For mech-eap you'll probably want to use the master branch. The debian
branch is for packaging.
For freeradius, you can use the tr-integ branch, or use freeradius'
3.0.x branch directly.
-Kevin Wasserman
On 4/30/2015 12:34 PM, Alejandro Perez Mendez wrote:
> Hi all,
>
> we are going to start with the developing of a proof-of-concept
> prototype of the functionality associated to section 7 of
> draft-ietf-abfab-aaa-saml. For doing that I would need to:
>
> 1) Modify the functionality of gss_get_name_attribute in mech_eap, in
> order to allow it to query the IDP when the requested SAML attribute is
> not in the local storage.
>
> 2) Modify the freeradius implementation in order to process SAML-Message
> attributes in Access-Request and to provide the appropriate response.
>
> I'm cloning moonshot's git repository in my local machine, but it's not
> clear to me which branch should I use for mech_eap and freeradius. I
> guess origin/debian should be fine, however, for freeradius I'm getting
> some problems. In particular, I'm getting this error at the end of the
> authentication when channel bindings are enabled. That's why I thought
> that maybe I was using a too unstable branch.
>
> CONSISTENCY CHECK FAILED src/main/state.c[386]: Expected VALUE_PAIR
> "EAP-Channel-Binding-Message" to be parented by 0xef6730
> (RADIUS_PACKET), instead parented by 0xef6640 (RADIUS_PACKET)
> Talloc chunk lineage:
> 0xef6730 (RADIUS_PACKET) < 0xef64a0 (REQUEST) < 0xef5830 (REQUEST) <
> 0xef55a0 (UNNAMED)
> Talloc context level 0:
> Talloc chunk lineage:
> 0xef6640 (RADIUS_PACKET) < 0xef64a0 (REQUEST) < 0xef5830 (REQUEST) <
> 0xef55a0 (UNNAMED)
> Talloc context level 0:
> SOFT ASSERT FAILED src/lib/debug.c[1229]: 0
> CAUGHT SIGNAL: User defined signal 1
> Backtrace of last 32 frames:
> /usr/local/lib/libfreeradius-radius.so(fr_fault+0x132)[0x7f2dcb368051]
>
> /usr/local/lib/libfreeradius-radius.so(fr_assert_cond+0x54)[0x7f2dcb3694e5]
>
> /usr/local/lib/libfreeradius-radius.so(fr_verify_list+0x126)[0x7f2dcb369457]
>
> /usr/local/lib/libfreeradius-server.so(+0x22bb9)[0x7f2dcb5c3bb9]
>
> /usr/local/lib/libfreeradius-server.so(verify_request+0x120)[0x7f2dcb5c3ce3]
>
> radiusd(fr_state_get_vps+0x1b5)[0x431047]
> radiusd(rad_authenticate+0x237)[0x410986]
> radiusd(rad_virtual_server+0x102)[0x4112d8]
> /usr/local/lib/rlm_eap_ttls.so(eapttls_process+0xac0)[0x7f2dc5a43af2]
> /usr/local/lib/rlm_eap_ttls.so(+0x22a3)[0x7f2dc5a412a3]
> /usr/local/lib/rlm_eap.so(+0x4323)[0x7f2dc6459323]
> /usr/local/lib/rlm_eap.so(eap_method_select+0x470)[0x7f2dc6459ca6]
> /usr/local/lib/rlm_eap.so(+0x3031)[0x7f2dc6458031]
> radiusd[0x42857a]
> radiusd[0x428c45]
> radiusd[0x428756]
> radiusd[0x42964c]
> radiusd(modcall+0x9c)[0x42a3e8]
> radiusd(indexed_modcall+0x2e7)[0x425bc1]
> radiusd(process_authenticate+0x22)[0x427e66]
> radiusd[0x410354]
> radiusd(rad_authenticate+0x520)[0x410c6f]
> radiusd[0x43ce27]
> radiusd[0x43bcd1]
> radiusd(request_receive+0x788)[0x43d67a]
> radiusd[0x41890e]
> radiusd[0x443f94]
>
> /usr/local/lib/libfreeradius-radius.so(fr_event_loop+0x5c0)[0x7f2dcb38d471]
> radiusd(radius_event_process+0x26)[0x445a29]
> radiusd(main+0xc8f)[0x4302ef]
> /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xfd)[0x7f2dc9afbead]
> radiusd[0x40f7f9]
> No panic action set
> _EXIT(1) CALLED src/lib/debug.c[1230]. Last error was:
>
> I'd be very grateful if someone could tell me whether I'm using the
> proper branch, and if so, why this failure might be happening.
>
> Thank you in advance, and best regards,
> Alejandro
>
>
|