0e409107c1b867cf999bb1aaca9d29d85295c57b27c29cab526a8= da538e6a449f253a44ad71e2d3ac3769fe8c6ce37e1298ff4f96d9 = 1f9ccd37d21a763b9e508d11a9= 64dfbe19c6f4a51d2562ef397940ed309f29427f85ade6fc8015e56090fa480b > EAP-Message =3D 0xa5b8225807f6d9804f0812390cea201da3a955473b5f19d= fd3223b1341e9e36b72b28c82c75b6c5da59751 = 8f2f7b6c9fe052f98590c8c3225ea11c1b2805077= 251f5ac84fef400f43ad9940338c1b66b158dcf3b31649ce753edbd8b38bda0d50387 = 81dc6381114= 74a99a932a144c6b3ac153f1d3d0d61117cd2cb590d424b39e8b3164ef536f1c2860dc7e888= 9e3ae9412bc0422e5b7923c5 = 0203010001a382013930820135300f0603551d130101ff0405300301= 01ff301d0603551d0e0416041443b1f625d530e7f847f0bfcb526b = 9b4fe1fe72b9300b0603551d0f= 040403020186301006092b06010401823715010403020101302306092b060104 > EAP-Message =3D 0x018237150204160414d31f074108cfac5cc47ed111d3a27= 12f219c9012301906092b060104018237140204 = 0c1e0a00530075006200430041301f0603551d230= 418301680141e4e1c8a14ef89a83391ee997b1cabed3f47eaa6303b0603551d1f0434 = 30323030a02= ea02c862a687474703a2f2f63726c2e626f65696e672e636f6d2f63726c2f45534444526f6f= 74343039362e63726c304606 = 082b06010505070101043a3038303606082b06010505073002862a68= 7474703a2f2f63726c2e626f65696e672e636f6d2f63726c2f4553 = 4444526f6f74343039362e6372= 74300d06092a864886f70d01010505000382020100976a48f45eed37c7312614 > EAP-Message =3D 0x76bba7a6b705e7d169a8fbad7b380e5f75f32761bb56e80= 3864ee663cac722b7c1a9ea1d6b2a0c06f952c9 = 1e4b7b2d99724f0330cd81d4800cf17842bceeaed= 7285a45f90879667e3a18f70b3464a3d0d6d514173a98b9678e998b8d9a494cfe9243 = e300c2832a3= 5df610158cd396b1f280db73d94c58709c200b1d702aee8c2a8ebb7b07ff2acbc547bdc9889= 122128abeaeb1f5750264529 = 52e0e9c51292bd2ef1eff30468f418406c0860cd36806e73fc3e13fb= 5f3cccc7cd8fb934c2f06f94e83a8be6d9985b53b884c8236135e8 = 8e63ba8dd36b4708cff97de8f1= 4e4a035a02e9aef78670e90101f725f08e02ea7beaf85acf6e722216671b0074 > EAP-Message =3D 0x9643ef995a71e0e0f21dd9f5 > Message-Authenticator =3D 0x00000000000000000000000000000000 > State =3D 0x513c3c875539316c3a43028be40032ff > Finished request 4. > Going to the next request > Waking up in 4.9 seconds. > rad_recv: Access-Request packet from host 10.128.0.100 port 37626, id=3D5= , length=3D152 > User-Name =3D "MaintenanceControlDisplay" > NAS-IP-Address =3D 127.0.0.1 > Calling-Station-Id =3D "02-00-00-00-00-01" > Framed-MTU =3D 1400 > NAS-Port-Type =3D Wireless-802.11 > Connect-Info =3D "CONNECT 11Mbps 802.11b" > EAP-Message =3D 0x020500060d00 > State =3D 0x513c3c875539316c3a43028be40032ff > Message-Authenticator =3D 0x66eccf08ef53f2b5ae2dbbb2933ccbf3 > # Executing section authorize from file /usr/local/etc/raddb/sites-enable= d/default > +- entering group authorize {...} > [preprocess] expand: %{User-Name} -> MaintenanceControlDisplay > [preprocess] hints: Matched DEFAULT at 78 > [preprocess] expand: %{Calling-Station-Id}@%{Cisco-AVPair[0]} -> 02-00= -00-00-00-01@ > ++[preprocess] returns ok > ++[chap] returns noop > ++[mschap] returns noop > ++[digest] returns noop > [suffix] No '@' in User-Name =3D "MaintenanceControlDisplay", looking up = realm NULL > [suffix] No such realm "NULL" > ++[suffix] returns noop > [eap] EAP packet type response id 5 length 6 > [eap] No EAP Start, assuming it's an on-going EAP conversation > ++[eap] returns updated > ++[files] returns noop > ++[expiration] returns noop > ++[logintime] returns noop > ++[pap] returns noop > Found Auth-Type =3D EAP > # Executing group from file /usr/local/etc/raddb/sites-enabled/default > +- entering group authenticate {...} > [eap] Request found, released from the list > [eap] EAP/tls > [eap] processing type tls > [tls] Authenticate > [tls] processing EAP-TLS > [tls] Received TLS ACK > [tls] ACK handshake fragment handler > [tls] eaptls_verify returned 1 > [tls] eaptls_process returned 13 > ++[eap] returns handled > Sending Access-Challenge of id 5 to 10.128.0.100 port 37626 > EAP-Message =3D 0x010604000dc0000019b8282ddba71c014fea56097bdf2c6= 0cdc6056d3cea13ba4aae1782860adaebd34a89 = 6186d5840355a6e80e91b21bfa283bed2bbb4c67b= 198e212875081fd305ec7d6d74af01bf6780355aea3a1ee8cd3e506224829321aade7 = c25d915394e= b31db8310834e1724d5ca7dfccfff1d18935ddb264b199bda870f3954c4243e82b167acdd96= fb2091a99de16a1710007885 = b0f9e045d7bc8ab34af0041db6e8009a20d0ba835517ea46b6e95b6a= 47b993c8ba1ad606a030f40102b8c02b226bce7e64d4a2a705a08f = e4c4cb51519be63c4455c0a6e8= 871658c1f20195a7d7efeecd530454602d8d6ac6cb81540d180006ca308206c6 > EAP-Message =3D 0x308204aea003020102021056886f61a89e888c4face278a= 0aabf44300d06092a864886f70d010105050030 = 5931133011060a0992268993f22c6401191603636= f6d31163014060a0992268993f22c6401191606626f65696e6731133011060a099226 = 8993f22c640= 1191603666c79311530130603550403130c45534444526f6f7434303936301e170d30373132= 31373233333632385a170d32 = 37313231373233343335395a305931133011060a0992268993f22c64= 01191603636f6d31163014060a0992268993f22c6401191606626f = 65696e6731133011060a099226= 8993f22c6401191603666c79311530130603550403130c45534444526f6f7434 > EAP-Message =3D 0x30393630820222300d06092a864886f70d0101010500038= 2020f003082020a0282020100a893f9fa5409d6 = 8e7a33cfcd03bc0578efac41770a34a84b1d78ba3= b554ef6a3b40722737a757b7db9e9e9f24fbb3d065e30a8ff8834e8e0c1b864c8d365 = 10289b13115= 0730708492a06254d96761937a485841420ea2a80c539e68e8adac2a5242c0281659c60169a= 50b6a926be06544eee5901f9 = 073377613af43616575be42d8a2fa8184a5bb0740fc13203bbc397b1= 54725415586ae6554dce245015f13b42c85358f46aff90ade72f86 = 4789cb9739f179efbaabb0be43= 6bbaeeb6bc8ba42e35497e4f02c0fd47515a6d354553e23ff3c9b4654094f7a1 > EAP-Message =3D 0x09e81f95a131b619b94fdeaba656439b470f3f2e4c4679c= e6b3b19d3cdc132dda580ef80f98af9ddfdcb50 = d59a335f8bd4de4a3ce7f493fc4a942659b3b35c0= f67b7d2e7b21609e9ea84ca7b5bb9f8db4904e7353c8f32a8f04091df845c69df0631 = 2eac02e2562= 1f08615ccb20cab61b9703c9150a3a5c13cec3f590a8258950ac680d5c578aa6ccb5f27effd= abdeb10d7ff6dc49b4441f6e = 29b88283a446ca910e90c9e6572f595c3476eaf515efe2793ac6d7b7= a4891f4c655926fb4e2a76d90d8a8ab6b062aabf7aab2bc6354b1b = a8161d71ea4b54ab72547e2012= 9f1e7947333165e07900b1b50fb9b482786124dedbe293e98b9386bf666129ea > EAP-Message =3D 0xf95088b9f7ecd25158dc52fd > Message-Authenticator =3D 0x00000000000000000000000000000000 > State =3D 0x513c3c87543a316c3a43028be40032ff > Finished request 5. > Going to the next request > Waking up in 1.9 seconds. > rad_recv: Access-Request packet from host 10.128.0.100 port 37626, id=3D6= , length=3D152 > User-Name =3D "MaintenanceControlDisplay" > NAS-IP-Address =3D 127.0.0.1 > Calling-Station-Id =3D "02-00-00-00-00-01" > Framed-MTU =3D 1400 > NAS-Port-Type =3D Wireless-802.11 > Connect-Info =3D "CONNECT 11Mbps 802.11b" > EAP-Message =3D 0x020600060d00 > State =3D 0x513c3c87543a316c3a43028be40032ff > Message-Authenticator =3D 0xbf530521aed3b6bee2217fd16706c847 > # Executing section authorize from file /usr/local/etc/raddb/sites-enable= d/default > +- entering group authorize {...} > [preprocess] expand: %{User-Name} -> MaintenanceControlDisplay > [preprocess] hints: Matched DEFAULT at 78 > [preprocess] expand: %{Calling-Station-Id}@%{Cisco-AVPair[0]} -> 02-00= -00-00-00-01@ > ++[preprocess] returns ok > ++[chap] returns noop > ++[mschap] returns noop > ++[digest] returns noop > [suffix] No '@' in User-Name =3D "MaintenanceControlDisplay", looking up = realm NULL > [suffix] No such realm "NULL" > ++[suffix] returns noop > [eap] EAP packet type response id 6 length 6 > [eap] No EAP Start, assuming it's an on-going EAP conversation > ++[eap] returns updated > ++[files] returns noop > ++[expiration] returns noop > ++[logintime] returns noop > ++[pap] returns noop > Found Auth-Type =3D EAP > # Executing group from file /usr/local/etc/raddb/sites-enabled/default > +- entering group authenticate {...} > [eap] Request found, released from the list > [eap] EAP/tls > [eap] processing type tls > [tls] Authenticate > [tls] processing EAP-TLS > [tls] Received TLS ACK > [tls] ACK handshake fragment handler > [tls] eaptls_verify returned 1 > [tls] eaptls_process returned 13 > ++[eap] returns handled > Sending Access-Challenge of id 6 to 10.128.0.100 port 37626 > EAP-Message =3D 0x010704000dc0000019b874ad9397665c795e18dbb695213= 43c7c7cf0c9c79720006e6707bc5fa3cf020301 = 0001a382018830820184301306092b06010401823= 7140204061e0400430041300b0603551d0f040403020186300f0603551d130101ff04 = 0530030101f= f301d0603551d0e041604141e4e1c8a14ef89a83391ee997b1cabed3f47eaa63082011c0603= 551d1f048201133082010f30 = 82010ba0820107a08201038681bf6c6461703a2f2f2f434e3d455344= 44526f6f74343039362c434e3d706b692d746573742d3738376d2c = 434e3d4344502c434e3d507562= 6c69632532304b657925323053657276696365732c434e3d5365727669636573 > EAP-Message =3D 0x2c434e3d436f6e66696775726174696f6e2c44433d666c7= 92c44433d626f65696e672c44433d636f6d3f63 = 657274696669636174655265766f636174696f6e4= c6973743f626173653f6f626a656374436c6173733d63524c44697374726962757469 = 6f6e506f696= e74863f687474703a2f2f706b692d746573742d3738376d2e666c792e626f65696e672e636f= 6d2f43657274456e726f6c6c = 2f45534444526f6f74343039362e63726c301006092b060104018237= 15010403020100300d06092a864886f70d01010505000382020100 = 89d0fd7533e496888b2ac6b9ce= dabf4da5fa5c734b99eca89061b28b303050d210ea6b591dfee0c4efc644244a > EAP-Message =3D 0x55b135a226d9597c71f777a1bee950cdc582f70f1afd54a= d92a7f9d13b697c2e77777bfe33c5b486af6b82 = 2e97d9efdc82a072c3935760378f9faa5be09ac10= 26c0bf10b3f88bd8b6fb1366829a61ba8496a5f204ba82f88fcc05f8275de0addc828 = 7bb6c9e8c93= 1a223475d7b29c414992ab24512048a99033f4a82fd82b68ae58129e7d3c7a4e60e26a8b559= 1098b9a9cde9fe2a3d17964e = 686d8fccbb897fda38447ddd014fed04c06e4de165ffb3afe93e17a0= bd63973b0a261e1eaf839060b716cdb7891fe872a2a45181c88842 = 27c94d290a3620ddbfe38a9e2d= a706250c49ec0413ad0cfb4440b1cf70fbad7668685ccd4146677001b560850e > EAP-Message =3D 0x8eba09cc6280711eb067230a81d461bcde5ceb4c3395646= 0a20303d68d0219f5cc3bef1d14c94f632a9400 = 06cf1b90da3e8e37de8440d2079c6a5f4cde66fa9= d045d6fcdc04250079b7e1387e0320f40e08d40f013f0d26b22d826a229b1460b64cc = 447a34d8668= 7a297b5fe04865b0fb328cd18d8abfa1ea4b1c58ae57f311567069d521fb42e9918aa3cbf6c= a91db5eeae294156426a4249 = cfd6d3750506a3bb8f98b9e5d839b7fd939293fb96483aaa2ff99110= fff680e1117cd11c183cfdeb0aa91b26e89043e33d2ef03588b568 = 7b47727e3622160301020d0c00= 02090080dd92a7065d8e5c198f2ac94683f6016182a6c9d6ba13d1c40605fce5 > EAP-Message =3D 0x6f7cd0bb7873bf1b9cb9e92f > Message-Authenticator =3D 0x00000000000000000000000000000000 > State =3D 0x513c3c87573b316c3a43028be40032ff > Finished request 6. > Going to the next request > Waking up in 1.8 seconds. > rad_recv: Access-Request packet from host 10.128.0.100 port 37626, id=3D7= , length=3D152 > User-Name =3D "MaintenanceControlDisplay" > NAS-IP-Address =3D 127.0.0.1 > Calling-Station-Id =3D "02-00-00-00-00-01" > Framed-MTU =3D 1400 > NAS-Port-Type =3D Wireless-802.11 > Connect-Info =3D "CONNECT 11Mbps 802.11b" > EAP-Message =3D 0x020700060d00 > State =3D 0x513c3c87573b316c3a43028be40032ff > Message-Authenticator =3D 0x06ae2cc57b97003ec0e8eac545dbfb0c > # Executing section authorize from file /usr/local/etc/raddb/sites-enable= d/default > +- entering group authorize {...} > [preprocess] expand: %{User-Name} -> MaintenanceControlDisplay > [preprocess] hints: Matched DEFAULT at 78 > [preprocess] expand: %{Calling-Station-Id}@%{Cisco-AVPair[0]} -> 02-00= -00-00-00-01@ > ++[preprocess] returns ok > ++[chap] returns noop > ++[mschap] returns noop > ++[digest] returns noop > [suffix] No '@' in User-Name =3D "MaintenanceControlDisplay", looking up = realm NULL > [suffix] No such realm "NULL" > ++[suffix] returns noop > [eap] EAP packet type response id 7 length 6 > [eap] No EAP Start, assuming it's an on-going EAP conversation > ++[eap] returns updated > ++[files] returns noop > ++[expiration] returns noop > ++[logintime] returns noop > ++[pap] returns noop > Found Auth-Type =3D EAP > # Executing group from file /usr/local/etc/raddb/sites-enabled/default > +- entering group authenticate {...} > [eap] Request found, released from the list > [eap] EAP/tls > [eap] processing type tls > [tls] Authenticate > [tls] processing EAP-TLS > [tls] Received TLS ACK > [tls] ACK handshake fragment handler > [tls] eaptls_verify returned 1 > [tls] eaptls_process returned 13 > ++[eap] returns handled > Sending Access-Challenge of id 7 to 10.128.0.100 port 37626 > EAP-Message =3D 0x010801fe0d80000019b8544530c61e8a23e3590282c0ebb= a4fc54b2d29238cb7f36aef2cbab2aec5ba9a45 = 71e9c70452124f67982ee113094defee5efa0bccf= a2370fbd4ce688f6bc87b7c19984a674679dded04265157ea403bf20afa80f983b843 = 00010200805= b50c049e7191c5c308f9d08f146209d6e66fda2e79fcde8b3765984ce53e4a99e3c900efaff= 208fdd7895025afac839f9f8 = e19d69bca8c19aba5618c1536001d26494c8cedfd8c5797fa6061992= 2bf49b071db2088e732b4ce94e73f123a076d2f9b1d128b235a095 = 39c98f263dcb092111fb7e1f16= 38283f6d4b66f8a1315d01000ec6225e068fc52890b70cd59e8cfecf8f4e57ac > EAP-Message =3D 0x8dc359de5994463c15c9e624ef85895cb1da4aa68a7e8a0= 9454fbbdfb4469ba590aafe3672b340e5526ade = b5186ca5e1e74e7fa38d9d394fa07944f31fb0a1b= 55e0e5ed92e20b7efdf543921e00a8a8e6a6efd2d90d1ccb35e5e140b97eb81ecc1a9 = 9f22c1eecbe= e017a724ec50bcbc0d89c64e877654f1a689986b1e192560ab2ebc8ca66cb3c3f7f7d97fb3f= b5981f4dc7589a8ddf3f4147 = e4c5b98786f2363f23383af6c50533f41c3a393cb68ffd2709816fde= 6408d945dc32e460918c36297894053fb6ce68f3a6f2fa0476bba5 = 9873c0cb03879687b89b2bec31= 66fabbe01d2d5b3965ba949c63b00016030100100d0000080503040102400000 > EAP-Message =3D 0x0e000000 > Message-Authenticator =3D 0x00000000000000000000000000000000 > State =3D 0x513c3c875634316c3a43028be40032ff > Finished request 7. > Going to the next request > Waking up in 1.8 seconds. > rad_recv: Access-Request packet from host 10.128.0.100 port 37626, id=3D8= , length=3D1188 > User-Name =3D "MaintenanceControlDisplay" > NAS-IP-Address =3D 127.0.0.1 > Calling-Station-Id =3D "02-00-00-00-00-01" > Framed-MTU =3D 1400 > NAS-Port-Type =3D Wireless-802.11 > Connect-Info =3D "CONNECT 11Mbps 802.11b" > EAP-Message =3D 0x0208040a0dc00000194c16030117760b00177200176f000= 4a9308204a53082038da003020102020a3e173b = a1000100000d47300d06092a864886f70d0101050= 500305b31133011060a0992268993f22c6401191603636f6d31163014060a09922689 = 93f22c64011= 91606626f65696e6731133011060a0992268993f22c6401191603666c793117301506035504= 03130e455344444973737565 = 7232303438301e170d3132303433303233333030315a170d31343031= 31383036333331365a3081bf3111300f060355042d130841343033 = 36353235311b3019060355040d= 131243726577576972656c657373446576696365310b30090603550406130255 > EAP-Message =3D 0x53313b3039060355040a1e320042004f0045005f0049005= 4004c0020004100690072006c0069006e006500 = 7300200043006f002e0020004c00740064002e311= f301d060355040b1316466f72205465737420507572706f736573204f6e6c79312230 = 20060355040= 313194d61696e74656e616e6365436f6e74726f6c446973706c617930820122300d06092a86= 4886f70d0101010500038201 = 0f003082010a0282010100bb3bcec2944ed1d3fc8ac41562f821490a= ed9d0f94f8f287c607d8996a2687eb23f6b2ee59b525245e542b78 = 6dfd538078617b79923e0d8037= 3a6c3ce49b3e4bedefc10d2f2cb045a7c03b1fe435d96f888cd388c1fa5acab9 > EAP-Message =3D 0xd1a2b16fb1058b3ede15cd1be6bab2332201d884e276323= a13180df7e56b14337910fc1bb70283e81da756 = c47d934521842fa253f5243a175626324bf3aa886= b391cde87206d0549d1d798994c87fa663d6fb76f28eeebe6228dcf30d24a7657c8e3 = 2dfea928cc3= 7f4ad1787fc585fd2c0a6a7f600acb2acf5f4bae81dbf5d7fee78e2fa79b6d01d705930e7b6= 672a31e81959068105992392 = fb4a91fded9d31f7bb2d7c01a7ab0203010001a38201043082010030= 1d0603551d0e0416041489e6897d59dded56f52a300000aceac02c = fc277a30130603551d25040c30= 0a06082b06010505070302300e0603551d0f0101ff0404030205a0301f060355 > EAP-Message =3D 0x1d230418301680147b3f3d89d72bac972c086ada7233f64= a074ea0a1303d0603551d1f043630343032a030 = a02e862c687474703a2f2f63726c2e626f65696e6= 72e636f6d2f63726c2f45534444497373756572323034382e63726c303d06092b0601 = 04018237150= 70430302e06262b0601040182371508acc31f85e0d61c87dd892487e6e83681a1f354814687= e8e46882f8d1190201640201 = 05301b06092b060104018237150a040e300c300a06082b0601050507= 0302300d06092a864886f70d0101050500038201010004e19b0cfd = 1d67050634a01adc74f1bf85a0= fea2fba20aafdf51982415ce03664873d92731d65e2db6430c0fe9be3d6c3cdd > EAP-Message =3D 0xdacb8c60528ee06450f501b12ce84c5251ce30137e56 > State =3D 0x513c3c875634316c3a43028be40032ff > Message-Authenticator =3D 0x9d6744dd03fb0ae72889cac849b5ede0 > # Executing section authorize from file /usr/local/etc/raddb/sites-enable= d/default > +- entering group authorize {...} > [preprocess] expand: %{User-Name} -> MaintenanceControlDisplay > [preprocess] hints: Matched DEFAULT at 78 > [preprocess] expand: %{Calling-Station-Id}@%{Cisco-AVPair[0]} -> 02-00= -00-00-00-01@ > ++[preprocess] returns ok > ++[chap] returns noop > ++[mschap] returns noop > ++[digest] returns noop > [suffix] No '@' in User-Name =3D "MaintenanceControlDisplay", looking up = realm NULL > [suffix] No such realm "NULL" > ++[suffix] returns noop > [eap] EAP packet type response id 8 length 253 > [eap] No EAP Start, assuming it's an on-going EAP conversation > ++[eap] returns updated > ++[files] returns noop > ++[expiration] returns noop > ++[logintime] returns noop > ++[pap] returns noop > Found Auth-Type =3D EAP > # Executing group from file /usr/local/etc/raddb/sites-enabled/default > +- entering group authenticate {...} > [eap] Request found, released from the list > [eap] EAP/tls > [eap] processing type tls > [tls] Authenticate > [tls] processing EAP-TLS > TLS Length 6476 > [tls] Received EAP-TLS First Fragment of the message > [tls] eaptls_verify returned 9 > [tls] eaptls_process returned 13 > ++[eap] returns handled > Sending Access-Challenge of id 8 to 10.128.0.100 port 37626 > EAP-Message =3D 0x010900060d00 > Message-Authenticator =3D 0x00000000000000000000000000000000 > State =3D 0x513c3c875935316c3a43028be40032ff > Finished request 8. > Going to the next request > Waking up in 1.8 seconds. > rad_recv: Access-Request packet from host 10.128.0.100 port 37626, id=3D9= , length=3D1184 > User-Name =3D "MaintenanceControlDisplay" > NAS-IP-Address =3D 127.0.0.1 > Calling-Station-Id =3D "02-00-00-00-00-01" > Framed-MTU =3D 1400 > NAS-Port-Type =3D Wireless-802.11 > Connect-Info =3D "CONNECT 11Mbps 802.11b" > EAP-Message =3D 0x020904060d40f35e9f31776548e380f13528708a648379f= dce4901097a09426161485c1979bfcf3dfdc298 = 064f55d31f3db6d49ff38efb1e4ab36ce653696f6= 63393f4a1a3370b8b63907c7888e2e7c7ba959804a22e18401bbf150bf8ee1e26a848 = df7e61cb98f= cf9dc67e5dd9d7dfbc9acf5451e7adbd50d14593439b45a9d79372b40c91b6d0f11dcad36a8= f6fe0250ba5bbd3d277a2d17 = 8d2af8be7503bd65921740988796656199be2677eb8d1c1b2c3cfa84= 0e4cd76884055803770006ca308206c6308204aea0030201020210 = 56886f61a89e888c4face278a0= aabf44300d06092a864886f70d0101050500305931133011060a0992268993f2 > EAP-Message =3D 0x2c6401191603636f6d31163014060a0992268993f22c640= 1191606626f65696e6731133011060a09922689 = 93f22c6401191603666c793115301306035504031= 30c45534444526f6f7434303936301e170d3037313231373233333632385a170d3237 = 31323137323= 3343335395a305931133011060a0992268993f22c6401191603636f6d31163014060a099226= 8993f22c6401191606626f65 = 696e6731133011060a0992268993f22c6401191603666c7931153013= 0603550403130c45534444526f6f743430393630820222300d0609 = 2a864886f70d01010105000382= 020f003082020a0282020100a893f9fa5409d68e7a33cfcd03bc0578efac4177 > EAP-Message =3D 0x0a34a84b1d78ba3b554ef6a3b40722737a757b7db9e9e9f= 24fbb3d065e30a8ff8834e8e0c1b864c8d36510 = 289b131150730708492a06254d96761937a485841= 420ea2a80c539e68e8adac2a5242c0281659c60169a50b6a926be06544eee5901f907 = 3377613af43= 616575be42d8a2fa8184a5bb0740fc13203bbc397b154725415586ae6554dce245015f13b42= c85358f46aff90ade72f8647 = 89cb9739f179efbaabb0be436bbaeeb6bc8ba42e35497e4f02c0fd47= 515a6d354553e23ff3c9b4654094f7a109e81f95a131b619b94fde = aba656439b470f3f2e4c4679ce= 6b3b19d3cdc132dda580ef80f98af9ddfdcb50d59a335f8bd4de4a3ce7f493fc > EAP-Message =3D 0x4a942659b3b35c0f67b7d2e7b21609e9ea84ca7b5bb9f8d= b4904e7353c8f32a8f04091df845c69df06312e = ac02e25621f08615ccb20cab61b9703c9150a3a5c= 13cec3f590a8258950ac680d5c578aa6ccb5f27effdabdeb10d7ff6dc49b4441f6e29 = b88283a446c= a910e90c9e6572f595c3476eaf515efe2793ac6d7b7a4891f4c655926fb4e2a76d90d8a8ab6= b062aabf7aab2bc6354b1ba8 = 161d71ea4b54ab72547e20129f1e7947333165e07900b1b50fb9b482= 786124dedbe293e98b9386bf666129eaf95088b9f7ecd25158dc52 = fd74ad9397665c795e18dbb695= 21343c7c7cf0c9c79720006e6707bc5fa3cf0203010001a38201883082018430 > EAP-Message =3D 0x1306092b060104018237140204061e040043 > State =3D 0x513c3c875935316c3a43028be40032ff > Message-Authenticator =3D 0xd56f46711110d24c271fb50b6ef77742 > # Executing section authorize from file /usr/local/etc/raddb/sites-enable= d/default > +- entering group authorize {...} > [preprocess] expand: %{User-Name} -> MaintenanceControlDisplay > [preprocess] hints: Matched DEFAULT at 78 > [preprocess] expand: %{Calling-Station-Id}@%{Cisco-AVPair[0]} -> 02-00= -00-00-00-01@ > ++[preprocess] returns ok > ++[chap] returns noop > ++[mschap] returns noop > ++[digest] returns noop > [suffix] No '@' in User-Name =3D "MaintenanceControlDisplay", looking up = realm NULL > [suffix] No such realm "NULL" > ++[suffix] returns noop > [eap] EAP packet type response id 9 length 253 > [eap] No EAP Start, assuming it's an on-going EAP conversation > ++[eap] returns updated > ++[files] returns noop > ++[expiration] returns noop > ++[logintime] returns noop > ++[pap] returns noop > Found Auth-Type =3D EAP > # Executing group from file /usr/local/etc/raddb/sites-enabled/default > +- entering group authenticate {...} > [eap] Request found, released from the list > [eap] EAP/tls > [eap] processing type tls > [tls] Authenticate > [tls] processing EAP-TLS > [tls] More fragments to follow > [tls] eaptls_verify returned 10 > [tls] eaptls_process returned 13 > ++[eap] returns handled > Sending Access-Challenge of id 9 to 10.128.0.100 port 37626 > EAP-Message =3D 0x010a00060d00 > Message-Authenticator =3D 0x00000000000000000000000000000000 > State =3D 0x513c3c875836316c3a43028be40032ff > Finished request 9. > Going to the next request > Waking up in 1.8 seconds. > rad_recv: Access-Request packet from host 10.128.0.100 port 37626, id=3D1= 0, length=3D1184 > User-Name =3D "MaintenanceControlDisplay" > NAS-IP-Address =3D 127.0.0.1 > Calling-Station-Id =3D "02-00-00-00-00-01" > Framed-MTU =3D 1400 > NAS-Port-Type =3D Wireless-802.11 > Connect-Info =3D "CONNECT 11Mbps 802.11b" > EAP-Message =3D 0x020a04060d400041300b0603551d0f040403020186300f0= 603551d130101ff040530030101ff301d060355 = 1d0e041604141e4e1c8a14ef89a83391ee997b1ca= bed3f47eaa63082011c0603551d1f048201133082010f3082010ba0820107a0820103 = 8681bf6c646= 1703a2f2f2f434e3d45534444526f6f74343039362c434e3d706b692d746573742d3738376d= 2c434e3d4344502c434e3d50 = 75626c69632532304b657925323053657276696365732c434e3d5365= 7276696365732c434e3d436f6e66696775726174696f6e2c44433d = 666c792c44433d626f65696e67= 2c44433d636f6d3f63657274696669636174655265766f636174696f6e4c6973 > EAP-Message =3D 0x743f626173653f6f626a656374436c6173733d63524c446= 973747269627574696f6e506f696e74863f6874 = 74703a2f2f706b692d746573742d3738376d2e666= c792e626f65696e672e636f6d2f43657274456e726f6c6c2f45534444526f6f743430 = 39362e63726= c301006092b06010401823715010403020100300d06092a864886f70d010105050003820201= 0089d0fd7533e496888b2ac6 = b9cedabf4da5fa5c734b99eca89061b28b303050d210ea6b591dfee0= c4efc644244a55b135a226d9597c71f777a1bee950cdc582f70f1a = fd54ad92a7f9d13b697c2e7777= 7bfe33c5b486af6b822e97d9efdc82a072c3935760378f9faa5be09ac1026c0b > EAP-Message =3D 0xf10b3f88bd8b6fb1366829a61ba8496a5f204ba82f88fcc= 05f8275de0addc8287bb6c9e8c931a223475d7b = 29c414992ab24512048a99033f4a82fd82b68ae58= 129e7d3c7a4e60e26a8b5591098b9a9cde9fe2a3d17964e686d8fccbb897fda38447d = dd014fed04c= 06e4de165ffb3afe93e17a0bd63973b0a261e1eaf839060b716cdb7891fe872a2a45181c888= 4227c94d290a3620ddbfe38a = 9e2da706250c49ec0413ad0cfb4440b1cf70fbad7668685ccd414667= 7001b560850e8eba09cc6280711eb067230a81d461bcde5ceb4c33 = 956460a20303d68d0219f5cc3b= ef1d14c94f632a940006cf1b90da3e8e37de8440d2079c6a5f4cde66fa9d045d > EAP-Message =3D 0x6fcdc04250079b7e1387e0320f40e08d40f013f0d26b22d= 826a229b1460b64cc447a34d86687a297b5fe04 = 865b0fb328cd18d8abfa1ea4b1c58ae57f3115670= 69d521fb42e9918aa3cbf6ca91db5eeae294156426a4249cfd6d3750506a3bb8f98b9 = e5d839b7fd9= 39293fb96483aaa2ff99110fff680e1117cd11c183cfdeb0aa91b26e89043e33d2ef03588b5= 687b47727e36220006763082 = 06723082045aa003020102020a611b280600000000000c300d06092a= 864886f70d0101050500305931133011060a0992268993f22c6401 = 191603636f6d31163014060a09= 92268993f22c6401191606626f65696e6731133011060a0992268993f22c6401 > EAP-Message =3D 0x191603666c79311530130603550403130c45 > State =3D 0x513c3c875836316c3a43028be40032ff > Message-Authenticator =3D 0x84fe071ee7e336ed9305a724469d8da0 > # Executing section authorize from file /usr/local/etc/raddb/sites-enable= d/default > +- entering group authorize {...} > [preprocess] expand: %{User-Name} -> MaintenanceControlDisplay > [preprocess] hints: Matched DEFAULT at 78 > [preprocess] expand: %{Calling-Station-Id}@%{Cisco-AVPair[0]} -> 02-00= -00-00-00-01@ > ++[preprocess] returns ok > ++[chap] returns noop > ++[mschap] returns noop > ++[digest] returns noop > [suffix] No '@' in User-Name =3D "MaintenanceControlDisplay", looking up = realm NULL > [suffix] No such realm "NULL" > ++[suffix] returns noop > [eap] EAP packet type response id 10 length 253 > [eap] No EAP Start, assuming it's an on-going EAP conversation > ++[eap] returns updated > ++[files] returns noop > ++[expiration] returns noop > ++[logintime] returns noop > ++[pap] returns noop > Found Auth-Type =3D EAP > # Executing group from file /usr/local/etc/raddb/sites-enabled/default > +- entering group authenticate {...} > [eap] Request found, released from the list > [eap] EAP/tls > [eap] processing type tls > [tls] Authenticate > [tls] processing EAP-TLS > [tls] More fragments to follow > [tls] eaptls_verify returned 10 > [tls] eaptls_process returned 13 > ++[eap] returns handled > Sending Access-Challenge of id 10 to 10.128.0.100 port 37626 > EAP-Message =3D 0x010b00060d00 > Message-Authenticator =3D 0x00000000000000000000000000000000 > State =3D 0x513c3c875b37316c3a43028be40032ff > Finished request 10. > Going to the next request > Waking up in 1.8 seconds. > rad_recv: Access-Request packet from host 10.128.0.100 port 37626, id=3D1= 1, length=3D1184 > User-Name =3D "MaintenanceControlDisplay" > NAS-IP-Address =3D 127.0.0.1 > Calling-Station-Id =3D "02-00-00-00-00-01" > Framed-MTU =3D 1400 > NAS-Port-Type =3D Wireless-802.11 > Connect-Info =3D "CONNECT 11Mbps 802.11b" > EAP-Message =3D 0x020b04060d40534444526f6f7434303936301e170d30393= 03131393036333331365a170d31343031313830 = 36333331365a305a31133011060a0992268993f22= c6401191603636f6d31163014060a0992268993f22c6401191606626f65696e673113 = 3011060a099= 2268993f22c6401191603666c79311630140603550403130d45534444496e74657234303936= 30820222300d06092a864886 = f70d01010105000382020f003082020a02820201009f550e60c39844= 2453191759d44c49d10f2a9e1a27f47675f419fe64086a65ff77d0 = 75fbbbb7239ca1fd75d1dc0edc= 36c967a6ea0bd640e7cea54d41b0cb877f320f987db51ef21dbad0e6b248c8bc > EAP-Message =3D 0x4473b4a39f180bc2b8427c69bfecc87f56d43bceacb6b6f= ed627d3d06b2c391f698a19dcc918b1a01850ed = b9a3f1c949732ec57efb446b43e596e64a768bab4= 7d95f225af8d8c5ae7de5f79fddcaf339bc7d98ac0d09d0c82360ab3ab9208403293f = 45606176d51= 8eb96ecd05d09ddce6b4740583074d5f6b4315fd1a1599941102a313f6ca1689620d6bc8101= 088ac513e2d20b333d60617a = e64f68af26146da6b94180f0ee7031bd05d03d03abc66ca3b6a28321= b0e409107c1b867cf999bb1aaca9d29d85295c57b27c29cab526a8 = da538e6a449f253a44ad71e2d3= ac3769fe8c6ce37e1298ff4f96d91f9ccd37d21a763b9e508d11a964dfbe19c6 > EAP-Message =3D 0xf4a51d2562ef397940ed309f29427f85ade6fc8015e5609= 0fa480ba5b8225807f6d9804f0812390cea201d = a3a955473b5f19dfd3223b1341e9e36b72b28c82c= 75b6c5da597518f2f7b6c9fe052f98590c8c3225ea11c1b2805077251f5ac84fef400 = f43ad994033= 8c1b66b158dcf3b31649ce753edbd8b38bda0d5038781dc638111474a99a932a144c6b3ac15= 3f1d3d0d61117cd2cb590d42 = 4b39e8b3164ef536f1c2860dc7e8889e3ae9412bc0422e5b7923c502= 03010001a382013930820135300f0603551d130101ff0405300301 = 01ff301d0603551d0e04160414= 43b1f625d530e7f847f0bfcb526b9b4fe1fe72b9300b0603551d0f0404030201 > EAP-Message =3D 0x86301006092b06010401823715010403020101302306092= b060104018237150204160414d31f074108cfac = 5cc47ed111d3a2712f219c9012301906092b06010= 40182371402040c1e0a00530075006200430041301f0603551d230418301680141e4e = 1c8a14ef89a= 83391ee997b1cabed3f47eaa6303b0603551d1f043430323030a02ea02c862a687474703a2f= 2f63726c2e626f65696e672e = 636f6d2f63726c2f45534444526f6f74343039362e63726c30460608= 2b06010505070101043a3038303606082b06010505073002862a68 = 7474703a2f2f63726c2e626f65= 696e672e636f6d2f63726c2f45534444526f6f74343039362e637274300d0609 > EAP-Message =3D 0x2a864886f70d01010505000382020100976a > State =3D 0x513c3c875b37316c3a43028be40032ff > Message-Authenticator =3D 0x0ad1596cf779061d296f593b2dfd3c51 > # Executing section authorize from file /usr/local/etc/raddb/sites-enable= d/default > +- entering group authorize {...} > [preprocess] expand: %{User-Name} -> MaintenanceControlDisplay > [preprocess] hints: Matched DEFAULT at 78 > [preprocess] expand: %{Calling-Station-Id}@%{Cisco-AVPair[0]} -> 02-00= -00-00-00-01@ > ++[preprocess] returns ok > ++[chap] returns noop > ++[mschap] returns noop > ++[digest] returns noop > [suffix] No '@' in User-Name =3D "MaintenanceControlDisplay", looking up = realm NULL > [suffix] No such realm "NULL" > ++[suffix] returns noop > [eap] EAP packet type response id 11 length 253 > [eap] No EAP Start, assuming it's an on-going EAP conversation > ++[eap] returns updated > ++[files] returns noop > ++[expiration] returns noop > ++[logintime] returns noop > ++[pap] returns noop > Found Auth-Type =3D EAP > # Executing group from file /usr/local/etc/raddb/sites-enabled/default > +- entering group authenticate {...} > [eap] Request found, released from the list > [eap] EAP/tls > [eap] processing type tls > [tls] Authenticate > [tls] processing EAP-TLS > [tls] More fragments to follow > [tls] eaptls_verify returned 10 > [tls] eaptls_process returned 13 > ++[eap] returns handled > Sending Access-Challenge of id 11 to 10.128.0.100 port 37626 > EAP-Message =3D 0x010c00060d00 > Message-Authenticator =3D 0x00000000000000000000000000000000 > State =3D 0x513c3c875a30316c3a43028be40032ff > Finished request 11. > Going to the next request > Waking up in 1.8 seconds. > rad_recv: Access-Request packet from host 10.128.0.100 port 37626, id=3D1= 2, length=3D1184 > User-Name =3D "MaintenanceControlDisplay" > NAS-IP-Address =3D 127.0.0.1 > Calling-Station-Id =3D "02-00-00-00-00-01" > Framed-MTU =3D 1400 > NAS-Port-Type =3D Wireless-802.11 > Connect-Info =3D "CONNECT 11Mbps 802.11b" > EAP-Message =3D 0x020c04060d4048f45eed37c731261476bba7a6b705e7d16= 9a8fbad7b380e5f75f32761bb56e803864ee663 = cac722b7c1a9ea1d6b2a0c06f952c91e4b7b2d997= 24f0330cd81d4800cf17842bceeaed7285a45f90879667e3a18f70b3464a3d0d6d514 = 173a98b9678= e998b8d9a494cfe9243e300c2832a35df610158cd396b1f280db73d94c58709c200b1d702ae= e8c2a8ebb7b07ff2acbc547b = dc9889122128abeaeb1f575026452952e0e9c51292bd2ef1eff30468= f418406c0860cd36806e73fc3e13fb5f3cccc7cd8fb934c2f06f94 = e83a8be6d9985b53b884c82361= 35e88e63ba8dd36b4708cff97de8f14e4a035a02e9aef78670e90101f725f08e > EAP-Message =3D 0x02ea7beaf85acf6e722216671b00749643ef995a71e0e0f= 21dd9f5282ddba71c014fea56097bdf2c60cdc6 = 056d3cea13ba4aae1782860adaebd34a896186d58= 40355a6e80e91b21bfa283bed2bbb4c67b198e212875081fd305ec7d6d74af01bf678 = 0355aea3a1e= e8cd3e506224829321aade7c25d915394eb31db8310834e1724d5ca7dfccfff1d18935ddb26= 4b199bda870f3954c4243e82 = b167acdd96fb2091a99de16a1710007885b0f9e045d7bc8ab34af004= 1db6e8009a20d0ba835517ea46b6e95b6a47b993c8ba1ad606a030 = f40102b8c02b226bce7e64d4a2= a705a08fe4c4cb51519be63c4455c0a6e8871658c1f20195a7d7efeecd530454 > EAP-Message =3D 0x602d8d6ac6cb81540d1800057a308205763082035ea0030= 20102020a61395bb700010000000a300d06092a = 864886f70d0101050500305a31133011060a09922= 68993f22c6401191603636f6d31163014060a0992268993f22c6401191606626f6569 = 6e673113301= 1060a0992268993f22c6401191603666c79311630140603550403130d45534444496e746572= 34303936301e170d30393031 = 31393037303632315a170d3134303131383036333331365a305b3113= 3011060a0992268993f22c6401191603636f6d31163014060a0992 = 268993f22c6401191606626f65= 696e6731133011060a0992268993f22c6401191603666c793117301506035504 > EAP-Message =3D 0x03130e455344444973737565723230343830820122300d0= 6092a864886f70d01010105000382010f003082 = 010a02820101009ede837e52ce12f2f315c72da8a= dbaf7828db60d09392a3cf133c5f11a497d7bd90f1e1eddcdb23058de50acad29c809 = b5036f4ce1b= 0307609a68c92c47bb3a089b236e8e05e3275170369ab25371f4bc684324ac54ad223a046a4= eb84964daaf1c2244edec54b = 03ef4137634d55afc4e118031d822efd491b7cf9d6530362297ccff6= 616dfe1f0ebaebaf4f84ff9edce03a9189f34ca257ce621e20aeaf = 539e5f91fcae83e89219e587fd= e80e5c86666d5fd5fdc364f47ab4bda8b62f6233a18e1ddcf109c90234bec8de > EAP-Message =3D 0xf2d14c026d557b14cd764a677f91c3e5a096 > State =3D 0x513c3c875a30316c3a43028be40032ff > Message-Authenticator =3D 0x83805531ac628b23e32fce49a71392bd > # Executing section authorize from file /usr/local/etc/raddb/sites-enable= d/default > +- entering group authorize {...} > [preprocess] expand: %{User-Name} -> MaintenanceControlDisplay > [preprocess] hints: Matched DEFAULT at 78 > [preprocess] expand: %{Calling-Station-Id}@%{Cisco-AVPair[0]} -> 02-00= -00-00-00-01@ > ++[preprocess] returns ok > ++[chap] returns noop > ++[mschap] returns noop > ++[digest] returns noop > [suffix] No '@' in User-Name =3D "MaintenanceControlDisplay", looking up = realm NULL > [suffix] No such realm "NULL" > ++[suffix] returns noop > [eap] EAP packet type response id 12 length 253 > [eap] No EAP Start, assuming it's an on-going EAP conversation > ++[eap] returns updated > ++[files] returns noop > ++[expiration] returns noop > ++[logintime] returns noop > ++[pap] returns noop > Found Auth-Type =3D EAP > # Executing group from file /usr/local/etc/raddb/sites-enabled/default > +- entering group authenticate {...} > [eap] Request found, released from the list > [eap] EAP/tls > [eap] processing type tls > [tls] Authenticate > [tls] processing EAP-TLS > [tls] More fragments to follow > [tls] eaptls_verify returned 10 > [tls] eaptls_process returned 13 > ++[eap] returns handled > Sending Access-Challenge of id 12 to 10.128.0.100 port 37626 > EAP-Message =3D 0x010d00060d00 > Message-Authenticator =3D 0x00000000000000000000000000000000 > State =3D 0x513c3c875d31316c3a43028be40032ff > Finished request 12. > Going to the next request > Waking up in 1.8 seconds. > rad_recv: Access-Request packet from host 10.128.0.100 port 37626, id=3D1= 3, length=3D1184 > User-Name =3D "MaintenanceControlDisplay" > NAS-IP-Address =3D 127.0.0.1 > Calling-Station-Id =3D "02-00-00-00-00-01" > Framed-MTU =3D 1400 > NAS-Port-Type =3D Wireless-802.11 > Connect-Info =3D "CONNECT 11Mbps 802.11b" > EAP-Message =3D 0x020d04060d40bc0f216a6aa60365dad3b4bbe2616ef038a= 6d2610bf15597e4fb288472028530c054f10203 = 010001a382013b30820137300f0603551d130101f= f040530030101ff301d0603551d0e041604147b3f3d89d72bac972c086ada7233f64a = 074ea0a1300= b0603551d0f040403020186301006092b06010401823715010403020101302306092b060104= 018237150204160414249ba6 = c4888fd87d96ab95594e6637dd6e25632f301906092b060104018237= 1402040c1e0a00530075006200430041301f0603551d2304183016 = 801443b1f625d530e7f847f0bf= cb526b9b4fe1fe72b9303c0603551d1f043530333031a02fa02d862b68747470 > EAP-Message =3D 0x3a2f2f63726c2e626f65696e672e636f6d2f63726c2f455= 34444496e746572343039362e63726c30470608 = 2b06010505070101043b3039303706082b0601050= 5073002862b687474703a2f2f63726c2e626f65696e672e636f6d2f63726c2f455344 = 44496e74657= 2343039362e637274300d06092a864886f70d010105050003820201006bd3c23ef41bc64c33= 83a89e90f53061c5b5f03e20 = 40ebc07377fedd37e6ea3f8ce247d0459c1889138a0c63c9b5b5b305= e8696de327c1658330193d784233a5343e00e03ccce0e77960a69b = 0f9a547a193d6a6502ec30fe65= c6365aab74304517f7fea0ce3a07896d13492d59f11ff187aae8d743897f92ef > EAP-Message =3D 0xa32b18a86a8c02d4e909e17e97417d5c676d546785540eb= df853366842f38e66b0d9a00bc6cf2a25777f0d = ef04b8971ebce5b776400e121455288ae22c65c6d= 23fbcd243a9be7182f6969f0d6061dc4f786eb6eb2fbfd89c807c990eb67a595fb271 = 7599cc0262d= fe8483f7e4f010c8bf6e8c9e02de0a3ccb594e8a1ee52cfd051e13642a34f0325c6c767548c= 6102d4e4311a37b08d44164a = fff6a0a67af3f971ad402ee75a8835d5fa76731958078d4b3f483f41= 2fbb36b888e5416ec598487402187b049bd80f79fa8d53f6476999 = c2cf3b82646d2777fd7c6c0ce3= 1b3c330693d78b8960d784840ff10e784e078023b73ad81e0fd6fdc7bf66bf09 > EAP-Message =3D 0xcf8118d3852613bd4cf23f384191bdd292050490c3bfde9= 3230dba380f1391aaf299bd7c4288e0758c9132 = df0250d269f10da91b51fb1cd3238828cfc140f80= 1ba777248759e0fdb13e10e08560616d5d7dd7b4cd5a091b28ffba665665648e98da4 = 4682f17430a= da59a3a4b889250ae64a1d4f112a3a83fab8bcaf308087ff97a820a6844c8e64ac929160301= 0086100000820080d5c6f2b2 = 117a6cbad67d242f4a69802a07cc8aaf5ff59ebf219cf8af7a387d78= 03fb034db0e6070054f312a26293f461b6de33fa34b7b09a42aea8 = c3394d9c7f44c7148e62b6f611= dafa44040cb3378f6744dcf4ad54099d59580e2e445697c4ec2348b4552af63e > EAP-Message =3D 0x247063c1bccceed74889ea590e0da58ce6be > State =3D 0x513c3c875d31316c3a43028be40032ff > Message-Authenticator =3D 0xbb1d0ad92f5fd564954baa008cd36db0 > # Executing section authorize from file /usr/local/etc/raddb/sites-enable= d/default > +- entering group authorize {...} > [preprocess] expand: %{User-Name} -> MaintenanceControlDisplay > [preprocess] hints: Matched DEFAULT at 78 > [preprocess] expand: %{Calling-Station-Id}@%{Cisco-AVPair[0]} -> 02-00= -00-00-00-01@ > ++[preprocess] returns ok > ++[chap] returns noop > ++[mschap] returns noop > ++[digest] returns noop > [suffix] No '@' in User-Name =3D "MaintenanceControlDisplay", looking up = realm NULL > [suffix] No such realm "NULL" > ++[suffix] returns noop > [eap] EAP packet type response id 13 length 253 > [eap] No EAP Start, assuming it's an on-going EAP conversation > ++[eap] returns updated > ++[files] returns noop > ++[expiration] returns noop > ++[logintime] returns noop > ++[pap] returns noop > Found Auth-Type =3D EAP > # Executing group from file /usr/local/etc/raddb/sites-enabled/default > +- entering group authenticate {...} > [eap] Request found, released from the list > [eap] EAP/tls > [eap] processing type tls > [tls] Authenticate > [tls] processing EAP-TLS > [tls] More fragments to follow > [tls] eaptls_verify returned 10 > [tls] eaptls_process returned 13 > ++[eap] returns handled > Sending Access-Challenge of id 13 to 10.128.0.100 port 37626 > EAP-Message =3D 0x010e00060d00 > Message-Authenticator =3D 0x00000000000000000000000000000000 > State =3D 0x513c3c875c32316c3a43028be40032ff > Finished request 13. > Going to the next request > Waking up in 1.8 seconds. > rad_recv: Access-Request packet from host 10.128.0.100 port 37626, id=3D1= 4, length=3D486 > User-Name =3D "MaintenanceControlDisplay" > NAS-IP-Address =3D 127.0.0.1 > Calling-Station-Id =3D "02-00-00-00-00-01" > Framed-MTU =3D 1400 > NAS-Port-Type =3D Wireless-802.11 > Connect-Info =3D "CONNECT 11Mbps 802.11b" > EAP-Message =3D 0x020e01520d00a235d3b7f87016030101060f00010201009= c5bae8f60c3882d11a8226db135282ea8065fa1 = 2587cd72b4beaa29ae85a390117cd3b2cb47dfd94= 438f6601cc5fd5b2a3ce4805ad3f88bd71df9ff5b2dff640402660699ddd03a645121 = 14167e1386a= 1968e46d91749f78cdbd5aace7b1a52a2df2d90c93b76ca567b41734a9ae1f3537cc938ab05= e11bc100e9c265a72bc8345f = bfdd42242a3a376248f1d641f2ef2e294d4290ff8a216c17a90f43c2= a04ec4f29de41bdda9dc8b3d0ac398fcf5c0bb3f2e9fe752aba87c = 9c09250c91d2bb39f413765b62= 0c3dea46fc330bcc347488fc0dc23e8f4c63008cdd1ebdbc907fe13f4c5619ab > EAP-Message =3D 0x6f49b68bd20f7c60ffb52b1f96a61c26aa6415e09dede4d= 5212c1403010001011603010030e0db5794014c = 3d3d69d2bdfd98a304ad9779de997f577a7cd878e= d46952ce28eb9918b0e21865ef74572c8e7cf16790d > State =3D 0x513c3c875c32316c3a43028be40032ff > Message-Authenticator =3D 0x9c9cc0760618df10c4d942cd95e95c9c > # Executing section authorize from file /usr/local/etc/raddb/sites-enable= d/default > +- entering group authorize {...} > [preprocess] expand: %{User-Name} -> MaintenanceControlDisplay > [preprocess] hints: Matched DEFAULT at 78 > [preprocess] expand: %{Calling-Station-Id}@%{Cisco-AVPair[0]} -> 02-00= -00-00-00-01@ > ++[preprocess] returns ok > ++[chap] returns noop > ++[mschap] returns noop > ++[digest] returns noop > [suffix] No '@' in User-Name =3D "MaintenanceControlDisplay", looking up = realm NULL > [suffix] No such realm "NULL" > ++[suffix] returns noop > [eap] EAP packet type response id 14 length 253 > [eap] No EAP Start, assuming it's an on-going EAP conversation > ++[eap] returns updated > ++[files] returns noop > ++[expiration] returns noop > ++[logintime] returns noop > ++[pap] returns noop > Found Auth-Type =3D EAP > # Executing group from file /usr/local/etc/raddb/sites-enabled/default > +- entering group authenticate {...} > [eap] Request found, released from the list > [eap] EAP/tls > [eap] processing type tls > [tls] Authenticate > [tls] processing EAP-TLS > [tls] eaptls_verify returned 7 > [tls] Done initial handshake > [tls] <<< TLS 1.0 Handshake [length 1776], Certificate > [tls] chain-depth=3D3, > [tls] error=3D0 > [tls] --> User-Name =3D MaintenanceControlDisplay > [tls] --> BUF-Name =3D ESDDRoot4096 > [tls] --> subject =3D /DC=3Dcom/DC=3Dboeing/DC=3Dfly/CN=3DESDDRoot4096 > [tls] --> issuer =3D /DC=3Dcom/DC=3Dboeing/DC=3Dfly/CN=3DESDDRoot4096 > [tls] --> verify return:1 > [tls] chain-depth=3D2, > [tls] error=3D0 > [tls] --> User-Name =3D MaintenanceControlDisplay > [tls] --> BUF-Name =3D ESDDInter4096 > [tls] --> subject =3D /DC=3Dcom/DC=3Dboeing/DC=3Dfly/CN=3DESDDInter4096 > [tls] --> issuer =3D /DC=3Dcom/DC=3Dboeing/DC=3Dfly/CN=3DESDDRoot4096 > [tls] --> verify return:1 > [tls] chain-depth=3D1, > [tls] error=3D0 > [tls] --> User-Name =3D MaintenanceControlDisplay > [tls] --> BUF-Name =3D ESDDIssuer2048 > [tls] --> subject =3D /DC=3Dcom/DC=3Dboeing/DC=3Dfly/CN=3DESDDIssuer2048 > [tls] --> issuer =3D /DC=3Dcom/DC=3Dboeing/DC=3Dfly/CN=3DESDDInter4096 > [tls] --> verify return:1 > [tls] chain-depth=3D0, > [tls] error=3D0 > [tls] --> User-Name =3D MaintenanceControlDisplay > [tls] --> BUF-Name =3D MaintenanceControlDisplay > [tls] --> subject =3D /x500UniqueIdentifier=3DA4036525/description=3DCrew= WirelessDevice/C=3DUS/O=3D\x00B\x00O\x00E\x00_\ = x00I\x00T\x00L\x00 \x00A\x00i\x00= r\x00l\x00i\x00n\x00e\x00s\x00 \x00C\x00o\x00.\x00 \x00L\x00t\x00d\x00./OU= =3DFo = r Test Purposes Only/CN=3DMaintenanceControlDisplay > [tls] --> issuer =3D /DC=3Dcom/DC=3Dboeing/DC=3Dfly/CN=3DESDDIssuer2048 > [tls] --> verify return:1 > [tls] TLS_accept: SSLv3 read client certificate A > [tls] <<< TLS 1.0 Handshake [length 0086], ClientKeyExchange > [tls] TLS_accept: SSLv3 read client key exchange A > [tls] <<< TLS 1.0 Handshake [length 0106], CertificateVerify > [tls] TLS_accept: SSLv3 read certificate verify A > [tls] <<< TLS 1.0 ChangeCipherSpec [length 0001] > [tls] <<< TLS 1.0 Handshake [length 0010], Finished > [tls] TLS_accept: SSLv3 read finished A > [tls] >>> TLS 1.0 ChangeCipherSpec [length 0001] > [tls] TLS_accept: SSLv3 write change cipher spec A > [tls] >>> TLS 1.0 Handshake [length 0010], Finished > [tls] TLS_accept: SSLv3 write finished A > [tls] TLS_accept: SSLv3 flush data > [tls] (other): SSL negotiation finished successfully > SSL Connection Established > [tls] eaptls_process returned 13 > ++[eap] returns handled > Sending Access-Challenge of id 14 to 10.128.0.100 port 37626 > EAP-Message =3D 0x010f00450d800000003b14030100010116030100302e732= 4c43c27ba2ca05affb5044cdc80b6fde1835f0a = fcacabb0f0eeb818e2397f158ad69090966662002= a492e085e48 > Message-Authenticator =3D 0x00000000000000000000000000000000 > State =3D 0x513c3c875f33316c3a43028be40032ff > Finished request 14. > Going to the next request > Waking up in 1.8 seconds. > rad_recv: Access-Request packet from host 10.128.0.100 port 37626, id=3D1= 5, length=3D152 > User-Name =3D "MaintenanceControlDisplay" > NAS-IP-Address =3D 127.0.0.1 > Calling-Station-Id =3D "02-00-00-00-00-01" > Framed-MTU =3D 1400 > NAS-Port-Type =3D Wireless-802.11 > Connect-Info =3D "CONNECT 11Mbps 802.11b" > EAP-Message =3D 0x020f00060d00 > State =3D 0x513c3c875f33316c3a43028be40032ff > Message-Authenticator =3D 0x434f2ff4845a3da8223675d555c7299c > # Executing section authorize from file /usr/local/etc/raddb/sites-enable= d/default > +- entering group authorize {...} > [preprocess] expand: %{User-Name} -> MaintenanceControlDisplay > [preprocess] hints: Matched DEFAULT at 78 > [preprocess] expand: %{Calling-Station-Id}@%{Cisco-AVPair[0]} -> 02-00= -00-00-00-01@ > ++[preprocess] returns ok > ++[chap] returns noop > ++[mschap] returns noop > ++[digest] returns noop > [suffix] No '@' in User-Name =3D "MaintenanceControlDisplay", looking up = realm NULL > [suffix] No such realm "NULL" > ++[suffix] returns noop > [eap] EAP packet type response id 15 length 6 > [eap] No EAP Start, assuming it's an on-going EAP conversation > ++[eap] returns updated > ++[files] returns noop > ++[expiration] returns noop > ++[logintime] returns noop > ++[pap] returns noop > Found Auth-Type =3D EAP > # Executing group from file /usr/local/etc/raddb/sites-enabled/default > +- entering group authenticate {...} > [eap] Request found, released from the list > [eap] EAP/tls > [eap] processing type tls > [tls] Authenticate > [tls] processing EAP-TLS > [tls] Received TLS ACK > [tls] ACK handshake is finished > [tls] eaptls_verify returned 3 > [tls] eaptls_process returned 3 > [tls] Adding user data to cached session > > Program received signal SIGSEGV, Segmentation fault. > [Switching to Thread 28804300 (LWP 101549/radiusd)] > 0x28489873 in eaptls_gen_mppe_keys (reply_vps=3D0x28bc4230, s=3D0x288b740= 0, > prf_label=3D0x2849a8ff "client EAP encryption") at mppe_keys.c:147 > 147 PRF(s->session->master_key, s->session->master_key_length= , > (gdb) help > List of classes of commands: > > aliases -- Aliases of other commands > breakpoints -- Making program stop at certain points > data -- Examining data > files -- Specifying and examining files > internals -- Maintenance commands > obscure -- Obscure features > running -- Running the program > stack -- Examining the stack > status -- Status inquiries > support -- Support facilities > tracepoints -- Tracing of program execution without stopping the program > user-defined -- User-defined commands > > Type "help" followed by a class name for a list of commands in that class= . > Type "help" followed by command name for full documentation. > Command name abbreviations are allowed if unambiguous. > (gdb) stack > Undefined command: "stack". Try "help". > (gdb) quit > The program is running. Exit anyway? (y or n) y > wan231s1# cat > /home/steve/radiusd-2.2.0-gdb-output.txt > wan231s1# gdb /usr/local/sbin/radiusd > GNU gdb 6.1.1 [FreeBSD] > Copyright 2004 Free Software Foundation, Inc. > GDB is free software, covered by the GNU General Public License, and you = are > welcome to change it and/or distribute copies of it under certain conditi= ons. > Type "show copying" to see the conditions. > There is absolutely no warranty for GDB. Type "show warranty" for detail= s. > This GDB was configured as "i386-marcel-freebsd"...(no debugging symbols = found)... > (gdb) run -X > Starting program: /usr/local/sbin/radiusd -X > (no debugging symbols found)...(no debugging symbols found)...[New LWP 10= 1549] > (no debugging symbols found)...(no debugging symbols found)...(no debuggi= ng symbols found)...(no debugging sym = bols found)...(no debugging symbols found).= ..(no debugging symbols found)...[New Thread 28804300 (LWP 101549/r = adiusd)] > FreeRADIUS Version 2.2.0, for host i386-portbld-freebsd9.0, built on Jan = 3 2013 at 20:39:43 > Copyright (C) 1999-2012 The FreeRADIUS server project and contributors. > There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A > PARTICULAR PURPOSE. > You may redistribute copies of FreeRADIUS under the terms of the > GNU General Public License v2. > Starting - reading configuration files ... > including configuration file /usr/local/etc/raddb/radiusd.conf > including configuration file /usr/local/etc/raddb/proxy.conf > including configuration file /usr/local/etc/raddb/clients.conf > including files in directory /usr/local/etc/raddb/modules/ > including configuration file /usr/local/etc/raddb/modules/wimax > including configuration file /usr/local/etc/raddb/modules/always > including configuration file /usr/local/etc/raddb/modules/attr_filter > including configuration file /usr/local/etc/raddb/modules/attr_rewrite > including configuration file /usr/local/etc/raddb/modules/cache > including configuration file /usr/local/etc/raddb/modules/chap > including configuration file /usr/local/etc/raddb/modules/checkval > including configuration file /usr/local/etc/raddb/modules/counter > including configuration file /usr/local/etc/raddb/modules/cui > including configuration file /usr/local/etc/raddb/modules/detail > including configuration file /usr/local/etc/raddb/modules/detail.example.= com > including configuration file /usr/local/etc/raddb/modules/detail.log > including configuration file /usr/local/etc/raddb/modules/dhcp_sqlippool > including configuration file /usr/local/etc/raddb/sql/mysql/ippool-dhcp.c= onf > including configuration file /usr/local/etc/raddb/modules/digest > including configuration file /usr/local/etc/raddb/modules/dynamic_clients > including configuration file /usr/local/etc/raddb/modules/echo > including configuration file /usr/local/etc/raddb/modules/etc_group > including configuration file /usr/local/etc/raddb/modules/exec > including configuration file /usr/local/etc/raddb/modules/expiration > including configuration file /usr/local/etc/raddb/modules/expr > including configuration file /usr/local/etc/raddb/modules/files > including configuration file /usr/local/etc/raddb/modules/inner-eap > including configuration file /usr/local/etc/raddb/modules/ippool > including configuration file /usr/local/etc/raddb/modules/krb5 > including configuration file /usr/local/etc/raddb/modules/ldap > including configuration file /usr/local/etc/raddb/modules/linelog > including configuration file /usr/local/etc/raddb/modules/otp > including configuration file /usr/local/etc/raddb/modules/logintime > including configuration file /usr/local/etc/raddb/modules/mac2ip > including configuration file /usr/local/etc/raddb/modules/mac2vlan > including configuration file /usr/local/etc/raddb/modules/mschap > including configuration file /usr/local/etc/raddb/modules/ntlm_auth > including configuration file /usr/local/etc/raddb/modules/opendirectory > including configuration file /usr/local/etc/raddb/modules/pam > including configuration file /usr/local/etc/raddb/modules/pap > including configuration file /usr/local/etc/raddb/modules/passwd > including configuration file /usr/local/etc/raddb/modules/perl > including configuration file /usr/local/etc/raddb/modules/policy > including configuration file /usr/local/etc/raddb/modules/preprocess > including configuration file /usr/local/etc/raddb/modules/radrelay > including configuration file /usr/local/etc/raddb/modules/radutmp > including configuration file /usr/local/etc/raddb/modules/realm > including configuration file /usr/local/etc/raddb/modules/redis > including configuration file /usr/local/etc/raddb/modules/rediswho > including configuration file /usr/local/etc/raddb/modules/replicate > including configuration file /usr/local/etc/raddb/modules/smbpasswd > including configuration file /usr/local/etc/raddb/modules/smsotp > including configuration file /usr/local/etc/raddb/modules/soh > including configuration file /usr/local/etc/raddb/modules/sql_log > including configuration file /usr/local/etc/raddb/modules/sqlcounter_expi= re_on_login > including configuration file /usr/local/etc/raddb/modules/sradutmp > including configuration file /usr/local/etc/raddb/modules/unix > including configuration file /usr/local/etc/raddb/modules/acct_unique > including configuration file /usr/local/etc/raddb/eap.conf > including configuration file /usr/local/etc/raddb/policy.conf > including files in directory /usr/local/etc/raddb/sites-enabled/ > including configuration file /usr/local/etc/raddb/sites-enabled/default > main { > user =3D "freeradius" > group =3D "freeradius" > allow_core_dumps =3D no > } > including dictionary file /usr/local/etc/raddb/dictionary > main { > name =3D "radiusd" > prefix =3D "/usr/local" > localstatedir =3D "/var" > sbindir =3D "/usr/local/sbin" > logdir =3D "/var/log" > run_dir =3D "/var/run/radiusd" > libdir =3D "/usr/local/lib/freeradius-2.2.0" > radacctdir =3D "/var/log/radacct" > hostname_lookups =3D no > max_request_time =3D 30 > cleanup_delay =3D 5 > max_requests =3D 1024 > pidfile =3D "/var/run/radiusd/radiusd.pid" > checkrad =3D "/usr/local/sbin/checkrad" > debug_level =3D 0 > proxy_requests =3D no > log { > stripped_names =3D no > auth =3D yes > auth_badpass =3D no > auth_goodpass =3D no > } > security { > max_attributes =3D 200 > reject_delay =3D 1 > status_server =3D yes > } > } > radiusd: #### Loading Realms and Home Servers #### > proxy server { > retry_delay =3D 5 > retry_count =3D 3 > default_fallback =3D no > dead_time =3D 120 > wake_all_if_all_dead =3D no > } > home_server localhost { > ipaddr =3D 127.0.0.1 > port =3D 1812 > type =3D "auth" > secret =3D "testing123" > response_window =3D 20 > max_outstanding =3D 65536 > require_message_authenticator =3D yes > zombie_period =3D 40 > status_check =3D "status-server" > ping_interval =3D 30 > check_interval =3D 30 > num_answers_to_alive =3D 3 > num_pings_to_alive =3D 3 > revive_interval =3D 120 > status_check_timeout =3D 4 > coa { > irt =3D 2 > mrt =3D 16 > mrc =3D 5 > mrd =3D 30 > } > } > home_server_pool my_auth_failover { > type =3D fail-over > home_server =3D localhost > } > realm example.com { > auth_pool =3D my_auth_failover > } > realm LOCAL { > } > radiusd: #### Loading Clients #### > client localhost { > ipaddr =3D 127.0.0.1 > require_message_authenticator =3D no > secret =3D "testing123" > nastype =3D "other" > } > client 10.128.0.100 { > require_message_authenticator =3D no > secret =3D "redacted" > shortname =3D "nms231s1-eapol-test" > nastype =3D "other" > } > radiusd: #### Instantiating modules #### > instantiate { > (no debugging symbols found)... Module: Linked to module rlm_exec > Module: Instantiating module "exec" from file /usr/local/etc/raddb/modul= es/exec > exec { > wait =3D no > input_pairs =3D "request" > shell_escape =3D yes > } > Module: Linked to module rlm_expr > Module: Instantiating module "expr" from file /usr/local/etc/raddb/modul= es/expr > Module: Linked to module rlm_expiration > Module: Instantiating module "expiration" from file /usr/local/etc/raddb= /modules/expiration > expiration { > reply-message =3D "Password Has Expired " > } > Module: Linked to module rlm_logintime > Module: Instantiating module "logintime" from file /usr/local/etc/raddb/= modules/logintime > logintime { > reply-message =3D "You are calling outside your allowed timespan = " > minimum-timeout =3D 60 > } > } > radiusd: #### Loading Virtual Servers #### > server { # from file /usr/local/etc/raddb/radiusd.conf > modules { > Module: Creating Auth-Type =3D digest > Module: Creating Post-Auth-Type =3D REJECT > Module: Checking authenticate {...} for more modules to load > Module: Linked to module rlm_pap > Module: Instantiating module "pap" from file /usr/local/etc/raddb/module= s/pap > pap { > encryption_scheme =3D "auto" > auto_header =3D no > } > Module: Linked to module rlm_chap > Module: Instantiating module "chap" from file /usr/local/etc/raddb/modul= es/chap > Module: Linked to module rlm_mschap > Module: Instantiating module "mschap" from file /usr/local/etc/raddb/mod= ules/mschap > mschap { > use_mppe =3D yes > require_encryption =3D no > require_strong =3D no > with_ntdomain_hack =3D no > allow_retry =3D yes > } > Module: Linked to module rlm_digest > Module: Instantiating module "digest" from file /usr/local/etc/raddb/mod= ules/digest > Module: Linked to module rlm_unix > Module: Instantiating module "unix" from file /usr/local/etc/raddb/modul= es/unix > unix { > radwtmp =3D "/var/log/radwtmp" > } > Module: Linked to module rlm_eap > Module: Instantiating module "eap" from file /usr/local/etc/raddb/eap.co= nf > eap { > default_eap_type =3D "tls" > timer_expire =3D 60 > ignore_unknown_eap_types =3D no > cisco_accounting_username_bug =3D no > max_sessions =3D 4096 > } > Module: Linked to sub-module rlm_eap_md5 > Module: Instantiating eap-md5 > Module: Linked to sub-module rlm_eap_leap > Module: Instantiating eap-leap > Module: Linked to sub-module rlm_eap_gtc > Module: Instantiating eap-gtc > gtc { > challenge =3D "Password: " > auth_type =3D "PAP" > } > Module: Linked to sub-module rlm_eap_tls > Module: Instantiating eap-tls > tls { > rsa_key_exchange =3D no > dh_key_exchange =3D yes > rsa_key_length =3D 512 > dh_key_length =3D 512 > verify_depth =3D 0 > CA_path =3D "/usr/local/etc/raddb/certs/CA" > pem_file_type =3D yes > private_key_file =3D "/usr/local/etc/raddb/certs/gatelink822-wan2= 31s1_key.pem" > certificate_file =3D "/usr/local/etc/raddb/certs/gatelink822-wan2= 31s1_cert.pem" > private_key_password =3D "redacted" > dh_file =3D "/usr/local/etc/raddb/certs/dh" > random_file =3D "/usr/local/etc/raddb/certs/random" > fragment_size =3D 1024 > include_length =3D yes > check_crl =3D no > cipher_list =3D "DEFAULT" > make_cert_command =3D "/usr/local/etc/raddb/certs/bootstrap" > ecdh_curve =3D "prime256v1" > cache { > enable =3D no > lifetime =3D 24 > max_entries =3D 255 > } > verify { > } > ocsp { > enable =3D no > override_cert_url =3D yes > url =3D "http://127.0.0.1/ocsp/" > use_nonce =3D yes > timeout =3D 0 > softfail =3D no > } > } > Module: Linked to sub-module rlm_eap_ttls > Module: Instantiating eap-ttls > ttls { > default_eap_type =3D "md5" > copy_request_to_tunnel =3D no > use_tunneled_reply =3D no > virtual_server =3D "inner-tunnel" > include_length =3D yes > } > Module: Linked to sub-module rlm_eap_peap > Module: Instantiating eap-peap > peap { > default_eap_type =3D "mschapv2" > copy_request_to_tunnel =3D no > use_tunneled_reply =3D no > proxy_tunneled_request_as_eap =3D yes > virtual_server =3D "inner-tunnel" > soh =3D no > } > Module: Linked to sub-module rlm_eap_mschapv2 > Module: Instantiating eap-mschapv2 > mschapv2 { > with_ntdomain_hack =3D no > send_error =3D no > } > Module: Checking authorize {...} for more modules to load > Module: Linked to module rlm_preprocess > Module: Instantiating module "preprocess" from file /usr/local/etc/raddb= /modules/preprocess > preprocess { > huntgroups =3D "/usr/local/etc/raddb/huntgroups" > hints =3D "/usr/local/etc/raddb/hints" > with_ascend_hack =3D no > ascend_channels_per_line =3D 23 > with_ntdomain_hack =3D no > with_specialix_jetstream_hack =3D no > with_cisco_vsa_hack =3D no > with_alvarion_vsa_hack =3D no > } > reading pairlist file /usr/local/etc/raddb/huntgroups > reading pairlist file /usr/local/etc/raddb/hints > Module: Linked to module rlm_realm > Module: Instantiating module "suffix" from file /usr/local/etc/raddb/mod= ules/realm > realm suffix { > format =3D "suffix" > delimiter =3D "@" > ignore_default =3D no > ignore_null =3D no > } > Module: Linked to module rlm_files > Module: Instantiating module "files" from file /usr/local/etc/raddb/modu= les/files > files { > usersfile =3D "/usr/local/etc/raddb/users" > acctusersfile =3D "/usr/local/etc/raddb/acct_users" > preproxy_usersfile =3D "/usr/local/etc/raddb/preproxy_users" > compat =3D "no" > } > reading pairlist file /usr/local/etc/raddb/users > reading pairlist file /usr/local/etc/raddb/acct_users > reading pairlist file /usr/local/etc/raddb/preproxy_users > Module: Checking preacct {...} for more modules to load > Module: Linked to module rlm_acct_unique > Module: Instantiating module "acct_unique" from file /usr/local/etc/radd= b/modules/acct_unique > acct_unique { > key =3D "User-Name, Acct-Session-Id, NAS-IP-Address, NAS-Identifi= er, NAS-Port" > } > Module: Checking accounting {...} for more modules to load > Module: Linked to module rlm_detail > Module: Instantiating module "detail" from file /usr/local/etc/raddb/mod= ules/detail > detail { > detailfile =3D "/var/log/radacct/%{%{Packet-Src-IP-Address}:-%{Pa= cket-Src-IPv6-Address}}/detail-%Y%m%d" > header =3D "%t" > detailperm =3D 384 > dirperm =3D 493 > locking =3D no > log_packet_header =3D no > } > Module: Linked to module rlm_attr_filter > Module: Instantiating module "attr_filter.accounting_response" from file= /usr/local/etc/raddb/modules/attr_fi = lter > attr_filter attr_filter.accounting_response { > attrsfile =3D "/usr/local/etc/raddb/attrs.accounting_response" > key =3D "%{User-Name}" > relaxed =3D no > } > reading pairlist file /usr/local/etc/raddb/attrs.accounting_response > Module: Checking session {...} for more modules to load > Module: Linked to module rlm_radutmp > Module: Instantiating module "radutmp" from file /usr/local/etc/raddb/mo= dules/radutmp > radutmp { > filename =3D "/var/log/radutmp" > username =3D "%{User-Name}" > case_sensitive =3D yes > check_with_nas =3D yes > perm =3D 384 > callerid =3D yes > } > Module: Checking post-proxy {...} for more modules to load > Module: Checking post-auth {...} for more modules to load > Module: Instantiating module "attr_filter.access_reject" from file /usr/= local/etc/raddb/modules/attr_filter > attr_filter attr_filter.access_reject { > attrsfile =3D "/usr/local/etc/raddb/attrs.access_reject" > key =3D "%{User-Name}" > relaxed =3D no > } > reading pairlist file /usr/local/etc/raddb/attrs.access_reject > } # modules > } # server > radiusd: #### Opening IP addresses and Ports #### > listen { > type =3D "auth" > ipaddr =3D * > port =3D 0 > } > listen { > type =3D "acct" > ipaddr =3D * > port =3D 0 > } > Listening on authentication address * port 1812 > Listening on accounting address * port 1813 > Ready to process requests. > rad_recv: Access-Request packet from host 10.128.0.100 port 37626, id=3D0= , length=3D158 > User-Name =3D "MaintenanceControlDisplay" > NAS-IP-Address =3D 127.0.0.1 > Calling-Station-Id =3D "02-00-00-00-00-01" > Framed-MTU =3D 1400 > NAS-Port-Type =3D Wireless-802.11 > Connect-Info =3D "CONNECT 11Mbps 802.11b" > EAP-Message =3D 0x0200001e014d61696e74656e616e6365436f6e74726f6c4= 46973706c6179 > Message-Authenticator =3D 0xad8a60fa6b73d53acb5ce659eff3da36 > # Executing section authorize from file /usr/local/etc/raddb/sites-enable= d/default > +- entering group authorize {...} > [preprocess] expand: %{User-Name} -> MaintenanceControlDisplay > [preprocess] hints: Matched DEFAULT at 78 > [preprocess] expand: %{Calling-Station-Id}@%{Cisco-AVPair[0]} -> 02-00= -00-00-00-01@ > ++[preprocess] returns ok > ++[chap] returns noop > ++[mschap] returns noop > ++[digest] returns noop > [suffix] No '@' in User-Name =3D "MaintenanceControlDisplay", looking up = realm NULL > [suffix] No such realm "NULL" > ++[suffix] returns noop > [eap] EAP packet type response id 0 length 30 > [eap] No EAP Start, assuming it's an on-going EAP conversation > ++[eap] returns updated > ++[files] returns noop > ++[expiration] returns noop > ++[logintime] returns noop > [pap] WARNING! No "known good" password found for the user. Authenticati= on may fail because of this. > ++[pap] returns noop > Found Auth-Type =3D EAP > # Executing group from file /usr/local/etc/raddb/sites-enabled/default > +- entering group authenticate {...} > [eap] EAP Identity > [eap] processing type tls > [tls] Requiring client certificate > [tls] Initiate > [tls] Start returned 1 > ++[eap] returns handled > Sending Access-Challenge of id 0 to 10.128.0.100 port 37626 > EAP-Message =3D 0x010100060d20 > Message-Authenticator =3D 0x00000000000000000000000000000000 > State =3D 0x513c3c87513d316c3a43028be40032ff > Finished request 0. > Going to the next request > Waking up in 4.9 seconds. > rad_recv: Access-Request packet from host 10.128.0.100 port 37626, id=3D1= , length=3D258 > User-Name =3D "MaintenanceControlDisplay" > NAS-IP-Address =3D 127.0.0.1 > Calling-Station-Id =3D "02-00-00-00-00-01" > Framed-MTU =3D 1400 > NAS-Port-Type =3D Wireless-802.11 > Connect-Info =3D "CONNECT 11Mbps 802.11b" > EAP-Message =3D 0x020100700d00160301006501000061030150e5f39860827= a0411cfb562ef8e20af61649f10290355949974 = ed309594e83f00003400390038003500880087008= 400160013000a00330032002f00450044004100050004001500120009001400110008 = 0006000300f= f0100000400230000 > State =3D 0x513c3c87513d316c3a43028be40032ff > Message-Authenticator =3D 0x0633be04de5c0102ddc9fa927ed47610 > # Executing section authorize from file /usr/local/etc/raddb/sites-enable= d/default > +- entering group authorize {...} > [preprocess] expand: %{User-Name} -> MaintenanceControlDisplay > [preprocess] hints: Matched DEFAULT at 78 > [preprocess] expand: %{Calling-Station-Id}@%{Cisco-AVPair[0]} -> 02-00= -00-00-00-01@ > ++[preprocess] returns ok > ++[chap] returns noop > ++[mschap] returns noop > ++[digest] returns noop > [suffix] No '@' in User-Name =3D "MaintenanceControlDisplay", looking up = realm NULL > [suffix] No such realm "NULL" > ++[suffix] returns noop > [eap] EAP packet type response id 1 length 112 > [eap] No EAP Start, assuming it's an on-going EAP conversation > ++[eap] returns updated > ++[files] returns noop > ++[expiration] returns noop > ++[logintime] returns noop > ++[pap] returns noop > Found Auth-Type =3D EAP > # Executing group from file /usr/local/etc/raddb/sites-enabled/default > +- entering group authenticate {...} > [eap] Request found, released from the list > [eap] EAP/tls > [eap] processing type tls > [tls] Authenticate > [tls] processing EAP-TLS > [tls] eaptls_verify returned 7 > [tls] Done initial handshake > [tls] (other): before/accept initialization > [tls] TLS_accept: before/accept initialization > [tls] <<< TLS 1.0 Handshake [length 0065], ClientHello > [tls] TLS_accept: SSLv3 read client hello A > [tls] >>> TLS 1.0 Handshake [length 0031], ServerHello > [tls] TLS_accept: SSLv3 write server hello A > [tls] >>> TLS 1.0 Handshake [length 1756], Certificate > [tls] TLS_accept: SSLv3 write certificate A > [tls] >>> TLS 1.0 Handshake [length 020d], ServerKeyExchange > [tls] TLS_accept: SSLv3 write key exchange A > [tls] >>> TLS 1.0 Handshake [length 0010], CertificateRequest > [tls] TLS_accept: SSLv3 write certificate request A > [tls] TLS_accept: SSLv3 flush data > [tls] TLS_accept: Need to read more data: SSLv3 read client certifica= te A > In SSL Handshake Phase > In SSL Accept mode > [tls] eaptls_process returned 13 > ++[eap] returns handled > Sending Access-Challenge of id 1 to 10.128.0.100 port 37626 > EAP-Message =3D 0x010204000dc0000019b816030100310200002d030150e5f= 3981aa9077b62c7c34d9eb90bd512eac8348779 = 1227b2d8e289befa6edf000039000005ff0100010= 016030117560b00175200174f000489308204853082036da003020102020a4b426b00 = 000100000d2= 2300d06092a864886f70d0101050500305b31133011060a0992268993f22c6401191603636f= 6d31163014060a0992268993 = f22c6401191606626f65696e6731133011060a0992268993f22c6401= 191603666c79311730150603550403130e45534444497373756572 = 32303438301e170d3132303331= 343139343732395a170d3134303131383036333331365a308191310b30090603 > EAP-Message =3D 0x55040613025553310b30090603550408130257413110300= e0603550407130753656174746c65311b301906 = 0355040a131254686520426f65696e6720436f6d7= 0616e79311f301d060355040b1316466f72205465737420507572706f736573204f6e = 6c793125302= 30603550403131c676174656c696e6b3832322e77616e32333173312e77616e2e6c61623082= 0122300d06092a864886f70d = 01010105000382010f003082010a0282010100c175642cacaf0313bb= 775762d65e844208b24fe044be27d2523ff76cb718dec7f17eb3ee = 320f859c8a03a5d34400a1783e= 2b543e8398d1785daa255073353c5d13ffa304f26019b8b859368bae5c65d617 > EAP-Message =3D 0x93e77241750f6fc8e2ffbff4b8fefbdd0321433512b07d0= 180c2271de6c5fa9458579163d21f4c26f7ced4 = 30868b3c0d344b85a2f5d37adcda8fb477d64b4c0= c2a978946081e0e52e47f4ddb0cb82c02f8a704f6f169b46c63f1db7e0403f7e0989d = 73546ddfe68= 23a83310c68ea5722997a969fa9b0858799de63fab0f941b510fb826d581823ef6f0eb6e59d= c96a434f18fa2288574a6de1 = 53a979ce2fc2b31e06dbd12bce17213019db711b563d0203010001a3= 8201123082010e301d0603551d0e04160414afc898ac5da8d7db13 = 80f5ca855cff669aa3035c300e= 0603551d0f0101ff04040302078030130603551d25040c300a06082b06010505 > EAP-Message =3D 0x070301301f0603551d230418301680147b3f3d89d72bac9= 72c086ada7233f64a074ea0a1303d0603551d1f = 043630343032a030a02e862c687474703a2f2f637= 26c2e626f65696e672e636f6d2f63726c2f45534444497373756572323034382e6372 = 6c300c06035= 51d130101ff04023000303d06092b06010401823715070430302e06262b0601040182371508= acc31f85e0d61c87dd892487 = e6e83681a1f354814681b4812e84aaae09020164020105301b06092b= 060104018237150a040e300c300a06082b06010505070301300d06 = 092a864886f70d010105050003= 82010100702d7a1bde789d5af9c5d5ba6afed07c0f23bd794b1e54aa6ac6ed3b > EAP-Message =3D 0x634ee662bd183641cf537132 > Message-Authenticator =3D 0x00000000000000000000000000000000 > State =3D 0x513c3c87503e316c3a43028be40032ff > Finished request 1. > Going to the next request > Waking up in 4.9 seconds. > rad_recv: Access-Request packet from host 10.128.0.100 port 37626, id=3D2= , length=3D152 > User-Name =3D "MaintenanceControlDisplay" > NAS-IP-Address =3D 127.0.0.1 > Calling-Station-Id =3D "02-00-00-00-00-01" > Framed-MTU =3D 1400 > NAS-Port-Type =3D Wireless-802.11 > Connect-Info =3D "CONNECT 11Mbps 802.11b" > EAP-Message =3D 0x020200060d00 > State =3D 0x513c3c87503e316c3a43028be40032ff > Message-Authenticator =3D 0xb498e0ab471b0fe82149a213e502cc78 > # Executing section authorize from file /usr/local/etc/raddb/sites-enable= d/default > +- entering group authorize {...} > [preprocess] expand: %{User-Name} -> MaintenanceControlDisplay > [preprocess] hints: Matched DEFAULT at 78 > [preprocess] expand: %{Calling-Station-Id}@%{Cisco-AVPair[0]} -> 02-00= -00-00-00-01@ > ++[preprocess] returns ok > ++[chap] returns noop > ++[mschap] returns noop > ++[digest] returns noop > [suffix] No '@' in User-Name =3D "MaintenanceControlDisplay", looking up = realm NULL > [suffix] No such realm "NULL" > ++[suffix] returns noop > [eap] EAP packet type response id 2 length 6 > [eap] No EAP Start, assuming it's an on-going EAP conversation > ++[eap] returns updated > ++[files] returns noop > ++[expiration] returns noop > ++[logintime] returns noop > ++[pap] returns noop > Found Auth-Type =3D EAP > # Executing group from file /usr/local/etc/raddb/sites-enabled/default > +- entering group authenticate {...} > [eap] Request found, released from the list > [eap] EAP/tls > [eap] processing type tls > [tls] Authenticate > [tls] processing EAP-TLS > [tls] Received TLS ACK > [tls] ACK handshake fragment handler > [tls] eaptls_verify returned 1 > [tls] eaptls_process returned 13 > ++[eap] returns handled > Sending Access-Challenge of id 2 to 10.128.0.100 port 37626 > EAP-Message =3D 0x010304000dc0000019b8322dbdd1145b65fc9a838c88b38= 578712aee8672f594dbb51c82d3b2b239171e2b = c6816740828370ab131a9f6e7cdbc9ce1af59564a= b13f6084b2f7dfbc59766edeb710de9be3c3820775d69539962c845f60c47fcaf3c43 = d021eea95f8= 6ab7bfecab3ae917a9d8fa792195be052d27c8e2d7cdd72d743d89cfff56a500f9face99c55= 63972d19ead292a4ebda615f = f2c89a07dd30c1c06f25bc476090e077f5a6af2d1e618208bfd018a5= 6abb362b8bce884976f6d3adb093d2eeae7bd59063ae8a868fb1cd = c19c990d818216e7f1e68c5c7c= 1495bb1bc800057a308205763082035ea003020102020a61395bb70001000000 > EAP-Message =3D 0x0a300d06092a864886f70d0101050500305a31133011060= a0992268993f22c6401191603636f6d31163014 = 060a0992268993f22c6401191606626f65696e673= 1133011060a0992268993f22c6401191603666c79311630140603550403130d455344 = 44496e74657= 234303936301e170d3039303131393037303632315a170d3134303131383036333331365a30= 5b31133011060a0992268993 = f22c6401191603636f6d31163014060a0992268993f22c6401191606= 626f65696e6731133011060a0992268993f22c6401191603666c79 = 311730150603550403130e4553= 44444973737565723230343830820122300d06092a864886f70d010101050003 > EAP-Message =3D 0x82010f003082010a02820101009ede837e52ce12f2f315c= 72da8adbaf7828db60d09392a3cf133c5f11a49 = 7d7bd90f1e1eddcdb23058de50acad29c809b5036= f4ce1b0307609a68c92c47bb3a089b236e8e05e3275170369ab25371f4bc684324ac5 = 4ad223a046a= 4eb84964daaf1c2244edec54b03ef4137634d55afc4e118031d822efd491b7cf9d653036229= 7ccff6616dfe1f0ebaebaf4f = 84ff9edce03a9189f34ca257ce621e20aeaf539e5f91fcae83e89219= e587fde80e5c86666d5fd5fdc364f47ab4bda8b62f6233a18e1ddc = f109c90234bec8def2d14c026d= 557b14cd764a677f91c3e5a096bc0f216a6aa60365dad3b4bbe2616ef038a6d2 > EAP-Message =3D 0x610bf15597e4fb288472028530c054f10203010001a3820= 13b30820137300f0603551d130101ff04053003 = 0101ff301d0603551d0e041604147b3f3d89d72ba= c972c086ada7233f64a074ea0a1300b0603551d0f040403020186301006092b060104 = 01823715010= 403020101302306092b060104018237150204160414249ba6c4888fd87d96ab95594e6637dd= 6e25632f301906092b060104 = 0182371402040c1e0a00530075006200430041301f0603551d230418= 3016801443b1f625d530e7f847f0bfcb526b9b4fe1fe72b9303c06 = 03551d1f043530333031a02fa0= 2d862b687474703a2f2f63726c2e626f65696e672e636f6d2f63726c2f455344 > EAP-Message =3D 0x44496e746572343039362e63 > Message-Authenticator =3D 0x00000000000000000000000000000000 > State =3D 0x513c3c87533f316c3a43028be40032ff > Finished request 2. > Going to the next request > Waking up in 4.9 seconds. > rad_recv: Access-Request packet from host 10.128.0.100 port 37626, id=3D3= , length=3D152 > User-Name =3D "MaintenanceControlDisplay" > NAS-IP-Address =3D 127.0.0.1 > Calling-Station-Id =3D "02-00-00-00-00-01" > Framed-MTU =3D 1400 > NAS-Port-Type =3D Wireless-802.11 > Connect-Info =3D "CONNECT 11Mbps 802.11b" > EAP-Message =3D 0x020300060d00 > State =3D 0x513c3c87533f316c3a43028be40032ff > Message-Authenticator =3D 0xbfd7afb5cc827e4dfe0e545087c18bdd > # Executing section authorize from file /usr/local/etc/raddb/sites-enable= d/default > +- entering group authorize {...} > [preprocess] expand: %{User-Name} -> MaintenanceControlDisplay > [preprocess] hints: Matched DEFAULT at 78 > [preprocess] expand: %{Calling-Station-Id}@%{Cisco-AVPair[0]} -> 02-00= -00-00-00-01@ > ++[preprocess] returns ok > ++[chap] returns noop > ++[mschap] returns noop > ++[digest] returns noop > [suffix] No '@' in User-Name =3D "MaintenanceControlDisplay", looking up = realm NULL > [suffix] No such realm "NULL" > ++[suffix] returns noop > [eap] EAP packet type response id 3 length 6 > [eap] No EAP Start, assuming it's an on-going EAP conversation > ++[eap] returns updated > ++[files] returns noop > ++[expiration] returns noop > ++[logintime] returns noop > ++[pap] returns noop > Found Auth-Type =3D EAP > # Executing group from file /usr/local/etc/raddb/sites-enabled/default > +- entering group authenticate {...} > [eap] Request found, released from the list > [eap] EAP/tls > [eap] processing type tls > [tls] Authenticate > [tls] processing EAP-TLS > [tls] Received TLS ACK > [tls] ACK handshake fragment handler > [tls] eaptls_verify returned 1 > [tls] eaptls_process returned 13 > ++[eap] returns handled > Sending Access-Challenge of id 3 to 10.128.0.100 port 37626 > EAP-Message =3D 0x010404000dc0000019b8726c304706082b0601050507010= 1043b3039303706082b06010505073002862b68 = 7474703a2f2f63726c2e626f65696e672e636f6d2= f63726c2f45534444496e746572343039362e637274300d06092a864886f70d010105 = 05000382020= 1006bd3c23ef41bc64c3383a89e90f53061c5b5f03e2040ebc07377fedd37e6ea3f8ce247d0= 459c1889138a0c63c9b5b5b3 = 05e8696de327c1658330193d784233a5343e00e03ccce0e77960a69b= 0f9a547a193d6a6502ec30fe65c6365aab74304517f7fea0ce3a07 = 896d13492d59f11ff187aae8d7= 43897f92efa32b18a86a8c02d4e909e17e97417d5c676d546785540ebdf85336 > EAP-Message =3D 0x6842f38e66b0d9a00bc6cf2a25777f0def04b8971ebce5b= 776400e121455288ae22c65c6d23fbcd243a9be = 7182f6969f0d6061dc4f786eb6eb2fbfd89c807c9= 90eb67a595fb2717599cc0262dfe8483f7e4f010c8bf6e8c9e02de0a3ccb594e8a1ee = 52cfd051e13= 642a34f0325c6c767548c6102d4e4311a37b08d44164afff6a0a67af3f971ad402ee75a8835= d5fa76731958078d4b3f483f = 412fbb36b888e5416ec598487402187b049bd80f79fa8d53f6476999= c2cf3b82646d2777fd7c6c0ce31b3c330693d78b8960d784840ff1 = 0e784e078023b73ad81e0fd6fd= c7bf66bf09cf8118d3852613bd4cf23f384191bdd292050490c3bfde93230dba > EAP-Message =3D 0x380f1391aaf299bd7c4288e0758c9132df0250d269f10da= 91b51fb1cd3238828cfc140f801ba777248759e = 0fdb13e10e08560616d5d7dd7b4cd5a091b28ffba= 665665648e98da44682f17430ada59a3a4b889250ae64a1d4f112a3a83fab8bcaf308 = 087ff97a820= a6844c8e64ac929000676308206723082045aa003020102020a611b280600000000000c300d= 06092a864886f70d01010505 = 00305931133011060a0992268993f22c6401191603636f6d31163014= 060a0992268993f22c6401191606626f65696e6731133011060a09 = 92268993f22c6401191603666c= 79311530130603550403130c45534444526f6f7434303936301e170d30393031 > EAP-Message =3D 0x31393036333331365a170d3134303131383036333331365= a305a31133011060a0992268993f22c64011916 = 03636f6d31163014060a0992268993f22c6401191= 606626f65696e6731133011060a0992268993f22c6401191603666c79311630140603 = 550403130d4= 5534444496e7465723430393630820222300d06092a864886f70d01010105000382020f0030= 82020a02820201009f550e60 = c398442453191759d44c49d10f2a9e1a27f47675f419fe64086a65ff= 77d075fbbbb7239ca1fd75d1dc0edc36c967a6ea0bd640e7cea54d = 41b0cb877f320f987db51ef21d= bad0e6b248c8bc4473b4a39f180bc2b8427c69bfecc87f56d43bceacb6b6fed6 > EAP-Message =3D 0x27d3d06b2c391f698a19dcc9 > Message-Authenticator =3D 0x00000000000000000000000000000000 > State =3D 0x513c3c875238316c3a43028be40032ff > Finished request 3. > Going to the next request > Waking up in 4.9 seconds. > rad_recv: Access-Request packet from host 10.128.0.100 port 37626, id=3D4= , length=3D152 > User-Name =3D "MaintenanceControlDisplay" > NAS-IP-Address =3D 127.0.0.1 > Calling-Station-Id =3D "02-00-00-00-00-01" > Framed-MTU =3D 1400 > NAS-Port-Type =3D Wireless-802.11 > Connect-Info =3D "CONNECT 11Mbps 802.11b" > EAP-Message =3D 0x020400060d00 > State =3D 0x513c3c875238316c3a43028be40032ff > Message-Authenticator =3D 0x6fcf451c592fb99c374d0321cdc02af7 > # Executing section authorize from file /usr/local/etc/raddb/sites-enable= d/default > +- entering group authorize {...} > [preprocess] expand: %{User-Name} -> MaintenanceControlDisplay > [preprocess] hints: Matched DEFAULT at 78 > [preprocess] expand: %{Calling-Station-Id}@%{Cisco-AVPair[0]} -> 02-00= -00-00-00-01@ > ++[preprocess] returns ok > ++[chap] returns noop > ++[mschap] returns noop > ++[digest] returns noop > [suffix] No '@' in User-Name =3D "MaintenanceControlDisplay", looking up = realm NULL > [suffix] No such realm "NULL" > ++[suffix] returns noop > [eap] EAP packet type response id 4 length 6 > [eap] No EAP Start, assuming it's an on-going EAP conversation > ++[eap] returns updated > ++[files] returns noop > ++[expiration] returns noop > ++[logintime] returns noop > ++[pap] returns noop > Found Auth-Type =3D EAP > # Executing group from file /usr/local/etc/raddb/sites-enabled/default > +- entering group authenticate {...} > [eap] Request found, released from the list > [eap] EAP/tls > [eap] processing type tls > [tls] Authenticate > [tls] processing EAP-TLS > [tls] Received TLS ACK > [tls] ACK handshake fragment handler > [tls] eaptls_verify returned 1 > [tls] eaptls_process returned 13 > ++[eap] returns handled > Sending Access-Challenge of id 4 to 10.128.0.100 port 37626 > EAP-Message =3D 0x010504000dc0000019b818b1a01850edb9a3f1c949732ec= 57efb446b43e596e64a768bab47d95f225af8d8 = c5ae7de5f79fddcaf339bc7d98ac0d09d0c82360a= b3ab9208403293f45606176d518eb96ecd05d09ddce6b4740583074d5f6b4315fd1a1 = 599941102a3= 13f6ca1689620d6bc8101088ac513e2d20b333d60617ae64f68af26146da6b94180f0ee7031= bd05d03d03abc66ca3b6a283 = 21b0e409107c1b867cf999bb1aaca9d29d85295c57b27c29cab526a8= da538e6a449f253a44ad71e2d3ac3769fe8c6ce37e1298ff4f96d9 = 1f9ccd37d21a763b9e508d11a9= 64dfbe19c6f4a51d2562ef397940ed309f29427f85ade6fc8015e56090fa480b > EAP-Message =3D 0xa5b8225807f6d9804f0812390cea201da3a955473b5f19d= fd3223b1341e9e36b72b28c82c75b6c5da59751 = 8f2f7b6c9fe052f98590c8c3225ea11c1b2805077= 251f5ac84fef400f43ad9940338c1b66b158dcf3b31649ce753edbd8b38bda0d50387 = 81dc6381114= 74a99a932a144c6b3ac153f1d3d0d61117cd2cb590d424b39e8b3164ef536f1c2860dc7e888= 9e3ae9412bc0422e5b7923c5 = 0203010001a382013930820135300f0603551d130101ff0405300301= 01ff301d0603551d0e0416041443b1f625d530e7f847f0bfcb526b = 9b4fe1fe72b9300b0603551d0f= 040403020186301006092b06010401823715010403020101302306092b060104 > EAP-Message =3D 0x018237150204160414d31f074108cfac5cc47ed111d3a27= 12f219c9012301906092b060104018237140204 = 0c1e0a00530075006200430041301f0603551d230= 418301680141e4e1c8a14ef89a83391ee997b1cabed3f47eaa6303b0603551d1f0434 = 30323030a02= ea02c862a687474703a2f2f63726c2e626f65696e672e636f6d2f63726c2f45534444526f6f= 74343039362e63726c304606 = 082b06010505070101043a3038303606082b06010505073002862a68= 7474703a2f2f63726c2e626f65696e672e636f6d2f63726c2f4553 = 4444526f6f74343039362e6372= 74300d06092a864886f70d01010505000382020100976a48f45eed37c7312614 > EAP-Message =3D 0x76bba7a6b705e7d169a8fbad7b380e5f75f32761bb56e80= 3864ee663cac722b7c1a9ea1d6b2a0c06f952c9 = 1e4b7b2d99724f0330cd81d4800cf17842bceeaed= 7285a45f90879667e3a18f70b3464a3d0d6d514173a98b9678e998b8d9a494cfe9243 = e300c2832a3= 5df610158cd396b1f280db73d94c58709c200b1d702aee8c2a8ebb7b07ff2acbc547bdc9889= 122128abeaeb1f5750264529 = 52e0e9c51292bd2ef1eff30468f418406c0860cd36806e73fc3e13fb= 5f3cccc7cd8fb934c2f06f94e83a8be6d9985b53b884c8236135e8 = 8e63ba8dd36b4708cff97de8f1= 4e4a035a02e9aef78670e90101f725f08e02ea7beaf85acf6e722216671b0074 > EAP-Message =3D 0x9643ef995a71e0e0f21dd9f5 > Message-Authenticator =3D 0x00000000000000000000000000000000 > State =3D 0x513c3c875539316c3a43028be40032ff > Finished request 4. > Going to the next request > Waking up in 4.9 seconds. > rad_recv: Access-Request packet from host 10.128.0.100 port 37626, id=3D5= , length=3D152 > User-Name =3D "MaintenanceControlDisplay" > NAS-IP-Address =3D 127.0.0.1 > Calling-Station-Id =3D "02-00-00-00-00-01" > Framed-MTU =3D 1400 > NAS-Port-Type =3D Wireless-802.11 > Connect-Info =3D "CONNECT 11Mbps 802.11b" > EAP-Message =3D 0x020500060d00 > State =3D 0x513c3c875539316c3a43028be40032ff > Message-Authenticator =3D 0x66eccf08ef53f2b5ae2dbbb2933ccbf3 > # Executing section authorize from file /usr/local/etc/raddb/sites-enable= d/default > +- entering group authorize {...} > [preprocess] expand: %{User-Name} -> MaintenanceControlDisplay > [preprocess] hints: Matched DEFAULT at 78 > [preprocess] expand: %{Calling-Station-Id}@%{Cisco-AVPair[0]} -> 02-00= -00-00-00-01@ > ++[preprocess] returns ok > ++[chap] returns noop > ++[mschap] returns noop > ++[digest] returns noop > [suffix] No '@' in User-Name =3D "MaintenanceControlDisplay", looking up = realm NULL > [suffix] No such realm "NULL" > ++[suffix] returns noop > [eap] EAP packet type response id 5 length 6 > [eap] No EAP Start, assuming it's an on-going EAP conversation > ++[eap] returns updated > ++[files] returns noop > ++[expiration] returns noop > ++[logintime] returns noop > ++[pap] returns noop > Found Auth-Type =3D EAP > # Executing group from file /usr/local/etc/raddb/sites-enabled/default > +- entering group authenticate {...} > [eap] Request found, released from the list > [eap] EAP/tls > [eap] processing type tls > [tls] Authenticate > [tls] processing EAP-TLS > [tls] Received TLS ACK > [tls] ACK handshake fragment handler > [tls] eaptls_verify returned 1 > [tls] eaptls_process returned 13 > ++[eap] returns handled > Sending Access-Challenge of id 5 to 10.128.0.100 port 37626 > EAP-Message =3D 0x010604000dc0000019b8282ddba71c014fea56097bdf2c6= 0cdc6056d3cea13ba4aae1782860adaebd34a89 = 6186d5840355a6e80e91b21bfa283bed2bbb4c67b= 198e212875081fd305ec7d6d74af01bf6780355aea3a1ee8cd3e506224829321aade7 = c25d915394e= b31db8310834e1724d5ca7dfccfff1d18935ddb264b199bda870f3954c4243e82b167acdd96= fb2091a99de16a1710007885 = b0f9e045d7bc8ab34af0041db6e8009a20d0ba835517ea46b6e95b6a= 47b993c8ba1ad606a030f40102b8c02b226bce7e64d4a2a705a08f = e4c4cb51519be63c4455c0a6e8= 871658c1f20195a7d7efeecd530454602d8d6ac6cb81540d180006ca308206c6 > EAP-Message =3D 0x308204aea003020102021056886f61a89e888c4face278a= 0aabf44300d06092a864886f70d010105050030 = 5931133011060a0992268993f22c6401191603636= f6d31163014060a0992268993f22c6401191606626f65696e6731133011060a099226 = 8993f22c640= 1191603666c79311530130603550403130c45534444526f6f7434303936301e170d30373132= 31373233333632385a170d32 = 37313231373233343335395a305931133011060a0992268993f22c64= 01191603636f6d31163014060a0992268993f22c6401191606626f = 65696e6731133011060a099226= 8993f22c6401191603666c79311530130603550403130c45534444526f6f7434 > EAP-Message =3D 0x30393630820222300d06092a864886f70d0101010500038= 2020f003082020a0282020100a893f9fa5409d6 = 8e7a33cfcd03bc0578efac41770a34a84b1d78ba3= b554ef6a3b40722737a757b7db9e9e9f24fbb3d065e30a8ff8834e8e0c1b864c8d365 = 10289b13115= 0730708492a06254d96761937a485841420ea2a80c539e68e8adac2a5242c0281659c60169a= 50b6a926be06544eee5901f9 = 073377613af43616575be42d8a2fa8184a5bb0740fc13203bbc397b1= 54725415586ae6554dce245015f13b42c85358f46aff90ade72f86 = 4789cb9739f179efbaabb0be43= 6bbaeeb6bc8ba42e35497e4f02c0fd47515a6d354553e23ff3c9b4654094f7a1 > EAP-Message =3D 0x09e81f95a131b619b94fdeaba656439b470f3f2e4c4679c= e6b3b19d3cdc132dda580ef80f98af9ddfdcb50 = d59a335f8bd4de4a3ce7f493fc4a942659b3b35c0= f67b7d2e7b21609e9ea84ca7b5bb9f8db4904e7353c8f32a8f04091df845c69df0631 = 2eac02e2562= 1f08615ccb20cab61b9703c9150a3a5c13cec3f590a8258950ac680d5c578aa6ccb5f27effd= abdeb10d7ff6dc49b4441f6e = 29b88283a446ca910e90c9e6572f595c3476eaf515efe2793ac6d7b7= a4891f4c655926fb4e2a76d90d8a8ab6b062aabf7aab2bc6354b1b = a8161d71ea4b54ab72547e2012= 9f1e7947333165e07900b1b50fb9b482786124dedbe293e98b9386bf666129ea > EAP-Message =3D 0xf95088b9f7ecd25158dc52fd > Message-Authenticator =3D 0x00000000000000000000000000000000 > State =3D 0x513c3c87543a316c3a43028be40032ff > Finished request 5. > Going to the next request > Waking up in 1.9 seconds. > rad_recv: Access-Request packet from host 10.128.0.100 port 37626, id=3D6= , length=3D152 > User-Name =3D "MaintenanceControlDisplay" > NAS-IP-Address =3D 127.0.0.1 > Calling-Station-Id =3D "02-00-00-00-00-01" > Framed-MTU =3D 1400 > NAS-Port-Type =3D Wireless-802.11 > Connect-Info =3D "CONNECT 11Mbps 802.11b" > EAP-Message =3D 0x020600060d00 > State =3D 0x513c3c87543a316c3a43028be40032ff > Message-Authenticator =3D 0xbf530521aed3b6bee2217fd16706c847 > # Executing section authorize from file /usr/local/etc/raddb/sites-enable= d/default > +- entering group authorize {...} > [preprocess] expand: %{User-Name} -> MaintenanceControlDisplay > [preprocess] hints: Matched DEFAULT at 78 > [preprocess] expand: %{Calling-Station-Id}@%{Cisco-AVPair[0]} -> 02-00= -00-00-00-01@ > ++[preprocess] returns ok > ++[chap] returns noop > ++[mschap] returns noop > ++[digest] returns noop > [suffix] No '@' in User-Name =3D "MaintenanceControlDisplay", looking up = realm NULL > [suffix] No such realm "NULL" > ++[suffix] returns noop > [eap] EAP packet type response id 6 length 6 > [eap] No EAP Start, assuming it's an on-going EAP conversation > ++[eap] returns updated > ++[files] returns noop > ++[expiration] returns noop > ++[logintime] returns noop > ++[pap] returns noop > Found Auth-Type =3D EAP > # Executing group from file /usr/local/etc/raddb/sites-enabled/default > +- entering group authenticate {...} > [eap] Request found, released from the list > [eap] EAP/tls > [eap] processing type tls > [tls] Authenticate > [tls] processing EAP-TLS > [tls] Received TLS ACK > [tls] ACK handshake fragment handler > [tls] eaptls_verify returned 1 > [tls] eaptls_process returned 13 > ++[eap] returns handled > Sending Access-Challenge of id 6 to 10.128.0.100 port 37626 > EAP-Message =3D 0x010704000dc0000019b874ad9397665c795e18dbb695213= 43c7c7cf0c9c79720006e6707bc5fa3cf020301 = 0001a382018830820184301306092b06010401823= 7140204061e0400430041300b0603551d0f040403020186300f0603551d130101ff04 = 0530030101f= f301d0603551d0e041604141e4e1c8a14ef89a83391ee997b1cabed3f47eaa63082011c0603= 551d1f048201133082010f30 = 82010ba0820107a08201038681bf6c6461703a2f2f2f434e3d455344= 44526f6f74343039362c434e3d706b692d746573742d3738376d2c = 434e3d4344502c434e3d507562= 6c69632532304b657925323053657276696365732c434e3d5365727669636573 > EAP-Message =3D 0x2c434e3d436f6e66696775726174696f6e2c44433d666c7= 92c44433d626f65696e672c44433d636f6d3f63 = 657274696669636174655265766f636174696f6e4= c6973743f626173653f6f626a656374436c6173733d63524c44697374726962757469 = 6f6e506f696= e74863f687474703a2f2f706b692d746573742d3738376d2e666c792e626f65696e672e636f= 6d2f43657274456e726f6c6c = 2f45534444526f6f74343039362e63726c301006092b060104018237= 15010403020100300d06092a864886f70d01010505000382020100 = 89d0fd7533e496888b2ac6b9ce= dabf4da5fa5c734b99eca89061b28b303050d210ea6b591dfee0c4efc644244a > EAP-Message =3D 0x55b135a226d9597c71f777a1bee950cdc582f70f1afd54a= d92a7f9d13b697c2e77777bfe33c5b486af6b82 = 2e97d9efdc82a072c3935760378f9faa5be09ac10= 26c0bf10b3f88bd8b6fb1366829a61ba8496a5f204ba82f88fcc05f8275de0addc828 = 7bb6c9e8c93= 1a223475d7b29c414992ab24512048a99033f4a82fd82b68ae58129e7d3c7a4e60e26a8b559= 1098b9a9cde9fe2a3d17964e = 686d8fccbb897fda38447ddd014fed04c06e4de165ffb3afe93e17a0= bd63973b0a261e1eaf839060b716cdb7891fe872a2a45181c88842 = 27c94d290a3620ddbfe38a9e2d= a706250c49ec0413ad0cfb4440b1cf70fbad7668685ccd4146677001b560850e > EAP-Message =3D 0x8eba09cc6280711eb067230a81d461bcde5ceb4c3395646= 0a20303d68d0219f5cc3bef1d14c94f632a9400 = 06cf1b90da3e8e37de8440d2079c6a5f4cde66fa9= d045d6fcdc04250079b7e1387e0320f40e08d40f013f0d26b22d826a229b1460b64cc = 447a34d8668= 7a297b5fe04865b0fb328cd18d8abfa1ea4b1c58ae57f311567069d521fb42e9918aa3cbf6c= a91db5eeae294156426a4249 = cfd6d3750506a3bb8f98b9e5d839b7fd939293fb96483aaa2ff99110= fff680e1117cd11c183cfdeb0aa91b26e89043e33d2ef03588b568 = 7b47727e3622160301020d0c00= 02090080dd92a7065d8e5c198f2ac94683f6016182a6c9d6ba13d1c40605fce5 > EAP-Message =3D 0x6f7cd0bb7873bf1b9cb9e92f > Message-Authenticator =3D 0x00000000000000000000000000000000 > State =3D 0x513c3c87573b316c3a43028be40032ff > Finished request 6. > Going to the next request > Waking up in 1.8 seconds. > rad_recv: Access-Request packet from host 10.128.0.100 port 37626, id=3D7= , length=3D152 > User-Name =3D "MaintenanceControlDisplay" > NAS-IP-Address =3D 127.0.0.1 > Calling-Station-Id =3D "02-00-00-00-00-01" > Framed-MTU =3D 1400 > NAS-Port-Type =3D Wireless-802.11 > Connect-Info =3D "CONNECT 11Mbps 802.11b" > EAP-Message =3D 0x020700060d00 > State =3D 0x513c3c87573b316c3a43028be40032ff > Message-Authenticator =3D 0x06ae2cc57b97003ec0e8eac545dbfb0c > # Executing section authorize from file /usr/local/etc/raddb/sites-enable= d/default > +- entering group authorize {...} > [preprocess] expand: %{User-Name} -> MaintenanceControlDisplay > [preprocess] hints: Matched DEFAULT at 78 > [preprocess] expand: %{Calling-Station-Id}@%{Cisco-AVPair[0]} -> 02-00= -00-00-00-01@ > ++[preprocess] returns ok > ++[chap] returns noop > ++[mschap] returns noop > ++[digest] returns noop > [suffix] No '@' in User-Name =3D "MaintenanceControlDisplay", looking up = realm NULL > [suffix] No such realm "NULL" > ++[suffix] returns noop > [eap] EAP packet type response id 7 length 6 > [eap] No EAP Start, assuming it's an on-going EAP conversation > ++[eap] returns updated > ++[files] returns noop > ++[expiration] returns noop > ++[logintime] returns noop > ++[pap] returns noop > Found Auth-Type =3D EAP > # Executing group from file /usr/local/etc/raddb/sites-enabled/default > +- entering group authenticate {...} > [eap] Request found, released from the list > [eap] EAP/tls > [eap] processing type tls > [tls] Authenticate > [tls] processing EAP-TLS > [tls] Received TLS ACK > [tls] ACK handshake fragment handler > [tls] eaptls_verify returned 1 > [tls] eaptls_process returned 13 > ++[eap] returns handled > Sending Access-Challenge of id 7 to 10.128.0.100 port 37626 > EAP-Message =3D 0x010801fe0d80000019b8544530c61e8a23e3590282c0ebb= a4fc54b2d29238cb7f36aef2cbab2aec5ba9a45 = 71e9c70452124f67982ee113094defee5efa0bccf= a2370fbd4ce688f6bc87b7c19984a674679dded04265157ea403bf20afa80f983b843 = 00010200805= b50c049e7191c5c308f9d08f146209d6e66fda2e79fcde8b3765984ce53e4a99e3c900efaff= 208fdd7895025afac839f9f8 = e19d69bca8c19aba5618c1536001d26494c8cedfd8c5797fa6061992= 2bf49b071db2088e732b4ce94e73f123a076d2f9b1d128b235a095 = 39c98f263dcb092111fb7e1f16= 38283f6d4b66f8a1315d01000ec6225e068fc52890b70cd59e8cfecf8f4e57ac > EAP-Message =3D 0x8dc359de5994463c15c9e624ef85895cb1da4aa68a7e8a0= 9454fbbdfb4469ba590aafe3672b340e5526ade = b5186ca5e1e74e7fa38d9d394fa07944f31fb0a1b= 55e0e5ed92e20b7efdf543921e00a8a8e6a6efd2d90d1ccb35e5e140b97eb81ecc1a9 = 9f22c1eecbe= e017a724ec50bcbc0d89c64e877654f1a689986b1e192560ab2ebc8ca66cb3c3f7f7d97fb3f= b5981f4dc7589a8ddf3f4147 = e4c5b98786f2363f23383af6c50533f41c3a393cb68ffd2709816fde= 6408d945dc32e460918c36297894053fb6ce68f3a6f2fa0476bba5 = 9873c0cb03879687b89b2bec31= 66fabbe01d2d5b3965ba949c63b00016030100100d0000080503040102400000 > EAP-Message =3D 0x0e000000 > Message-Authenticator =3D 0x00000000000000000000000000000000 > State =3D 0x513c3c875634316c3a43028be40032ff > Finished request 7. > Going to the next request > Waking up in 1.8 seconds. > rad_recv: Access-Request packet from host 10.128.0.100 port 37626, id=3D8= , length=3D1188 > User-Name =3D "MaintenanceControlDisplay" > NAS-IP-Address =3D 127.0.0.1 > Calling-Station-Id =3D "02-00-00-00-00-01" > Framed-MTU =3D 1400 > NAS-Port-Type =3D Wireless-802.11 > Connect-Info =3D "CONNECT 11Mbps 802.11b" > EAP-Message =3D 0x0208040a0dc00000194c16030117760b00177200176f000= 4a9308204a53082038da003020102020a3e173b = a1000100000d47300d06092a864886f70d0101050= 500305b31133011060a0992268993f22c6401191603636f6d31163014060a09922689 = 93f22c64011= 91606626f65696e6731133011060a0992268993f22c6401191603666c793117301506035504= 03130e455344444973737565 = 7232303438301e170d3132303433303233333030315a170d31343031= 31383036333331365a3081bf3111300f060355042d130841343033 = 36353235311b3019060355040d= 131243726577576972656c657373446576696365310b30090603550406130255 > EAP-Message =3D 0x53313b3039060355040a1e320042004f0045005f0049005= 4004c0020004100690072006c0069006e006500 = 7300200043006f002e0020004c00740064002e311= f301d060355040b1316466f72205465737420507572706f736573204f6e6c79312230 = 20060355040= 313194d61696e74656e616e6365436f6e74726f6c446973706c617930820122300d06092a86= 4886f70d0101010500038201 = 0f003082010a0282010100bb3bcec2944ed1d3fc8ac41562f821490a= ed9d0f94f8f287c607d8996a2687eb23f6b2ee59b525245e542b78 = 6dfd538078617b79923e0d8037= 3a6c3ce49b3e4bedefc10d2f2cb045a7c03b1fe435d96f888cd388c1fa5acab9 > EAP-Message =3D 0xd1a2b16fb1058b3ede15cd1be6bab2332201d884e276323= a13180df7e56b14337910fc1bb70283e81da756 = c47d934521842fa253f5243a175626324bf3aa886= b391cde87206d0549d1d798994c87fa663d6fb76f28eeebe6228dcf30d24a7657c8e3 = 2dfea928cc3= 7f4ad1787fc585fd2c0a6a7f600acb2acf5f4bae81dbf5d7fee78e2fa79b6d01d705930e7b6= 672a31e81959068105992392 = fb4a91fded9d31f7bb2d7c01a7ab0203010001a38201043082010030= 1d0603551d0e0416041489e6897d59dded56f52a300000aceac02c = fc277a30130603551d25040c30= 0a06082b06010505070302300e0603551d0f0101ff0404030205a0301f060355 > EAP-Message =3D 0x1d230418301680147b3f3d89d72bac972c086ada7233f64= a074ea0a1303d0603551d1f043630343032a030 = a02e862c687474703a2f2f63726c2e626f65696e6= 72e636f6d2f63726c2f45534444497373756572323034382e63726c303d06092b0601 = 04018237150= 70430302e06262b0601040182371508acc31f85e0d61c87dd892487e6e83681a1f354814687= e8e46882f8d1190201640201 = 05301b06092b060104018237150a040e300c300a06082b0601050507= 0302300d06092a864886f70d0101050500038201010004e19b0cfd = 1d67050634a01adc74f1bf85a0= fea2fba20aafdf51982415ce03664873d92731d65e2db6430c0fe9be3d6c3cdd > EAP-Message =3D 0xdacb8c60528ee06450f501b12ce84c5251ce30137e56 > State =3D 0x513c3c875634316c3a43028be40032ff > Message-Authenticator =3D 0x9d6744dd03fb0ae72889cac849b5ede0 > # Executing section authorize from file /usr/local/etc/raddb/sites-enable= d/default > +- entering group authorize {...} > [preprocess] expand: %{User-Name} -> MaintenanceControlDisplay > [preprocess] hints: Matched DEFAULT at 78 > [preprocess] expand: %{Calling-Station-Id}@%{Cisco-AVPair[0]} -> 02-00= -00-00-00-01@ > ++[preprocess] returns ok > ++[chap] returns noop > ++[mschap] returns noop > ++[digest] returns noop > [suffix] No '@' in User-Name =3D "MaintenanceControlDisplay", looking up = realm NULL > [suffix] No such realm "NULL" > ++[suffix] returns noop > [eap] EAP packet type response id 8 length 253 > [eap] No EAP Start, assuming it's an on-going EAP conversation > ++[eap] returns updated > ++[files] returns noop > ++[expiration] returns noop > ++[logintime] returns noop > ++[pap] returns noop > Found Auth-Type =3D EAP > # Executing group from file /usr/local/etc/raddb/sites-enabled/default > +- entering group authenticate {...} > [eap] Request found, released from the list > [eap] EAP/tls > [eap] processing type tls > [tls] Authenticate > [tls] processing EAP-TLS > TLS Length 6476 > [tls] Received EAP-TLS First Fragment of the message > [tls] eaptls_verify returned 9 > [tls] eaptls_process returned 13 > ++[eap] returns handled > Sending Access-Challenge of id 8 to 10.128.0.100 port 37626 > EAP-Message =3D 0x010900060d00 > Message-Authenticator =3D 0x00000000000000000000000000000000 > State =3D 0x513c3c875935316c3a43028be40032ff > Finished request 8. > Going to the next request > Waking up in 1.8 seconds. > rad_recv: Access-Request packet from host 10.128.0.100 port 37626, id=3D9= , length=3D1184 > User-Name =3D "MaintenanceControlDisplay" > NAS-IP-Address =3D 127.0.0.1 > Calling-Station-Id =3D "02-00-00-00-00-01" > Framed-MTU =3D 1400 > NAS-Port-Type =3D Wireless-802.11 > Connect-Info =3D "CONNECT 11Mbps 802.11b" > EAP-Message =3D 0x020904060d40f35e9f31776548e380f13528708a648379f= dce4901097a09426161485c1979bfcf3dfdc298 = 064f55d31f3db6d49ff38efb1e4ab36ce653696f6= 63393f4a1a3370b8b63907c7888e2e7c7ba959804a22e18401bbf150bf8ee1e26a848 = df7e61cb98f= cf9dc67e5dd9d7dfbc9acf5451e7adbd50d14593439b45a9d79372b40c91b6d0f11dcad36a8= f6fe0250ba5bbd3d277a2d17 = 8d2af8be7503bd65921740988796656199be2677eb8d1c1b2c3cfa84= 0e4cd76884055803770006ca308206c6308204aea0030201020210 = 56886f61a89e888c4face278a0= aabf44300d06092a864886f70d0101050500305931133011060a0992268993f2 > EAP-Message =3D 0x2c6401191603636f6d31163014060a0992268993f22c640= 1191606626f65696e6731133011060a09922689 = 93f22c6401191603666c793115301306035504031= 30c45534444526f6f7434303936301e170d3037313231373233333632385a170d3237 = 31323137323= 3343335395a305931133011060a0992268993f22c6401191603636f6d31163014060a099226= 8993f22c6401191606626f65 = 696e6731133011060a0992268993f22c6401191603666c7931153013= 0603550403130c45534444526f6f743430393630820222300d0609 = 2a864886f70d01010105000382= 020f003082020a0282020100a893f9fa5409d68e7a33cfcd03bc0578efac4177 > EAP-Message =3D 0x0a34a84b1d78ba3b554ef6a3b40722737a757b7db9e9e9f= 24fbb3d065e30a8ff8834e8e0c1b864c8d36510 = 289b131150730708492a06254d96761937a485841= 420ea2a80c539e68e8adac2a5242c0281659c60169a50b6a926be06544eee5901f907 = 3377613af43= 616575be42d8a2fa8184a5bb0740fc13203bbc397b154725415586ae6554dce245015f13b42= c85358f46aff90ade72f8647 = 89cb9739f179efbaabb0be436bbaeeb6bc8ba42e35497e4f02c0fd47= 515a6d354553e23ff3c9b4654094f7a109e81f95a131b619b94fde = aba656439b470f3f2e4c4679ce= 6b3b19d3cdc132dda580ef80f98af9ddfdcb50d59a335f8bd4de4a3ce7f493fc > EAP-Message =3D 0x4a942659b3b35c0f67b7d2e7b21609e9ea84ca7b5bb9f8d= b4904e7353c8f32a8f04091df845c69df06312e = ac02e25621f08615ccb20cab61b9703c9150a3a5c= 13cec3f590a8258950ac680d5c578aa6ccb5f27effdabdeb10d7ff6dc49b4441f6e29 = b88283a446c= a910e90c9e6572f595c3476eaf515efe2793ac6d7b7a4891f4c655926fb4e2a76d90d8a8ab6= b062aabf7aab2bc6354b1ba8 = 161d71ea4b54ab72547e20129f1e7947333165e07900b1b50fb9b482= 786124dedbe293e98b9386bf666129eaf95088b9f7ecd25158dc52 = fd74ad9397665c795e18dbb695= 21343c7c7cf0c9c79720006e6707bc5fa3cf0203010001a38201883082018430 > EAP-Message =3D 0x1306092b060104018237140204061e040043 > State =3D 0x513c3c875935316c3a43028be40032ff > Message-Authenticator =3D 0xd56f46711110d24c271fb50b6ef77742 > # Executing section authorize from file /usr/local/etc/raddb/sites-enable= d/default > +- entering group authorize {...} > [preprocess] expand: %{User-Name} -> MaintenanceControlDisplay > [preprocess] hints: Matched DEFAULT at 78 > [preprocess] expand: %{Calling-Station-Id}@%{Cisco-AVPair[0]} -> 02-00= -00-00-00-01@ > ++[preprocess] returns ok > ++[chap] returns noop > ++[mschap] returns noop > ++[digest] returns noop > [suffix] No '@' in User-Name =3D "MaintenanceControlDisplay", looking up = realm NULL > [suffix] No such realm "NULL" > ++[suffix] returns noop > [eap] EAP packet type response id 9 length 253 > [eap] No EAP Start, assuming it's an on-going EAP conversation > ++[eap] returns updated > ++[files] returns noop > ++[expiration] returns noop > ++[logintime] returns noop > ++[pap] returns noop > Found Auth-Type =3D EAP > # Executing group from file /usr/local/etc/raddb/sites-enabled/default > +- entering group authenticate {...} > [eap] Request found, released from the list > [eap] EAP/tls > [eap] processing type tls > [tls] Authenticate > [tls] processing EAP-TLS > [tls] More fragments to follow > [tls] eaptls_verify returned 10 > [tls] eaptls_process returned 13 > ++[eap] returns handled > Sending Access-Challenge of id 9 to 10.128.0.100 port 37626 > EAP-Message =3D 0x010a00060d00 > Message-Authenticator =3D 0x00000000000000000000000000000000 > State =3D 0x513c3c875836316c3a43028be40032ff > Finished request 9. > Going to the next request > Waking up in 1.8 seconds. > rad_recv: Access-Request packet from host 10.128.0.100 port 37626, id=3D1= 0, length=3D1184 > User-Name =3D "MaintenanceControlDisplay" > NAS-IP-Address =3D 127.0.0.1 > Calling-Station-Id =3D "02-00-00-00-00-01" > Framed-MTU =3D 1400 > NAS-Port-Type =3D Wireless-802.11 > Connect-Info =3D "CONNECT 11Mbps 802.11b" > EAP-Message =3D 0x020a04060d400041300b0603551d0f040403020186300f0= 603551d130101ff040530030101ff301d060355 = 1d0e041604141e4e1c8a14ef89a83391ee997b1ca= bed3f47eaa63082011c0603551d1f048201133082010f3082010ba0820107a0820103 = 8681bf6c646= 1703a2f2f2f434e3d45534444526f6f74343039362c434e3d706b692d746573742d3738376d= 2c434e3d4344502c434e3d50 = 75626c69632532304b657925323053657276696365732c434e3d5365= 7276696365732c434e3d436f6e66696775726174696f6e2c44433d = 666c792c44433d626f65696e67= 2c44433d636f6d3f63657274696669636174655265766f636174696f6e4c6973 > EAP-Message =3D 0x743f626173653f6f626a656374436c6173733d63524c446= 973747269627574696f6e506f696e74863f6874 = 74703a2f2f706b692d746573742d3738376d2e666= c792e626f65696e672e636f6d2f43657274456e726f6c6c2f45534444526f6f743430 = 39362e63726= c301006092b06010401823715010403020100300d06092a864886f70d010105050003820201= 0089d0fd7533e496888b2ac6 = b9cedabf4da5fa5c734b99eca89061b28b303050d210ea6b591dfee0= c4efc644244a55b135a226d9597c71f777a1bee950cdc582f70f1a = fd54ad92a7f9d13b697c2e7777= 7bfe33c5b486af6b822e97d9efdc82a072c3935760378f9faa5be09ac1026c0b > EAP-Message =3D 0xf10b3f88bd8b6fb1366829a61ba8496a5f204ba82f88fcc= 05f8275de0addc8287bb6c9e8c931a223475d7b = 29c414992ab24512048a99033f4a82fd82b68ae58= 129e7d3c7a4e60e26a8b5591098b9a9cde9fe2a3d17964e686d8fccbb897fda38447d = dd014fed04c= 06e4de165ffb3afe93e17a0bd63973b0a261e1eaf839060b716cdb7891fe872a2a45181c888= 4227c94d290a3620ddbfe38a = 9e2da706250c49ec0413ad0cfb4440b1cf70fbad7668685ccd414667= 7001b560850e8eba09cc6280711eb067230a81d461bcde5ceb4c33 = 956460a20303d68d0219f5cc3b= ef1d14c94f632a940006cf1b90da3e8e37de8440d2079c6a5f4cde66fa9d045d > EAP-Message =3D 0x6fcdc04250079b7e1387e0320f40e08d40f013f0d26b22d= 826a229b1460b64cc447a34d86687a297b5fe04 = 865b0fb328cd18d8abfa1ea4b1c58ae57f3115670= 69d521fb42e9918aa3cbf6ca91db5eeae294156426a4249cfd6d3750506a3bb8f98b9 = e5d839b7fd9= 39293fb96483aaa2ff99110fff680e1117cd11c183cfdeb0aa91b26e89043e33d2ef03588b5= 687b47727e36220006763082 = 06723082045aa003020102020a611b280600000000000c300d06092a= 864886f70d0101050500305931133011060a0992268993f22c6401 = 191603636f6d31163014060a09= 92268993f22c6401191606626f65696e6731133011060a0992268993f22c6401 > EAP-Message =3D 0x191603666c79311530130603550403130c45 > State =3D 0x513c3c875836316c3a43028be40032ff > Message-Authenticator =3D 0x84fe071ee7e336ed9305a724469d8da0 > # Executing section authorize from file /usr/local/etc/raddb/sites-enable= d/default > +- entering group authorize {...} > [preprocess] expand: %{User-Name} -> MaintenanceControlDisplay > [preprocess] hints: Matched DEFAULT at 78 > [preprocess] expand: %{Calling-Station-Id}@%{Cisco-AVPair[0]} -> 02-00= -00-00-00-01@ > ++[preprocess] returns ok > ++[chap] returns noop > ++[mschap] returns noop > ++[digest] returns noop > [suffix] No '@' in User-Name =3D "MaintenanceControlDisplay", looking up = realm NULL > [suffix] No such realm "NULL" > ++[suffix] returns noop > [eap] EAP packet type response id 10 length 253 > [eap] No EAP Start, assuming it's an on-going EAP conversation > ++[eap] returns updated > ++[files] returns noop > ++[expiration] returns noop > ++[logintime] returns noop > ++[pap] returns noop > Found Auth-Type =3D EAP > # Executing group from file /usr/local/etc/raddb/sites-enabled/default > +- entering group authenticate {...} > [eap] Request found, released from the list > [eap] EAP/tls > [eap] processing type tls > [tls] Authenticate > [tls] processing EAP-TLS > [tls] More fragments to follow > [tls] eaptls_verify returned 10 > [tls] eaptls_process returned 13 > ++[eap] returns handled > Sending Access-Challenge of id 10 to 10.128.0.100 port 37626 > EAP-Message =3D 0x010b00060d00 > Message-Authenticator =3D 0x00000000000000000000000000000000 > State =3D 0x513c3c875b37316c3a43028be40032ff > Finished request 10. > Going to the next request > Waking up in 1.8 seconds. > rad_recv: Access-Request packet from host 10.128.0.100 port 37626, id=3D1= 1, length=3D1184 > User-Name =3D "MaintenanceControlDisplay" > NAS-IP-Address =3D 127.0.0.1 > Calling-Station-Id =3D "02-00-00-00-00-01" > Framed-MTU =3D 1400 > NAS-Port-Type =3D Wireless-802.11 > Connect-Info =3D "CONNECT 11Mbps 802.11b" > EAP-Message =3D 0x020b04060d40534444526f6f7434303936301e170d30393= 03131393036333331365a170d31343031313830 = 36333331365a305a31133011060a0992268993f22= c6401191603636f6d31163014060a0992268993f22c6401191606626f65696e673113 = 3011060a099= 2268993f22c6401191603666c79311630140603550403130d45534444496e74657234303936= 30820222300d06092a864886 = f70d01010105000382020f003082020a02820201009f550e60c39844= 2453191759d44c49d10f2a9e1a27f47675f419fe64086a65ff77d0 = 75fbbbb7239ca1fd75d1dc0edc= 36c967a6ea0bd640e7cea54d41b0cb877f320f987db51ef21dbad0e6b248c8bc > EAP-Message =3D 0x4473b4a39f180bc2b8427c69bfecc87f56d43bceacb6b6f= ed627d3d06b2c391f698a19dcc918b1a01850ed = b9a3f1c949732ec57efb446b43e596e64a768bab4= 7d95f225af8d8c5ae7de5f79fddcaf339bc7d98ac0d09d0c82360ab3ab9208403293f = 45606176d51= 8eb96ecd05d09ddce6b4740583074d5f6b4315fd1a1599941102a313f6ca1689620d6bc8101= 088ac513e2d20b333d60617a = e64f68af26146da6b94180f0ee7031bd05d03d03abc66ca3b6a28321= b0e409107c1b867cf999bb1aaca9d29d85295c57b27c29cab526a8 = da538e6a449f253a44ad71e2d3= ac3769fe8c6ce37e1298ff4f96d91f9ccd37d21a763b9e508d11a964dfbe19c6 > EAP-Message =3D 0xf4a51d2562ef397940ed309f29427f85ade6fc8015e5609= 0fa480ba5b8225807f6d9804f0812390cea201d = a3a955473b5f19dfd3223b1341e9e36b72b28c82c= 75b6c5da597518f2f7b6c9fe052f98590c8c3225ea11c1b2805077251f5ac84fef400 = f43ad994033= 8c1b66b158dcf3b31649ce753edbd8b38bda0d5038781dc638111474a99a932a144c6b3ac15= 3f1d3d0d61117cd2cb590d42 = 4b39e8b3164ef536f1c2860dc7e8889e3ae9412bc0422e5b7923c502= 03010001a382013930820135300f0603551d130101ff0405300301 = 01ff301d0603551d0e04160414= 43b1f625d530e7f847f0bfcb526b9b4fe1fe72b9300b0603551d0f0404030201 > EAP-Message =3D 0x86301006092b06010401823715010403020101302306092= b060104018237150204160414d31f074108cfac = 5cc47ed111d3a2712f219c9012301906092b06010= 40182371402040c1e0a00530075006200430041301f0603551d230418301680141e4e = 1c8a14ef89a= 83391ee997b1cabed3f47eaa6303b0603551d1f043430323030a02ea02c862a687474703a2f= 2f63726c2e626f65696e672e = 636f6d2f63726c2f45534444526f6f74343039362e63726c30460608= 2b06010505070101043a3038303606082b06010505073002862a68 = 7474703a2f2f63726c2e626f65= 696e672e636f6d2f63726c2f45534444526f6f74343039362e637274300d0609 > EAP-Message =3D 0x2a864886f70d01010505000382020100976a > State =3D 0x513c3c875b37316c3a43028be40032ff > Message-Authenticator =3D 0x0ad1596cf779061d296f593b2dfd3c51 > # Executing section authorize from file /usr/local/etc/raddb/sites-enable= d/default > +- entering group authorize {...} > [preprocess] expand: %{User-Name} -> MaintenanceControlDisplay > [preprocess] hints: Matched DEFAULT at 78 > [preprocess] expand: %{Calling-Station-Id}@%{Cisco-AVPair[0]} -> 02-00= -00-00-00-01@ > ++[preprocess] returns ok > ++[chap] returns noop > ++[mschap] returns noop > ++[digest] returns noop > [suffix] No '@' in User-Name =3D "MaintenanceControlDisplay", looking up = realm NULL > [suffix] No such realm "NULL" > ++[suffix] returns noop > [eap] EAP packet type response id 11 length 253 > [eap] No EAP Start, assuming it's an on-going EAP conversation > ++[eap] returns updated > ++[files] returns noop > ++[expiration] returns noop > ++[logintime] returns noop > ++[pap] returns noop > Found Auth-Type =3D EAP > # Executing group from file /usr/local/etc/raddb/sites-enabled/default > +- entering group authenticate {...} > [eap] Request found, released from the list > [eap] EAP/tls > [eap] processing type tls > [tls] Authenticate > [tls] processing EAP-TLS > [tls] More fragments to follow > [tls] eaptls_verify returned 10 > [tls] eaptls_process returned 13 > ++[eap] returns handled > Sending Access-Challenge of id 11 to 10.128.0.100 port 37626 > EAP-Message =3D 0x010c00060d00 > Message-Authenticator =3D 0x00000000000000000000000000000000 > State =3D 0x513c3c875a30316c3a43028be40032ff > Finished request 11. > Going to the next request > Waking up in 1.8 seconds. > rad_recv: Access-Request packet from host 10.128.0.100 port 37626, id=3D1= 2, length=3D1184 > User-Name =3D "MaintenanceControlDisplay" > NAS-IP-Address =3D 127.0.0.1 > Calling-Station-Id =3D "02-00-00-00-00-01" > Framed-MTU =3D 1400 > NAS-Port-Type =3D Wireless-802.11 > Connect-Info =3D "CONNECT 11Mbps 802.11b" > EAP-Message =3D 0x020c04060d4048f45eed37c731261476bba7a6b705e7d16= 9a8fbad7b380e5f75f32761bb56e803864ee663 = cac722b7c1a9ea1d6b2a0c06f952c91e4b7b2d997= 24f0330cd81d4800cf17842bceeaed7285a45f90879667e3a18f70b3464a3d0d6d514 = 173a98b9678= e998b8d9a494cfe9243e300c2832a35df610158cd396b1f280db73d94c58709c200b1d702ae= e8c2a8ebb7b07ff2acbc547b = dc9889122128abeaeb1f575026452952e0e9c51292bd2ef1eff30468= f418406c0860cd36806e73fc3e13fb5f3cccc7cd8fb934c2f06f94 = e83a8be6d9985b53b884c82361= 35e88e63ba8dd36b4708cff97de8f14e4a035a02e9aef78670e90101f725f08e > EAP-Message =3D 0x02ea7beaf85acf6e722216671b00749643ef995a71e0e0f= 21dd9f5282ddba71c014fea56097bdf2c60cdc6 = 056d3cea13ba4aae1782860adaebd34a896186d58= 40355a6e80e91b21bfa283bed2bbb4c67b198e212875081fd305ec7d6d74af01bf678 = 0355aea3a1e= e8cd3e506224829321aade7c25d915394eb31db8310834e1724d5ca7dfccfff1d18935ddb26= 4b199bda870f3954c4243e82 = b167acdd96fb2091a99de16a1710007885b0f9e045d7bc8ab34af004= 1db6e8009a20d0ba835517ea46b6e95b6a47b993c8ba1ad606a030 = f40102b8c02b226bce7e64d4a2= a705a08fe4c4cb51519be63c4455c0a6e8871658c1f20195a7d7efeecd530454 > EAP-Message =3D 0x602d8d6ac6cb81540d1800057a308205763082035ea0030= 20102020a61395bb700010000000a300d06092a = 864886f70d0101050500305a31133011060a09922= 68993f22c6401191603636f6d31163014060a0992268993f22c6401191606626f6569 = 6e673113301= 1060a0992268993f22c6401191603666c79311630140603550403130d45534444496e746572= 34303936301e170d30393031 = 31393037303632315a170d3134303131383036333331365a305b3113= 3011060a0992268993f22c6401191603636f6d31163014060a0992 = 268993f22c6401191606626f65= 696e6731133011060a0992268993f22c6401191603666c793117301506035504 > EAP-Message =3D 0x03130e455344444973737565723230343830820122300d0= 6092a864886f70d01010105000382010f003082 = 010a02820101009ede837e52ce12f2f315c72da8a= dbaf7828db60d09392a3cf133c5f11a497d7bd90f1e1eddcdb23058de50acad29c809 = b5036f4ce1b= 0307609a68c92c47bb3a089b236e8e05e3275170369ab25371f4bc684324ac54ad223a046a4= eb84964daaf1c2244edec54b = 03ef4137634d55afc4e118031d822efd491b7cf9d6530362297ccff6= 616dfe1f0ebaebaf4f84ff9edce03a9189f34ca257ce621e20aeaf = 539e5f91fcae83e89219e587fd= e80e5c86666d5fd5fdc364f47ab4bda8b62f6233a18e1ddcf109c90234bec8de > EAP-Message =3D 0xf2d14c026d557b14cd764a677f91c3e5a096 > State =3D 0x513c3c875a30316c3a43028be40032ff > Message-Authenticator =3D 0x83805531ac628b23e32fce49a71392bd > # Executing section authorize from file /usr/local/etc/raddb/sites-enable= d/default > +- entering group authorize {...} > [preprocess] expand: %{User-Name} -> MaintenanceControlDisplay > [preprocess] hints: Matched DEFAULT at 78 > [preprocess] expand: %{Calling-Station-Id}@%{Cisco-AVPair[0]} -> 02-00= -00-00-00-01@ > ++[preprocess] returns ok > ++[chap] returns noop > ++[mschap] returns noop > ++[digest] returns noop > [suffix] No '@' in User-Name =3D "MaintenanceControlDisplay", looking up = realm NULL > [suffix] No such realm "NULL" > ++[suffix] returns noop > [eap] EAP packet type response id 12 length 253 > [eap] No EAP Start, assuming it's an on-going EAP conversation > ++[eap] returns updated > ++[files] returns noop > ++[expiration] returns noop > ++[logintime] returns noop > ++[pap] returns noop > Found Auth-Type =3D EAP > # Executing group from file /usr/local/etc/raddb/sites-enabled/default > +- entering group authenticate {...} > [eap] Request found, released from the list > [eap] EAP/tls > [eap] processing type tls > [tls] Authenticate > [tls] processing EAP-TLS > [tls] More fragments to follow > [tls] eaptls_verify returned 10 > [tls] eaptls_process returned 13 > ++[eap] returns handled > Sending Access-Challenge of id 12 to 10.128.0.100 port 37626 > EAP-Message =3D 0x010d00060d00 > Message-Authenticator =3D 0x00000000000000000000000000000000 > State =3D 0x513c3c875d31316c3a43028be40032ff > Finished request 12. > Going to the next request > Waking up in 1.8 seconds. > rad_recv: Access-Request packet from host 10.128.0.100 port 37626, id=3D1= 3, length=3D1184 > User-Name =3D "MaintenanceControlDisplay" > NAS-IP-Address =3D 127.0.0.1 > Calling-Station-Id =3D "02-00-00-00-00-01" > Framed-MTU =3D 1400 > NAS-Port-Type =3D Wireless-802.11 > Connect-Info =3D "CONNECT 11Mbps 802.11b" > EAP-Message =3D 0x020d04060d40bc0f216a6aa60365dad3b4bbe2616ef038a= 6d2610bf15597e4fb288472028530c054f10203 = 010001a382013b30820137300f0603551d130101f= f040530030101ff301d0603551d0e041604147b3f3d89d72bac972c086ada7233f64a = 074ea0a1300= b0603551d0f040403020186301006092b06010401823715010403020101302306092b060104= 018237150204160414249ba6 = c4888fd87d96ab95594e6637dd6e25632f301906092b060104018237= 1402040c1e0a00530075006200430041301f0603551d2304183016 = 801443b1f625d530e7f847f0bf= cb526b9b4fe1fe72b9303c0603551d1f043530333031a02fa02d862b68747470 > EAP-Message =3D 0x3a2f2f63726c2e626f65696e672e636f6d2f63726c2f455= 34444496e746572343039362e63726c30470608 = 2b06010505070101043b3039303706082b0601050= 5073002862b687474703a2f2f63726c2e626f65696e672e636f6d2f63726c2f455344 = 44496e74657= 2343039362e637274300d06092a864886f70d010105050003820201006bd3c23ef41bc64c33= 83a89e90f53061c5b5f03e20 = 40ebc07377fedd37e6ea3f8ce247d0459c1889138a0c63c9b5b5b305= e8696de327c1658330193d784233a5343e00e03ccce0e77960a69b = 0f9a547a193d6a6502ec30fe65= c6365aab74304517f7fea0ce3a07896d13492d59f11ff187aae8d743897f92ef > EAP-Message =3D 0xa32b18a86a8c02d4e909e17e97417d5c676d546785540eb= df853366842f38e66b0d9a00bc6cf2a25777f0d = ef04b8971ebce5b776400e121455288ae22c65c6d= 23fbcd243a9be7182f6969f0d6061dc4f786eb6eb2fbfd89c807c990eb67a595fb271 = 7599cc0262d= fe8483f7e4f010c8bf6e8c9e02de0a3ccb594e8a1ee52cfd051e13642a34f0325c6c767548c= 6102d4e4311a37b08d44164a = fff6a0a67af3f971ad402ee75a8835d5fa76731958078d4b3f483f41= 2fbb36b888e5416ec598487402187b049bd80f79fa8d53f6476999 = c2cf3b82646d2777fd7c6c0ce3= 1b3c330693d78b8960d784840ff10e784e078023b73ad81e0fd6fdc7bf66bf09 > EAP-Message =3D 0xcf8118d3852613bd4cf23f384191bdd292050490c3bfde9= 3230dba380f1391aaf299bd7c4288e0758c9132 = df0250d269f10da91b51fb1cd3238828cfc140f80= 1ba777248759e0fdb13e10e08560616d5d7dd7b4cd5a091b28ffba665665648e98da4 = 4682f17430a= da59a3a4b889250ae64a1d4f112a3a83fab8bcaf308087ff97a820a6844c8e64ac929160301= 0086100000820080d5c6f2b2 = 117a6cbad67d242f4a69802a07cc8aaf5ff59ebf219cf8af7a387d78= 03fb034db0e6070054f312a26293f461b6de33fa34b7b09a42aea8 = c3394d9c7f44c7148e62b6f611= dafa44040cb3378f6744dcf4ad54099d59580e2e445697c4ec2348b4552af63e > EAP-Message =3D 0x247063c1bccceed74889ea590e0da58ce6be > State =3D 0x513c3c875d31316c3a43028be40032ff > Message-Authenticator =3D 0xbb1d0ad92f5fd564954baa008cd36db0 > # Executing section authorize from file /usr/local/etc/raddb/sites-enable= d/default > +- entering group authorize {...} > [preprocess] expand: %{User-Name} -> MaintenanceControlDisplay > [preprocess] hints: Matched DEFAULT at 78 > [preprocess] expand: %{Calling-Station-Id}@%{Cisco-AVPair[0]} -> 02-00= -00-00-00-01@ > ++[preprocess] returns ok > ++[chap] returns noop > ++[mschap] returns noop > ++[digest] returns noop > [suffix] No '@' in User-Name =3D "MaintenanceControlDisplay", looking up = realm NULL > [suffix] No such realm "NULL" > ++[suffix] returns noop > [eap] EAP packet type response id 13 length 253 > [eap] No EAP Start, assuming it's an on-going EAP conversation > ++[eap] returns updated > ++[files] returns noop > ++[expiration] returns noop > ++[logintime] returns noop > ++[pap] returns noop > Found Auth-Type =3D EAP > # Executing group from file /usr/local/etc/raddb/sites-enabled/default > +- entering group authenticate {...} > [eap] Request found, released from the list > [eap] EAP/tls > [eap] processing type tls > [tls] Authenticate > [tls] processing EAP-TLS > [tls] More fragments to follow > [tls] eaptls_verify returned 10 > [tls] eaptls_process returned 13 > ++[eap] returns handled > Sending Access-Challenge of id 13 to 10.128.0.100 port 37626 > EAP-Message =3D 0x010e00060d00 > Message-Authenticator =3D 0x00000000000000000000000000000000 > State =3D 0x513c3c875c32316c3a43028be40032ff > Finished request 13. > Going to the next request > Waking up in 1.8 seconds. > rad_recv: Access-Request packet from host 10.128.0.100 port 37626, id=3D1= 4, length=3D486 > User-Name =3D "MaintenanceControlDisplay" > NAS-IP-Address =3D 127.0.0.1 > Calling-Station-Id =3D "02-00-00-00-00-01" > Framed-MTU =3D 1400 > NAS-Port-Type =3D Wireless-802.11 > Connect-Info =3D "CONNECT 11Mbps 802.11b" > EAP-Message =3D 0x020e01520d00a235d3b7f87016030101060f00010201009= c5bae8f60c3882d11a8226db135282ea8065fa1 = 2587cd72b4beaa29ae85a390117cd3b2cb47dfd94= 438f6601cc5fd5b2a3ce4805ad3f88bd71df9ff5b2dff640402660699ddd03a645121 = 14167e1386a= 1968e46d91749f78cdbd5aace7b1a52a2df2d90c93b76ca567b41734a9ae1f3537cc938ab05= e11bc100e9c265a72bc8345f = bfdd42242a3a376248f1d641f2ef2e294d4290ff8a216c17a90f43c2= a04ec4f29de41bdda9dc8b3d0ac398fcf5c0bb3f2e9fe752aba87c = 9c09250c91d2bb39f413765b62= 0c3dea46fc330bcc347488fc0dc23e8f4c63008cdd1ebdbc907fe13f4c5619ab > EAP-Message =3D 0x6f49b68bd20f7c60ffb52b1f96a61c26aa6415e09dede4d= 5212c1403010001011603010030e0db5794014c = 3d3d69d2bdfd98a304ad9779de997f577a7cd878e= d46952ce28eb9918b0e21865ef74572c8e7cf16790d > State =3D 0x513c3c875c32316c3a43028be40032ff > Message-Authenticator =3D 0x9c9cc0760618df10c4d942cd95e95c9c > # Executing section authorize from file /usr/local/etc/raddb/sites-enable= d/default > +- entering group authorize {...} > [preprocess] expand: %{User-Name} -> MaintenanceControlDisplay > [preprocess] hints: Matched DEFAULT at 78 > [preprocess] expand: %{Calling-Station-Id}@%{Cisco-AVPair[0]} -> 02-00= -00-00-00-01@ > ++[preprocess] returns ok > ++[chap] returns noop > ++[mschap] returns noop > ++[digest] returns noop > [suffix] No '@' in User-Name =3D "MaintenanceControlDisplay", looking up = realm NULL > [suffix] No such realm "NULL" > ++[suffix] returns noop > [eap] EAP packet type response id 14 length 253 > [eap] No EAP Start, assuming it's an on-going EAP conversation > ++[eap] returns updated > ++[files] returns noop > ++[expiration] returns noop > ++[logintime] returns noop > ++[pap] returns noop > Found Auth-Type =3D EAP > # Executing group from file /usr/local/etc/raddb/sites-enabled/default > +- entering group authenticate {...} > [eap] Request found, released from the list > [eap] EAP/tls > [eap] processing type tls > [tls] Authenticate > [tls] processing EAP-TLS > [tls] eaptls_verify returned 7 > [tls] Done initial handshake > [tls] <<< TLS 1.0 Handshake [length 1776], Certificate > [tls] chain-depth=3D3, > [tls] error=3D0 > [tls] --> User-Name =3D MaintenanceControlDisplay > [tls] --> BUF-Name =3D ESDDRoot4096 > [tls] --> subject =3D /DC=3Dcom/DC=3Dboeing/DC=3Dfly/CN=3DESDDRoot4096 > [tls] --> issuer =3D /DC=3Dcom/DC=3Dboeing/DC=3Dfly/CN=3DESDDRoot4096 > [tls] --> verify return:1 > [tls] chain-depth=3D2, > [tls] error=3D0 > [tls] --> User-Name =3D MaintenanceControlDisplay > [tls] --> BUF-Name =3D ESDDInter4096 > [tls] --> subject =3D /DC=3Dcom/DC=3Dboeing/DC=3Dfly/CN=3DESDDInter4096 > [tls] --> issuer =3D /DC=3Dcom/DC=3Dboeing/DC=3Dfly/CN=3DESDDRoot4096 > [tls] --> verify return:1 > [tls] chain-depth=3D1, > [tls] error=3D0 > [tls] --> User-Name =3D MaintenanceControlDisplay > [tls] --> BUF-Name =3D ESDDIssuer2048 > [tls] --> subject =3D /DC=3Dcom/DC=3Dboeing/DC=3Dfly/CN=3DESDDIssuer2048 > [tls] --> issuer =3D /DC=3Dcom/DC=3Dboeing/DC=3Dfly/CN=3DESDDInter4096 > [tls] --> verify return:1 > [tls] chain-depth=3D0, > [tls] error=3D0 > [tls] --> User-Name =3D MaintenanceControlDisplay > [tls] --> BUF-Name =3D MaintenanceControlDisplay > [tls] --> subject =3D /x500UniqueIdentifier=3DA4036525/description=3DCrew= WirelessDevice/C=3DUS/O=3D\x00B\x00O\x00E\x00_\ = x00I\x00T\x00L\x00 \x00A\x00i\x00= r\x00l\x00i\x00n\x00e\x00s\x00 \x00C\x00o\x00.\x00 \x00L\x00t\x00d\x00./OU= =3DFo = r Test Purposes Only/CN=3DMaintenanceControlDisplay > [tls] --> issuer =3D /DC=3Dcom/DC=3Dboeing/DC=3Dfly/CN=3DESDDIssuer2048 > [tls] --> verify return:1 > [tls] TLS_accept: SSLv3 read client certificate A > [tls] <<< TLS 1.0 Handshake [length 0086], ClientKeyExchange > [tls] TLS_accept: SSLv3 read client key exchange A > [tls] <<< TLS 1.0 Handshake [length 0106], CertificateVerify > [tls] TLS_accept: SSLv3 read certificate verify A > [tls] <<< TLS 1.0 ChangeCipherSpec [length 0001] > [tls] <<< TLS 1.0 Handshake [length 0010], Finished > [tls] TLS_accept: SSLv3 read finished A > [tls] >>> TLS 1.0 ChangeCipherSpec [length 0001] > [tls] TLS_accept: SSLv3 write change cipher spec A > [tls] >>> TLS 1.0 Handshake [length 0010], Finished > [tls] TLS_accept: SSLv3 write finished A > [tls] TLS_accept: SSLv3 flush data > [tls] (other): SSL negotiation finished successfully > SSL Connection Established > [tls] eaptls_process returned 13 > ++[eap] returns handled > Sending Access-Challenge of id 14 to 10.128.0.100 port 37626 > EAP-Message =3D 0x010f00450d800000003b14030100010116030100302e732= 4c43c27ba2ca05affb5044cdc80b6fde1835f0a = fcacabb0f0eeb818e2397f158ad69090966662002= a492e085e48 > Message-Authenticator =3D 0x00000000000000000000000000000000 > State =3D 0x513c3c875f33316c3a43028be40032ff > Finished request 14. > Going to the next request > Waking up in 1.8 seconds. > rad_recv: Access-Request packet from host 10.128.0.100 port 37626, id=3D1= 5, length=3D152 > User-Name =3D "MaintenanceControlDisplay" > NAS-IP-Address =3D 127.0.0.1 > Calling-Station-Id =3D "02-00-00-00-00-01" > Framed-MTU =3D 1400 > NAS-Port-Type =3D Wireless-802.11 > Connect-Info =3D "CONNECT 11Mbps 802.11b" > EAP-Message =3D 0x020f00060d00 > State =3D 0x513c3c875f33316c3a43028be40032ff > Message-Authenticator =3D 0x434f2ff4845a3da8223675d555c7299c > # Executing section authorize from file /usr/local/etc/raddb/sites-enable= d/default > +- entering group authorize {...} > [preprocess] expand: %{User-Name} -> MaintenanceControlDisplay > [preprocess] hints: Matched DEFAULT at 78 > [preprocess] expand: %{Calling-Station-Id}@%{Cisco-AVPair[0]} -> 02-00= -00-00-00-01@ > ++[preprocess] returns ok > ++[chap] returns noop > ++[mschap] returns noop > ++[digest] returns noop > [suffix] No '@' in User-Name =3D "MaintenanceControlDisplay", looking up = realm NULL > [suffix] No such realm "NULL" > ++[suffix] returns noop > [eap] EAP packet type response id 15 length 6 > [eap] No EAP Start, assuming it's an on-going EAP conversation > ++[eap] returns updated > ++[files] returns noop > ++[expiration] returns noop > ++[logintime] returns noop > ++[pap] returns noop > Found Auth-Type =3D EAP > # Executing group from file /usr/local/etc/raddb/sites-enabled/default > +- entering group authenticate {...} > [eap] Request found, released from the list > [eap] EAP/tls > [eap] processing type tls > [tls] Authenticate > [tls] processing EAP-TLS > [tls] Received TLS ACK > [tls] ACK handshake is finished > [tls] eaptls_verify returned 3 > [tls] eaptls_process returned 3 > [tls] Adding user data to cached session > > Program received signal SIGSEGV, Segmentation fault. > [Switching to Thread 28804300 (LWP 101549/radiusd)] > 0x28489873 in eaptls_gen_mppe_keys (reply_vps=3D0x28bc4230, s=3D0x288b740= 0, > prf_label=3D0x2849a8ff "client EAP encryption") at mppe_keys.c:147 > 147 PRF(s->session->master_key, s->session->master_key_length= , > (gdb) > > > > Steve Magnuson > Boeing Commercial Airplanes > > -- Ryan Steinmetz PGP: EF36 D45A 5CA9 28B1 A550 18CD A43C D111 7AD7 FAF2