[RADIATOR] 4.29 EAP issue - failed socket

Hugh Irvine hugh at radiatorsoftware.com
Tue Jul 16 23:23:58 UTC 2024 

Hi again -

How did you install Radiator this time?

Package or tarball?

And what user is Radiator running as?

thanks

Hugh


On 17/7/2024 09:08, Cassidy B. Larson wrote:
> Hi Hugh,
>
> I did try downgrading to 4.25.. it seems to be related to the OS 
> update or perl itself since it is persisting on 4.25 as it did on 
> 4.29.. really odd.
>
> It does seem like it’s receiving on the same port it’s sending back 
> out to.. but not able.   So strange!
>
> Tue Jul 16 16:17:10 2024: DEBUG: ServerConfig: registering childinit 
> fn from Radius::Configurable
>
> Tue Jul 16 16:17:10 2024: DEBUG: Radius::JSON backend is JSON::PP 
> version 4.07
>
> Tue Jul 16 16:17:10 2024: DEBUG: SCTP socket API extensions not available
>
> Tue Jul 16 16:17:10 2024: DEBUG: Finished reading configuration file 
> '/usr/local/etc/radiator/radius-eap-authentication.cfg'
>
> Tue Jul 16 16:17:10 2024: DEBUG: Reading dictionary file 
> '/data/radiator/raddb/dictionary'
>
> Tue Jul 16 16:17:10 2024: INFO: Using Net::SSLeay 1.94 with SSL/TLS 
> library version 0x300000d0 (OpenSSL 3.0.13 30 Jan 2024)
>
> Tue Jul 16 16:17:10 2024: DEBUG: SSL/TLS library and Net::SSLeay 
> support set_default_passwd_cb and related functions
>
> Tue Jul 16 16:17:10 2024: DEBUG: This system is IPv6 capable. IPv6 
> capability provided by: core
>
> Tue Jul 16 16:17:10 2024: DEBUG: Creating authentication socket 
> <my_ip> port 1842
>
> Tue Jul 16 16:17:10 2024: NOTICE: Server started: Radiator 4.25 on 
> <hostname>
>
> Tue Jul 16 16:17:31 2024: DEBUG: Packet dump:
>
> *** Received from <ip> port 40333 ....
>
>>
>>
> Tue Jul 16 16:17:31 2024: DEBUG: Packet dump:
>
> *** Sending to <ip> port 40333 ....
>
>
> Packet length = 46
>
> 0b 35 00 2e 30 e5 a1 5f 38 ea b4 b1 0c 02 04 0e
>
> af 49 74 be 4f 08 01 2e 00 06 19 20 50 12 23 26
>
> 54 69 64 09 ed 26 4a ad f1 33 90 82 7f 21
>
> Code:       Access-Challenge
>
> Identifier: 53
>
> Authentic: 0<229><161>_8<234><180><177><12><2><4><14><175>It<190>
>
> Attributes:
>
>       EAP-Message = <1>.<0><6><25>
>
>       Message-Authenticator = #&Tid<9><237>&J<173><241>3<144><130><127>!
>
>
> Tue Jul 16 16:17:31 2024: ERR: sendTo: send to  <ip> port 40333 
> failed: Socket operation on non-socket
>
>
>
>> On Jul 16, 2024, at 4:48 PM, Hugh Irvine via radiator 
>> <radiator at lists.open.com.au> wrote:
>>
>>
>> Hello Cassidy -
>>
>> This is very odd - it looks like the socket has not been created 
>> properly.
>>
>> I don't understand how you could receive a packet on a socket and not 
>> be able to send?
>>
>> What do the startup messages from Radiator look like?
>>
>> And what is shown before the log below when the request is received - 
>> is it the same socket number?
>>
>> thanks
>>
>> Hugh
>>
>>
>> On 17/7/2024 07:37, Cassidy B. Larson via radiator wrote:
>>> Seeing this after upgrading from a few releases to 4.29 and trying 
>>> EAP with my same hosts/clients on my in-office wifi:
>>>
>>> Tue Jul 16 15:31:05 2024: ERR: sendTo: send to 10.40.176.98 port 
>>> 60389 failed: Socket operation on non-socket
>>>
>>> We're now running FreeBSD 14.1-RELEASE on this.
>>>
>>> Here's the last bit of a Trace 5 output..
>>>
>>> Tue Jul 16 15:31:05 2024: DEBUG: Handling with Radius::AuthFILE:
>>> Tue Jul 16 15:31:05 2024: DEBUG: AuthFILE Handling EAP type 1 
>>> (Identity), code: 2 (Response), identifier: 22, length: 24
>>> Tue Jul 16 15:31:05 2024: DEBUG: Initialised SSL library: 
>>> Net::SSLeay 1.94, OpenSSL 3.0.13 30 Jan 2024
>>> Tue Jul 16 15:31:05 2024: DEBUG: TLS: Using 0x8 (8) for Net::SSLeay 
>>> constant SSL2_MT_CLIENT_CERTIFICATE
>>> Tue Jul 16 15:31:05 2024: DEBUG: TLS: Using 0x3 (3) for Net::SSLeay 
>>> constant SSL2_MT_CLIENT_FINISHED
>>> Tue Jul 16 15:31:05 2024: DEBUG: TLS: Using 0x2 (2) for Net::SSLeay 
>>> constant SSL2_MT_CLIENT_MASTER_KEY
>>> Tue Jul 16 15:31:05 2024: DEBUG: TLS: Using 0x0 (0) for Net::SSLeay 
>>> constant SSL2_MT_ERROR
>>> Tue Jul 16 15:31:05 2024: DEBUG: TLS: Using 0x6 (6) for Net::SSLeay 
>>> constant SSL2_MT_REQUEST_CERTIFICATE
>>> Tue Jul 16 15:31:05 2024: DEBUG: TLS: Using 0x6 (6) for Net::SSLeay 
>>> constant SSL2_MT_SERVER_FINISHED
>>> Tue Jul 16 15:31:05 2024: DEBUG: TLS: Using 0x4 (4) for Net::SSLeay 
>>> constant SSL2_MT_SERVER_HELLO
>>> Tue Jul 16 15:31:05 2024: DEBUG: TLS: Using 0x5 (5) for Net::SSLeay 
>>> constant SSL2_MT_SERVER_VERIFY
>>> Tue Jul 16 15:31:05 2024: DEBUG: TLS: Using 0x2 (2) for Net::SSLeay 
>>> constant TLSEXT_ERR_ALERT_FATAL
>>> Tue Jul 16 15:31:05 2024: DEBUG: TLS: Using 0x1 (1) for Net::SSLeay 
>>> constant TLSEXT_ERR_ALERT_WARNING
>>> Tue Jul 16 15:31:05 2024: DEBUG: TLS: Using 0x3 (3) for Net::SSLeay 
>>> constant TLSEXT_ERR_NOACK
>>> Tue Jul 16 15:31:05 2024: DEBUG: TLS: Using 0x0 (0) for Net::SSLeay 
>>> constant TLSEXT_ERR_OK
>>> Tue Jul 16 15:31:05 2024: DEBUG: AuthFILE setting EAPTLS_Ciphers to: 
>>> DEFAULT:!EXPORT:!LOW
>>> Tue Jul 16 15:31:05 2024: DEBUG: EAP result: 3, PEAP Challenge
>>> Tue Jul 16 15:31:05 2024: DEBUG: AuthBy FILE result: CHALLENGE, PEAP 
>>> Challenge
>>> Tue Jul 16 15:31:05 2024: DEBUG: Access challenged for 
>>> user at host.com: PEAP Challenge
>>> Tue Jul 16 15:31:05 2024: DEBUG: Packet dump:
>>> *** Sending to 10.40.176.98 port 60389 ....
>>>
>>> Packet length = 46
>>> 0b 1c 00 2e 67 6a 89 68 86 97 9f 2f c9 ca 99 68
>>> c5 3f 5f 1f 50 12 40 12 4b 21 a4 80 19 29 dc 8e
>>> c9 bc e2 a2 d3 6e 4f 08 01 17 00 06 19 20
>>> Code: Access-Challenge
>>> Identifier: 28
>>> Authentic:gj<137>h<134><151><159>/<201><202><153>h<197>?_<31>
>>> Attributes:
>>> Message-Authenticator = 
>>> @<18>K!<164><128><25>)<220><142><201><188><226><162><211>n
>>> EAP-Message = <1><23><0><6><25>
>>>
>>> Tue Jul 16 15:31:05 2024: ERR: sendTo: send to 10.40.176.98 port 
>>> 60389 failed: Socket operation on non-socket
>>>
>>>
>>>
>>> Going to try downgrading to a few previous releases to figure out 
>>> where the problem started.. but just wondering if anybody had any 
>>> quick clues while I found time to do that.
>>>
>>> Thanks!
>>>
>>> -c
>>>
>>>
>>> _______________________________________________
>>> radiator mailing list
>>> radiator at lists.open.com.au
>>> https://lists.open.com.au/mailman/listinfo/radiator
>> _______________________________________________
>> radiator mailing list
>> radiator at lists.open.com.au
>> https://lists.open.com.au/mailman/listinfo/radiator
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.open.com.au/pipermail/radiator/attachments/20240717/72e35f87/attachment-0001.html>

More information about the radiator mailing list