(RADIATOR) radiator / openssl 0.9.8d

Mike McCauley mikem at open.com.au
Mon Jan 29 00:23:22 CST 2007


Hello Stuart,

Tests here show that the precompiled Net::SSLEay that we provide works with 
both openssl-0.9.7L and openssl-0.9.8d.
Perhaps you dont have the most recent version of Net::SSLEay?
In any case, we recommend openssl-0.9.7L at this stage.

Cheers.


On Monday 29 January 2007 11:38, Stuart Kendrick wrote:
> hi,
>
> i'm trying to upgrade from openssl-0.9.7d to openssl-0.9.8d.  Windows
> 2003.  i've tried this under two versions of Radiator:
> Radiator-3.15+patches and Radiator-3.16+patches
>
> when i try, the Radiator logfile reports success ... repeatedly ... but
> my test device (an WinXP box with *all* patches installed wanting to
> connect to my 802.11g network) employing PEAP doesn't connect
>
> when i examine a packet trace when the Radiator server is employing
> openssl-0.9.7d, i see 22 packets ... a series of Access-Request packets
> from the client (the wireless access point), alternating with
> Access-Challenges from Radiator.  finally, in packet 20, an
> Access-Accept from Radiator.  and the client connects to the wireless
> network.  [this, in fact, is my production set-up, hundreds of clients
> and ~150 access points]
>
> however, when i install openssl-0.9.8d (using the
> Win32OpenSSl-0.9.8d.exe package from www.shininglightpro.com (i
> double-click and say 'ok' when it asks me to overwrite
> c:\windows\system32\ssleay32.dll) ... i see 46 packets, Access-Requests
> from the access point followed by Access-Challenges from Radiator ...
> and every now and then an Access-Accept from Radiator (packets #18, 32,
> 46).  And ... numerous ... 'successful' authentication messages in
> Radiator's logfile
>
> Sun Jan 28 14:24:45 2007: wap: OK: FHCRC\skendric: FHCRC\skendric: :
> skendric-ap               : Access-Request: 0013.0264.f58e:
> Sun Jan 28 14:24:46 2007: wap: OK: FHCRC\skendric: FHCRC\skendric:
> 140.107.231.2: skendric-ap               : Access-Request:
> 0013.0264.f58e: 0013.c48a.e0e0
> Sun Jan 28 14:24:46 2007: wap: OK: FHCRC\skendric: FHCRC\skendric: :
> skendric-ap               : Access-Request: 0013.0264.f58e:
> Sun Jan 28 14:24:46 2007: wap: OK: FHCRC\skendric: FHCRC\skendric:
> 140.107.231.2: skendric-ap               : Access-Request:
> 0013.0264.f58e: 0013.c48a.e0e0
> Sun Jan 28 14:24:47 2007: wap: OK: FHCRC\skendric: FHCRC\skendric: :
> skendric-ap               : Access-Request: 0013.0264.f58e:
> Sun Jan 28 14:24:47 2007: wap: OK: FHCRC\skendric: FHCRC\skendric:
> 140.107.231.2: skendric-ap               : Access-Request:
> 0013.0264.f58e: 0013.c48a.e0e0
>
>
> but ... the client never connects ... the Windows GUI just sits there
> displaying its fancy graphics and the message:
>
> ==========================================================
> Please wait while Windows connects to the 'xxxx' network
>
> Waiting for the network...
> ==========================================================
>
> after 2 seconds, the packets quit flowing between access point and the
> server hosting Radiator ... but the client's GUI continues to display
> its message
>
>
> here's what i see in Radiator's logfile, when i set Trace=4:
>
>
> *** Sending to 10.1.2.11 port 1646 ....
> Code:       Accounting-Response
> Identifier: 160
> Authentic:  [...]
> Attributes:
>
> Sun Jan 28 16:38:57 2007: DEBUG: Packet dump:
> *** Received from 10.1.212.2 port 1645 ....
> Code:       Access-Request
> Identifier: 158
> Authentic:  [...]
> Attributes:
> 	User-Name = "FHCRC\skendric"
> 	Framed-MTU = 1400
> 	Called-Station-Id = "0013.c48a.e0e0"
> 	Calling-Station-Id = "0013.0264.f58e"
> 	Service-Type = Login-User
> 	Message-Authenticator = [...]
> 	EAP-Message = <2><2><0><19><1>FHCRC\skendric
> 	NAS-Port-Type = Wireless-IEEE-802-11
> 	NAS-Port = 397
> 	NAS-IP-Address = 10.1.212.2
> 	NAS-Identifier = "skendric-ap
>
>
> are you successfully employing openssl-0.9.8d under Windows?
>
> --sk
>
> stuart kendrick
> fhcrc
>
> --
> Archive at http://www.open.com.au/archives/radiator/
> Announcements on radiator-announce at open.com.au
> To unsubscribe, email 'majordomo at open.com.au' with
> 'unsubscribe radiator' in the body of the message.

-- 
Mike McCauley                               mikem at open.com.au
Open System Consultants Pty. Ltd            Unix, Perl, Motif, C++, WWW
9 Bulbul Place Currumbin Waters QLD 4223 Australia   http://www.open.com.au
Phone +61 7 5598-7474                       Fax   +61 7 5598-7070

Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, 
TTLS, PEAP etc on Unix, Windows, MacOS, NetWare etc.

--
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.


More information about the radiator mailing list