<html><head><meta http-equiv="Content-Type" content="text/html charset=us-ascii"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;">Rescued from the Spam bucket. Please remember to subscribe to the mailing list before posting to it.<br><div><br><div><div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px;"><span style="font-family:'Helvetica'; color:rgba(127, 127, 127, 1.0);"><b>From: </b></span><span style="font-family:'Helvetica';">Pontus Wiberg <<a href="mailto:pontus.wiberg@universumglobal.com">pontus.wiberg@universumglobal.com</a>><br></span></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px;"><span style="font-family:'Helvetica'; color:rgba(127, 127, 127, 1.0);"><b>Subject: </b></span><span style="font-family:'Helvetica';"><b>XAUTH not receiving/computing password</b><br></span></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px;"><span style="font-family:'Helvetica'; color:rgba(127, 127, 127, 1.0);"><b>Date: </b></span><span style="font-family:'Helvetica';">July 4, 2014 at 7:24:03 AM EDT<br></span></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px;"><span style="font-family:'Helvetica'; color:rgba(127, 127, 127, 1.0);"><b>To: </b></span><span style="font-family:'Helvetica';"><a href="mailto:users@lists.openswan.org">users@lists.openswan.org</a><br></span></div><br><br><div dir="ltr">Hi all,<div><br></div><div>I have an annoying problem with openswan, I had it working with PAM authentication and the same setup before but that causes other issues so I'm setting up with MD5 and an /etc/ipsec.d/passwd file. Recompiled to not use PAM.</div>
<div><br></div><div>My issue right now is that it looks like the server is not getting the password from the client, or rather it does get the XAUTH-USER-PASSWORD attribute with the correct length, but something seems to happen along the way which leads it to compare pass (null) vs. the md5 hash.. obviously this doesn't work. </div>
<div><br></div><div>Log snippet with crypt debug below. The client I'm using is Shrewsoft VPN, and this is the same client and profile that worked well with PAM authentication.</div><div><br></div><div><div style="margin: 0px; font-size: 11px; font-family: Menlo;">
"roadwarrior"[10] x.x.x.x #9: XAUTH: Unsupported XAUTH parameter XAUTH-TYPE received.</div><div style="margin: 0px; font-size: 11px; font-family: Menlo;">| ****parse ISAKMP ModeCfg attribute:</div><div style="margin: 0px; font-size: 11px; font-family: Menlo;">| ModeCfg attr type: XAUTH-USER-NAME</div><div style="margin: 0px; font-size: 11px; font-family: Menlo;">| length/value: 5</div><div style="margin: 0px; font-size: 11px; font-family: Menlo;">| ****parse ISAKMP ModeCfg attribute:</div><div style="margin: 0px; font-size: 11px; font-family: Menlo;">| ModeCfg attr type: XAUTH-USER-PASSWORD</div><div style="margin: 0px; font-size: 11px; font-family: Menlo;">| length/value: 7</div><div style="margin: 0px; font-size: 11px; font-family: Menlo;">"roadwarrior"[10] x.x.x.x #9: XAUTH: User test1: Attempting to login</div><div style="margin: 0px; font-size: 11px; font-family: Menlo;">"roadwarrior"[10] x.x.x.x #9: XAUTH: md5 authentication being called to authenticate user test1</div><div style="margin: 0px; font-size: 11px; font-family: Menlo;">"roadwarrior"[10] x.x.x.x #9: XAUTH: password file (/etc/ipsec.d/passwd) open.</div><div style="margin: 0px; font-size: 11px; font-family: Menlo;">| XAUTH: found user(test1/test1) pass($apr1$twNTPIIY$eCzSOpIs56hyMQyuhtyEz1) connid(roadwarrior/roadwarrior)</div><div style="margin: 0px; font-size: 11px; font-family: Menlo;">| XAUTH: checking user(test1:roadwarrior) pass (null) vs $apr1$twNTPIIY$eCzSOpIs56hyMQyuhtyEz1</div><div style="margin: 0px; font-size: 11px; font-family: Menlo;">"roadwarrior"[10] x.x.x.x #9: XAUTH: nope</div><div style="margin: 0px; font-size: 11px; font-family: Menlo;">"roadwarrior"[10] x.x.x.x #9: XAUTH: User test1: Authentication Failed: Incorrect Username or Password</div><div style="margin: 0px; font-size: 11px; font-family: Menlo;">
<br></div><div style="margin: 0px; font-size: 11px; font-family: Menlo;"><span style="font-family:arial;font-size:small">Is there anyone who has any clue on what is happening here, and why?</span><br></div><div style="margin: 0px; font-size: 11px; font-family: Menlo;">
<span style="font-family:arial;font-size:small"><br></span></div><div style="margin: 0px; font-size: 11px; font-family: Menlo;"><span style="font-family:arial;font-size:small">Thanks in advance!</span></div></div><div><div><div dir="ltr">
<table align="left" border="0" cellpadding="0" cellspacing="0" width="100%" style="border-collapse: collapse; font-family: 'Times New Roman'; font-size: inherit;"><tbody><tr><td valign="top" style="padding:9px 0px 7px;color:rgb(65,64,65);font-family:Arial;font-size:11px;line-height:14px"><p style="margin:1em 0px;padding:0px;font-size:12px;line-height:16px"><strong>Pontus Wiberg</strong><br>Operations Lead</p><a href="http://universumglobal.com/" alt="Universum" style="word-wrap:break-word;color:rgb(14,151,193);text-decoration:none" target="_blank">universumglobal.com</a> <br>
<hr align="left" height="1" style="height:1px;max-height:1px;border:none;margin-top:12px;float:left;clear:both;width:366px"></td></tr><tr><td><img align="left" alt="Universum" title="Universum" src="http://emailsignatures.universumglobal.com/gem-signature-20140108.png" border="0" width="180" height="29" style="border: 0px; outline: none; max-width: 184px; width: 184px; height: 30px; max-height: 30px; vertical-align: bottom; padding-bottom: 0px; padding-left: 0px; display: inline !important;"></td>
</tr><tr><td> </td></tr></tbody></table></div></div>
</div></div>
<br><br></div></div></div><br></body></html>