(RADIATOR) Can't get PEAP to work, need help.
jeje at jeje.org
Tue Jun 24 10:37:29 CDT 2003
--On Tuesday, June 24, 2003 09:58:28 PM +1000 Mike McCauley <mikem at open.com.au> wrote:
> Hello Jerome,
> On Tue, 24 Jun 2003 08:32 pm, Jerome Fleury wrote:
>> --On mardi 24 juin 2003 09:26 +1000 Mike McCauley <mikem at open.com.au> wrote:
>> > Hello Jeremy,
>> > thanks for the full log.
>> > Looks like Radiator is not seeing a completed client hello from your
>> > client: its still waiting for the client hello to be closed off.
>> > This is very puzzling: your client is behaving differently to other
>> > clients we have observed.
>> > What PEAP client are you using?
>> Well, this is quite strange as I use both Windows2000 client (hotfix from
>> microsoft) and Funk Odyssey client, giving the same bad result.
>> Maybe the source of the problem could be the AP (Cisco 1200) or the client
>> card (Orinoco, one of the first Lucent ones indeed) ?
> OK, I have just retested here with the latest Odyssey 2.0 client and Windows
> 2000. I can see that the latest Odyssey client does in fact act differently
> on 2000, nevertheless Radiator worked ok here with it with a successful
> So now I am back to wondering why Radaitor did not respond to the client
> hello. Normally it responds with the server certificate.
> I have looked closely again at your log file and I see something else strange:
> Mon Jun 23 14:04:09 2003: DEBUG: EAP TLS SSL_accept result: -1, 2, 8465
> Mon Jun 23 14:04:09 2003: ERR: jeje - want read
> Mon Jun 23 14:04:09 2003: ERR: EAP TLS error: -1, 2, 8465,
> it seems not to have recognised that reason 2 is WANT_READ and instead
> reported an error.
> This indicates that there is a problem with either the openssl install oor the
> Net_SSLeay install.
> Im sorry I did not see this before.
No that's me sorry not to have precised this: I added some debug code in the WANT_READ
elsif ($reason == ERROR_WANT_READ)
$self->log($main::LOG_ERR, "jeje - want read", $p);
my $errs = &Net::SSLeay::print_errs();
$self->log($main::LOG_ERR, "EAP TLS error: $ret, $reason, $state,
# Looking for more data, just ack this
So that it recognizes WANT_READ well. Sorry for giving you a bad path.
> I strongly suggest you :
> 1. Ensure there are no old versions of ssl, openssl or Net_SSLeay installed on
> your host.
No, old older versions are overrided.
> 2. Compile and install openssl 0.9.7
> 3. Compile and install Net_SSLeay 1.22 (using the Makefile.PL /usr/local/ssl
> arg above)
At this point, I think I'll try on an other fresh Unix install.
Thanks for your help Mike.
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator