Challenge/Response and rlm_example
Scott Neugroschl
redfloyd at gmail.com
Thu Jun 24 22:21:59 CEST 2010
OK, I'm trying to get the 2.1.8 server to do a simple challenge/response
with
Auth-Challenge, so as to test my client.
I've setup rlm_example as an enabled module and modified it so that if will
return
RLM_MODULE_OK or RLM_MODULE_REJECT, depending upon the response.
I've added an example file to the raddb/modules directory, and modified
sites-available/default to include example at the end of the "authenticate"
and "authorize" sections.
The first Access-Request successfully generates an Access-Challenge in
response.
When I send the second Access-Request in response to the Access-Challenge, I
get
the output below.
Note that the example module is returning RLM_MODULE_OK
I checked every config file in raddb, and cannot find case where there is
an "Auth-Type = Crypt".
What am I doing wrong?
Thanks,
ScottN
-- BEGIN radiusd -X output
Thu Jun 24 12:36:36 2010 : Info: +- entering group authorize {...}
Thu Jun 24 12:36:36 2010 : Info: ++[preprocess] returns ok
Thu Jun 24 12:36:36 2010 : Info: ++[chap] returns noop
Thu Jun 24 12:36:36 2010 : Info: ++[mschap] returns noop
Thu Jun 24 12:36:36 2010 : Info: [suffix] No '@' in User-Name =
"[redacted]", looking up realm NULL
Thu Jun 24 12:36:36 2010 : Info: [suffix] No such realm "NULL"
Thu Jun 24 12:36:36 2010 : Info: ++[suffix] returns noop
Thu Jun 24 12:36:36 2010 : Info: [eap] No EAP-Message, not doing EAP
Thu Jun 24 12:36:36 2010 : Info: ++[eap] returns noop
Thu Jun 24 12:36:36 2010 : Info: ++[unix] returns updated
Thu Jun 24 12:36:36 2010 : Info: [example] Found reply to access challenge
Thu Jun 24 12:36:36 2010 : Info: [example] Found response in reply:
'[redacted]'
Thu Jun 24 12:36:36 2010 : Info: [example] Response is good
Thu Jun 24 12:36:36 2010 : Info: ++[example] returns ok
Thu Jun 24 12:36:36 2010 : Info: WARNING: Please update your configuration,
and remove 'Auth-Type = Crypt'
Thu Jun 24 12:36:36 2010 : Info: WARNING: Use the PAP module instead.
Thu Jun 24 12:36:36 2010 : Info: Failed to authenticate the user.
Thu Jun 24 12:36:36 2010 : Info: Delaying reject of request 1 for 1 seconds
Thu Jun 24 12:36:36 2010 : Debug: Going to the next request
Thu Jun 24 12:36:36 2010 : Debug: Waking up in 0.8 seconds.
Thu Jun 24 12:36:37 2010 : Info: Sending delayed reject for request 1
Sending Access-Reject of id 108 to 10.1.1.104 port 3277
More information about the Freeradius-Devel
mailing list