problems with old mysql version and PEAP/MSCHAPV2

Hans Bornemann hans.bornemann at uni-dortmund.de
Wed Apr 2 12:15:43 CEST 2008


Hi,

for wpa2 integration in our wireless network i have installed freeradius
1.1.7 und mysql 5.0 under ubuntu and for PEAP/MSCHAPV2 every things
working fine.

mysql-db:

 10| test   | NT-Password    | := | 7C53CFA5EA7D0F9B3B968AA0FB51A3F5

when i change the db connection to the database with the real userdata,
which runs under solaris 10 and mysql Version 3.2.23 the debug shows:

module "sql" returns notfound for request 0

when i use the mysql monitor, both DBs show the same results for the sql
commands, which are listed in the debug.

It is very unfortunate, but there is for me no easy way to switch to
mysql version 5.0

Debug:

rad_recv: Access-Request packet from host 123.123.123.123:32769, id=125,
length=180
	User-Name = "test"
	Calling-Station-Id = "00-19-D2-CF-E5-50"
	Called-Station-Id = "00-0B-85-9A-2D-30:ITMC-WPA2"
	NAS-Port = 29
	NAS-IP-Address = 123.123.123.123
	NAS-Identifier = "mh-wlc4"
	Airespace-Wlan-Id = 5
	Service-Type = Framed-User
	Framed-MTU = 1300
	NAS-Port-Type = Wireless-802.11
	Tunnel-Type:0 = VLAN
	Tunnel-Medium-Type:0 = IEEE-802
	Tunnel-Private-Group-Id:0 = "3503"
	EAP-Message = 0x0212000d016d68616e626f726e
	Message-Authenticator = 0xcb4bf5a66469aaa4185dd17788f2498b
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
  modcall[authorize]: module "preprocess" returns ok for request 0
  modcall[authorize]: module "chap" returns noop for request 0
  modcall[authorize]: module "mschap" returns noop for request 0
    rlm_realm: No '@' in User-Name = "test", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop for request 0
  rlm_eap: EAP packet type response id 18 length 13
  rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
  modcall[authorize]: module "eap" returns updated for request 0
radius_xlat:  'test'
rlm_sql (sql): sql_set_user escaped user --> 'test'
radius_xlat:  'SELECT id, UserName, Attribute, Value, op           FROM
radcheck           WHERE Username = 'test'           ORDER BY id'
rlm_sql (sql): Reserving sql socket id: 4
radius_xlat:  'SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op  FROM radgroupcheck,usergroup WHERE usergroup.Username = 'test' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id'
radius_xlat:  'SELECT id, UserName, Attribute, Value, op           FROM
radreply           WHERE Username = 'test'           ORDER BY id'
radius_xlat:  'SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op  FROM radgroupreply,usergroup WHERE usergroup.Username = 'test' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id'
rlm_sql (sql): Released sql socket id: 4
rlm_sql (sql): No matching entry in the database for request from user
[test]
  modcall[authorize]: module "sql" returns notfound for request 0
rlm_pap: WARNING! No "known good" password found for the user.
Authentication may fail because of this.
  modcall[authorize]: module "pap" returns noop for request 0
modcall: leaving group authorize (returns updated) for request 0
  rad_check_password:  Found Auth-Type EAP
auth: type "EAP"
.....

Kind Regards
Hans



-- 
Hans Bornemann
Universitaet Dortmund - ITMC
Tel. ++49 231 755 2132  Fax. ++49 231 755 2731




More information about the Freeradius-Users mailing list