allow Clear Text passwords

Alex M freeradius at lrcommunications.net
Mon Jan 26 22:43:51 CET 2009 

ok I removed the line from ysers sating that auth-type=system and that
helped w/ authentication of the user... still have small problem... under
the same conditions I get problem w. accounting stating that my shared
secret is incorrect so accounting record is not accepted ... I dont get it
completly espesially afther user went through succesfully.

I double checked my shared secret and it is ok.

Below is debug:

rad_recv: Access-Request packet from host xxx.147.xxx.xxx:62810, id=162,
length=138
        NAS-IP-Address = xxx.147.xxx.xxx
        NAS-Identifier = "lrc51.lrc-wireless.com"
        User-Name = "homepc"
        User-Password = "test"
        Service-Type = Login-User
        NAS-Port-Type = Ethernet
        NAS-Port = 1
        Framed-IP-Address = 192.168.1.244
        Called-Station-Id = "00:0d:b9:xx:xx:xx"
        Calling-Station-Id = "00:0b:6a:xx:xx:xx"
  Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
  modcall[authorize]: module "preprocess" returns ok for request 0
  modcall[authorize]: module "chap" returns noop for request 0
  modcall[authorize]: module "mschap" returns noop for request 0
    rlm_realm: No '@' in User-Name = "homepc", looking up realm NULL
    rlm_realm: No such realm "NULL"
  modcall[authorize]: module "suffix" returns noop for request 0
  rlm_eap: No EAP-Message, not doing EAP
  modcall[authorize]: module "eap" returns noop for request 0
  modcall[authorize]: module "files" returns notfound for request 0
radius_xlat:  'homepc'
rlm_sql (sql): sql_set_user escaped user --> 'homepc'
radius_xlat:  'SELECT id, UserName, Attribute, Value, op           FROM
radcheck           WHERE Username = 'homepc'           ORDER BY id'
rlm_sql (sql): Reserving sql socket id: 3
rlm_sql_mysql: query:  SELECT id, UserName, Attribute, Value, op
FROM radcheck           WHERE Username = 'homepc'           ORDER BY id
rlm_sql_mysql: MYSQL check_error: 2013, returning SQL_DOWN
rlm_sql (sql): Attempting to connect rlm_sql_mysql #3
rlm_sql_mysql: Starting connect to MySQL server for #3
rlm_sql (sql): Connected new DB handle, #3
rlm_sql_mysql: query:  SELECT id, UserName, Attribute, Value, op
FROM radcheck           WHERE Username = 'homepc'           ORDER BY id
radius_xlat:  'SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op
FROM radgroupcheck,usergroup WHERE usergroup.Username = 'homepc' AND
usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id'
rlm_sql_mysql: query:  SELECT
radgroupcheck.id,radgroupcheck.GroupName,radgroupcheck.Attribute,radgroupcheck.Value,radgroupcheck.op
FROM radgroupcheck,usergroup WHERE usergroup.Username = 'homepc' AND
usergroup.GroupName = radgroupcheck.GroupName ORDER BY radgroupcheck.id
radius_xlat:  'SELECT id, UserName, Attribute, Value, op           FROM
radreply           WHERE Username = 'homepc'           ORDER BY id'
rlm_sql_mysql: query:  SELECT id, UserName, Attribute, Value, op
FROM radreply           WHERE Username = 'homepc'           ORDER BY id
radius_xlat:  'SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op
FROM radgroupreply,usergroup WHERE usergroup.Username = 'homepc' AND
usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id'
rlm_sql_mysql: query:  SELECT
radgroupreply.id,radgroupreply.GroupName,radgroupreply.Attribute,radgroupreply.Value,radgroupreply.op
FROM radgroupreply,usergroup WHERE usergroup.Username = 'homepc' AND
usergroup.GroupName = radgroupreply.GroupName ORDER BY radgroupreply.id
rlm_sql (sql): Released sql socket id: 3
  modcall[authorize]: module "sql" returns ok for request 0
modcall: leaving group authorize (returns ok) for request 0
auth: type Local
auth: user supplied User-Password matches local User-Password
Sending Access-Accept of id 162 to xxx.147.xxx.xxx port 62810
Finished request 0
Going to the next request
--- Walking the entire request list ---
Waking up in 6 seconds...
rad_recv: Accounting-Request packet from host xxx.147.xxx.xxx:62812, id=145,
length=150
Received Accounting-Request packet from xxx.147.xxx.xxx with invalid
signature!  (Shared secret is incorrect.)
Server rejecting request 1.
Finished request 1
Going to the next request
--- Walking the entire request list ---
Waking up in 4 seconds...
--- Walking the entire request list ---
Cleaning up request 0 ID 162 with timestamp 497e2a34
Waking up in 2 seconds...
rad_recv: Accounting-Request packet from host xxx.147.xxx.xxx:62812, id=145,
length=150
Discarding duplicate request from client home_segment:62812 - ID: 145
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Cleaning up request 1 ID 145 with timestamp 497e2a36
Nothing to do.  Sleeping until we see a request.
rad_recv: Accounting-Request packet from host xxx.147.xxx.xxx:62812, id=145,
length=150
Received Accounting-Request packet from xxx.147.xxx.xxx with invalid
signature!  (Shared secret is incorrect.)
Server rejecting request 2.
Finished request 2
Going to the next request
--- Walking the entire request list ---
Waking up in 6 seconds...
--- Walking the entire request list ---
Cleaning up request 2 ID 145 with timestamp 497e2a40
Nothing to do.  Sleeping until we see a request.




On Mon, Jan 26, 2009 at 3:59 PM, Alex M <freeradius at lrcommunications.net>wrote:

> I'm using 1.5
> (for some reason cold not install 2.x)
> Ok let me se if i can enable PAP
>
>
>
> On Mon, Jan 26, 2009 at 3:20 PM, <tnt at kalik.net> wrote:
>
>> >ok here is the debug info. Note: there is an SQL error which is not a
>> >problem... thats bug in mysql so it will onlyopen connection from second
>> >request. also when i sue the same combination under radius ping with CHAP
>> >all works good but w/o chap nothing works
>> >
>>
>> What freeradius version is this? It looks old.
>>
>> ..
>> >  modcall[authorize]: module "preprocess" returns ok for request 0
>> >  modcall[authorize]: module "chap" returns noop for request 0
>> >  modcall[authorize]: module "mschap" returns noop for request 0
>> ..
>> >  modcall[authorize]: module "suffix" returns noop for request 0
>> ..
>> >  modcall[authorize]: module "eap" returns noop for request 0
>> >    users: Matched entry DEFAULT at line 153
>> >  modcall[authorize]: module "files" returns ok for request 0
>>
>> You have been told to rem ove Auth-Type System.  It's still there.
>>
>> ..
>> >  modcall[authorize]: module "sql" returns ok for request 0
>> >modcall: leaving group authorize (returns ok) for request 0
>>
>> pap is not listed in authorize (this *is* a pap request). List it last.
>>
>> Ivan Kalik
>> Kalik Informatika iSP
>>
>> -
>> List info/subscribe/unsubscribe? See
>> http://www.freeradius.org/list/users.html
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20090126/52a59389/attachment.html>

More information about the Freeradius-Users mailing list