Please HELP!!! Any ideas??? MySQL and users file... Difference???

Alex Savguira savguira at gmail.com
Sat Feb 25 07:25:54 CET 2006 

Please anybody help me... I am reposting this message, since I am
hitting the dead end with this issue....

Thanks in advance...


Hi to all...
Does anyone have any idea why placing the following two lines into
users file works perfectly with both PAP and CHAP
users
btest   User-Password == Master1
btest   Crypt-Password == "$1$KyUhHIHD$R7mAm4rPX1q4WTEJY5rKQ1"

whereas  placing the same two records into radcheck table doesn't work
for PAP it does however work for  CHAP?
username |      att                | op |    val
--------------+-------------------------+----+-----------
btest        | User-Password  | == | Master1
btest        | Crypt-Password | == | $1$KyUhHIHD$R7mAm4rPX1q4WTEJY5rKQ1

It seems that rlm_sql is hitting the unencrypted password only,
whereas encryption-scheme in radiusd.conf is defined crypt...
Am I missing something?

Any help will be appreciated
Alex Savguira

radius -X  (version 1.0.4 ) says

rad_recv: Access-Request packet from host 192.168.0.8:4544, id=47, length=45
       User-Name = "btest"
       User-Password = "Master1"
 Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
 modcall[authorize]: module "preprocess" returns ok for request 0
   rlm_realm: No '@' in User-Name = "btest", looking up realm NULL
   rlm_realm: No such realm "NULL"
 modcall[authorize]: module "suffix" returns noop for request 0
   users: Matched entry DEFAULT at line 171
   users: Matched entry DEFAULT at line 173
 modcall[authorize]: module "files" returns ok for request 0
radius_xlat:  'btest'
rlm_sql (sql): sql_set_user escaped user --> 'btest'
radius_xlat:  'SELECT id,UserName,Attribute,Value,op FROM radcheck
WHERE Username = 'btest' ORDER BY id'
rlm_sql (sql): Reserving sql socket id: 4
radius_xlat:  'SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op
 FROM radgroupcheck,usergroup WHERE usergroup.Username = 'btest' AND
usergroup.GroupName = radgroupcheck.GroupName ORDER BY
radgroupcheck.id'
radius_xlat:  'SELECT id,UserName,Attribute,Value,op FROM radreply
WHERE Username = 'btest' ORDER BY id'
radius_xlat:  'SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op
 FROM radgroupreply,usergroup WHERE usergroup.Username = 'btest' AND
usergroup.GroupName = radgroupreply.GroupName ORDER BY
radgroupreply.id'
rlm_sql (sql): Released sql socket id: 4
 modcall[authorize]: module "sql" returns ok for request 0
 modcall[authorize]: module "domainmschap" returns noop for request 0
modcall: group authorize returns ok for request 0
 rad_check_password:  Found Auth-Type PAP
auth: type "PAP"
 Processing the authenticate section of radiusd.conf
modcall: entering group Auth-Type for request 0
rlm_pap: login attempt by "btest" with password Master1
rlm_pap: Using password "Master1" for user btest authentication.
rlm_pap: Using CRYPT encryption.
rlm_pap: Passwords don't match
 modcall[authenticate]: module "pap" returns reject for request 0
modcall: group Auth-Type returns reject for request 0
auth: Failed to validate the user.
Login incorrect (rlm_pap: CRYPT password check failed):
[btest/Master1] (from client rasdata port 0)
Delaying request 0 for 1 seconds
Finished request 0
Going to the next request
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Sending Access-Reject of id 47 to 192.168.0.8:4544
Waking up in 4 seconds...

More information about the Freeradius-Users mailing list