(RADIATOR) Testing help with new Kerberos5 Auth Module.

Mike McCauley mikem at open.com.au
Sun Mar 28 15:44:17 CST 2004


Hi Steve,


On Mon, 29 Mar 2004 05:31 am, Steve Harper wrote:
> I'll happily contribute it to the Radiator code base.  Do with it what
> you will.  I just hope we can figure out the bug I'm running into.

Thanks, we will make sure you get the credit.

I dont know what the problem you are seeing is from, but it looks like it is 
down in the Krb libraries. We did not see this problem here, so perhaps it is 
due to your KRB server configuration?

Pls let me know if I can be of assistance.

Cheers.

>
> Thanks,
>
> Steve Harper
>
> On Sat, 27 Mar 2004, Mike McCauley wrote:
> > Hello again Steve,
> >
> > I wonder if you might want to consider contributing your module to the
> > Radiator goodies or the core for others to use too?
> >
> > Cheers.
> >
> > On Sat, 27 Mar 2004 11:53 am, Steve Harper wrote:
> > > Hello, I work for the University of Utah where we have a site license
> > > for Radiator.  I've written a Kerberos 5 Authentication module for
> > > Radiator (AuthKRB5.pm) because of Authen::PAM's segfaulting on Solaris
> > > 2.8 and up. Its based on AuthTEST.pm and AuthPAM.pm, and uses the CPAN
> > > Perl module Authen::KRB5 V1.3 which requires MIT kerberos.
> > >
> > > I'm running this on Solaris 2.9, with Perl 5.8.1, MIT Kerberos 1.2.7,
> > > and Radiator 3.9.
> > >
> > > It works fine with the radpwtst utility shipped with Radiator, but when
> > > I try to use it with our 802.1x clients / access point it fails with:
> > >
> > > Access rejected for testuser: Kinit failed: No such device or address
> > >
> > > The corresponding point of failure looking at things with truss seems
> > > to be where the * is.  It opens a socket, requests the TGT for the
> > > users, polls, and then recieves it.  ENXIO maps to "No such device or
> > > address". It then opens and unlinks the credential cache.
> > >
> > >  so_socket(PF_INET, SOCK_DGRAM, IPPROTO_IP, "", 1) = 6
> > >  connect(6, 0x004D1460, 16, 1)                   = 0
> > >  send(6, 0x006D6E00, 184, 0)                     = 184
> > >     j81B5 081B2A103020105A2030201\nA481A5 081A2A0070305\0\0\0\0\0A1
> > >     <snip>
> > >  poll(0xFFBFF408, 1, 1000)                       = 1
> > >  recv(6, 0x00BBA980, 4096, 0)                    = 525
> > >     k8202\t 0820205A003020105A1030201\vA3\n1B\b U T A H . E D UA415
> > >     <snip>
> > >  close(6)                                        = 0
> > > *ioctl(0, TCGETS, 0xFFBFF520)                    Err#6 ENXIO
> > >  open("/tmp/krb5cc_0", O_RDWR)                   = 6
> > >  unlink("/tmp/krb5cc_0")                         = 0
> > >
> > > I was curious if anyone had any idea why I might be getting such an
> > > error or would be willing to test the code in their environment and let
> > > me know their results.  Any code improvements or suggestions would
> > > likewise be greatly appreciated.
> > >
> > > You can download the code from
> > > http://dev.scl.utah.edu/AuthKRB5.pm
> > >
> > > Thanks in advance for any help,
> > >
> > > Steve Harper                                      Campus Student
> > > Computing Sys Admin                                                
> > > Marriott Library s.harper at utah.edu                                     
> > >  University of Utah
> > >
> > > --
> > > Archive at http://www.open.com.au/archives/radiator/
> > > Announcements on radiator-announce at open.com.au
> > > To unsubscribe, email 'majordomo at open.com.au' with
> > > 'unsubscribe radiator' in the body of the message.
> >
> > --
> > Mike McCauley                               mikem at open.com.au
> > Open System Consultants Pty. Ltd            Unix, Perl, Motif, C++, WWW
> > 9 Bulbul Place Currumbin Waters QLD 4223 Australia  
> > http://www.open.com.au Phone +61 7 5598-7474                       Fax  
> > +61 7 5598-7070
> >
> > Radiator: the most portable, flexible and configurable RADIUS server
> > anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
> > Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
> > TTLS, PEAP etc on Unix, Windows, MacOS etc.

-- 
Mike McCauley                               mikem at open.com.au
Open System Consultants Pty. Ltd            Unix, Perl, Motif, C++, WWW
9 Bulbul Place Currumbin Waters QLD 4223 Australia   http://www.open.com.au
Phone +61 7 5598-7474                       Fax   +61 7 5598-7070

Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, 
TTLS, PEAP etc on Unix, Windows, MacOS etc.

--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list