EAP request to FreeRADIUS 3 server backed by MariaDB has empty password

Oliver Webb ow97nospam at outlook.com
Thu Sep 28 00:46:47 CEST 2017 

I think I must have used a dud version of req.txt for generating that output. Here is the corrected version:

Loading input data...
Read 1 element(s) from input: stdin
Loaded: 1 input element(s).
Adding new socket: src: 0.0.0.0:0, dst: 192.168.2.110:1812
Added new socket: 5 (num sockets: 1)
Transaction: 0, sending packet: 0 (id: 119)...
Sent Access-Request Id 119 from 0.0.0.0:35260 to 192.168.2.110:1812 length 51
User-Name = "tu"
EAP-MD5-Password = "testp2"
EAP-Code = Response
EAP-Id = 210
EAP-Type-Identity = 0x7475
Message-Authenticator = 0x00
EAP-Message = 0x02d20007017475
Transaction: 0, received packet (id: 119).
Received Access-Challenge Id 119 from 192.168.2.110:1812 to 0.0.0.0:35260 length 80
EAP-Message = 0x01d3001604101294d6e2b4fe419121a6edcb7052e2ad
Message-Authenticator = 0x23a7113ecee2fd4474aacab496113a9c
State = 0x1d5cfc5c1d8ff88ca60335e85073eb55
EAP-Id = 211
EAP-Code = Request
EAP-Type-MD5-Challenge = 0x101294d6e2b4fe419121a6edcb7052e2ad
Transaction: 0, sending packet: 1 (id: 11)...
Sent Access-Request Id 11 from 0.0.0.0:35260 to 192.168.2.110:1812 length 84
User-Name = "tu"
EAP-MD5-Password = "testp2"
EAP-Code = Response
EAP-Id = 211
Message-Authenticator = 0x00
EAP-Type-MD5-Challenge = 0x103aaa4cddecbc6a616a212050fd00970d
State = 0x1d5cfc5c1d8ff88ca60335e85073eb55
EAP-Message = 0x02d3001604103aaa4cddecbc6a616a212050fd00970d
Transaction: 0, received packet (id: 11).
Received Access-Reject Id 11 from 192.168.2.110:1812 to 0.0.0.0:35260 length 44
EAP-Message = 0x04d30004
Message-Authenticator = 0x3c9f253e2931fcb92e1da0de658dfe16
EAP-Id = 211
EAP-Code = Failure
EAP transaction finished, but reply is not an Access-Accept
Main loop: done.




________________________________
From: Freeradius-Users <freeradius-users-bounces+ow97nospam=outlook.com at lists.freeradius.org> on behalf of Adam Bishop <Adam.Bishop at jisc.ac.uk>
Sent: 27 September 2017 23:29
To: FreeRadius users mailing list
Subject: Re: EAP request to FreeRADIUS 3 server backed by MariaDB has empty password

On 27 Sep 2017, at 22:56, Oliver Webb <ow97nospam at outlook.com> wrote:
> Thanks Adam. The contents of req.txt are available here: https://pastebin.com/47K8bEB6

I get completely different results using that file:

  [adamb at orps1 ~]# radeapclient -x 127.0.0.1:1812 auth pass < 47K8bEB6
  Loading input data...
  Read 1 element(s) from input: stdin
  Loaded: 1 input element(s).
  Adding new socket: src: 0.0.0.0:0, dst: 127.0.0.1:1812
  Added new socket: 5 (num sockets: 1)
  Transaction: 0, sending packet: 0 (id: 2)...
  Sent Access-Request Id 2 from 0.0.0.0:41057 to 127.0.0.1:1812 length 51
         User-Name = "tu"
         EAP-MD5-Password = "testp2"
         EAP-Code = Response
         EAP-Id = 210
         EAP-Type-Identity = 0x7475
         Message-Authenticator = 0x00
         EAP-Message = 0x02d20007017475

Double check the file for typo's (magic quotes, non-breaking spaces or even Windows line endings might throw it).

Otherwise I'm not sure what could be going on - did you build FreeRADIUS yourself, or is CentOS shipping with 3.0.13?

Regards,

Adam Bishop

  gpg: E75B 1F92 6407 DFDF 9F1C  BF10 C993 2504 6609 D460

jisc.ac.uk

Jisc is a registered charity (number 1149740) and a company limited by guarantee which is registered in England under Company No. 5747339, VAT No. GB 197 0632 86. Jisc’s registered office is: One Castlepark, Tower Hill, Bristol, BS2 0JA. T 0203 697 5800.

Jisc Services Limited is a wholly owned Jisc subsidiary and a company limited by guarantee which is registered in England under company number 2881024, VAT number GB 197 0632 86. The registered office is: One Castle Park, Tower Hill, Bristol BS2 0JA. T 0203 697 5800.


-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

More information about the Freeradius-Users mailing list