mysql authentication doesn't work

???????, ?? ???????? const at one.lv
Tue Mar 7 10:27:30 CET 2006


in radiusd.conf:
authorize {
        auth_log
        sql
}

authenticate {
}

in sql.conf:
sql_user_name = "%{Calling-Station-Id}"

authorize_check_query = "SELECT id, UserName, Attribute, Value, op \
          FROM ${authcheck_table} \
          WHERE UserName = '%{SQL-User-Name}' AND User='%{User-Name}' \
          ORDER BY id"

/usr/local/sbin/radiusd -X show me:
Listening on authentication XXX.XX.XX.XX:1812
Listening on accounting XXX.XX.XX.XX:1813
Ready to process requests.
rad_recv: Access-Request packet from host XXX.XX.XX.XX:1812, id=190, length=117
        NAS-Identifier = "mynas2"
        User-Name = "test"
        User-Password = "testpass"
        NAS-IP-Address = XXX.XX.XX.XX
        NAS-Port-Type = Virtual
        Called-Station-Id = "1000"
        Calling-Station-Id = "3339999999"
        Acct-Session-Id = "d45d6126058adce5"
        Acct-Multi-Session-Id = "d45d612600010610"
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
radius_xlat:  '/usr/local/var/log/radius/radacct/auth-detail.log'
rlm_detail: /usr/local/var/log/radius/radacct/auth-detail.log expands to /usr/local/var/log/radius/radacct/auth-detail.log
  modcall[authorize]: module "auth_log" returns ok for request 0
radius_xlat:  '3339999999'
rlm_sql (sql): sql_set_user escaped user --> '3339999999'
radius_xlat:  'SELECT id, UserName, Attribute, Value, op           FROM radcheck           WHERE UserName = '3339999999' AND User='test'           ORDER BY id'
rlm_sql (sql): Reserving sql socket id: 4
radius_xlat:  ''
radius_xlat:  'SELECT id, UserName, Attribute, Value, op           FROM radreply           WHERE UserName = 'secondtest'           ORDER BY id'
radius_xlat:  ''
rlm_sql (sql): Released sql socket id: 4
rlm_sql (sql): No matching entry in the database for request from user [3339999999]
  modcall[authorize]: module "sql" returns notfound for request 0
modcall: leaving group authorize (returns ok) for request 0
auth: No authenticate method (Auth-Type) configuration found for the request: Rejecting the user
auth: Failed to validate the user.
Login incorrect: [test/testpass] (from client mynas2 port 0 cli 3339999999)
Sending Access-Reject of id 190 to XXX.XX.XX.XX port 1812
Finished request 0

So, select from database:
mysql> SELECT id, UserName, Attribute, Value, op FROM radcheck WHERE UserName = '3339999999' AND User='test' ORDER BY id;
+-----+------------+-------------------+--------+----+
| id  | UserName   | Attribute         | Value  | op |
+-----+------------+-------------------+--------+----+
|   1 | 3339999999 | Auth-Type         | Accept | := |
|  37 | 3339999999 | User-Password     | 378b243e220ca493 | == |
|  73 | 3339999999 | User-Name         | test   | == |
| 109 | 3339999999 | Called-Station-Id | 1000     | == |
+-----+------------+-------------------+--------+----+
4 rows in set (0.58 sec)

------------------------------------

As I understand, radius cannot understand crypted "User-Password" (by mysql function "password"). Is it possible to slide over it? How to do it, can someone give advice?

-------------------------------------------------------------------------------
http://www.one.lv - Tavs mobilais e-pasts!

Tagad lasi savu e-pastu ar mobilo telefonu - wap.one.lv!



More information about the Freeradius-Users mailing list