[RADIATOR] 4.29 EAP issue - failed socket

Hugh Irvine hugh at radiatorsoftware.com
Tue Jul 16 23:49:53 UTC 2024 

Like you say - must be something to do with OS or Perl.

Hugh


On 17/7/2024 09:27, Cassidy B. Larson wrote:
> tarball source compiled.
>
> Radiator is running as root at this time.
>
> Thanks!
>
> On Tue, Jul 16, 2024 at 5:24 PM Hugh Irvine 
> <hugh at radiatorsoftware.com> wrote:
>
>
>     Hi again -
>
>     How did you install Radiator this time?
>
>     Package or tarball?
>
>     And what user is Radiator running as?
>
>     thanks
>
>     Hugh
>
>
>     On 17/7/2024 09:08, Cassidy B. Larson wrote:
>>     Hi Hugh,
>>
>>     I did try downgrading to 4.25.. it seems to be related to the OS
>>     update or perl itself since it is persisting on 4.25 as it did on
>>     4.29.. really odd.
>>
>>     It does seem like it’s receiving on the same port it’s sending
>>     back out to.. but not able.   So strange!
>>
>>     Tue Jul 16 16:17:10 2024: DEBUG: ServerConfig: registering
>>     childinit fn from Radius::Configurable
>>
>>     Tue Jul 16 16:17:10 2024: DEBUG: Radius::JSON backend is JSON::PP
>>     version 4.07
>>
>>     Tue Jul 16 16:17:10 2024: DEBUG: SCTP socket API extensions not
>>     available
>>
>>     Tue Jul 16 16:17:10 2024: DEBUG: Finished reading configuration
>>     file '/usr/local/etc/radiator/radius-eap-authentication.cfg'
>>
>>     Tue Jul 16 16:17:10 2024: DEBUG: Reading dictionary file
>>     '/data/radiator/raddb/dictionary'
>>
>>     Tue Jul 16 16:17:10 2024: INFO: Using Net::SSLeay 1.94 with
>>     SSL/TLS library version 0x300000d0 (OpenSSL 3.0.13 30 Jan 2024)
>>
>>     Tue Jul 16 16:17:10 2024: DEBUG: SSL/TLS library and Net::SSLeay
>>     support set_default_passwd_cb and related functions
>>
>>     Tue Jul 16 16:17:10 2024: DEBUG: This system is IPv6 capable.
>>     IPv6 capability provided by: core
>>
>>     Tue Jul 16 16:17:10 2024: DEBUG: Creating authentication socket
>>     <my_ip> port 1842
>>
>>     Tue Jul 16 16:17:10 2024: NOTICE: Server started: Radiator 4.25
>>     on <hostname>
>>
>>     Tue Jul 16 16:17:31 2024: DEBUG: Packet dump:
>>
>>     *** Received from <ip> port 40333 ....
>>
>>>>
>>>>
>>     Tue Jul 16 16:17:31 2024: DEBUG: Packet dump:
>>
>>     *** Sending to <ip> port 40333 ....
>>
>>
>>     Packet length = 46
>>
>>     0b 35 00 2e 30 e5 a1 5f 38 ea b4 b1 0c 02 04 0e
>>
>>     af 49 74 be 4f 08 01 2e 00 06 19 20 50 12 23 26
>>
>>     54 69 64 09 ed 26 4a ad f1 33 90 82 7f 21
>>
>>     Code:       Access-Challenge
>>
>>     Identifier: 53
>>
>>     Authentic: 0<229><161>_8<234><180><177><12><2><4><14><175>It<190>
>>
>>     Attributes:
>>
>>           EAP-Message = <1>.<0><6><25>
>>
>>           Message-Authenticator =
>>     #&Tid<9><237>&J<173><241>3<144><130><127>!
>>
>>
>>     Tue Jul 16 16:17:31 2024: ERR: sendTo: send to <ip> port 40333
>>     failed: Socket operation on non-socket
>>
>>
>>
>>>     On Jul 16, 2024, at 4:48 PM, Hugh Irvine via radiator
>>>     <radiator at lists.open.com.au> <mailto:radiator at lists.open.com.au>
>>>     wrote:
>>>
>>>
>>>     Hello Cassidy -
>>>
>>>     This is very odd - it looks like the socket has not been created
>>>     properly.
>>>
>>>     I don't understand how you could receive a packet on a socket
>>>     and not be able to send?
>>>
>>>     What do the startup messages from Radiator look like?
>>>
>>>     And what is shown before the log below when the request is
>>>     received - is it the same socket number?
>>>
>>>     thanks
>>>
>>>     Hugh
>>>
>>>
>>>     On 17/7/2024 07:37, Cassidy B. Larson via radiator wrote:
>>>>     Seeing this after upgrading from a few releases to 4.29 and
>>>>     trying EAP with my same hosts/clients on my in-office wifi:
>>>>
>>>>     Tue Jul 16 15:31:05 2024: ERR: sendTo: send to 10.40.176.98
>>>>     port 60389 failed: Socket operation on non-socket
>>>>
>>>>     We're now running FreeBSD 14.1-RELEASE on this.
>>>>
>>>>     Here's the last bit of a Trace 5 output..
>>>>
>>>>     Tue Jul 16 15:31:05 2024: DEBUG: Handling with Radius::AuthFILE:
>>>>     Tue Jul 16 15:31:05 2024: DEBUG: AuthFILE Handling EAP type 1
>>>>     (Identity), code: 2 (Response), identifier: 22, length: 24
>>>>     Tue Jul 16 15:31:05 2024: DEBUG: Initialised SSL library:
>>>>     Net::SSLeay 1.94, OpenSSL 3.0.13 30 Jan 2024
>>>>     Tue Jul 16 15:31:05 2024: DEBUG: TLS: Using 0x8 (8) for
>>>>     Net::SSLeay constant SSL2_MT_CLIENT_CERTIFICATE
>>>>     Tue Jul 16 15:31:05 2024: DEBUG: TLS: Using 0x3 (3) for
>>>>     Net::SSLeay constant SSL2_MT_CLIENT_FINISHED
>>>>     Tue Jul 16 15:31:05 2024: DEBUG: TLS: Using 0x2 (2) for
>>>>     Net::SSLeay constant SSL2_MT_CLIENT_MASTER_KEY
>>>>     Tue Jul 16 15:31:05 2024: DEBUG: TLS: Using 0x0 (0) for
>>>>     Net::SSLeay constant SSL2_MT_ERROR
>>>>     Tue Jul 16 15:31:05 2024: DEBUG: TLS: Using 0x6 (6) for
>>>>     Net::SSLeay constant SSL2_MT_REQUEST_CERTIFICATE
>>>>     Tue Jul 16 15:31:05 2024: DEBUG: TLS: Using 0x6 (6) for
>>>>     Net::SSLeay constant SSL2_MT_SERVER_FINISHED
>>>>     Tue Jul 16 15:31:05 2024: DEBUG: TLS: Using 0x4 (4) for
>>>>     Net::SSLeay constant SSL2_MT_SERVER_HELLO
>>>>     Tue Jul 16 15:31:05 2024: DEBUG: TLS: Using 0x5 (5) for
>>>>     Net::SSLeay constant SSL2_MT_SERVER_VERIFY
>>>>     Tue Jul 16 15:31:05 2024: DEBUG: TLS: Using 0x2 (2) for
>>>>     Net::SSLeay constant TLSEXT_ERR_ALERT_FATAL
>>>>     Tue Jul 16 15:31:05 2024: DEBUG: TLS: Using 0x1 (1) for
>>>>     Net::SSLeay constant TLSEXT_ERR_ALERT_WARNING
>>>>     Tue Jul 16 15:31:05 2024: DEBUG: TLS: Using 0x3 (3) for
>>>>     Net::SSLeay constant TLSEXT_ERR_NOACK
>>>>     Tue Jul 16 15:31:05 2024: DEBUG: TLS: Using 0x0 (0) for
>>>>     Net::SSLeay constant TLSEXT_ERR_OK
>>>>     Tue Jul 16 15:31:05 2024: DEBUG: AuthFILE setting
>>>>     EAPTLS_Ciphers to: DEFAULT:!EXPORT:!LOW
>>>>     Tue Jul 16 15:31:05 2024: DEBUG: EAP result: 3, PEAP Challenge
>>>>     Tue Jul 16 15:31:05 2024: DEBUG: AuthBy FILE result: CHALLENGE,
>>>>     PEAP Challenge
>>>>     Tue Jul 16 15:31:05 2024: DEBUG: Access challenged for
>>>>     user at host.com: PEAP Challenge
>>>>     Tue Jul 16 15:31:05 2024: DEBUG: Packet dump:
>>>>     *** Sending to 10.40.176.98 port 60389 ....
>>>>
>>>>     Packet length = 46
>>>>     0b 1c 00 2e 67 6a 89 68 86 97 9f 2f c9 ca 99 68
>>>>     c5 3f 5f 1f 50 12 40 12 4b 21 a4 80 19 29 dc 8e
>>>>     c9 bc e2 a2 d3 6e 4f 08 01 17 00 06 19 20
>>>>     Code: Access-Challenge
>>>>     Identifier: 28
>>>>     Authentic:gj<137>h<134><151><159>/<201><202><153>h<197>?_<31>
>>>>     Attributes:
>>>>     Message-Authenticator =
>>>>     @<18>K!<164><128><25>)<220><142><201><188><226><162><211>n
>>>>     EAP-Message = <1><23><0><6><25>
>>>>
>>>>     Tue Jul 16 15:31:05 2024: ERR: sendTo: send to 10.40.176.98
>>>>     port 60389 failed: Socket operation on non-socket
>>>>
>>>>
>>>>
>>>>     Going to try downgrading to a few previous releases to figure
>>>>     out where the problem started.. but just wondering if anybody
>>>>     had any quick clues while I found time to do that.
>>>>
>>>>     Thanks!
>>>>
>>>>     -c
>>>>
>>>>
>>>>     _______________________________________________
>>>>     radiator mailing list
>>>>     radiator at lists.open.com.au
>>>>     https://lists.open.com.au/mailman/listinfo/radiator
>>>     _______________________________________________
>>>     radiator mailing list
>>>     radiator at lists.open.com.au
>>>     https://lists.open.com.au/mailman/listinfo/radiator
>>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.open.com.au/pipermail/radiator/attachments/20240717/f225993f/attachment-0001.html>

More information about the radiator mailing list