Hi all,

   I have a problem, where I work, I installed a system wifi hotspot (chillispot+freeradius+mysql), all in one machine (debian lenny) for external workers.

   The problem is that freeradius does not understand the password it receives from chillispot L

 

   Fri Nov 27 16:13:30 2009 : Info: [chap] Using clear text password "P1s0S" for user 9799-8798-3665-6561 authentication.

   Fri Nov 27 16:13:30 2009 : Info: [chap] Password check failed

 

  P1s0S is the good passwd !!!  This well written in the MySQL .

 

  I think that chillispot is using PAP instead of CHAP, I've looked at the code file hotspotlogin.php :

 

--------------------------- hotspotlogin.php -----------------------------------------------------

    $response = md5("\0" . $_GET['Password'] . $newchal);

    $newpwd = pack("a32", $_GET['Password']);

    $pappassword = implode ("", unpack("H32", ($newpwd ^ $newchal)));

----------------------------  FIN ------------------------------------------------------------------

 

 

  I don’t now.

  Thanks J

 

 

  -------- radius –XXX --------------

 

 

Fri Nov 27 15:35:29 2009 : Debug: Waking up in 4.9 seconds.

Fri Nov 27 15:35:34 2009 : Info: Cleaning up request 12 ID 0 with timestamp +5614

Fri Nov 27 15:35:34 2009 : Debug: Ready to process requests.

rad_recv: Access-Request packet from host 192.168.65.99 port 54942, id=0, length=229

        User-Name = "9799-8798-3665-6561"

        CHAP-Challenge = 0x6f2ac78657926dd875b49f0178ce89d7

        CHAP-Password = 0x00a2d83146dc31d330e294298fafb575c2

        NAS-IP-Address = 0.0.0.0

        Service-Type = Login-User

        Framed-IP-Address = 192.168.182.4

        Calling-Station-Id = "00-1C-BF-D3-88-70"

        Called-Station-Id = "00-0E-7F-FE-01-F9"

        NAS-Identifier = "nas01"

        Acct-Session-Id = "4b0fec8100000000"

        NAS-Port-Type = Wireless-802.11

        NAS-Port = 0

        Message-Authenticator = 0x368ff43e6530b497663e3e8b09be3ea8

        WISPr-Logoff-URL = "http://192.168.182.1:3990/logoff"

Fri Nov 27 16:13:30 2009 : Info: +- entering group authorize {...}

Fri Nov 27 16:13:30 2009 : Info: ++[preprocess] returns ok

Fri Nov 27 16:13:30 2009 : Info: [chap] Setting 'Auth-Type := CHAP'

Fri Nov 27 16:13:30 2009 : Info: ++[chap] returns ok

Fri Nov 27 16:13:30 2009 : Info: ++[mschap] returns noop

Fri Nov 27 16:13:30 2009 : Info: [suffix] No '@' in User-Name = "9799-8798-3665-6561", looking up realm NULL

Fri Nov 27 16:13:30 2009 : Info: [suffix] No such realm "NULL"

Fri Nov 27 16:13:30 2009 : Info: ++[suffix] returns noop

Fri Nov 27 16:13:30 2009 : Info: [eap] No EAP-Message, not doing EAP

Fri Nov 27 16:13:30 2009 : Info: ++[eap] returns noop

Fri Nov 27 16:13:30 2009 : Info: ++[unix] returns notfound

Fri Nov 27 16:13:30 2009 : Info: ++[files] returns noop

Fri Nov 27 16:13:30 2009 : Info: [sql]  expand: %{User-Name} -> 9799-8798-3665-6561

Fri Nov 27 16:13:30 2009 : Info: [sql] sql_set_user escaped user --> '9799-8798-3665-6561'

Fri Nov 27 16:13:30 2009 : Debug: rlm_sql (sql): Reserving sql socket id: 2

Fri Nov 27 16:13:30 2009 : Info: [sql]  expand: SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '%{SQL-User-Name}'           ORDER BY id -> SELECT id, username, attribute, value, op           FROM radcheck           WHERE username = '9799-8798-3665-6561'           ORDER BY id

Fri Nov 27 16:13:30 2009 : Info: [sql] User found in radcheck table

Fri Nov 27 16:13:30 2009 : Info: [sql]  expand: SELECT id, username, attribute, value, op           FROM radreply           WHERE username = '%{SQL-User-Name}'           ORDER BY id -> SELECT id, username, attribute, value, op           FROM radreply           WHERE username = '9799-8798-3665-6561'           ORDER BY id

Fri Nov 27 16:13:30 2009 : Info: [sql]  expand: SELECT groupname           FROM radusergroup           WHERE username = '%{SQL-User-Name}'           ORDER BY priority -> SELECT groupname           FROM radusergroup           WHERE username = '9799-8798-3665-6561'           ORDER BY priority

Fri Nov 27 16:13:30 2009 : Info: [sql]  expand: SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           Value, op           FROM radgroupcheck           WHERE groupname = '1hora'           ORDER BY id

Fri Nov 27 16:13:30 2009 : Info: [sql] User found in group 1hora

Fri Nov 27 16:13:30 2009 : Info: [sql]  expand: SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = '%{Sql-Group}'           ORDER BY id -> SELECT id, groupname, attribute,           value, op           FROM radgroupreply           WHERE groupname = '1hora'           ORDER BY id

Fri Nov 27 16:13:30 2009 : Debug: rlm_sql (sql): Released sql socket id: 2

Fri Nov 27 16:13:30 2009 : Info: ++[sql] returns ok

Fri Nov 27 16:13:30 2009 : Info: ++[expiration] returns noop

Fri Nov 27 16:13:30 2009 : Info: ++[logintime] returns noop

Fri Nov 27 16:13:30 2009 : Info: [pap] Found existing Auth-Type, not changing it.

Fri Nov 27 16:13:30 2009 : Info: ++[pap] returns noop

Fri Nov 27 16:13:30 2009 : Debug: rlm_sqlcounter: Entering module authorize code

Fri Nov 27 16:13:30 2009 : Debug: sqlcounter_expand:  'SELECT SUM(AcctSessionTime) FROM radacct WHERE UserName='%{User-Name}''

Fri Nov 27 16:13:30 2009 : Info: [noresetcounter]       expand: SELECT SUM(AcctSessionTime) FROM radacct WHERE UserName='%{User-Name}' -> SELECT SUM(AcctSessionTime) FROM radacct WHERE UserName='9799-8798-3665-6561'

Fri Nov 27 16:13:30 2009 : Debug: sqlcounter_expand:  '%{sql:SELECT SUM(AcctSessionTime) FROM radacct WHERE UserName='9799-8798-3665-6561'}'

Fri Nov 27 16:13:30 2009 : Info: [noresetcounter] sql_xlat

Fri Nov 27 16:13:30 2009 : Info: [noresetcounter]       expand: %{User-Name} -> 9799-8798-3665-6561

Fri Nov 27 16:13:30 2009 : Info: [noresetcounter] sql_set_user escaped user --> '9799-8798-3665-6561'

Fri Nov 27 16:13:30 2009 : Info: [noresetcounter]       expand: SELECT SUM(AcctSessionTime) FROM radacct WHERE UserName='9799-8798-3665-6561' -> SELECT SUM(AcctSessionTime) FROM radacct WHERE UserName='9799-8798-3665-6561'

Fri Nov 27 16:13:30 2009 : Debug: rlm_sql (sql): Reserving sql socket id: 1

Fri Nov 27 16:13:30 2009 : Info: [noresetcounter] row[0] returned NULL

Fri Nov 27 16:13:30 2009 : Debug: rlm_sql (sql): Released sql socket id: 1

Fri Nov 27 16:13:30 2009 : Info: [noresetcounter]       expand: %{sql:SELECT SUM(AcctSessionTime) FROM radacct WHERE UserName='9799-8798-3665-6561'} ->

Fri Nov 27 16:13:30 2009 : Debug: rlm_sqlcounter: No integer found in string ""

Fri Nov 27 16:13:30 2009 : Info: ++[noresetcounter] returns noop

Fri Nov 27 16:13:30 2009 : Debug: rlm_sqlcounter: Entering module authorize code

Fri Nov 27 16:13:30 2009 : Debug: rlm_sqlcounter: Could not find Check item value pair

Fri Nov 27 16:13:30 2009 : Info: ++[dailycounter] returns noop

Fri Nov 27 16:13:30 2009 : Debug: rlm_sqlcounter: Entering module authorize code

Fri Nov 27 16:13:30 2009 : Debug: rlm_sqlcounter: Could not find Check item value pair

Fri Nov 27 16:13:30 2009 : Info: ++[monthlycounter] returns noop

Fri Nov 27 16:13:30 2009 : Info: Found Auth-Type = CHAP

Fri Nov 27 16:13:30 2009 : Info: +- entering group CHAP {...}

Fri Nov 27 16:13:30 2009 : Info: [chap] login attempt by "9799-8798-3665-6561" with CHAP password

Fri Nov 27 16:13:30 2009 : Info: [chap] Using clear text password "P1s0S" for user 9799-8798-3665-6561 authentication.

Fri Nov 27 16:13:30 2009 : Info: [chap] Password check failed

Fri Nov 27 16:13:30 2009 : Info: ++[chap] returns reject

Fri Nov 27 16:13:30 2009 : Info: Failed to authenticate the user.

Fri Nov 27 16:13:30 2009 : Info: Using Post-Auth-Type Reject

Fri Nov 27 16:13:30 2009 : Info: +- entering group REJECT {...}

Fri Nov 27 16:13:30 2009 : Info: [attr_filter.access_reject]    expand: %{User-Name} -> 9799-8798-3665-6561

Fri Nov 27 16:13:30 2009 : Debug:  attr_filter: Matched entry DEFAULT at line 11

Fri Nov 27 16:13:30 2009 : Info: ++[attr_filter.access_reject] returns updated

Fri Nov 27 16:13:30 2009 : Info: Delaying reject of request 13 for 1 seconds

Fri Nov 27 16:13:30 2009 : Debug: Going to the next request

Fri Nov 27 16:13:30 2009 : Debug: Waking up in 0.9 seconds.

Fri Nov 27 16:13:31 2009 : Info: Sending delayed reject for request 13

Sending Access-Reject of id 0 to 192.168.65.99 port 54942

Fri Nov 27 16:13:31 2009 : Debug: Waking up in 4.9 seconds.

Fri Nov 27 16:13:36 2009 : Info: Cleaning up request 13 ID 0 with timestamp +7896

Fri Nov 27 16:13:36 2009 : Debug: Ready to process requests.

 

------------------------------  FIN  -------------------------------------------------------------------



Windows Live: Friends get your Flickr, Yelp, and Digg updates when they e-mail you.