Again problem with freeeradius, mysql setup
Alexandru Matei
alex at qb.ro
Tue Nov 14 16:41:41 CET 2006
Hi again,
I run into trouble again. I want to authenticate with chap and radius
failed with:
rad_recv: Access-Request packet from host 127.0.0.1:32769, id=110, length=70
Service-Type = Framed-User
Framed-Protocol = PPP
User-Name = "test1"
CHAP-Password = 0xfaf5457967797fc6264e6925d24689d299
NAS-IP-Address = 127.0.0.1
NAS-Port = 0
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 14
modcall[authorize]: module "preprocess" returns ok for request 14
rlm_chap: Setting 'Auth-Type := CHAP'
modcall[authorize]: module "chap" returns ok for request 14
modcall[authorize]: module "mschap" returns noop for request 14
rlm_realm: No '@' in User-Name = "test1", looking up realm NULL
rlm_realm: No such realm "NULL"
modcall[authorize]: module "suffix" returns noop for request 14
rlm_eap: No EAP-Message, not doing EAP
modcall[authorize]: module "eap" returns noop for request 14
radius_xlat: 'test1'
rlm_sql (sql): sql_set_user escaped user --> 'test1'
radius_xlat: 'SELECT id, UserName, Attribute, Value, op FROM
radcheck WHERE Username = 'test1' ORDER BY id'
rlm_sql (sql): Reserving sql socket id: 4
rlm_sql_mysql: query: SELECT id, UserName, Attribute, Value,
op FROM radcheck WHERE Username = 'test1'
ORDER BY id
radius_xlat: 'SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op
FROM radgroupcheck,usergroup WHERE usergroup.Username = 'test1' AND
usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id'
rlm_sql_mysql: query: SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op
FROM radgroupcheck,usergroup WHERE usergroup.Username = 'test1' AND
usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id
radius_xlat: 'SELECT id, UserName, Attribute, Value, op FROM
radreply WHERE Username = 'test1' ORDER BY id'
rlm_sql_mysql: query: SELECT id, UserName, Attribute, Value,
op FROM radreply WHERE Username = 'test1'
ORDER BY id
radius_xlat: 'SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op
FROM radgroupreply,usergroup WHERE usergroup.Username = 'test1' AND
usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id'
rlm_sql_mysql: query: SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op
FROM radgroupreply,usergroup WHERE usergroup.Username = 'test1' AND
usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id
rlm_sql (sql): Released sql socket id: 4
modcall[authorize]: module "sql" returns ok for request 14
modcall: leaving group authorize (returns ok) for request 14
rad_check_password: Found Auth-Type CHAP
auth: type "CHAP"
Processing the authenticate section of radiusd.conf
modcall: entering group CHAP for request 14
rlm_chap: login attempt by "test1" with CHAP password
rlm_chap: Using clear text password password for user test1
authentication.
rlm_chap: Pasword check failed
modcall[authenticate]: module "chap" returns reject for request 14
modcall: leaving group CHAP (returns reject) for request 14
auth: Failed to validate the user.
I don't undrestand why in "rlm_chap: login attempt by "test1" with CHAP
password" the password isn't listed, altough the freeradius is in debug
mode.
Alex
Alexandru Matei wrote:
> Thank you, that was it!
> Still, I'll be gratefull if somebody can point me into right direction
> with some documentation describing what Attributes -Type -Values are
> more usually used.
> That's besides the dictionaries...
> One last tought: I think Freeradius could de improved if in debug
> mode caould say what is the sql result it doesn't like.
>
> Regards,
> Alex
> Stefan Winter wrote:
>
More information about the Freeradius-Users
mailing list