sql.conf and case sensitive UserNames fr 1.0.5
If i understand the sql.conf from freeradius-1.0.5 right, then the default queries do a case sensitive check for the UserName. The alternate queries are marked for case insensitive usernames. So i understand the default queries are for case sensitive usernames. Am i wrong in this understanding? That would be different from behavior in freeradius-1.0.4. After a few tests i would say, that the UserName is still case insensitive in the default queries for freeradius-1.0.5. Thank You Andreas
If i understand the sql.conf from freeradius-1.0.5 right, then the default queries do a case sensitive check for the UserName. The alternate queries are marked for case insensitive usernames. So i understand the default queries are for case sensitive usernames. Am i wrong in this understanding? That would be different from behavior in freeradius-1.0.4.
After a few tests i would say, that the UserName is still case insensitive in the default queries for freeradius-1.0.5.
Thank You
Andreas
Hi, Bear in mind ... "As of MySQL 4.0, STRCMP() uses the current character set when performing comparisons. This makes the default comparison behavior case insensitive unless one or both of the operands are binary strings. Before MySQL 4.0, STRCMP() is case sensitive" Mike
Andreas Engler wrote:
If i understand the sql.conf from freeradius-1.0.5 right, then the default queries do a case sensitive check for the UserName. The alternate queries are marked for case insensitive usernames. So i understand the default queries are for case sensitive usernames. Am i wrong in this understanding?
I'd say the comments in sql.conf are completely messed up. I pulled the comments from postgresql.conf to keep the files in sync, but it looks like it was wrong because MySQL and PostgreSQL are different on this point.
That would be different from behavior in freeradius-1.0.4.
No, the default queries are the same in all FreeRADIUS 1.0.x versions.
After a few tests i would say, that the UserName is still case insensitive in the default queries for freeradius-1.0.5.
Yes, the default queries are case insensitive. Here are case sensitive queries that works: authorize_check_query = "SELECT id, UserName, Attribute, Value, op \ FROM ${authcheck_table} \ WHERE Username = BINARY '%{SQL-User-Name}' \ ORDER BY id" authorize_reply_query = "SELECT id, UserName, Attribute, Value, op \ FROM ${authreply_table} \ WHERE Username = BINARY '%{SQL-User-Name}' \ ORDER BY id" Thanks for spotting the problem. I'm going to fix the file sql.conf in the CVS. -- Nicolas Baradakis
Hi all, I've setup a WiFi access point on WPA mode, attached to a PC with chillispot and another computer with Freeradius. My idea is the following: - When someone tries to connect to the AP, it will asked for username and password (PEAP . Mschapv2) - The response of the wireless client will be send to chillispot - Chillispot will re-send (proxy) the request to freeradius. This configuration works fine, but I notice a big time lag between the Access-Request and Access-Accept packet (15 - 30 seconds) I can see that between Access-Request and Accept, some Access-Challenge packets are sent, which I think are the ones causing the mess. Some help would be appreciated. I attach a log, hope it helps! Thanks in advance. Starting - reading configuration files ... reread_config: reading radiusd.conf Config: including file: /etc/freeradius/proxy.conf Config: including file: /etc/freeradius/clients.conf Config: including file: /etc/freeradius/snmp.conf Config: including file: /etc/freeradius/eap.conf Config: including file: /etc/freeradius/sql.conf Config: including file: /etc/freeradius/sqlcounter.conf main: prefix = "/usr" main: localstatedir = "/var" main: logdir = "/var/log/freeradius" main: libdir = "/usr/lib/freeradius" main: radacctdir = "/var/log/freeradius/radacct" main: hostname_lookups = no main: snmp = no main: max_request_time = 40 main: cleanup_delay = 5 main: max_requests = 1024 main: delete_blocked_requests = 0 main: port = 1812 main: allow_core_dumps = no main: log_stripped_names = no main: log_file = "/var/log/freeradius/radius.log" main: log_auth = yes main: log_auth_badpass = yes main: log_auth_goodpass = yes main: pidfile = "/var/run/freeradius/freeradius.pid" main: user = "freerad" main: group = "freerad" main: usercollide = no main: lower_user = "no" main: lower_pass = "no" main: nospace_user = "no" main: nospace_pass = "no" main: checkrad = "/usr/sbin/checkrad" main: proxy_requests = no proxy: retry_delay = 5 proxy: retry_count = 3 proxy: synchronous = no proxy: default_fallback = yes proxy: dead_time = 120 proxy: post_proxy_authorize = yes proxy: wake_all_if_all_dead = no security: max_attributes = 200 security: reject_delay = 1 security: status_server = no main: debug_level = 0 read_config_files: reading dictionary read_config_files: reading naslist Using deprecated naslist file. Support for this will go away soon. read_config_files: reading clients read_config_files: reading realms listen: port = 1812 listen: type = "auth" listen: port = 1813 listen: type = "acct" radiusd: entering modules setup Module: Library search path is /usr/lib/freeradius Module: Loaded exec exec: wait = yes exec: program = "(null)" exec: input_pairs = "request" exec: output_pairs = "(null)" exec: packet_type = "(null)" rlm_exec: Wait=yes but no output defined. Did you mean output=none? Module: Instantiated exec (exec) Module: Loaded expr Module: Instantiated expr (expr) Module: Loaded PAP pap: encryption_scheme = "crypt" Module: Instantiated pap (pap) Module: Loaded CHAP Module: Instantiated chap (chap) Module: Loaded MS-CHAP mschap: use_mppe = yes mschap: require_encryption = yes mschap: require_strong = yes mschap: with_ntdomain_hack = no mschap: passwd = "(null)" mschap: authtype = "MS-CHAP" mschap: ntlm_auth = "(null)" Module: Instantiated mschap (mschap) Module: Loaded eap eap: default_eap_type = "peap" eap: timer_expire = 60 eap: ignore_unknown_eap_types = no eap: cisco_accounting_username_bug = no rlm_eap: Loaded and initialized type md5 rlm_eap: Loaded and initialized type leap gtc: challenge = "Password: " gtc: auth_type = "PAP" rlm_eap: Loaded and initialized type gtc tls: rsa_key_exchange = no tls: dh_key_exchange = yes tls: rsa_key_length = 512 tls: dh_key_length = 512 tls: verify_depth = 0 tls: CA_path = "(null)" tls: pem_file_type = yes tls: private_key_file = "/etc/freeradius/certs/cert-srv.pem" tls: certificate_file = "/etc/freeradius/certs/cert-srv.pem" tls: CA_file = "/etc/freeradius/certs/demoCA/cacert.pem" tls: private_key_password = "whatever" tls: dh_file = "/etc/freeradius/certs/dh" tls: random_file = "/etc/freeradius/certs/random" tls: fragment_size = 1024 tls: include_length = yes tls: check_crl = no tls: check_cert_cn = "(null)" rlm_eap: Loaded and initialized type tls peap: default_eap_type = "mschapv2" peap: copy_request_to_tunnel = no peap: use_tunneled_reply = no peap: proxy_tunneled_request_as_eap = yes rlm_eap: Loaded and initialized type peap mschapv2: with_ntdomain_hack = no rlm_eap: Loaded and initialized type mschapv2 Module: Instantiated eap (eap) Module: Loaded preprocess preprocess: huntgroups = "/etc/freeradius/huntgroups" preprocess: hints = "/etc/freeradius/hints" preprocess: with_ascend_hack = no preprocess: ascend_channels_per_line = 23 preprocess: with_ntdomain_hack = no preprocess: with_specialix_jetstream_hack = no preprocess: with_cisco_vsa_hack = no Module: Instantiated preprocess (preprocess) Module: Loaded realm realm: format = "suffix" realm: delimiter = "@" realm: ignore_default = no realm: ignore_null = no Module: Instantiated realm (suffix) Module: Loaded SQL sql: driver = "rlm_sql_mysql" sql: server = "localhost" sql: port = "" sql: login = "root" sql: password = "" sql: radius_db = "radius" sql: acct_table = "radacct" sql: acct_table2 = "radacct" sql: authcheck_table = "radcheck" sql: authreply_table = "radreply" sql: groupcheck_table = "radgroupcheck" sql: groupreply_table = "radgroupreply" sql: usergroup_table = "usergroup" sql: nas_table = "nas" sql: dict_table = "dictionary" sql: sqltrace = no sql: sqltracefile = "/var/log/freeradius/sqltrace.sql" sql: readclients = no sql: deletestalesessions = yes sql: num_sql_socks = 5 sql: sql_user_name = "%{User-Name}" sql: default_user_profile = "" sql: query_on_not_found = no sql: authorize_check_query = "SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = '%{SQL-User-Name}' ORDER BY id" sql: authorize_reply_query = "SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = '%{SQL-User-Name}' ORDER BY id" sql: authorize_group_check_query = "SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = '%{SQL-User-Name}' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id" sql: authorize_group_reply_query = "SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = '%{SQL-User-Name}' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id" sql: accounting_onoff_query = "UPDATE radacct SET AcctStopTime='%S', AcctSessionTime=unix_timestamp('%S') - unix_timestamp(AcctStartTime), AcctTerminateCause='%{Acct-Terminate-Cause}', AcctStopDelay = '%{Acct-Delay-Time}' WHERE AcctSessionTime=0 AND AcctStopTime=0 AND NASIPAddress= '%{NAS-IP-Address}' AND AcctStartTime <= '%S'" sql: accounting_update_query = "UPDATE radacct ? SET FramedIPAddress = '%{Framed-IP-Address}', ? AcctSessionTime = '%{Acct-Session-Time}', ? AcctInputOctets = '%{Acct-Input-Octets}', ? AcctOutputOctets = '%{Acct-Output-Octets}' ? WHERE AcctSessionId = '%{Acct-Session-Id}' ? AND UserName = '%{SQL-User-Name}' ? AND NASIPAddress= '%{NAS-IP-Address}'" sql: accounting_update_query_alt = "INSERT into radacct (AcctSessionId, AcctUniqueId, UserName, Realm, NASIPAddress, NASPortId, NASPortType, AcctStartTime, AcctSessionTime, AcctAuthentic, ConnectInfo_start, AcctInputOctets, AcctOutputOctets, CalledStationId, CallingStationId, ServiceType, FramedProtocol, FramedIPAddress, AcctStartDelay) values('%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}', '%{SQL-User-Name}', '%{NAS-Identifier}', '%{NAS-IP-Address}', '%{NAS-Port}', '%{NAS-Port-Type}', DATE_SUB('%S',INTERVAL (%{Acct-Session-Time:-0} + %{Acct-Delay-Time:-0}) SECOND), '%{Acct-Session-Time}', '%{Acct-Authentic}', '', '%{Acct-Input-Octets}', '%{Acct-Output-Octets}', '%{Called-Station-Id}', '%{Calling-Station-Id}', '%{Service-Type}', '%{Framed-Protocol}', '%{Framed-IP-Address}', '0')" sql: accounting_start_query = "INSERT into radacct (AcctSessionId, AcctUniqueId, UserName, Realm, NASIPAddress, NASPortId, NASPortType, AcctStartTime, AcctStopTime, AcctSessionTime, AcctAuthentic, ConnectInfo_start, ConnectInfo_stop, AcctInputOctets, AcctOutputOctets, CalledStationId, CallingStationId, AcctTerminateCause, ServiceType, FramedProtocol, FramedIPAddress, AcctStartDelay, AcctStopDelay) values('%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}', '%{SQL-User-Name}', '%{NAS-Identifier}', '%{NAS-IP-Address}', '%{NAS-Port}', '%{NAS-Port-Type}', '%S', '0', '0', '%{Acct-Authentic}', '%{Connect-Info}', '', '0', '0', '%{Called-Station-Id}', '%{Calling-Station-Id}', '', '%{Service-Type}', '%{Framed-Protocol}', '%{Framed-IP-Address}', '%{Acct-Delay-Time}', '0')" sql: accounting_start_query_alt = "UPDATE radacct SET AcctStartTime = '%S', AcctStartDelay = '%{Acct-Delay-Time}', ConnectInfo_start = '%{Connect-Info}' WHERE AcctSessionId = '%{Acct-Session-Id}' AND UserName = '%{SQL-User-Name}' AND NASIPAddress = '%{NAS-IP-Address}'" sql: accounting_stop_query = "UPDATE radacct SET AcctStopTime = '%S', AcctSessionTime = '%{Acct-Session-Time}', AcctInputOctets = '%{Acct-Input-Octets}', AcctOutputOctets = '%{Acct-Output-Octets}', AcctTerminateCause = '%{Acct-Terminate-Cause}', AcctStopDelay = '%{Acct-Delay-Time}', ConnectInfo_stop = '%{Connect-Info}' WHERE AcctSessionId = '%{Acct-Session-Id}' AND UserName = '%{SQL-User-Name}' AND NASIPAddress = '%{NAS-IP-Address}'" sql: accounting_stop_query_alt = "INSERT into radacct (AcctSessionId, AcctUniqueId, UserName, Realm, NASIPAddress, NASPortId, NASPortType, AcctStartTime, AcctStopTime, AcctSessionTime, AcctAuthentic, ConnectInfo_start, ConnectInfo_stop, AcctInputOctets, AcctOutputOctets, CalledStationId, CallingStationId, AcctTerminateCause, ServiceType, FramedProtocol, FramedIPAddress, AcctStartDelay, AcctStopDelay) values('%{Acct-Session-Id}', '%{Acct-Unique-Session-Id}', '%{SQL-User-Name}', '%{NAS-Identifier}', '%{NAS-IP-Address}', '%{NAS-Port}', '%{NAS-Port-Type}', DATE_SUB('%S', INTERVAL (%{Acct-Session-Time:-0} + %{Acct-Delay-Time:-0}) SECOND), '%S', '%{Acct-Session-Time}', '%{Acct-Authentic}', '', '%{Connect-Info}', '%{Acct-Input-Octets}', '%{Acct-Output-Octets}', '%{Called-Station-Id}', '%{Calling-Station-Id}', '%{Acct-Terminate-Cause}', '%{Service-Type}', '%{Framed-Protocol}', '%{Framed-IP-Address}', '0', '%{Acct-Delay-Time}')" sql: group_membership_query = "SELECT GroupName FROM usergroup WHERE UserName='%{SQL-User-Name}'" sql: connect_failure_retry_delay = 60 sql: simul_count_query = "SELECT COUNT(*) FROM radacct WHERE UserName='%{SQL-User-Name}' AND AcctStopTime = 0" sql: simul_verify_query = "SELECT RadAcctId, AcctSessionId, UserName, NASIPAddress, NASPortId, FramedIPAddress, CallingStationId, FramedProtocol FROM radacct WHERE UserName='%{SQL-User-Name}' AND AcctStopTime = 0" sql: postauth_table = "radpostauth" sql: postauth_query = "INSERT into radpostauth (id, user, pass, reply, date) values ('', '%{User-Name}', '%{User-Password:-Chap-Password}', '%{reply:Packet-Type}', NOW())" sql: safe-characters = "@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_: /" rlm_sql (sql): Driver rlm_sql_mysql (module rlm_sql_mysql) loaded and linked rlm_sql (sql): Attempting to connect to root@localhost:/radius rlm_sql (sql): starting 0 rlm_sql (sql): Attempting to connect rlm_sql_mysql #0 rlm_sql_mysql: Starting connect to MySQL server for #0 rlm_sql (sql): Connected new DB handle, #0 rlm_sql (sql): starting 1 rlm_sql (sql): Attempting to connect rlm_sql_mysql #1 rlm_sql_mysql: Starting connect to MySQL server for #1 rlm_sql (sql): Connected new DB handle, #1 rlm_sql (sql): starting 2 rlm_sql (sql): Attempting to connect rlm_sql_mysql #2 rlm_sql_mysql: Starting connect to MySQL server for #2 rlm_sql (sql): Connected new DB handle, #2 rlm_sql (sql): starting 3 rlm_sql (sql): Attempting to connect rlm_sql_mysql #3 rlm_sql_mysql: Starting connect to MySQL server for #3 rlm_sql (sql): Connected new DB handle, #3 rlm_sql (sql): starting 4 rlm_sql (sql): Attempting to connect rlm_sql_mysql #4 rlm_sql_mysql: Starting connect to MySQL server for #4 rlm_sql (sql): Connected new DB handle, #4 Module: Instantiated sql (sql) Module: Loaded SQL Counter sqlcounter: counter-name = "Max-All-Session-Time" sqlcounter: check-name = "Max-All-Session" sqlcounter: key = "User-Name" sqlcounter: sqlmod-inst = "sql" sqlcounter: query = "SELECT SUM(AcctSessionTime) FROM radacct WHERE UserName='%{%k}'" sqlcounter: reset = "never" rlm_sqlcounter: Counter attribute Max-All-Session-Time is number 1671 rlm_sqlcounter: Check attribute Max-All-Session is number 1672 rlm_sqlcounter: Current Time: 1132324700 [2005-11-18 15:38:20], Next reset 0 [2005-11-18 15:00:00] rlm_sqlcounter: Current Time: 1132324700 [2005-11-18 15:38:20], Prev reset 0 [2005-11-18 15:00:00] Module: Instantiated sqlcounter (noresetcounter) sqlcounter: counter-name = "Daily-Session-Time" sqlcounter: check-name = "Max-Daily-Session" sqlcounter: key = "User-Name" sqlcounter: sqlmod-inst = "sql" sqlcounter: query = "SELECT SUM(AcctSessionTime - GREATEST((%b - UNIX_TIMESTAMP(AcctStartTime)), 0)) FROM radacct WHERE UserName='%{%k}' AND UNIX_TIMESTAMP(AcctStartTime) + AcctSessionTime > '%b'" sqlcounter: reset = "daily" rlm_sqlcounter: Counter attribute Daily-Session-Time is number 1673 rlm_sqlcounter: Check attribute Max-Daily-Session is number 1674 rlm_sqlcounter: Current Time: 1132324700 [2005-11-18 15:38:20], Next reset 1132354800 [2005-11-19 00:00:00] rlm_sqlcounter: Current Time: 1132324700 [2005-11-18 15:38:20], Prev reset 1132268400 [2005-11-18 00:00:00] Module: Instantiated sqlcounter (dailycounter) sqlcounter: counter-name = "Weekly-Session-Time" sqlcounter: check-name = "Max-Weekly-Session" sqlcounter: key = "User-Name" sqlcounter: sqlmod-inst = "sql" sqlcounter: query = "SELECT SUM(AcctSessionTime - GREATEST((%b - UNIX_TIMESTAMP(AcctStartTime)), 0)) FROM radacct WHERE UserName='%{%k}' AND UNIX_TIMESTAMP(AcctStartTime) + AcctSessionTime > '%b'" sqlcounter: reset = "weekly" rlm_sqlcounter: Counter attribute Weekly-Session-Time is number 1675 rlm_sqlcounter: Check attribute Max-Weekly-Session is number 1676 rlm_sqlcounter: Current Time: 1132324700 [2005-11-18 15:38:20], Next reset 1132441200 [2005-11-20 00:00:00] rlm_sqlcounter: Current Time: 1132324700 [2005-11-18 15:38:20], Prev reset 1132095600 [2005-11-16 00:00:00] Module: Instantiated sqlcounter (weeklycounter) Module: Loaded Acct-Unique-Session-Id acct_unique: key = "User-Name, Acct-Session-Id, NAS-IP-Address, Client-IP-Address, NAS-Port" Module: Instantiated acct_unique (acct_unique) Listening on authentication *:1812 Listening on accounting *:1813 Ready to process requests. rad_recv: Access-Request packet from host 192.168.0.60:1073, id=40, length=119 User-Name = "pepe@2" EAP-Message = 0x0200000b01706570654032 Message-Authenticator = 0x857833d01159c2600ffe978685a9a91b Calling-Station-Id = "00-0E-35-4B-81-90" Called-Station-Id = "00-00-24-C4-54-59" NAS-Port-Type = Wireless-802.11 NAS-Port = 2 NAS-IP-Address = 0.0.0.0 NAS-Identifier = "19" Processing the authorize section of radiusd.conf modcall: entering group authorize for request 0 modcall[authorize]: module "preprocess" returns ok for request 0 modcall[authorize]: module "chap" returns noop for request 0 modcall[authorize]: module "mschap" returns noop for request 0 rlm_realm: Looking up realm "2" for User-Name = "pepe@2" rlm_realm: No such realm "2" modcall[authorize]: module "suffix" returns noop for request 0 rlm_eap: EAP packet type response id 0 length 11 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 0 radius_xlat: 'pepe@2' rlm_sql (sql): sql_set_user escaped user --> 'pepe@2' radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 'pepe@2' ORDER BY id' rlm_sql (sql): Reserving sql socket id: 4 radius_xlat: 'SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'pepe@2' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id' radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = 'pepe@2' ORDER BY id' radius_xlat: 'SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'pepe@2' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id' rlm_sql (sql): Released sql socket id: 4 modcall[authorize]: module "sql" returns ok for request 0 rlm_sqlcounter: Entering module authorize code rlm_sqlcounter: Could not find Check item value pair modcall[authorize]: module "noresetcounter" returns noop for request 0 rlm_sqlcounter: Entering module authorize code rlm_sqlcounter: Could not find Check item value pair modcall[authorize]: module "dailycounter" returns noop for request 0 rlm_sqlcounter: Entering module authorize code rlm_sqlcounter: Could not find Check item value pair modcall[authorize]: module "weeklycounter" returns noop for request 0 modcall: group authorize returns updated for request 0 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 0 rlm_eap: EAP Identity rlm_eap: processing type tls rlm_eap_tls: Initiate rlm_eap_tls: Start returned 1 modcall[authenticate]: module "eap" returns handled for request 0 modcall: group authenticate returns handled for request 0 Sending Access-Challenge of id 40 to 192.168.0.60:1073 Acct-Interim-Interval := 120 WISPr-Redirection-URL := "http://www.google.com" EAP-Message = 0x010100061920 Message-Authenticator = 0x00000000000000000000000000000000 State = 0xadcb298af4bf495278c211f174caf89c Finished request 0 Going to the next request --- Walking the entire request list --- Waking up in 6 seconds... --- Walking the entire request list --- Cleaning up request 0 ID 40 with timestamp 437de76e Nothing to do. Sleeping until we see a request. rad_recv: Access-Request packet from host 192.168.0.60:1073, id=41, length=137 User-Name = "pepe@2" State = 0xadcb298af4bf495278c211f174caf89c EAP-Message = 0x0201000b01706570654032 Message-Authenticator = 0x4a646af076a4511e6afdfdefe12c1d61 Calling-Station-Id = "00-0E-35-4B-81-90" Called-Station-Id = "00-00-24-C4-54-59" NAS-Port-Type = Wireless-802.11 NAS-Port = 2 NAS-IP-Address = 0.0.0.0 NAS-Identifier = "19" Processing the authorize section of radiusd.conf modcall: entering group authorize for request 1 modcall[authorize]: module "preprocess" returns ok for request 1 modcall[authorize]: module "chap" returns noop for request 1 modcall[authorize]: module "mschap" returns noop for request 1 rlm_realm: Looking up realm "2" for User-Name = "pepe@2" rlm_realm: No such realm "2" modcall[authorize]: module "suffix" returns noop for request 1 rlm_eap: EAP packet type response id 1 length 11 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 1 radius_xlat: 'pepe@2' rlm_sql (sql): sql_set_user escaped user --> 'pepe@2' radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 'pepe@2' ORDER BY id' rlm_sql (sql): Reserving sql socket id: 3 radius_xlat: 'SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'pepe@2' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id' radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = 'pepe@2' ORDER BY id' radius_xlat: 'SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'pepe@2' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id' rlm_sql (sql): Released sql socket id: 3 modcall[authorize]: module "sql" returns ok for request 1 rlm_sqlcounter: Entering module authorize code rlm_sqlcounter: Could not find Check item value pair modcall[authorize]: module "noresetcounter" returns noop for request 1 rlm_sqlcounter: Entering module authorize code rlm_sqlcounter: Could not find Check item value pair modcall[authorize]: module "dailycounter" returns noop for request 1 rlm_sqlcounter: Entering module authorize code rlm_sqlcounter: Could not find Check item value pair modcall[authorize]: module "weeklycounter" returns noop for request 1 modcall: group authorize returns updated for request 1 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 1 rlm_eap: EAP Identity rlm_eap: processing type tls rlm_eap_tls: Initiate rlm_eap_tls: Start returned 1 modcall[authenticate]: module "eap" returns handled for request 1 modcall: group authenticate returns handled for request 1 Sending Access-Challenge of id 41 to 192.168.0.60:1073 Acct-Interim-Interval := 120 WISPr-Redirection-URL := "http://www.google.com" EAP-Message = 0x010200061920 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x44f48eeb7b127abf2beff42a10d3cdfe Finished request 1 Going to the next request --- Walking the entire request list --- Waking up in 6 seconds... rad_recv: Access-Request packet from host 192.168.0.60:1073, id=42, length=238 User-Name = "pepe@2" State = 0x44f48eeb7b127abf2beff42a10d3cdfe EAP-Message = 0x0202007019800000006616030100610100005d0301437de78c9c477e1463765315632a2eedcf3b7cfd026466252a48d91abbff7b2c20702177294cc65bc47f91dc5b88a9afe252542d652f98c193535be764c68e21bb001600040005000a000900640062000300060013001200630100 Message-Authenticator = 0x1dfa5161d6212cab559381a910211348 Calling-Station-Id = "00-0E-35-4B-81-90" Called-Station-Id = "00-00-24-C4-54-59" NAS-Port-Type = Wireless-802.11 NAS-Port = 2 NAS-IP-Address = 0.0.0.0 NAS-Identifier = "19" Processing the authorize section of radiusd.conf modcall: entering group authorize for request 2 modcall[authorize]: module "preprocess" returns ok for request 2 modcall[authorize]: module "chap" returns noop for request 2 modcall[authorize]: module "mschap" returns noop for request 2 rlm_realm: Looking up realm "2" for User-Name = "pepe@2" rlm_realm: No such realm "2" modcall[authorize]: module "suffix" returns noop for request 2 rlm_eap: EAP packet type response id 2 length 112 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 2 radius_xlat: 'pepe@2' rlm_sql (sql): sql_set_user escaped user --> 'pepe@2' radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 'pepe@2' ORDER BY id' rlm_sql (sql): Reserving sql socket id: 2 radius_xlat: 'SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'pepe@2' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id' radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = 'pepe@2' ORDER BY id' radius_xlat: 'SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'pepe@2' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id' rlm_sql (sql): Released sql socket id: 2 modcall[authorize]: module "sql" returns ok for request 2 rlm_sqlcounter: Entering module authorize code rlm_sqlcounter: Could not find Check item value pair modcall[authorize]: module "noresetcounter" returns noop for request 2 rlm_sqlcounter: Entering module authorize code rlm_sqlcounter: Could not find Check item value pair modcall[authorize]: module "dailycounter" returns noop for request 2 rlm_sqlcounter: Entering module authorize code rlm_sqlcounter: Could not find Check item value pair modcall[authorize]: module "weeklycounter" returns noop for request 2 modcall: group authorize returns updated for request 2 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 2 rlm_eap: Request found, released from the list rlm_eap: EAP/peap rlm_eap: processing type peap rlm_eap_peap: Authenticate rlm_eap_tls: processing TLS rlm_eap_tls: Length Included eaptls_verify returned 11 (other): before/accept initialization TLS_accept: before/accept initialization rlm_eap_tls: <<< TLS 1.0 Handshake [length 0061], ClientHello TLS_accept: SSLv3 read client hello A rlm_eap_tls: >>> TLS 1.0 Handshake [length 004a], ServerHello TLS_accept: SSLv3 write server hello A rlm_eap_tls: >>> TLS 1.0 Handshake [length 068f], Certificate TLS_accept: SSLv3 write certificate A rlm_eap_tls: >>> TLS 1.0 Handshake [length 0004], ServerHelloDone TLS_accept: SSLv3 write server done A TLS_accept: SSLv3 flush data TLS_accept:error in SSLv3 read client certificate A In SSL Handshake Phase In SSL Accept mode eaptls_process returned 13 rlm_eap_peap: EAPTLS_HANDLED modcall[authenticate]: module "eap" returns handled for request 2 modcall: group authenticate returns handled for request 2 Sending Access-Challenge of id 42 to 192.168.0.60:1073 Acct-Interim-Interval := 120 WISPr-Redirection-URL := "http://www.google.com" EAP-Message = 0x0103040a19c0000006ec160301004a020000460301437de78c47d242f104003e6daeb7662e20359eefa0806b6bf81aeea9c67353c1201257aa2f5f9aed7f8cc1e24c8d3b1c88784a885f5716e86ee39b81cf436754bc000400160301068f0b00068b0006880002cb308202c730820230a003020102020102300d06092a864886f70d010104050030819e310b30090603550406130243413111300f0603550408130850726f76696e63653112301006035504071309536f6d65204369747931153013060355040a130c4f7267616e697a6174696f6e3111300f060355040b130870726f6c69616e74311b301906035504031312436c69656e7420636572 EAP-Message = 0x74696669636174653121301f06092a864886f70d0109011612636c69656e74406578616d706c652e636f6d301e170d3035303832363136303033375a170d3036303832363136303033375a30819a310b30090603550406130243413111300f0603550408130850726f76696e63653112301006035504071309536f6d65204369747931153013060355040a130c4f7267616e697a6174696f6e3111300f060355040b130870726f6c69616e743119301706035504031310526f6f74206365727469666963617465311f301d06092a864886f70d0109011610726f6f74406578616d706c652e636f6d30819f300d06092a864886f70d010101050003818d EAP-Message = 0x0030818902818100c6ee8983ba197bc28a363b57d9dfb3ad385efea9129e5e22c816d83e3ec8c6967f69f973fb14a41af5891afce99c8109932062c20ceb474de50b025b63e7c6f9a309825de19ec501dac78e99a443303d643b2d3fc2ddd0251ad8fd1d98a379af656cf87cc33d3229b367b3f36c73f67f6ee4317ca4cd278142867ea13552245b0203010001a317301530130603551d25040c300a06082b06010505070301300d06092a864886f70d0101040500038181003f60bc44d4cf6fb76e48204f10a1b712d40551dc958c434ba3a2cc888fcb979afc6410bac8e5c4b80be9b09bddb405128d66fe8915d5707107b5d88d9ad95c98f5ff95cb EAP-Message = 0x9e3a666f43430f6b69cccaf6833ed9c328d1862be21e54903998f640f48719130d92fe1a693d9ccf1403f1c7a71f3e20979e02db7f06538611cf9b0f0003b7308203b33082031ca003020102020100300d06092a864886f70d010104050030819e310b30090603550406130243413111300f0603550408130850726f76696e63653112301006035504071309536f6d65204369747931153013060355040a130c4f7267616e697a6174696f6e3111300f060355040b130870726f6c69616e74311b301906035504031312436c69656e742063657274696669636174653121301f06092a864886f70d0109011612636c69656e74406578616d706c652e63 EAP-Message = 0x6f6d301e170d3035303832363136303033355a170d30 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x630601d7e626bc2107f12b000877e2f1 Finished request 2 Going to the next request Waking up in 6 seconds... rad_recv: Access-Request packet from host 192.168.0.60:1073, id=43, length=132 User-Name = "pepe@2" State = 0x630601d7e626bc2107f12b000877e2f1 EAP-Message = 0x020300061900 Message-Authenticator = 0x573ad1eb594ea60bd0121b357beb3f92 Calling-Station-Id = "00-0E-35-4B-81-90" Called-Station-Id = "00-00-24-C4-54-59" NAS-Port-Type = Wireless-802.11 NAS-Port = 2 NAS-IP-Address = 0.0.0.0 NAS-Identifier = "19" Processing the authorize section of radiusd.conf modcall: entering group authorize for request 3 modcall[authorize]: module "preprocess" returns ok for request 3 modcall[authorize]: module "chap" returns noop for request 3 modcall[authorize]: module "mschap" returns noop for request 3 rlm_realm: Looking up realm "2" for User-Name = "pepe@2" rlm_realm: No such realm "2" modcall[authorize]: module "suffix" returns noop for request 3 rlm_eap: EAP packet type response id 3 length 6 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 3 radius_xlat: 'pepe@2' rlm_sql (sql): sql_set_user escaped user --> 'pepe@2' radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 'pepe@2' ORDER BY id' rlm_sql (sql): Reserving sql socket id: 1 radius_xlat: 'SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'pepe@2' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id' radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = 'pepe@2' ORDER BY id' radius_xlat: 'SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'pepe@2' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id' rlm_sql (sql): Released sql socket id: 1 modcall[authorize]: module "sql" returns ok for request 3 rlm_sqlcounter: Entering module authorize code rlm_sqlcounter: Could not find Check item value pair modcall[authorize]: module "noresetcounter" returns noop for request 3 rlm_sqlcounter: Entering module authorize code rlm_sqlcounter: Could not find Check item value pair modcall[authorize]: module "dailycounter" returns noop for request 3 rlm_sqlcounter: Entering module authorize code rlm_sqlcounter: Could not find Check item value pair modcall[authorize]: module "weeklycounter" returns noop for request 3 modcall: group authorize returns updated for request 3 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 3 rlm_eap: Request found, released from the list rlm_eap: EAP/peap rlm_eap: processing type peap rlm_eap_peap: Authenticate rlm_eap_tls: processing TLS rlm_eap_tls: Received EAP-TLS ACK message rlm_eap_tls: ack handshake fragment handler eaptls_verify returned 1 eaptls_process returned 13 rlm_eap_peap: EAPTLS_HANDLED modcall[authenticate]: module "eap" returns handled for request 3 modcall: group authenticate returns handled for request 3 Sending Access-Challenge of id 43 to 192.168.0.60:1073 Acct-Interim-Interval := 120 WISPr-Redirection-URL := "http://www.google.com" EAP-Message = 0x010402f2190037303832363136303033355a30819e310b30090603550406130243413111300f0603550408130850726f76696e63653112301006035504071309536f6d65204369747931153013060355040a130c4f7267616e697a6174696f6e3111300f060355040b130870726f6c69616e74311b301906035504031312436c69656e742063657274696669636174653121301f06092a864886f70d0109011612636c69656e74406578616d706c652e636f6d30819f300d06092a864886f70d010101050003818d0030818902818100cf72fb84aaf293b1d18f0118a451988e4d09bac8194fb4ec0f6caf5a6c8046b834e081132fffd50c8695568c4c EAP-Message = 0xd6932dfd7884dd9d9ddfc324722a3999609b508d473c20294f7e16f41400f115e1f06ee889917afc916aca0e0c9ff1ee4404963f23ac26d2c9e8e3b966ba57d6bdb34ebaf642abd4056b95619f1b2a527a93890203010001a381fe3081fb301d0603551d0e041604148ff45f524e0254e23cc203fc39051fd149e2e4f03081cb0603551d230481c33081c080148ff45f524e0254e23cc203fc39051fd149e2e4f0a181a4a481a130819e310b30090603550406130243413111300f0603550408130850726f76696e63653112301006035504071309536f6d65204369747931153013060355040a130c4f7267616e697a6174696f6e3111300f06035504 EAP-Message = 0x0b130870726f6c69616e74311b301906035504031312436c69656e742063657274696669636174653121301f06092a864886f70d0109011612636c69656e74406578616d706c652e636f6d820100300c0603551d13040530030101ff300d06092a864886f70d010104050003818100ae109fc14bf7b5f23b2077f1832e7c45dbc22d4b8c911021e3c95728357f75354c4cf3898a818f0615905ee6cd6366775ccb8f9f71e1b638dc5c479db456247499c8e19b838630de1bdc6e139d196b03466e985afd25371c174492d85c6ac7dc4b14e3f17eae85fecc6b7f065a5cee2ccc86f973ee75a6557c48a8af32301be416030100040e000000 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x0135f183c02deedef2fcbcaeb29b923e Finished request 3 Going to the next request Waking up in 6 seconds... rad_recv: Access-Request packet from host 192.168.0.60:1073, id=44, length=318 User-Name = "pepe@2" State = 0x0135f183c02deedef2fcbcaeb29b923e EAP-Message = 0x020400c01980000000b61603010086100000820080b44e0f2d7fa922b899631fc77ccb55028bd696043f9d2deedbd03a8f83f66dfee04fd59e7e8ec730c7b748a740d7e51dec6d5bfdd99d1bdd810bc03568b79805de0a1cb16935f9e2b62780fa705a36bc91cc1a8a7a6cac3f53c29f61668aef3d636a2244f5d5bf6e0f5f7a8823fd1773cad2f01bbbe8b7507eee6aff49e1458314030100010116030100201fbabae2535a9ac3ebf72a654458ab34c571a6f978ee66f532f48c184a1e0de4 Message-Authenticator = 0x8b376be6308c0c7d9ba4899440a9ab34 Calling-Station-Id = "00-0E-35-4B-81-90" Called-Station-Id = "00-00-24-C4-54-59" NAS-Port-Type = Wireless-802.11 NAS-Port = 2 NAS-IP-Address = 0.0.0.0 NAS-Identifier = "19" Processing the authorize section of radiusd.conf modcall: entering group authorize for request 4 modcall[authorize]: module "preprocess" returns ok for request 4 modcall[authorize]: module "chap" returns noop for request 4 modcall[authorize]: module "mschap" returns noop for request 4 rlm_realm: Looking up realm "2" for User-Name = "pepe@2" rlm_realm: No such realm "2" modcall[authorize]: module "suffix" returns noop for request 4 rlm_eap: EAP packet type response id 4 length 192 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 4 radius_xlat: 'pepe@2' rlm_sql (sql): sql_set_user escaped user --> 'pepe@2' radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 'pepe@2' ORDER BY id' rlm_sql (sql): Reserving sql socket id: 0 radius_xlat: 'SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'pepe@2' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id' radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = 'pepe@2' ORDER BY id' radius_xlat: 'SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'pepe@2' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id' rlm_sql (sql): Released sql socket id: 0 modcall[authorize]: module "sql" returns ok for request 4 rlm_sqlcounter: Entering module authorize code rlm_sqlcounter: Could not find Check item value pair modcall[authorize]: module "noresetcounter" returns noop for request 4 rlm_sqlcounter: Entering module authorize code rlm_sqlcounter: Could not find Check item value pair modcall[authorize]: module "dailycounter" returns noop for request 4 rlm_sqlcounter: Entering module authorize code rlm_sqlcounter: Could not find Check item value pair modcall[authorize]: module "weeklycounter" returns noop for request 4 modcall: group authorize returns updated for request 4 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 4 rlm_eap: Request found, released from the list rlm_eap: EAP/peap rlm_eap: processing type peap rlm_eap_peap: Authenticate rlm_eap_tls: processing TLS rlm_eap_tls: Length Included eaptls_verify returned 11 rlm_eap_tls: <<< TLS 1.0 Handshake [length 0086], ClientKeyExchange TLS_accept: SSLv3 read client key exchange A rlm_eap_tls: <<< TLS 1.0 ChangeCipherSpec [length 0001] rlm_eap_tls: <<< TLS 1.0 Handshake [length 0010], Finished TLS_accept: SSLv3 read finished A rlm_eap_tls: >>> TLS 1.0 ChangeCipherSpec [length 0001] TLS_accept: SSLv3 write change cipher spec A rlm_eap_tls: >>> TLS 1.0 Handshake [length 0010], Finished TLS_accept: SSLv3 write finished A TLS_accept: SSLv3 flush data (other): SSL negotiation finished successfully SSL Connection Established eaptls_process returned 13 rlm_eap_peap: EAPTLS_HANDLED modcall[authenticate]: module "eap" returns handled for request 4 modcall: group authenticate returns handled for request 4 Sending Access-Challenge of id 44 to 192.168.0.60:1073 Acct-Interim-Interval := 120 WISPr-Redirection-URL := "http://www.google.com" EAP-Message = 0x0105003119001403010001011603010020fb8aaf3be131d768a63017854c7c23750e6c689b3de3aa8d272fdb79d41b011e Message-Authenticator = 0x00000000000000000000000000000000 State = 0x318e792148ca4a99521d65db373fc0a0 Finished request 4 Going to the next request Waking up in 6 seconds... rad_recv: Access-Request packet from host 192.168.0.60:1073, id=45, length=132 User-Name = "pepe@2" State = 0x318e792148ca4a99521d65db373fc0a0 EAP-Message = 0x020500061900 Message-Authenticator = 0xfc9ba1b28ca7b1da8613a376c436be63 Calling-Station-Id = "00-0E-35-4B-81-90" Called-Station-Id = "00-00-24-C4-54-59" NAS-Port-Type = Wireless-802.11 NAS-Port = 2 NAS-IP-Address = 0.0.0.0 NAS-Identifier = "19" Processing the authorize section of radiusd.conf modcall: entering group authorize for request 5 modcall[authorize]: module "preprocess" returns ok for request 5 modcall[authorize]: module "chap" returns noop for request 5 modcall[authorize]: module "mschap" returns noop for request 5 rlm_realm: Looking up realm "2" for User-Name = "pepe@2" rlm_realm: No such realm "2" modcall[authorize]: module "suffix" returns noop for request 5 rlm_eap: EAP packet type response id 5 length 6 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 5 radius_xlat: 'pepe@2' rlm_sql (sql): sql_set_user escaped user --> 'pepe@2' radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 'pepe@2' ORDER BY id' rlm_sql (sql): Reserving sql socket id: 4 radius_xlat: 'SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'pepe@2' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id' radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = 'pepe@2' ORDER BY id' radius_xlat: 'SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'pepe@2' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id' rlm_sql (sql): Released sql socket id: 4 modcall[authorize]: module "sql" returns ok for request 5 rlm_sqlcounter: Entering module authorize code rlm_sqlcounter: Could not find Check item value pair modcall[authorize]: module "noresetcounter" returns noop for request 5 rlm_sqlcounter: Entering module authorize code rlm_sqlcounter: Could not find Check item value pair modcall[authorize]: module "dailycounter" returns noop for request 5 rlm_sqlcounter: Entering module authorize code rlm_sqlcounter: Could not find Check item value pair modcall[authorize]: module "weeklycounter" returns noop for request 5 modcall: group authorize returns updated for request 5 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 5 rlm_eap: Request found, released from the list rlm_eap: EAP/peap rlm_eap: processing type peap rlm_eap_peap: Authenticate rlm_eap_tls: processing TLS rlm_eap_tls: Received EAP-TLS ACK message rlm_eap_tls: ack handshake is finished eaptls_verify returned 3 eaptls_process returned 3 rlm_eap_peap: EAPTLS_SUCCESS modcall[authenticate]: module "eap" returns handled for request 5 modcall: group authenticate returns handled for request 5 Sending Access-Challenge of id 45 to 192.168.0.60:1073 Acct-Interim-Interval := 120 WISPr-Redirection-URL := "http://www.google.com" EAP-Message = 0x0106002019001703010015fe2fa6d26ae930b0251a331d2ab21e986276447312 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x9536f209af73db471d6661690c1ccf19 Finished request 5 Going to the next request Waking up in 6 seconds... rad_recv: Access-Request packet from host 192.168.0.60:1073, id=46, length=160 User-Name = "pepe@2" State = 0x9536f209af73db471d6661690c1ccf19 EAP-Message = 0x02060022190017030100173045eca0ddf60d6dfe7599ddd658225a848ee96af9320b Message-Authenticator = 0x99fbf2f6fe623bdb5826baf86cf8af83 Calling-Station-Id = "00-0E-35-4B-81-90" Called-Station-Id = "00-00-24-C4-54-59" NAS-Port-Type = Wireless-802.11 NAS-Port = 2 NAS-IP-Address = 0.0.0.0 NAS-Identifier = "19" Processing the authorize section of radiusd.conf modcall: entering group authorize for request 6 modcall[authorize]: module "preprocess" returns ok for request 6 modcall[authorize]: module "chap" returns noop for request 6 modcall[authorize]: module "mschap" returns noop for request 6 rlm_realm: Looking up realm "2" for User-Name = "pepe@2" rlm_realm: No such realm "2" modcall[authorize]: module "suffix" returns noop for request 6 rlm_eap: EAP packet type response id 6 length 34 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 6 radius_xlat: 'pepe@2' rlm_sql (sql): sql_set_user escaped user --> 'pepe@2' radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 'pepe@2' ORDER BY id' rlm_sql (sql): Reserving sql socket id: 3 radius_xlat: 'SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'pepe@2' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id' radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = 'pepe@2' ORDER BY id' radius_xlat: 'SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'pepe@2' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id' rlm_sql (sql): Released sql socket id: 3 modcall[authorize]: module "sql" returns ok for request 6 rlm_sqlcounter: Entering module authorize code rlm_sqlcounter: Could not find Check item value pair modcall[authorize]: module "noresetcounter" returns noop for request 6 rlm_sqlcounter: Entering module authorize code rlm_sqlcounter: Could not find Check item value pair modcall[authorize]: module "dailycounter" returns noop for request 6 rlm_sqlcounter: Entering module authorize code rlm_sqlcounter: Could not find Check item value pair modcall[authorize]: module "weeklycounter" returns noop for request 6 modcall: group authorize returns updated for request 6 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 6 rlm_eap: Request found, released from the list rlm_eap: EAP/peap rlm_eap: processing type peap rlm_eap_peap: Authenticate rlm_eap_tls: processing TLS eaptls_verify returned 7 rlm_eap_tls: Done initial handshake eaptls_process returned 7 rlm_eap_peap: EAPTLS_OK rlm_eap_peap: Session established. Decoding tunneled attributes. rlm_eap_peap: Identity - pepe@2 rlm_eap_peap: Tunneled data is valid. PEAP: Got tunneled EAP-Message EAP-Message = 0x0206000b01706570654032 PEAP: Got tunneled identity of pepe@2 PEAP: Setting default EAP type for tunneled EAP session. PEAP: Setting User-Name to pepe@2 PEAP: Sending tunneled request EAP-Message = 0x0206000b01706570654032 FreeRADIUS-Proxied-To = 127.0.0.1 User-Name = "pepe@2" Processing the authorize section of radiusd.conf modcall: entering group authorize for request 6 modcall[authorize]: module "preprocess" returns ok for request 6 modcall[authorize]: module "chap" returns noop for request 6 modcall[authorize]: module "mschap" returns noop for request 6 rlm_realm: Looking up realm "2" for User-Name = "pepe@2" rlm_realm: No such realm "2" modcall[authorize]: module "suffix" returns noop for request 6 rlm_eap: EAP packet type response id 6 length 11 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 6 radius_xlat: 'pepe@2' rlm_sql (sql): sql_set_user escaped user --> 'pepe@2' radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 'pepe@2' ORDER BY id' rlm_sql (sql): Reserving sql socket id: 2 radius_xlat: 'SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'pepe@2' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id' radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = 'pepe@2' ORDER BY id' radius_xlat: 'SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'pepe@2' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id' rlm_sql (sql): Released sql socket id: 2 modcall[authorize]: module "sql" returns ok for request 6 rlm_sqlcounter: Entering module authorize code rlm_sqlcounter: Could not find Check item value pair modcall[authorize]: module "noresetcounter" returns noop for request 6 rlm_sqlcounter: Entering module authorize code rlm_sqlcounter: Could not find Check item value pair modcall[authorize]: module "dailycounter" returns noop for request 6 rlm_sqlcounter: Entering module authorize code rlm_sqlcounter: Could not find Check item value pair modcall[authorize]: module "weeklycounter" returns noop for request 6 modcall: group authorize returns updated for request 6 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 6 rlm_eap: EAP Identity rlm_eap: processing type mschapv2 rlm_eap_mschapv2: Issuing Challenge modcall[authenticate]: module "eap" returns handled for request 6 modcall: group authenticate returns handled for request 6 PEAP: Got tunneled reply RADIUS code 11 Acct-Interim-Interval := 120 WISPr-Redirection-URL := "http://www.google.com" EAP-Message = 0x010700201a0107001b10b213538d45b54607359136841d21cd4e706570654032 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x9ad4e2cb9ccc41c387a83f1a583a5cc6 PEAP: Processing from tunneled session code 0x8195e98 11 Acct-Interim-Interval := 120 WISPr-Redirection-URL := "http://www.google.com" EAP-Message = 0x010700201a0107001b10b213538d45b54607359136841d21cd4e706570654032 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x9ad4e2cb9ccc41c387a83f1a583a5cc6 PEAP: Got tunneled Access-Challenge modcall[authenticate]: module "eap" returns handled for request 6 modcall: group authenticate returns handled for request 6 Sending Access-Challenge of id 46 to 192.168.0.60:1073 Acct-Interim-Interval := 120 WISPr-Redirection-URL := "http://www.google.com" EAP-Message = 0x010700371900170301002c90dea7fae9d3fd3068a980b88680a49040190263a42fcbcd216788495d2a1ffd012db65afc4de325665a4b06 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x2f0f2513c0e24410475061f7dae9845b Finished request 6 Going to the next request Waking up in 6 seconds... rad_recv: Access-Request packet from host 192.168.0.60:1073, id=47, length=214 User-Name = "pepe@2" State = 0x2f0f2513c0e24410475061f7dae9845b EAP-Message = 0x020700581900170301004d8e5bc2cd2ffba4f8366dbcc1887c252b8d1980b4a2b28957ee340b8c4444212ac2eff1e1f0deebda90c27f789b0a1ed58aa5ce8a29dce3837abc4178c3e3638af2c1edf6ceda9094cd38c2eb58 Message-Authenticator = 0x969c39d3e86698103a2943310e7a2135 Calling-Station-Id = "00-0E-35-4B-81-90" Called-Station-Id = "00-00-24-C4-54-59" NAS-Port-Type = Wireless-802.11 NAS-Port = 2 NAS-IP-Address = 0.0.0.0 NAS-Identifier = "19" Processing the authorize section of radiusd.conf modcall: entering group authorize for request 7 modcall[authorize]: module "preprocess" returns ok for request 7 modcall[authorize]: module "chap" returns noop for request 7 modcall[authorize]: module "mschap" returns noop for request 7 rlm_realm: Looking up realm "2" for User-Name = "pepe@2" rlm_realm: No such realm "2" modcall[authorize]: module "suffix" returns noop for request 7 rlm_eap: EAP packet type response id 7 length 88 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 7 radius_xlat: 'pepe@2' rlm_sql (sql): sql_set_user escaped user --> 'pepe@2' radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 'pepe@2' ORDER BY id' rlm_sql (sql): Reserving sql socket id: 1 radius_xlat: 'SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'pepe@2' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id' radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = 'pepe@2' ORDER BY id' radius_xlat: 'SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'pepe@2' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id' rlm_sql (sql): Released sql socket id: 1 modcall[authorize]: module "sql" returns ok for request 7 rlm_sqlcounter: Entering module authorize code rlm_sqlcounter: Could not find Check item value pair modcall[authorize]: module "noresetcounter" returns noop for request 7 rlm_sqlcounter: Entering module authorize code rlm_sqlcounter: Could not find Check item value pair modcall[authorize]: module "dailycounter" returns noop for request 7 rlm_sqlcounter: Entering module authorize code rlm_sqlcounter: Could not find Check item value pair modcall[authorize]: module "weeklycounter" returns noop for request 7 modcall: group authorize returns updated for request 7 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 7 rlm_eap: Request found, released from the list rlm_eap: EAP/peap rlm_eap: processing type peap rlm_eap_peap: Authenticate rlm_eap_tls: processing TLS eaptls_verify returned 7 rlm_eap_tls: Done initial handshake eaptls_process returned 7 rlm_eap_peap: EAPTLS_OK rlm_eap_peap: Session established. Decoding tunneled attributes. rlm_eap_peap: EAP type mschapv2 rlm_eap_peap: Tunneled data is valid. PEAP: Got tunneled EAP-Message EAP-Message = 0x020700411a0207003c3109c02a1f16600f0b7ebf8c57dd72463a00000000000000006c8a834a001b1ede7a7c25e3ac21ebd9586849f1dff5c25a00706570654032 PEAP: Setting User-Name to pepe@2 PEAP: Adding old state with 9a d4 PEAP: Sending tunneled request EAP-Message = 0x020700411a0207003c3109c02a1f16600f0b7ebf8c57dd72463a00000000000000006c8a834a001b1ede7a7c25e3ac21ebd9586849f1dff5c25a00706570654032 FreeRADIUS-Proxied-To = 127.0.0.1 User-Name = "pepe@2" State = 0x9ad4e2cb9ccc41c387a83f1a583a5cc6 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 7 modcall[authorize]: module "preprocess" returns ok for request 7 modcall[authorize]: module "chap" returns noop for request 7 modcall[authorize]: module "mschap" returns noop for request 7 rlm_realm: Looking up realm "2" for User-Name = "pepe@2" rlm_realm: No such realm "2" modcall[authorize]: module "suffix" returns noop for request 7 rlm_eap: EAP packet type response id 7 length 65 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 7 radius_xlat: 'pepe@2' rlm_sql (sql): sql_set_user escaped user --> 'pepe@2' radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 'pepe@2' ORDER BY id' rlm_sql (sql): Reserving sql socket id: 0 radius_xlat: 'SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'pepe@2' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id' radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = 'pepe@2' ORDER BY id' radius_xlat: 'SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'pepe@2' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id' rlm_sql (sql): Released sql socket id: 0 modcall[authorize]: module "sql" returns ok for request 7 rlm_sqlcounter: Entering module authorize code rlm_sqlcounter: Could not find Check item value pair modcall[authorize]: module "noresetcounter" returns noop for request 7 rlm_sqlcounter: Entering module authorize code rlm_sqlcounter: Could not find Check item value pair modcall[authorize]: module "dailycounter" returns noop for request 7 rlm_sqlcounter: Entering module authorize code rlm_sqlcounter: Could not find Check item value pair modcall[authorize]: module "weeklycounter" returns noop for request 7 modcall: group authorize returns updated for request 7 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 7 rlm_eap: Request found, released from the list rlm_eap: EAP/mschapv2 rlm_eap: processing type mschapv2 Processing the authenticate section of radiusd.conf modcall: entering group Auth-Type for request 7 rlm_mschap: Told to do MS-CHAPv2 for pepe@2 with NT-Password rlm_mschap: adding MS-CHAPv2 MPPE keys modcall[authenticate]: module "mschap" returns ok for request 7 modcall: group Auth-Type returns ok for request 7 MSCHAP Success modcall[authenticate]: module "eap" returns handled for request 7 modcall: group authenticate returns handled for request 7 PEAP: Got tunneled reply RADIUS code 11 Acct-Interim-Interval := 120 WISPr-Redirection-URL := "http://www.google.com" MS-CHAP2-Success = 0x07533d32434638444439413532323630424533434244373433453635463131384442314544354245433346 EAP-Message = 0x010800331a0307002e533d32434638444439413532323630424533434244373433453635463131384442314544354245433346 Message-Authenticator = 0x00000000000000000000000000000000 State = 0xc141d8145bc0c0c3eb4cb342e98a1c00 PEAP: Processing from tunneled session code 0x81c6570 11 Acct-Interim-Interval := 120 WISPr-Redirection-URL := "http://www.google.com" MS-CHAP2-Success = 0x07533d32434638444439413532323630424533434244373433453635463131384442314544354245433346 EAP-Message = 0x010800331a0307002e533d32434638444439413532323630424533434244373433453635463131384442314544354245433346 Message-Authenticator = 0x00000000000000000000000000000000 State = 0xc141d8145bc0c0c3eb4cb342e98a1c00 PEAP: Got tunneled Access-Challenge modcall[authenticate]: module "eap" returns handled for request 7 modcall: group authenticate returns handled for request 7 Sending Access-Challenge of id 47 to 192.168.0.60:1073 Acct-Interim-Interval := 120 WISPr-Redirection-URL := "http://www.google.com" EAP-Message = 0x0108004a1900170301003f953fad7bb9effdcd17a252fcbf83a7bca242bceda61e69233a63823bcab595173a4747bcaec6288f8993d9d8804985c44af981f7f621aeac331c2c5e135267 Message-Authenticator = 0x00000000000000000000000000000000 State = 0x0e871d815cf2848f6c103dc30bd58392 Finished request 7 Going to the next request Waking up in 6 seconds... rad_recv: Access-Request packet from host 192.168.0.60:1073, id=48, length=155 User-Name = "pepe@2" State = 0x0e871d815cf2848f6c103dc30bd58392 EAP-Message = 0x0208001d19001703010012565b6eaba4c4e2208e8f8bd19589cc664e86 Message-Authenticator = 0xe9096396ecc465f095bae11ea5b7b9b8 Calling-Station-Id = "00-0E-35-4B-81-90" Called-Station-Id = "00-00-24-C4-54-59" NAS-Port-Type = Wireless-802.11 NAS-Port = 2 NAS-IP-Address = 0.0.0.0 NAS-Identifier = "19" Processing the authorize section of radiusd.conf modcall: entering group authorize for request 8 modcall[authorize]: module "preprocess" returns ok for request 8 modcall[authorize]: module "chap" returns noop for request 8 modcall[authorize]: module "mschap" returns noop for request 8 rlm_realm: Looking up realm "2" for User-Name = "pepe@2" rlm_realm: No such realm "2" modcall[authorize]: module "suffix" returns noop for request 8 rlm_eap: EAP packet type response id 8 length 29 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 8 radius_xlat: 'pepe@2' rlm_sql (sql): sql_set_user escaped user --> 'pepe@2' radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 'pepe@2' ORDER BY id' rlm_sql (sql): Reserving sql socket id: 4 radius_xlat: 'SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'pepe@2' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id' radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = 'pepe@2' ORDER BY id' radius_xlat: 'SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'pepe@2' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id' rlm_sql (sql): Released sql socket id: 4 modcall[authorize]: module "sql" returns ok for request 8 rlm_sqlcounter: Entering module authorize code rlm_sqlcounter: Could not find Check item value pair modcall[authorize]: module "noresetcounter" returns noop for request 8 rlm_sqlcounter: Entering module authorize code rlm_sqlcounter: Could not find Check item value pair modcall[authorize]: module "dailycounter" returns noop for request 8 rlm_sqlcounter: Entering module authorize code rlm_sqlcounter: Could not find Check item value pair modcall[authorize]: module "weeklycounter" returns noop for request 8 modcall: group authorize returns updated for request 8 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 8 rlm_eap: Request found, released from the list rlm_eap: EAP/peap rlm_eap: processing type peap rlm_eap_peap: Authenticate rlm_eap_tls: processing TLS eaptls_verify returned 7 rlm_eap_tls: Done initial handshake eaptls_process returned 7 rlm_eap_peap: EAPTLS_OK rlm_eap_peap: Session established. Decoding tunneled attributes. rlm_eap_peap: EAP type mschapv2 rlm_eap_peap: Tunneled data is valid. PEAP: Got tunneled EAP-Message EAP-Message = 0x020800061a03 PEAP: Setting User-Name to pepe@2 PEAP: Adding old state with c1 41 PEAP: Sending tunneled request EAP-Message = 0x020800061a03 FreeRADIUS-Proxied-To = 127.0.0.1 User-Name = "pepe@2" State = 0xc141d8145bc0c0c3eb4cb342e98a1c00 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 8 modcall[authorize]: module "preprocess" returns ok for request 8 modcall[authorize]: module "chap" returns noop for request 8 modcall[authorize]: module "mschap" returns noop for request 8 rlm_realm: Looking up realm "2" for User-Name = "pepe@2" rlm_realm: No such realm "2" modcall[authorize]: module "suffix" returns noop for request 8 rlm_eap: EAP packet type response id 8 length 6 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 8 radius_xlat: 'pepe@2' rlm_sql (sql): sql_set_user escaped user --> 'pepe@2' radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 'pepe@2' ORDER BY id' rlm_sql (sql): Reserving sql socket id: 3 radius_xlat: 'SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'pepe@2' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id' radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = 'pepe@2' ORDER BY id' radius_xlat: 'SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'pepe@2' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id' rlm_sql (sql): Released sql socket id: 3 modcall[authorize]: module "sql" returns ok for request 8 rlm_sqlcounter: Entering module authorize code rlm_sqlcounter: Could not find Check item value pair modcall[authorize]: module "noresetcounter" returns noop for request 8 rlm_sqlcounter: Entering module authorize code rlm_sqlcounter: Could not find Check item value pair modcall[authorize]: module "dailycounter" returns noop for request 8 rlm_sqlcounter: Entering module authorize code rlm_sqlcounter: Could not find Check item value pair modcall[authorize]: module "weeklycounter" returns noop for request 8 modcall: group authorize returns updated for request 8 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 8 rlm_eap: Request found, released from the list rlm_eap: EAP/mschapv2 rlm_eap: processing type mschapv2 rlm_eap: Freeing handler modcall[authenticate]: module "eap" returns ok for request 8 modcall: group authenticate returns ok for request 8 Login OK: [pepe@2/<no User-Password attribute>] (from client red-privada port 0) Processing the post-auth section of radiusd.conf modcall: entering group post-auth for request 8 rlm_sql (sql): Processing sql_postauth radius_xlat: 'pepe@2' rlm_sql (sql): sql_set_user escaped user --> 'pepe@2' radius_xlat: 'INSERT into radpostauth (id, user, pass, reply, date) values ('', 'pepe@2', 'Chap-Password', 'Access-Accept', NOW())' rlm_sql (sql) in sql_postauth: query is INSERT into radpostauth (id, user, pass, reply, date) values ('', 'pepe@2', 'Chap-Password', 'Access-Accept', NOW()) rlm_sql (sql): Reserving sql socket id: 2 rlm_sql (sql): Released sql socket id: 2 modcall[post-auth]: module "sql" returns ok for request 8 modcall: group post-auth returns ok for request 8 PEAP: Got tunneled reply RADIUS code 2 Acct-Interim-Interval := 120 WISPr-Redirection-URL := "http://www.google.com" EAP-Message = 0x03080004 Message-Authenticator = 0x00000000000000000000000000000000 User-Name = "pepe@2" PEAP: Processing from tunneled session code 0x81c5300 2 Acct-Interim-Interval := 120 WISPr-Redirection-URL := "http://www.google.com" EAP-Message = 0x03080004 Message-Authenticator = 0x00000000000000000000000000000000 User-Name = "pepe@2" PEAP: Tunneled authentication was successful. rlm_eap_peap: SUCCESS modcall[authenticate]: module "eap" returns handled for request 8 modcall: group authenticate returns handled for request 8 Sending Access-Challenge of id 48 to 192.168.0.60:1073 Acct-Interim-Interval := 120 WISPr-Redirection-URL := "http://www.google.com" EAP-Message = 0x010900261900170301001b61c4c49dbecc0711438c4dd263e268b72bccb3a1dd48341d48fc6c Message-Authenticator = 0x00000000000000000000000000000000 State = 0xe074f92b1d5a4ab1a12f5a64c28608bb Finished request 8 Going to the next request Waking up in 6 seconds... rad_recv: Access-Request packet from host 192.168.0.60:1073, id=49, length=164 User-Name = "pepe@2" State = 0xe074f92b1d5a4ab1a12f5a64c28608bb EAP-Message = 0x020900261900170301001b356512a05ee9918699375d7503609761697f682fd354c9c2a9a996 Message-Authenticator = 0xb10ea10adf047f9843d7e6594e99c349 Calling-Station-Id = "00-0E-35-4B-81-90" Called-Station-Id = "00-00-24-C4-54-59" NAS-Port-Type = Wireless-802.11 NAS-Port = 2 NAS-IP-Address = 0.0.0.0 NAS-Identifier = "19" Processing the authorize section of radiusd.conf modcall: entering group authorize for request 9 modcall[authorize]: module "preprocess" returns ok for request 9 modcall[authorize]: module "chap" returns noop for request 9 modcall[authorize]: module "mschap" returns noop for request 9 rlm_realm: Looking up realm "2" for User-Name = "pepe@2" rlm_realm: No such realm "2" modcall[authorize]: module "suffix" returns noop for request 9 rlm_eap: EAP packet type response id 9 length 38 rlm_eap: No EAP Start, assuming it's an on-going EAP conversation modcall[authorize]: module "eap" returns updated for request 9 radius_xlat: 'pepe@2' rlm_sql (sql): sql_set_user escaped user --> 'pepe@2' radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radcheck WHERE Username = 'pepe@2' ORDER BY id' rlm_sql (sql): Reserving sql socket id: 1 radius_xlat: 'SELECT radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op FROM radgroupcheck,usergroup WHERE usergroup.Username = 'pepe@2' AND usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id' radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radreply WHERE Username = 'pepe@2' ORDER BY id' radius_xlat: 'SELECT radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op FROM radgroupreply,usergroup WHERE usergroup.Username = 'pepe@2' AND usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id' rlm_sql (sql): Released sql socket id: 1 modcall[authorize]: module "sql" returns ok for request 9 rlm_sqlcounter: Entering module authorize code rlm_sqlcounter: Could not find Check item value pair modcall[authorize]: module "noresetcounter" returns noop for request 9 rlm_sqlcounter: Entering module authorize code rlm_sqlcounter: Could not find Check item value pair modcall[authorize]: module "dailycounter" returns noop for request 9 rlm_sqlcounter: Entering module authorize code rlm_sqlcounter: Could not find Check item value pair modcall[authorize]: module "weeklycounter" returns noop for request 9 modcall: group authorize returns updated for request 9 rad_check_password: Found Auth-Type EAP auth: type "EAP" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 9 rlm_eap: Request found, released from the list rlm_eap: EAP/peap rlm_eap: processing type peap rlm_eap_peap: Authenticate rlm_eap_tls: processing TLS eaptls_verify returned 7 rlm_eap_tls: Done initial handshake eaptls_process returned 7 rlm_eap_peap: EAPTLS_OK rlm_eap_peap: Session established. Decoding tunneled attributes. rlm_eap_peap: Received EAP-TLV response. rlm_eap_peap: Tunneled data is valid. rlm_eap_peap: Success rlm_eap: Freeing handler modcall[authenticate]: module "eap" returns ok for request 9 modcall: group authenticate returns ok for request 9 Login OK: [pepe@2/<no User-Password attribute>] (from client red-privada port 2 cli 00-0E-35-4B-81-90) Processing the post-auth section of radiusd.conf modcall: entering group post-auth for request 9 rlm_sql (sql): Processing sql_postauth radius_xlat: 'pepe@2' rlm_sql (sql): sql_set_user escaped user --> 'pepe@2' radius_xlat: 'INSERT into radpostauth (id, user, pass, reply, date) values ('', 'pepe@2', 'Chap-Password', 'Access-Accept', NOW())' rlm_sql (sql) in sql_postauth: query is INSERT into radpostauth (id, user, pass, reply, date) values ('', 'pepe@2', 'Chap-Password', 'Access-Accept', NOW()) rlm_sql (sql): Reserving sql socket id: 0 rlm_sql (sql): Released sql socket id: 0 modcall[post-auth]: module "sql" returns ok for request 9 modcall: group post-auth returns ok for request 9 Sending Access-Accept of id 49 to 192.168.0.60:1073 Acct-Interim-Interval := 120 WISPr-Redirection-URL := "http://www.google.com" MS-MPPE-Recv-Key = 0x4159b2279c7d51e213eb98e2520f25feb5189959fe9e22f361fd09de3150fc94 MS-MPPE-Send-Key = 0x959a95b4adaff8b9c288913548ec358ef34d7913fd7ca4bce905c3e7bc5050de EAP-Message = 0x03090004 Message-Authenticator = 0x00000000000000000000000000000000 User-Name = "pepe@2" Finished request 9 Going to the next request Waking up in 6 seconds... rad_recv: Accounting-Request packet from host 192.168.0.60:1073, id=50, length=212 Acct-Status-Type = Start User-Name = "pepe@2" Calling-Station-Id = "00-0E-35-4B-81-90" Called-Station-Id = "00-00-24-C4-54-59" NAS-Port-Type = Wireless-802.11 NAS-Port = 2 NAS-Port-Id = "00000002" NAS-IP-Address = 0.0.0.0 NAS-Identifier = "19" Framed-IP-Address = 192.168.182.6 Acct-Session-Id = "437de6c800000002" WISPr-Location-ID = "isocc=es,cc=34,ac=943,network=Testing_Sarematica" WISPr-Location-Name = "Joseba,Sarematica_SL" Processing the preacct section of radiusd.conf modcall: entering group preacct for request 10 modcall[preacct]: module "preprocess" returns noop for request 10 rlm_acct_unique: Hashing 'NAS-Port = 2,Client-IP-Address = 192.168.0.60,NAS-IP-Address = 0.0.0.0,Acct-Session-Id = "437de6c800000002",User-Name = "pepe@2"' rlm_acct_unique: Acct-Unique-Session-ID = "44590ef2a760047d". modcall[preacct]: module "acct_unique" returns ok for request 10 rlm_realm: Looking up realm "2" for User-Name = "pepe@2" rlm_realm: No such realm "2" modcall[preacct]: module "suffix" returns noop for request 10 modcall: group preacct returns ok for request 10 Processing the accounting section of radiusd.conf modcall: entering group accounting for request 10 modcall[accounting]: module "acct_unique" returns noop for request 10 radius_xlat: 'pepe@2' rlm_sql (sql): sql_set_user escaped user --> 'pepe@2' radius_xlat: 'INSERT into radacct (AcctSessionId, AcctUniqueId, UserName, Realm, NASIPAddress, NASPortId, NASPortType, AcctStartTime, AcctStopTime, AcctSessionTime, AcctAuthentic, ConnectInfo_start, ConnectInfo_stop, AcctInputOctets, AcctOutputOctets, CalledStationId, CallingStationId, AcctTerminateCause, ServiceType, FramedProtocol, FramedIPAddress, AcctStartDelay, AcctStopDelay) values('437de6c800000002', '44590ef2a760047d', 'pepe@2', '19', '0.0.0.0', '2', 'Wireless-802.11', '2005-11-18 15:39:08', '0', '0', '', '', '', '0', '0', '00-00-24-C4-54-59', '00-0E-35-4B-81-90', '', '', '', '192.168.182.6', '', '0')' rlm_sql (sql): Reserving sql socket id: 4 rlm_sql (sql): Released sql socket id: 4 modcall[accounting]: module "sql" returns ok for request 10 modcall: group accounting returns ok for request 10 Sending Accounting-Response of id 50 to 192.168.0.60:1073 Finished request 10 Going to the next request Cleaning up request 10 ID 50 with timestamp 437de78c Waking up in 6 seconds... --- Walking the entire request list --- Cleaning up request 1 ID 41 with timestamp 437de78c Cleaning up request 2 ID 42 with timestamp 437de78c Cleaning up request 3 ID 43 with timestamp 437de78c Cleaning up request 4 ID 44 with timestamp 437de78c Cleaning up request 5 ID 45 with timestamp 437de78c Cleaning up request 6 ID 46 with timestamp 437de78c Cleaning up request 7 ID 47 with timestamp 437de78c Cleaning up request 8 ID 48 with timestamp 437de78c Cleaning up request 9 ID 49 with timestamp 437de78c Nothing to do. Sleeping until we see a request. --- Walking the entire request list --- Nothing to do. Sleeping until we see a request. Exiting... rlm_sql (sql): Closing sqlsocket 4 rlm_sql (sql): Closing sqlsocket 3 rlm_sql (sql): Closing sqlsocket 2 rlm_sql (sql): Closing sqlsocket 1 rlm_sql (sql): Closing sqlsocket 0
participants (4)
-
Andreas Engler -
Joseba Beltrán -
Mike Jenkins -
Nicolas Baradakis