user names and user passwords
Dmitry Korzhevin
dmitry.korzhevin at stidia.com
Mon Nov 19 14:04:00 CET 2012
I have users in database radius, table radcheck:
1. 19A7A770-CC08-B769-1894-6ED795DA2DB70 Cleartext-Password := pass
2. {19A7A770-CC08-B769-1894-6ED795DA2DB70} Cleartext-Password := pass
3. \{19A7A770-CC08-B769-1894-6ED795DA2DB70\} Cleartext-Password := pass
When i try test connection with radtest:
radtest "19A7A770-CC08-B769-1894-6ED795DA2DB70" "pass" RADIUS_SERVER_IP
0 psk
Sending Access-Request of id 73 to IP port 1812
User-Name = "19A7A770-CC08-B769-1894-6ED795DA2DB70"
User-Password = "pass"
NAS-IP-Address = IP
NAS-Port = 0
rad_recv: Access-Accept packet from host IP port 1812, id=73, length=20
So, auth without any problems for user (1).
But, when i try to test with user, which login use "{}" characters (2) -
it fails:
radtest "{19A7A770-CC08-B769-1894-6ED795DA2DB70}" "pass" IP 0 psk
Sending Access-Request of id 112 to IP port 1812
User-Name = "{19A7A770-CC08-B769-1894-6ED795DA2DB70}"
User-Password = "pass"
NAS-IP-Address = IP
NAS-Port = 0
rad_recv: Access-Reject packet from host IP port 1812, id=112, length=20
On freeradius server side (with freeradius -X) i see:
------
[sql] expand: %{User-Name} -> {19A7A770-CC08-B769-1894-6ED795DA2DB70}
[sql] sql_set_user escaped user -->
'{19A7A770-CC08-B769-1894-6ED795DA2DB70}'
rlm_sql (sql): Reserving sql socket id: 2
[sql] expand: SELECT id, username, attribute, value, op FROM
radcheck WHERE username = '%{SQL-User-Name}' ORDER
BY id -> SELECT id, username, attribute, value, op FROM
radcheck WHERE username =
'=7B19A7A770-CC08-B769-1894-6ED795DA2DB70=7D' ORDER BY id
rlm_sql_mysql: query: SELECT id, username, attribute, value, op
FROM radcheck WHERE username =
'=7B19A7A770-CC08-B769-1894-6ED795DA2DB70=7D' ORDER BY id
[sql] expand: SELECT groupname FROM radusergroup
WHERE username = '%{SQL-User-Name}' ORDER BY priority ->
SELECT groupname FROM radusergroup WHERE username =
'=7B19A7A770-CC08-B769-1894-6ED795DA2DB70=7D' ORDER BY priority
rlm_sql_mysql: query: SELECT groupname FROM radusergroup
WHERE username = '=7B19A7A770-CC08-B769-1894-6ED795DA2DB70=7D'
ORDER BY priority
rlm_sql (sql): Released sql socket id: 2
[sql] User {19A7A770-CC08-B769-1894-6ED795DA2DB70} not found
++[sql] returns notfound
----------------
Why freeradius trying to search
'=7B19A7A770-CC08-B769-1894-6ED795DA2DB70=7D' instead of correct
username: '{19A7A770-CC08-B769-1894-6ED795DA2DB70}'
?
16.11.2012 17:58, Alan DeKok пишет:
> Dmitry Korzhevin wrote:
>> Guys, does anybody know something about maximum username length and user
>> password lengt?
>
> The RFCs say 253 octets for user name, and 128 for password.
>
>> I try to use next login passwords without success (checked with radtest):
>>
>> http://dpaste.com/832115/
>
> Which is (a) pretty much self-evident. And (b) not following the
> daily instructions to post the full debug log.
>
> What does "User 19A7A770-CC08-B769-1894-6ED795DA2DB7 not found" mean
> to you?
>
> Have you tried running the SQL qeuries manually? That's why they're
> printed out. So you can USE THEM to DEBUG THE PROBLEM.
>
> Alan DeKok.
>
>
Best Regards,
Dmitry
---
Dmitry KORZHEVIN
System Administrator
STIDIA S.A. - Luxembourg
e: dmitry.korzhevin at stidia.com
m: +38 093 874 5453
w: http://www.stidia.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4488 bytes
Desc: �������������������������� ������������ S/MIME
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20121119/b6d301b9/attachment.bin>
More information about the Freeradius-Users
mailing list