(RADIATOR) Testing help with new Kerberos5 Auth Module.

Mike McCauley mikem at open.com.au
Fri Mar 26 21:23:29 CST 2004 

Hello again Steve,

I wonder if you might want to consider contributing your module to the 
Radiator goodies or the core for others to use too?

Cheers.

On Sat, 27 Mar 2004 11:53 am, Steve Harper wrote:
> Hello, I work for the University of Utah where we have a site license for
> Radiator.  I've written a Kerberos 5 Authentication module for Radiator
> (AuthKRB5.pm) because of Authen::PAM's segfaulting on Solaris 2.8 and up.
> Its based on AuthTEST.pm and AuthPAM.pm, and uses the CPAN Perl module
> Authen::KRB5 V1.3 which requires MIT kerberos.
>
> I'm running this on Solaris 2.9, with Perl 5.8.1, MIT Kerberos 1.2.7, and
> Radiator 3.9.
>
> It works fine with the radpwtst utility shipped with Radiator, but when I
> try to use it with our 802.1x clients / access point it fails with:
>
> Access rejected for testuser: Kinit failed: No such device or address
>
> The corresponding point of failure looking at things with truss seems to
> be where the * is.  It opens a socket, requests the TGT for the users,
> polls, and then recieves it.  ENXIO maps to "No such device or address".
> It then opens and unlinks the credential cache.
>
>  so_socket(PF_INET, SOCK_DGRAM, IPPROTO_IP, "", 1) = 6
>  connect(6, 0x004D1460, 16, 1)                   = 0
>  send(6, 0x006D6E00, 184, 0)                     = 184
>     j81B5 081B2A103020105A2030201\nA481A5 081A2A0070305\0\0\0\0\0A1
>     <snip>
>  poll(0xFFBFF408, 1, 1000)                       = 1
>  recv(6, 0x00BBA980, 4096, 0)                    = 525
>     k8202\t 0820205A003020105A1030201\vA3\n1B\b U T A H . E D UA415
>     <snip>
>  close(6)                                        = 0
> *ioctl(0, TCGETS, 0xFFBFF520)                    Err#6 ENXIO
>  open("/tmp/krb5cc_0", O_RDWR)                   = 6
>  unlink("/tmp/krb5cc_0")                         = 0
>
> I was curious if anyone had any idea why I might be getting such an error
> or would be willing to test the code in their environment and let me know
> their results.  Any code improvements or suggestions would likewise be
> greatly appreciated.
>
> You can download the code from
> http://dev.scl.utah.edu/AuthKRB5.pm
>
> Thanks in advance for any help,
>
> Steve Harper                                      Campus Student Computing
> Sys Admin                                                 Marriott Library
> s.harper at utah.edu                                       University of Utah
>
> --
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.

-- 
Mike McCauley                               mikem at open.com.au
Open System Consultants Pty. Ltd            Unix, Perl, Motif, C++, WWW
9 Bulbul Place Currumbin Waters QLD 4223 Australia   http://www.open.com.au
Phone +61 7 5598-7474                       Fax   +61 7 5598-7070

Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, 
TTLS, PEAP etc on Unix, Windows, MacOS etc.

--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.

More information about the radiator mailing list