When EAP-TLS FR 3.0.x GIT auth : ERROR: (11) perl: Failed to create pair &request:EAP-Message = $RAD_REQUEST{'EAP-Message' #1697

Open
dhpark21 opened this Issue Aug 29, 2016 · 5 comments

Projects

None yet

5 participants

@dhpark21
dhpark21 commented Aug 29, 2016 edited

Issue type

  • [v] Defect - Unexpected behaviour (obvious or verified by project member).
Mon Aug 29 15:19:34 2016 : Debug: (11) perl:   $RAD_REQUEST{'Connect-Info'} = &request:Connect-Info -> 'CONNECT 54Mbps 802.11g'
Mon Aug 29 15:19:34 2016 : Debug: (11) perl:   $RAD_REQUEST{'EAP-Message'} = &request:EAP-Message -> '0x020503e00d80000003d616030303660b00029400029100028e3082028a308201f3a00302010202010a300d06092a864886f70d01010b0500308193311830160603550403130f416e794c696e6b20526f6f74204341310b3009060355040613024b52310e300c0603550408130553656f756c3110300e06035504071307536f6e672d506131123010060355040a1309456e74726f4c696e6b3110300e060355040b13076e6574776f726b3122302006092a864886f70d010901161361646d696e40656e74726f6c696e6b2e636f6d301e170d3136303832343136313731315a170d3337303631353136313731315a3069310b3009060355040613024b52310e300c0603550408130553656f756c310e300c0603550407130553656f756c31123010060355040a1309656e74726f6c696e6b31143012060355040b130b5050582d416e794c696e6b3110300e060355040313076775657374303130819f300d06092a864886f70d010101050003818d0030818902818100c3b7ae7e1ab88e79b2780bf0cd48603585c176f331e020a67e9165142b2f79d970ea29d195a9a00b4e865f3c83d16e04b7e3fdb5870a28d8eacd7081edc14e0fa216c7745d9159541dc3e4d3697fb5ac522b4e74905c12b84ff07c3c7ea2ffb6edd29c883d04c6bd8a7ce2957c4d24fab840a75502704841dfd51cd09de484f50203010001a31730'
Mon Aug 29 15:19:34 2016 : Debug: (11) perl:   $RAD_REQUEST{'Message-Authenticator'} = &request:Message-Authenticator -> '0xc4cb6fac14398ede51259606f08e7f35'
Mon Aug 29 15:19:34 2016 : Debug: (11) perl:   $RAD_REQUEST{'NAS-Port-Id'} = &request:NAS-Port-Id -> 'STA port # 4'
Mon Aug 29 15:19:34 2016 : Debug: (11) perl: &request:NAS-Port-Type = $RAD_REQUEST{'NAS-Port-Type'} -> 'Wireless-802.11'
Mon Aug 29 15:19:34 2016 : Debug: (11) perl: &request:Service-Type = $RAD_REQUEST{'Service-Type'} -> 'Framed-User'
Mon Aug 29 15:19:34 2016 : Debug: (11) perl: &request:Calling-Station-Id = $RAD_REQUEST{'Calling-Station-Id'} -> '00-26-66-04-3A-FC'
Mon Aug 29 15:19:34 2016 : Debug: (11) perl: &request:Called-Station-Id = $RAD_REQUEST{'Called-Station-Id'} -> '00-1E-E5-63-6D-7D:Public@Test'
Mon Aug 29 15:19:34 2016 : Debug: (11) perl: &request:State = $RAD_REQUEST{'State'} -> '0xa6c54e26a2c043593c9842f47a383269'
Mon Aug 29 15:19:34 2016 : Debug: (11) perl: &request:Message-Authenticator = $RAD_REQUEST{'Message-Authenticator'} -> '0xc4cb6fac14398ede51259606f08e7f35'
Mon Aug 29 15:19:34 2016 : Debug: (11) perl: &request:User-Name = $RAD_REQUEST{'User-Name'} -> 'guest01'
Mon Aug 29 15:19:34 2016 : Debug: (11) perl: &request:Event-Timestamp = $RAD_REQUEST{'Event-Timestamp'} -> 'Aug 29 2016 15:19:34 UTC'
**Mon Aug 29 15:19:34 2016 : ERROR: (11) perl: Failed to create pair &request:EAP-Message = $RAD_REQUEST{'EAP-Message'}** -> '0x020503e00d80000003d616030303660b00029400029100028e3082028a308201f3a00302010202010a300d06092a864886f70d01010b0500308193311830160603550403130f416e794c696e6b20526f6f74204341310b3009060355040613024b52310e300c0603550408130553656f756c3110300e06035504071307536f6e672d506131123010060355040a1309456e74726f4c696e6b3110300e060355040b13076e6574776f726b3122302006092a864886f70d010901161361646d696e40656e74726f6c696e6b2e636f6d301e170d3136303832343136313731315a170d3337303631353136313731315a3069310b3009060355040613024b52310e300c0603550408130553656f756c310e300c0603550407130553656f756c31123010060355040a1309656e74726f6c696e6b31143012060355040b130b5050582d416e794c696e6b3110300e060355040313076775657374303130819f300d06092a864886f70d010101050003818d0030818902818100c3b7ae7e1ab88e79b2780bf0cd48603585c176f331e020a67e9165142b2f79d970ea29d195a9a00b4e865f3c83d16e04b7e3fdb5870a28d8eacd7081edc14e0fa216c7745d9159541dc3e4d3697fb5ac522b4e74905c12b84ff07c3c7ea2ffb6edd29c883d04c6bd8a7ce2957c4d24fab840a75502704841dfd51cd09de484f50203010001a31730'
Mon Aug 29 15:19:34 2016 : Debug: (11) perl: &request:Connect-Info = $RAD_REQUEST{'Connect-Info'} -> 'CONNECT 54Mbps 802.11g'
Mon Aug 29 15:19:34 2016 : Debug: (11) perl: &request:NAS-IP-Address = $RAD_REQUEST{'NAS-IP-Address'} -> '192.168.255.103'
Mon Aug 29 15:19:34 2016 : Debug: (11) perl: &request:NAS-Port = $RAD_REQUEST{'NAS-Port'} -> '4'
Mon Aug 29 15:19:34 2016 : Debug: (11) perl: &request:NAS-Port-Id = $RAD_REQUEST{'NAS-Port-Id'} -> 'STA port # 4'
Mon Aug 29 15:19:34 2016 : Debug: (11) perl: &request:Framed-MTU = $RAD_REQUEST{'Framed-MTU'} -> '1488'
Mon Aug 29 15:19:34 2016 : Debug: (11)     modsingle[authorize]: returned from perl (rlm_perl) for request 11
Mon Aug 29 15:19:34 2016 : Debug: (11)     [perl] = ok
Mon Aug 29 15:19:34 2016 : Debug: (11)     modsingle[authorize]: calling auth_log (rlm_detail) for Acess-equest 

Access-Reject.. :(

@arr2036
Member
arr2036 commented Aug 29, 2016

Weird, can't see any reason that would fail. Can you build with v3.0.x HEAD and let me know what happens.

@dhpark21
dhpark21 commented Aug 30, 2016 edited

test.txt

atached full log my EAP-TLS test
if i change

if (!SvOK(sv)) {  -> if (SvOK(sv)) {  // remove !

work EAP-TLS work fine
Check it
Thanks.

@qnet-herwin
Contributor

But does the perl module still work with that line changed? I assume you're talking about https://github.com/FreeRADIUS/freeradius-server/blob/323292ab5113b55a887514b47b333ce2f2fa31a8/src/modules/rlm_perl/rlm_perl.c#L705, which would mean changing this line would result in every VP here being rejected. (The function SvOK checks if the value is a Perl undef).

@lytboris
lytboris commented Nov 8, 2016 edited

I seems @alandekok have pushed more debug messages recently. Try to rebuild from git and check for error messages again.

@alandekok
Member

Is this still an issue?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment