Evaluation of Service-Type.

Nicolas Breuer Nicolas.Breuer at belcenter.biz
Fri May 3 19:45:53 CEST 2019 

Jorge,

I have off course verified the RFC Page 31 and indeed it's not an integer but a constant 😊
Thanks for your help Jorge.


-----Message d'origine-----
De : Freeradius-Users <freeradius-users-bounces+nicolas.breuer=belcenter.biz at lists.freeradius.org> De la part de Jorge Pereira
Envoyé : vendredi 3 mai 2019 19:42
À : FreeRadius users mailing list <freeradius-users at lists.freeradius.org>
Objet : Re: Evaluation of Service-Type.

Nicolas,

Have you opened the RFC https://tools.ietf.org/html/rfc2865#page-31? so,
the Framed-User is a constant, not a string.

Integer = https://en.wikipedia.org/wiki/Integer_(computer_science)
Constant = https://en.wikipedia.org/wiki/Constant_(computer_programming)
String = https://en.wikipedia.org/wiki/String_(computer_science)



On Fri, May 3, 2019 at 2:34 PM Nicolas Breuer <Nicolas.Breuer at belcenter.biz>
wrote:

> Hi Jorge,
>
> Are you sure because I can see the standard is Service-Type=Framed-User ,
> no ?
> That works perfectly on v2.2 but OK
>
>
> -----Message d'origine-----
> De : Freeradius-Users <freeradius-users-bounces+nicolas.breuer=
> belcenter.biz at lists.freeradius.org> De la part de Jorge Pereira
> Envoyé : vendredi 3 mai 2019 19:26
> À : FreeRadius users mailing list <freeradius-users at lists.freeradius.org>
> Objet : Re: Evaluation of Service-Type.
>
> Nicolas,
>
> As described in rfc2865, the field Service-Type should be integer not
> string as you are trying to do.
>
> On Fri, May 3, 2019 at 2:21 PM Nicolas Breuer <
> Nicolas.Breuer at belcenter.biz>
> wrote:
>
> > Ok sorry it's a basic auth packet. Also the if section check the reply
> and
> > not what  he received.
> >
> > Plz find all the output
> >
> > (0) Received Access-Request Id 21
> > (0)   User-Name = "user1"
> > (0)   User-Password = "pwd"
> > (0) # Executing section authorize from file
> /root/test/etc/raddb/CORE.conf
> > (0)   authorize {
> > (0)     [preprocess] = ok
> > (0)     [chap] = noop
> > (0)     [mschap] = noop
> > (0) suffix: Checking for suffix after "@"
> > (0) suffix: No '@' in User-Name = "user1", looking up realm NULL
> > (0) suffix: No such realm "NULL"
> > (0)     [suffix] = noop
> > (0) files: users: Matched entry user1 at line 224
> > (0)     [files] = ok
> > (0)     [expiration] = noop
> > (0)     [logintime] = noop
> > (0)     [pap] = updated
> > (0)   } # authorize = updated
> > (0) Found Auth-Type = PAP
> > (0) # Executing group from file /root/test/etc/raddb/CORE.conf
> > (0)   Auth-Type PAP {
> > (0) pap: Login attempt with password
> > (0) pap: Comparing with "known good" Cleartext-Password
> > (0) pap: User authenticated successfully
> > (0)     [pap] = ok
> > (0)   } # Auth-Type PAP = ok
> > (0) # Executing section post-auth from file
> /root/test/etc/raddb/CORE.conf
> > (0)   post-auth {
> >
> > (0)     if (&reply:Service-Type == test) {
> >
> > (0)     ERROR: Failed retrieving values required to evaluate condition
> >
> > ------------------
> > The users file :
> >
> > user1                        Cleartext-Password:= "pwd"
> >                                         Service-Type == "test"
> >
> >
> > Thanks for your help !
> >
> >
> >
> > -----Message d'origine-----
> > De : Freeradius-Users <freeradius-users-bounces+nicolas.breuer=
> > belcenter.biz at lists.freeradius.org> De la part de Alan DeKok
> > Envoyé : vendredi 3 mai 2019 18:29
> > À : FreeRadius users mailing list <freeradius-users at lists.freeradius.org
> >
> > Objet : Re: Evaluation of Service-Type.
> >
> >
> >
> > > On May 3, 2019, at 12:20 PM, Nicolas Breuer <
> > Nicolas.Breuer at belcenter.biz> wrote:
> > >
> > > Sorry i don't see :
> > >
> > > (0)   post-auth {
> >
> >   So when I tell you to look at the PACKET, you look at the post-auth
> > section?  Why?
> >
> >   You should be aware that FreeRADIUS receives PACKETS.  It also PRINTS
> > those packets when running in debug mode.  This printing even includes
> the
> > LIST OF ATTRIBUTES THAT CAME IN THE PACKET.
> >
> >   Now, if you READ THE DEBUG OUTPUT, you will  see the LIST OF
> ATTRIBUTES.
> >
> >   There's even DOCUMENTATION DESCRIBING THIS.
> >
> >   http://wiki.freeradius.org/radiusd-X
> >
> >   At this point, I have to ask what's going on.  It's like you're working
> > hard to be obstructive.
> >
> >   Alan DeKok.
> >
> >
> > -
> > List info/subscribe/unsubscribe? See
> > http://www.freeradius.org/list/users.html
> >
> > -
> > List info/subscribe/unsubscribe? See
> > http://www.freeradius.org/list/users.html
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

More information about the Freeradius-Users mailing list