Again problem with freeeradius, mysql setup

Alexandru Matei alex at qb.ro
Tue Nov 14 16:41:41 CET 2006


Hi again,
I run into trouble again. I want to authenticate with chap and radius 
failed with:

rad_recv: Access-Request packet from host 127.0.0.1:32769, id=110, length=70
        Service-Type = Framed-User
        Framed-Protocol = PPP
        User-Name = "test1"
        CHAP-Password = 0xfaf5457967797fc6264e6925d24689d299
        NAS-IP-Address = 127.0.0.1
        NAS-Port = 0
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 14
  modcall[authorize]: module "preprocess" returns ok for request 14
  rlm_chap: Setting 'Auth-Type := CHAP'
  modcall[authorize]: module "chap" returns ok for request 14
  modcall[authorize]: module "mschap" returns noop for request 14
    rlm_realm: No '@' in User-Name = "test1", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop for request 14
  rlm_eap: No EAP-Message, not doing EAP
  modcall[authorize]: module "eap" returns noop for request 14
radius_xlat:  'test1'
rlm_sql (sql): sql_set_user escaped user --> 'test1'
radius_xlat:  'SELECT id, UserName, Attribute, Value, op           FROM 
radcheck           WHERE Username = 'test1'           ORDER BY id'
rlm_sql (sql): Reserving sql socket id: 4
rlm_sql_mysql: query:  SELECT id, UserName, Attribute, Value, 
op           FROM radcheck           WHERE Username = 'test1'           
ORDER BY id
radius_xlat:  'SELECT 
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op  
FROM radgroupcheck,usergroup WHERE usergroup.Username = 'test1' AND 
usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id'
rlm_sql_mysql: query:  SELECT 
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op  
FROM radgroupcheck,usergroup WHERE usergroup.Username = 'test1' AND 
usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id
radius_xlat:  'SELECT id, UserName, Attribute, Value, op           FROM 
radreply           WHERE Username = 'test1'           ORDER BY id'
rlm_sql_mysql: query:  SELECT id, UserName, Attribute, Value, 
op           FROM radreply           WHERE Username = 'test1'           
ORDER BY id
radius_xlat:  'SELECT 
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op  
FROM radgroupreply,usergroup WHERE usergroup.Username = 'test1' AND 
usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id'
rlm_sql_mysql: query:  SELECT 
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op  
FROM radgroupreply,usergroup WHERE usergroup.Username = 'test1' AND 
usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id
rlm_sql (sql): Released sql socket id: 4
  modcall[authorize]: module "sql" returns ok for request 14
modcall: leaving group authorize (returns ok) for request 14
  rad_check_password:  Found Auth-Type CHAP
auth: type "CHAP"
  Processing the authenticate section of radiusd.conf
modcall: entering group CHAP for request 14
  rlm_chap: login attempt by "test1" with CHAP password
  rlm_chap: Using clear text password password for user test1 
authentication.
  rlm_chap: Pasword check failed
  modcall[authenticate]: module "chap" returns reject for request 14
modcall: leaving group CHAP (returns reject) for request 14
auth: Failed to validate the user.

I don't undrestand why in "rlm_chap: login attempt by "test1" with CHAP 
password"  the password isn't listed, altough the freeradius is in debug 
mode.


Alex


Alexandru Matei wrote:

> Thank you, that was it!
> Still, I'll be gratefull if somebody can point me into right direction 
> with some documentation describing what  Attributes -Type -Values are 
> more usually used.
> That's besides the dictionaries...
> One last tought:  I think Freeradius could de improved if in debug 
> mode caould say what is the sql result it doesn't like.
>
> Regards,
> Alex
> Stefan Winter wrote:
>



More information about the Freeradius-Users mailing list