[RADIATOR] 4.29 EAP issue - failed socket

Cassidy B. Larson alandaluz at gmail.com
Tue Jul 16 23:27:24 UTC 2024 

tarball source compiled.

Radiator is running as root at this time.

Thanks!

On Tue, Jul 16, 2024 at 5:24 PM Hugh Irvine <hugh at radiatorsoftware.com>
wrote:

>
> Hi again -
>
> How did you install Radiator this time?
>
> Package or tarball?
>
> And what user is Radiator running as?
>
> thanks
>
> Hugh
>
>
> On 17/7/2024 09:08, Cassidy B. Larson wrote:
>
> Hi Hugh,
>
> I did try downgrading to 4.25.. it seems to be related to the OS update or
> perl itself since it is persisting on 4.25 as it did on 4.29.. really odd.
>
> It does seem like it’s receiving on the same port it’s sending back out
> to.. but not able.   So strange!
>
> Tue Jul 16 16:17:10 2024: DEBUG: ServerConfig: registering childinit fn
> from Radius::Configurable
>
> Tue Jul 16 16:17:10 2024: DEBUG: Radius::JSON backend is JSON::PP version
> 4.07
>
> Tue Jul 16 16:17:10 2024: DEBUG: SCTP socket API extensions not available
>
> Tue Jul 16 16:17:10 2024: DEBUG: Finished reading configuration file
> '/usr/local/etc/radiator/radius-eap-authentication.cfg'
>
> Tue Jul 16 16:17:10 2024: DEBUG: Reading dictionary file
> '/data/radiator/raddb/dictionary'
>
> Tue Jul 16 16:17:10 2024: INFO: Using Net::SSLeay 1.94 with SSL/TLS
> library version 0x300000d0 (OpenSSL 3.0.13 30 Jan 2024)
>
> Tue Jul 16 16:17:10 2024: DEBUG: SSL/TLS library and Net::SSLeay support
> set_default_passwd_cb and related functions
>
> Tue Jul 16 16:17:10 2024: DEBUG: This system is IPv6 capable. IPv6
> capability provided by: core
>
> Tue Jul 16 16:17:10 2024: DEBUG: Creating authentication socket <my_ip>
> port 1842
>
> Tue Jul 16 16:17:10 2024: NOTICE: Server started: Radiator 4.25 on
> <hostname>
>
> Tue Jul 16 16:17:31 2024: DEBUG: Packet dump:
>
> *** Received from <ip> port 40333 ....
>
>>
>>
> Tue Jul 16 16:17:31 2024: DEBUG: Packet dump:
>
> *** Sending to <ip> port 40333 ....
>
>
> Packet length = 46
>
> 0b 35 00 2e 30 e5 a1 5f 38 ea b4 b1 0c 02 04 0e
>
> af 49 74 be 4f 08 01 2e 00 06 19 20 50 12 23 26
>
> 54 69 64 09 ed 26 4a ad f1 33 90 82 7f 21
>
> Code:       Access-Challenge
>
> Identifier: 53
>
> Authentic:  0<229><161>_8<234><180><177><12><2><4><14><175>It<190>
>
> Attributes:
>
>         EAP-Message = <1>.<0><6><25>
>
>         Message-Authenticator = #&Tid<9><237>&J<173><241>3<144><130><127>!
>
>
> Tue Jul 16 16:17:31 2024: ERR: sendTo: send to  <ip> port 40333 failed:
> Socket operation on non-socket
>
>
> On Jul 16, 2024, at 4:48 PM, Hugh Irvine via radiator
> <radiator at lists.open.com.au> <radiator at lists.open.com.au> wrote:
>
>
> Hello Cassidy -
>
> This is very odd - it looks like the socket has not been created properly.
>
> I don't understand how you could receive a packet on a socket and not be
> able to send?
>
> What do the startup messages from Radiator look like?
>
> And what is shown before the log below when the request is received - is
> it the same socket number?
>
> thanks
>
> Hugh
>
>
> On 17/7/2024 07:37, Cassidy B. Larson via radiator wrote:
>
> Seeing this after upgrading from a few releases to 4.29 and trying EAP
> with my same hosts/clients on my in-office wifi:
>
> Tue Jul 16 15:31:05 2024: ERR: sendTo: send to 10.40.176.98 port 60389
> failed: Socket operation on non-socket
>
> We're now running FreeBSD 14.1-RELEASE on this.
>
> Here's the last bit of a Trace 5 output..
>
> Tue Jul 16 15:31:05 2024: DEBUG: Handling with Radius::AuthFILE:
> Tue Jul 16 15:31:05 2024: DEBUG: AuthFILE Handling EAP type 1 (Identity),
> code: 2 (Response), identifier: 22, length: 24
> Tue Jul 16 15:31:05 2024: DEBUG: Initialised SSL library: Net::SSLeay
> 1.94, OpenSSL 3.0.13 30 Jan 2024
> Tue Jul 16 15:31:05 2024: DEBUG: TLS: Using 0x8 (8) for Net::SSLeay
> constant SSL2_MT_CLIENT_CERTIFICATE
> Tue Jul 16 15:31:05 2024: DEBUG: TLS: Using 0x3 (3) for Net::SSLeay
> constant SSL2_MT_CLIENT_FINISHED
> Tue Jul 16 15:31:05 2024: DEBUG: TLS: Using 0x2 (2) for Net::SSLeay
> constant SSL2_MT_CLIENT_MASTER_KEY
> Tue Jul 16 15:31:05 2024: DEBUG: TLS: Using 0x0 (0) for Net::SSLeay
> constant SSL2_MT_ERROR
> Tue Jul 16 15:31:05 2024: DEBUG: TLS: Using 0x6 (6) for Net::SSLeay
> constant SSL2_MT_REQUEST_CERTIFICATE
> Tue Jul 16 15:31:05 2024: DEBUG: TLS: Using 0x6 (6) for Net::SSLeay
> constant SSL2_MT_SERVER_FINISHED
> Tue Jul 16 15:31:05 2024: DEBUG: TLS: Using 0x4 (4) for Net::SSLeay
> constant SSL2_MT_SERVER_HELLO
> Tue Jul 16 15:31:05 2024: DEBUG: TLS: Using 0x5 (5) for Net::SSLeay
> constant SSL2_MT_SERVER_VERIFY
> Tue Jul 16 15:31:05 2024: DEBUG: TLS: Using 0x2 (2) for Net::SSLeay
> constant TLSEXT_ERR_ALERT_FATAL
> Tue Jul 16 15:31:05 2024: DEBUG: TLS: Using 0x1 (1) for Net::SSLeay
> constant TLSEXT_ERR_ALERT_WARNING
> Tue Jul 16 15:31:05 2024: DEBUG: TLS: Using 0x3 (3) for Net::SSLeay
> constant TLSEXT_ERR_NOACK
> Tue Jul 16 15:31:05 2024: DEBUG: TLS: Using 0x0 (0) for Net::SSLeay
> constant TLSEXT_ERR_OK
> Tue Jul 16 15:31:05 2024: DEBUG: AuthFILE setting EAPTLS_Ciphers to:
> DEFAULT:!EXPORT:!LOW
> Tue Jul 16 15:31:05 2024: DEBUG: EAP result: 3, PEAP Challenge
> Tue Jul 16 15:31:05 2024: DEBUG: AuthBy FILE result: CHALLENGE, PEAP
> Challenge
> Tue Jul 16 15:31:05 2024: DEBUG: Access challenged for user at host.com:
> PEAP Challenge
> Tue Jul 16 15:31:05 2024: DEBUG: Packet dump:
> *** Sending to 10.40.176.98 port 60389 ....
>
> Packet length = 46
> 0b 1c 00 2e 67 6a 89 68 86 97 9f 2f c9 ca 99 68
> c5 3f 5f 1f 50 12 40 12 4b 21 a4 80 19 29 dc 8e
> c9 bc e2 a2 d3 6e 4f 08 01 17 00 06 19 20
> Code:       Access-Challenge
> Identifier: 28
> Authentic:  gj<137>h<134><151><159>/<201><202><153>h<197>?_<31>
> Attributes:
> Message-Authenticator =
> @<18>K!<164><128><25>)<220><142><201><188><226><162><211>n
> EAP-Message = <1><23><0><6><25>
>
> Tue Jul 16 15:31:05 2024: ERR: sendTo: send to 10.40.176.98 port 60389
> failed: Socket operation on non-socket
>
>
>
> Going to try downgrading to a few previous releases to figure out where
> the problem started.. but just wondering if anybody had any quick clues
> while I found time to do that.
>
> Thanks!
>
> -c
>
>
> _______________________________________________
> radiator mailing listradiator at lists.open.com.auhttps://lists.open.com.au/mailman/listinfo/radiator
>
> _______________________________________________
> radiator mailing list
> radiator at lists.open.com.au
> https://lists.open.com.au/mailman/listinfo/radiator
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.open.com.au/pipermail/radiator/attachments/20240716/f6f7d425/attachment-0001.html>

More information about the radiator mailing list