(RADIATOR) BUG? EAP TLS hangs

Ken Wolstencroft kenw at keeper.org.uk
Mon Jun 30 13:27:19 CDT 2003 

Hi Denis,

I had the same problem and spent ages recompiling OpenSSL with all the ssl
version work arounds etc.

The way I finally solved it was to add the following to the EAPTLS AuthBy:

EAPTLS_SessionResumption 0

Can anyone suggest why this happens in the first place and why stopping
session resumption seems to solve the problem.

All the best,
Ken
MyZones Ltd

----- Original Message ----- 
From: "Denis Pavani" <d.pavani at cineca.it>
To: <radiator at open.com.au>
Sent: Monday, June 30, 2003 4:44 PM
Subject: (RADIATOR) BUG? EAP TLS hangs


> Hello, I got a strange behaviour from Radiator 3.6, on Solaris with
> OpenSSL 0.9.7a
> Most of time, all authentication are OK, but sometimes EAP-TLS stop
> working, and gives errors as below.
> Restarting the daemon (sending an HUP signal does not work, I must kill
> process and restart) fixes the situation.
> Any idea?
>
> Mon Jun 30 17:30:17 2003: DEBUG: Handling with Radius::AuthLDAP2:
> Mon Jun 30 17:30:17 2003: DEBUG: Handling with EAP: code 2, 33, 98
> Mon Jun 30 17:30:17 2003: DEBUG: Response type 13
> Mon Jun 30 17:30:17 2003: ERR: EAP TLS error: -1, 1, 24576,  10385: 1 -
> error:14
> 0A4044:SSL routines:SSL_clear:internal error
>  10385: 2 - error:14080044:SSL routines:SSL3_ACCEPT:internal error
>
> Mon Jun 30 17:30:17 2003: DEBUG: Handling with Radius::AuthFILE:
> Mon Jun 30 17:30:17 2003: DEBUG: Handling with EAP: code 2, 33, 98
> Mon Jun 30 17:30:17 2003: DEBUG: Response type 13
> Mon Jun 30 17:30:17 2003: ERR: EAP TLS error: -1, 1, 24576,  10385: 1 -
> error:14
> 0A4044:SSL routines:SSL_clear:internal error
>  10385: 2 - error:14080044:SSL routines:SSL3_ACCEPT:internal error
>
> Mon Jun 30 17:30:17 2003: INFO: Access rejected for d.pavani at cineca.it:
> EAP TLS
> error
>
> -- 
> ************************************************************************
> Denis Pavani
>
> CINECA    -    Comunicazioni e Sistemi Distribuiti
> NOC - Network Operations Center
>
> phone:+39 0516171953 / fax:+39 0516132198
> http://www.cineca.it
> ************************************************************************
>  "Siamo pagati per adattarci, improvvisare e raggiungere lo scopo"
>   -- Gunny Highway
>
>
> ===
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.


---
Outgoing mail is certified Virus Free.
Checked by AVG anti-virus system (http://www.grisoft.com).
Version: 6.0.493 / Virus Database: 292 - Release Date: 6/25/2003

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list