Hello again About my system details, I´m using a RHLinux 9.0 (Kernel 2.4.20-18.9) and compiled GK v2.04 and 2.05 with the latest PWLib v1.5, OpenH323 v1.12 and gcc version 3.2.2 (gcc ?v : Reading specs from /usr/lib/gcc-lib/i386-redhat- linux/3.2.2/specs) . In Windows I have compiled 2.0.4 but for this test I use only Windows Executable version 2.0.5 in Windows2000p? This weekend I will install a Linux 7.2 box without update libs and gcc to test it again so I will write telling you what was the result. Thanks Rafael Risco Millicom Peru SA PD: about the award for a person who will help to solve this problem, I would like to collaborate sending an exquisite Peruvian Pisco. Julius Stavaris <TJST@bite.lt> escribió: > Hi, > > Radius authentication produces segmentation faults on some systems. > Michal is aware of that. So far I had segmentation faults on RedHat 9.0, > 7.3 & 7.2(up2dated). It seems that out of the box 7.2 (not updated > libs&gcc) can compile stable gnugk. > > Julius > > -----Original Message----- > From: Rafael J. Risco G.V. [mailto:rrisco@millicom.net.pe] > Sent: Wednesday, July 02, 2003 1:36 AM > To: openh323gk-users@lists.sourceforge.net > Cc: openh323gk-developer@lists.sourceforge.net > Subject: [Openh323gk-users] Strange problem with RadAuth and > RadAliasAuth modules > > > > Hello > > I want to make autheticacion through freeradius in this very simple > scenario: > > 2AddPacEndpoints------>GNUGK205------->Freeradius0.8.1 > > I don't have too much experience in this topic but I believe I have been > able > to configure the radius correctly to use the authenticacion > modules"RadAuth" > or "RadAliasAuth" but I can`t found answers for an strange registration > > problem... > > In this scenario the first terminal it register correctly but the > problem is > that the GK falls in the precise instant in that the second terminal try > to > register (I can see the first RCF in the status port > RCF|10.0.0.240:1720|ap200:h323_ID=6603000:dialedDigits=6603001:dialedDigits|term > inal|1248_endp;), this happens in both windows and Linux versions and > also > with2.0.4 and 2.0.5. > > below I send you details of the configuration of the following devices: > > 1. Radius (clients.conf, users and brief debug log) > 2. my GNUGK .ini file > 3. some details from AP200 (AddPac terminal support CAT authentication > scheme) > 4. gnugk debug ttttt > > please, someone send me some suggestion to detect and solve this > problem, > > thanks > > Rafael R. > Millicom Peru SA > > > PD: > > ---------------------------------------------------------- > 1. RADIUS > --------------------------------------------------------- > > /usr/local/etc/raddb/clients.conf : > > client 10.0.0.11 { > secret = hola123 > shortname = MICPEGK02 > } > > > /usr/local/etc/raddb/users : > > ap200 User-Password == "ap200x" > > ap200test1 User-Password == "ap200test1x" > > > > Radiusd -X : > > rad_recv: Access-Request packet from host 10.0.0.11:10550, id=158, > length=87 > User-Name = "ap200" > CHAP-Password = 0xaedc7457bd266e7da654e5b1edb59bcdab > NAS-IP-Address = 10.0.0.11 > NAS-Identifier = "MICPEGK02" > NAS-Port-Type = Virtual > Service-Type = Login-User > CHAP-Challenge = "?\001F\\" > Framed-IP-Address = 10.0.0.240 > modcall: entering group authorize > modcall[authorize]: module "preprocess" returns ok > rlm_chap: Adding Auth-Type = CHAP > modcall[authorize]: module "chap" returns ok > modcall[authorize]: module "mschap" returns notfound > rlm_realm: No '@' in User-Name = "ap200", looking up realm NULL > rlm_realm: No such realm NULL > modcall[authorize]: module "suffix" returns noop > users: Matched ap200 at 218 > modcall[authorize]: module "files" returns ok > modcall: group authorize returns ok > rad_check_password: Found Auth-Type CHAP > rad_check_password: Found Auth-Type Local > Warning: Found 2 auth-types on request for user 'ap200' > auth: type Local > auth: user supplied CHAP-Password matches local User-Password > Sending Access-Accept of id 158 to 10.0.0.11:10550 > Finished request 4 > Going to the next request > --- Walking the entire request list --- > Waking up in 6 seconds... > > > rad_recv: Access-Request packet from host 10.0.0.11:10550, id=159, > length=92 > User-Name = "ap200test1" > CHAP-Password = 0xfab7317c163b475ee1f49f74a577b12043 > NAS-IP-Address = 10.0.0.11 > NAS-Identifier = "MICPEGK02" > NAS-Port-Type = Virtual > Service-Type = Login-User > CHAP-Challenge = ">\324\037\336" > Framed-IP-Address = 161.132.195.162 > modcall: entering group authorize > modcall[authorize]: module "preprocess" returns ok > rlm_chap: Adding Auth-Type = CHAP > modcall[authorize]: module "chap" returns ok > modcall[authorize]: module "mschap" returns notfound > rlm_realm: No '@' in User-Name = "ap200test1", looking up realm > NULL > rlm_realm: No such realm NULL > modcall[authorize]: module "suffix" returns noop > users: Matched ap200test1 at 220 > modcall[authorize]: module "files" returns ok > modcall: group authorize returns ok > rad_check_password: Found Auth-Type CHAP > rad_check_password: Found Auth-Type Local > Warning: Found 2 auth-types on request for user 'ap200test1' > auth: type Local > auth: user supplied CHAP-Password matches local User-Password > Sending Access-Accept of id 159 to 10.0.0.11:10550 > Finished request 5 > > > ---------------------------------------------------------- > 2. GNUGK .ini file > --------------------------------------------------------- > > > [Gatekeeper::Main] > Fourtytwo=42 > Home=10.0.0.11 > TimeToLive=600 > TotalBandwidth=100000 > Name=MICPEGK02 > > [RoutedMode] > GKRouted=1 > H245Routed=0 > > [GkStatus::Auth] > rule=allow > > [Gatekeeper::Auth] > RadAuth=required;RRQ,ARQ > #RadAuth=required;RRQ,ARQ > #RadAuth=sufficient;RRQ > #RadAuth=optional;ARQ > default=allow > > # Configuration section for RadAuth authenticator module > [RadAuth] > Servers=161.132.224.67 > LocalInterface=10.0.0.11 > RadiusPortRange=10000-11000 > DefaultAuthPort=1812 > SharedSecret=hola123 > RequestTimeout=2000 > IdCacheTimeout=9000 > SocketDeleteTimeout=60000 > RequestRetransmissions=2 > RoundRobinServers=0 > AppendCiscoAttributes=0 > IncludeEndpointIP=1 > > > > --------------------------------------------------------- > 3. some details from AP200 (AddPac terminal supports CAT authentication > scheme) > --------------------------------------------------------- > ... > dial-peer voice 1000 voip > destination-pattern T > session target ras > codec g7231r63 > dtmf-relay h245-alphanumeric > ! > ! > ! Gateway configuration. > ! > gateway > h323-id ap200 > security password ap200x > security clear-token-option cisco-per-call-style > endpoint-type terminal > gkip 10.0.0.11 1719 128 > register > !... > ---------------------------- > > > -------------------------------------------------------- > 4. gnugk debug ttttt > -------------------------------------------------------- > > gnugk.exe -c ../etc/AAAGKWinAuth.ini -tttttt -o ../debug5.log > > 22003/07/01 15:25:17.412 1 gk.cxx(119) GK Trace > logging restarted. > 2003/07/01 15:25:17.412 5 singleton.cxx(25) Create > instance: 1 > 2003/07/01 15:25:17.412 5 Toolkit.cxx(380) Try name > C:\openh323gk\etc\AAAGKWinAuth.ini-4331 > 2003/07/01 15:25:17.713 4 Toolkit.cxx(120) InterfaceTable: > 10.0.0.11 <00-01-03-E3-50-B8> (3Com EtherLink PCI) > 127.0.0.1 (MS TCP Loopback interface) > > 2003/07/01 15:25:17.723 2 Toolkit.cxx(90) > Network=10.0.0.0/255.255.255.0, IP=10.0.0.11 > 2003/07/01 15:25:17.723 2 Toolkit.cxx(90) > Network=10.0.0.11/255.255.255.255, IP=10.0.0.11 > 2003/07/01 15:25:17.723 2 Toolkit.cxx(90) > Network=10.255.255.255/255.255.255.255, IP=10.0.0.11 > 2003/07/01 15:25:17.723 2 Toolkit.cxx(90) > Network=127.0.0.0/255.0.0.0, IP=127.0.0.1 > 2003/07/01 15:25:17.723 2 Toolkit.cxx(90) > Network=224.0.0.0/224.0.0.0, IP=10.0.0.11 > 2003/07/01 15:25:17.723 2 Toolkit.cxx(90) > Network=255.255.255.255/255.255.255.255, IP=10.0.0.11 > 2003/07/01 15:25:17.723 2 Toolkit.cxx(91) Default > IP=10.0.0.11 > 2003/07/01 15:25:17.733 2 Toolkit.cxx(153) GK H.323 > Proxy disabled > 2003/07/01 15:25:17.803 1 gk.cxx(422) OpenH323 > Gatekeeper - The GNU Gatekeeper with ID 'MICPEGK02' started on > 10.0.0.11 > Gatekeeper(GNU) Version(2.0.5) Ext(pthreads=0) Build(Jun 29 2003, > 22:55:31) Sys > (2000 i586 v5.0.2195) > 2003/07/01 15:25:17.813 5 singleton.cxx(25) Create > instance: 2 > 2003/07/01 15:25:17.853 2 gk.cxx(454) GK > TimeToLive for Registrations: 600 > 2003/07/01 15:25:17.903 5 singleton.cxx(25) Create > instance: 3 > 2003/07/01 15:25:17.923 5 singleton.cxx(25) Create > instance: 4 > 2003/07/01 15:25:18.043 1 gkauth.cxx(266) GkAuth Add > default rule with flag ff > 2003/07/01 15:25:18.043 1 gkauth.cxx(1393) GkAuth > Unknown auth #RadAuth, ignore! > 2003/07/01 15:25:18.043 1 gkauth.cxx(1393) GkAuth > Unknown auth #RadAuth, ignore! > 2003/07/01 15:25:18.043 1 gkauth.cxx(1393) GkAuth > Unknown auth #RadAuth, ignore! > 2003/07/01 15:25:18.053 1 gkauth.cxx(266) GkAuth Add > RadAuth rule with flag a > 2003/07/01 15:25:18.183 4 radproto.cxx(1684) RADIUS > Created instance of RADIUS client (local if: 10.0.0.11, default > ports: 1812,1813) for RADIUS servers group: > 161.132.224.67 > 2003/07/01 15:25:18.304 2 ProxyChannel.cxx(72) RTPPortRange: > 10000-59999 > 2003/07/01 15:25:18.324 2 ProxyThread.cxx(477) ProxyL > Listen to 10.0.0.11:1721 > 2003/07/01 15:25:18.324 2 thread.cxx(28) ProxyListener > 1344 started > 2003/07/01 15:25:18.334 2 thread.cxx(28) > ProxyHandleThread 1804 started > 2003/07/01 15:25:18.334 2 thread.cxx(28) > ProxyHandleThread 1432 started > 2003/07/01 15:25:18.334 2 RasSrv.cxx(551) GK Using > Routed Signalling > 2003/07/01 15:25:18.334 2 RasSrv.cxx(552) GK H.245 > Routed Disabled > 2003/07/01 15:25:18.334 3 ProxyThread.cxx(647) ProxyLC(0) > waiting... > 2003/07/01 15:25:18.334 1 MulticastGRQ.cxx(52) GK > Multicast listener started > 2003/07/01 15:25:18.334 3 ProxyThread.cxx(647) ProxyH(0) > waiting... > 2003/07/01 15:25:18.334 1 RasSrv.cxx(2099) GK > RasThread 1648 started > 2003/07/01 15:25:18.334 2 RasSrv.cxx(2102) GK > Entering connection handling loop > 2003/07/01 15:25:18.924 2 GkStatus.cxx(315) GK > GkStatus new status client: addr 10.0.0.11 > 2003/07/01 15:25:18.924 4 GkStatus.cxx(636) Auth client > from 10.0.0.11 > 2003/07/01 15:25:18.934 5 GkStatus.cxx(660) Auth client > rule=allow > 2003/07/01 15:25:23.631 2 RasSrv.cxx(2132) GK Read > from 10.0.0.240:22000 > 2003/07/01 15:25:23.641 3 RasSrv.cxx(2145) GK > registrationRequest { > requestSeqNum = 1 > protocolIdentifier = 0.0.8.2250.0.2 > discoveryComplete = FALSE > callSignalAddress = 1 entries { > [0]=ipAddress { > ip = 4 octets { > 0a 00 00 f0 .... > } > port = 1720 > } > } > rasAddress = 1 entries { > [0]=ipAddress { > ip = 4 octets { > 0a 00 00 f0 .... > } > port = 22000 > } > } > terminalType = { > terminal = { > } > mc = FALSE > undefinedNode = FALSE > } > terminalAlias = 3 entries { > [0]=h323_ID 5 characters { > 0061 0070 0032 0030 0030 ap200 > } > [1]=dialedDigits "6603000" > [2]=dialedDigits "6603001" > } > endpointVendor = { > vendor = { > t35CountryCode = 97 > t35Extension = 0 > manufacturerCode = 22 > } > productId = 11 octets { > 41 64 64 50 61 63 20 56 6f 49 50 AddPac VoIP > } > versionId = 4 octets { > 36 2e 30 36 6.06 > } > } > timeToLive = 60 > tokens = 1 entries { > [0]={ > tokenOID = 1.2.840.113548.10.1.2.1 > timeStamp = 1057048156 > challenge = 16 octets { > dc 74 57 bd 26 6e 7d a6 54 e5 b1 ed b5 9b cd ab > .tW.&n}.T....... > } > random = 174 > generalID = 5 characters { > 0061 0070 0032 0030 0030 ap200 > } > } > } > cryptoTokens = 1 entries { > [0]=cryptoEPPwdHash { > alias = h323_ID 5 characters { > 0061 0070 0032 0030 0030 ap200 > } > timeStamp = 1057048156 > token = { > algorithmOID = 1.2.840.113549.2.5 > paramS = { > } > hash = Hex: 55 5e 5e 6c 27 0f ed 2d 4e 15 fa 12 ec 24 60 c5 > > } > } > } > keepAlive = FALSE > willSupplyUUIEs = FALSE > } > 2003/07/01 15:25:23.641 1 RasSrv.cxx(927) GK RRQ > Received > 2003/07/01 15:25:23.651 5 radproto.cxx(2261) RADIUS > Created new socket for RADIUS client: port:10550:[0,157-157] > 2003/07/01 15:25:23.651 5 radproto.cxx(1900) RADIUS > Sending PDU to RADIUS server 161.132.224.67 (161.132.224.67:1812) > from port:10550:[0,157-158], PDU: { > code = 1 (Access-Request) > id = 158 > length = 87 octets > authenticator = 16 octets { > d1 b4 22 da f4 b3 94 9d 31 29 6b ec 4e ef 7d 39 > ..".....1)k.N.}9 > } > attributes = 8 elements { > [0]= { > type = 1 (User-Name) > length = 7 octets > value = 5 octets { > 61 70 32 30 30 ap200 > } > } > [1]= { > type = 3 (CHAP-Password) > length = 19 octets > value = 17 octets { > ae dc 74 57 bd 26 6e 7d a6 54 e5 b1 ed b5 9b cd > ..tW.&n}.T...... > ab . > } > } > [2]= { > type = 4 (NAS-IP-Address) > length = 6 octets > value = 4 octets { > 0a 00 00 0b .... > } > } > [3]= { > type = 32 (NAS-Identifier) > length = 11 octets > value = 9 octets { > 4d 49 43 50 45 47 4b 30 32 > MICPEGK02 > } > } > [4]= { > type = 61 (NAS-Port-Type) > length = 6 octets > value = 4 octets { > 00 00 00 05 .... > } > } > [5]= { > type = 6 (Service-Type) > length = 6 octets > value = 4 octets { > 00 00 00 01 .... > } > } > [6]= { > type = 60 (CHAP-Challenge) > length = 6 octets > value = 4 octets { > 3f 01 46 5c ?.F\ > } > } > [7]= { > type = 8 (Framed-IP-Address) > length = 6 octets > value = 4 octets { > 0a 00 00 f0 .... > } > } > } > } > > 2003/07/01 15:25:23.651 5 radproto.cxx(1919) RADIUS > Received PDU from RADIUS server 161.132.224.67 (161.132.224.67:1812) > by socket port:10550:[0,157-158], PDU: { > code = 2 (Access-Accept) > id = 158 > length = 20 octets > authenticator = 16 octets { > b9 53 39 22 85 27 1c 31 b4 da 00 c3 b1 09 a7 69 > .S9".'.1.......i > } > attributes = <<null>> > } > > 2003/07/01 15:25:23.651 4 gkauth.h(80) GkAuth > RadAuth check ok > 2003/07/01 15:25:23.651 4 gkauth.h(80) GkAuth > default check ok > 2003/07/01 15:25:23.681 1 RasTbl.cxx(51) New > EP|10.0.0.240:1720|ap200:h323_ID=6603000:dialedDigits=6603001:dialedDigits|termi > nal|1248_endp > 2003/07/01 15:25:23.691 2 RasSrv.cxx(1144) > RCF|10.0.0.240:1720|ap200:h323_ID=6603000:dialedDigits=6603001:dialedDigits|term > inal|1248_endp; > 2003/07/01 15:25:23.691 3 RasSrv.cxx(2072) GK Send > to 10.0.0.240:22000 > registrationConfirm { > requestSeqNum = 1 > protocolIdentifier = 0.0.8.2250.0.2 > callSignalAddress = 1 entries { > [0]=ipAddress { > ip = 4 octets { > 0a 00 00 0b .... > } > port = 1721 > } > } > terminalAlias = 3 entries { > [0]=h323_ID 5 characters { > 0061 0070 0032 0030 0030 ap200 > } > [1]=dialedDigits "6603000" > [2]=dialedDigits "6603001" > } > gatekeeperIdentifier = 9 characters { > 004d 0049 0043 0050 0045 0047 004b 0030 MICPEGK0 > 0032 2 > } > endpointIdentifier = 9 characters { > 0031 0032 0034 0038 005f 0065 006e 0064 1248_end > 0070 p > } > timeToLive = 60 > cryptoTokens = 1 entries { > [0]=cryptoEPPwdHash { > alias = h323_ID 5 characters { > 0061 0070 0032 0030 0030 ap200 > } > timeStamp = 1057048156 > token = { > algorithmOID = 1.2.840.113549.2.5 > paramS = { > } > hash = Hex: 55 5e 5e 6c 27 0f ed 2d 4e 15 fa 12 ec 24 60 c5 > > } > } > } > willRespondToIRR = FALSE > maintainConnection = FALSE > } > 2003/07/01 15:25:23.691 5 RasSrv.cxx(2086) GK Sent > Successful > 2003/07/01 15:25:28.488 2 RasSrv.cxx(2132) GK Read > from 161.132.195.162:22000 > 2003/07/01 15:25:28.498 3 RasSrv.cxx(2145) GK > registrationRequest { > requestSeqNum = 1 > protocolIdentifier = 0.0.8.2250.0.2 > discoveryComplete = FALSE > callSignalAddress = 1 entries { > [0]=ipAddress { > ip = 4 octets { > a1 84 c3 a2 .... > } > port = 1720 > } > } > rasAddress = 1 entries { > [0]=ipAddress { > ip = 4 octets { > a1 84 c3 a2 .... > } > port = 22000 > } > } > terminalType = { > terminal = { > } > mc = FALSE > undefinedNode = FALSE > } > terminalAlias = 3 entries { > [0]=h323_ID 10 characters { > 0061 0070 0032 0030 0030 0074 0065 0073 ap200tes > 0074 0031 t1 > } > [1]=dialedDigits "6604000" > [2]=dialedDigits "6604001" > } > endpointVendor = { > vendor = { > t35CountryCode = 97 > t35Extension = 0 > manufacturerCode = 22 > } > productId = 11 octets { > 41 64 64 50 61 63 20 56 6f 49 50 AddPac VoIP > } > versionId = 4 octets { > 36 2e 30 36 6.06 > } > } > timeToLive = 60 > tokens = 1 entries { > [0]={ > tokenOID = 1.2.840.113548.10.1.2.1 > timeStamp = 1054089182 > challenge = 16 octets { > b7 31 7c 16 3b 47 5e e1 f4 9f 74 a5 77 b1 20 43 > .1|.;G^...t.w. C > } > random = 250 > generalID = 10 characters { > 0061 0070 0032 0030 0030 0074 0065 0073 ap200tes > 0074 0031 t1 > } > } > } > cryptoTokens = 1 entries { > [0]=cryptoEPPwdHash { > alias = h323_ID 10 characters { > 0061 0070 0032 0030 0030 0074 0065 0073 ap200tes > 0074 0031 t1 > } > timeStamp = 1054089182 > token = { > algorithmOID = 1.2.840.113549.2.5 > paramS = { > } > hash = Hex: 3c df fe 7d c0 78 a9 42 ab 2b af 7d 50 a8 e5 d5 > > } > } > } > keepAlive = FALSE > willSupplyUUIEs = FALSE > } > 2003/07/01 15:25:28.498 1 RasSrv.cxx(927) GK RRQ > Received > 2003/07/01 15:25:28.508 5 radproto.cxx(1900) RADIUS > Sending PDU to RADIUS server 161.132.224.67 (161.132.224.67:1812) > from port:10550:[0,157-159], PDU: { > code = 1 (Access-Request) > id = 159 > length = 92 octets > authenticator = 16 octets { > e1 50 2a df b3 10 fd 91 49 e0 bf 70 cd 4a 91 55 > .P*.....I..p.J.U > } > attributes = 8 elements { > [0]= { > type = 1 (User-Name) > length = 12 octets > value = 10 octets { > 61 70 32 30 30 74 65 73 74 31 > ap200test1 > } > } > [1]= { > type = 3 (CHAP-Password) > length = 19 octets > value = 17 octets { > fa b7 31 7c 16 3b 47 5e e1 f4 9f 74 a5 77 b1 20 > ..1|.;G^...t.w. > 43 C > } > } > [2]= { > type = 4 (NAS-IP-Address) > length = 6 octets > value = 4 octets { > 0a 00 00 0b .... > } > } > [3]= { > type = 32 (NAS-Identifier) > length = 11 octets > value = 9 octets { > 4d 49 43 50 45 47 4b 30 32 > MICPEGK02 > } > } > [4]= { > type = 61 (NAS-Port-Type) > length = 6 octets > value = 4 octets { > 00 00 00 05 .... > } > } > [5]= { > type = 6 (Service-Type) > length = 6 octets > value = 4 octets { > 00 00 00 01 .... > } > } > [6]= { > type = 60 (CHAP-Challenge) > length = 6 octets > value = 4 octets { > 3e d4 1f de >... > } > } > [7]= { > type = 8 (Framed-IP-Address) > length = 6 octets > value = 4 octets { > a1 84 c3 a2 .... > } > } > } > } > > > > > ------------------------------------------------------- > This SF.Net email sponsored by: Free pre-built ASP.NET sites including > Data Reports, E-commerce, Portals, and Forums are available now. > Download today and enter to win an XBOX or Visual Studio .NET. > http://aspnet.click-url.com/go/psa00100006ave/direct;at.asp_061203_01/01 > _______________________________________________ > List: Openh323gk-users@lists.sourceforge.net > Archive: http://sourceforge.net/mailarchive/forum.php?forum_id=8549 > Homepage: http://www.gnugk.org/ > > > ------------------------------------------------------- > This SF.Net email sponsored by: Free pre-built ASP.NET sites including > Data Reports, E-commerce, Portals, and Forums are available now. > Download today and enter to win an XBOX or Visual Studio .NET. > http://aspnet.click-url.com/go/psa00100006ave/direct;at.asp_061203_01/01 > _______________________________________________ > List: Openh323gk-users@lists.sourceforge.net > Archive: http://sourceforge.net/mailarchive/forum.php?forum_id?49 > Homepage: http://www.gnugk.org/ > ------------------------------------------------------- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa00100006ave/direct;at.asp_061203_01/01 _______________________________________________ List: Openh323gk-users@lists.sourceforge.net Archive: http://sourceforge.net/mailarchive/forum.php?forum_id=8549 Homepage: http://www.gnugk.org/
