my freeradius-2.1.6 is not auth with PIN only.

Goke M Aruna goksie at gmail.com
Fri Jun 12 10:33:51 CEST 2009


I will be glad, if anyone can direct me to whare The log below is the part
of the debug for the new test freeradius server 2.1.6 am testing with.

However, the hotspotlogin,cgi is able to pass the param username to the
radius but when the query is run against the database the "Tue Jun  9
14:59:48 2009 : Info: [sql]  expand: %{User-Name} -> 0x32333435363738393031"
the value of the username sent is changed.

I have disabled the chap in the /usr/local/etc/raddb/sites-enabled/default.

kindly advise on what to do.

################### my radcheck has the info below.

mysql> select * from radcheck;
+-----+------------+--------------------+----+------------+
| id  | username   | attribute          | op | value      |
+-----+------------+--------------------+----+------------+
|   5 | 2345678901 | Auth-Type          | := | Accept     |
| 201 | 1234567890 | Cleartext-Password | := | 1234567890 |
+-----+------------+--------------------+----+------------+
4 rows in set (0.00 sec)


######################radiusd -XX (part of the debug)

rad_recv: Access-Request packet from host 127.0.0.1 port 44600, id=0,
length=189
        ChilliSpot-Max-Input-Octets = 0x32333435363738393031
        ChilliSpot-Max-Output-Octets = 0
        NAS-IP-Address = 127.0.0.1
        Service-Type = Login-User
        Framed-IP-Address = 192.168.182.2
        Calling-Station-Id = "00-1F-29-80-62-F3"
        Called-Station-Id = "00-50-DA-0C-C9-B0"
        NAS-Identifier = "nas01"
        Acct-Session-Id = "4a2e6a7700000000"
        NAS-Port-Type = Wireless-802.11
        NAS-Port = 0
        Message-Authenticator = 0xf2ee6add34820fb96dcceef08c07bbc5
        WISPr-Logoff-URL = "http://192.168.182.1:3990/logoff"
Tue Jun  9 14:59:48 2009 : Info: +- entering group authorize {...}
Tue Jun  9 14:59:48 2009 : Info: ++[preprocess] returns ok
Tue Jun  9 14:59:48 2009 : Info: ++[mschap] returns noop
Tue Jun  9 14:59:48 2009 : Info: [suffix] No '@' in User-Name =
"2345678901", looking up realm NULL
Tue Jun  9 14:59:48 2009 : Info: [suffix] No such realm "NULL"
Tue Jun  9 14:59:48 2009 : Info: ++[suffix] returns noop
Tue Jun  9 14:59:48 2009 : Info: [eap] No EAP-Message, not doing EAP
Tue Jun  9 14:59:48 2009 : Info: ++[eap] returns noop
Tue Jun  9 14:59:48 2009 : Info: ++[unix] returns notfound
Tue Jun  9 14:59:48 2009 : Info: ++[files] returns noop
Tue Jun  9 14:59:48 2009 : Info: [sql]  expand: %{User-Name} ->
0x32333435363738393031
Tue Jun  9 14:59:48 2009 : Info: [sql] sql_set_user escaped user -->
'0x32333435363738393031'
Tue Jun  9 14:59:48 2009 : Debug: rlm_sql (sql): Reserving sql socket id: 4
Tue Jun  9 14:59:48 2009 : Info: [sql]  expand: SELECT id, username,
attribute, value, op           FROM radcheck           WHERE username =
'%{SQL-User-Name}'           ORDER BY id -> SELECT id, username, attribute,
value, op           FROM radcheck           WHERE username =
'0x32333435363738393031'           ORDER BY id
Tue Jun  9 14:59:48 2009 : Info: [sql]  expand: SELECT groupname
FROM radusergroup           WHERE username = '%{SQL-User-Name}'
ORDER BY priority -> SELECT groupname           FROM radusergroup
WHERE username = '0x32333435363738393031'           ORDER BY priority
Tue Jun  9 14:59:48 2009 : Debug: rlm_sql (sql): Released sql socket id: 4
Tue Jun  9 14:59:48 2009 : Info: [sql] User 0x32333435363738393031 not found
Tue Jun  9 14:59:48 2009 : Info: ++[sql] returns notfound
Tue Jun  9 14:59:48 2009 : Info: ++[expiration] returns noop
Tue Jun  9 14:59:48 2009 : Info: ++[logintime] returns noop
Tue Jun  9 14:59:48 2009 : Info: [pap] WARNING! No "known good" password
found for the user.  Authentication may fail because of this.
Tue Jun  9 14:59:48 2009 : Info: ++[pap] returns noop
Tue Jun  9 14:59:48 2009 : Debug: rlm_sqlcounter: Entering module authorize
code
Tue Jun  9 14:59:48 2009 : Debug: rlm_sqlcounter: Could not find Check item
value pair
Tue Jun  9 14:59:48 2009 : Info: ++[validity] returns noop
Tue Jun  9 14:59:48 2009 : Debug: rlm_sqlcounter: Entering module authorize
code
Tue Jun  9 14:59:48 2009 : Debug: rlm_sqlcounter: Could not find Check item
value pair
Tue Jun  9 14:59:48 2009 : Info: ++[noresetcounter] returns noop
Tue Jun  9 14:59:48 2009 : Debug: rlm_sqlcounter: Entering module authorize
code
Tue Jun  9 14:59:48 2009 : Debug: rlm_sqlcounter: Could not find Check item
value pair
Tue Jun  9 14:59:48 2009 : Info: ++[hotspotcontrol] returns noop
Tue Jun  9 14:59:48 2009 : Info: No authenticate method (Auth-Type)
configuration found for the request: Rejecting the user
Tue Jun  9 14:59:48 2009 : Info: Failed to authenticate the user.
Tue Jun  9 14:59:48 2009 : Info: Using Post-Auth-Type Reject
Tue Jun  9 14:59:48 2009 : Info: +- entering group REJECT {...}
Tue Jun  9 14:59:48 2009 : Info: [attr_filter.access_reject]    expand:
%{User-Name} -> 0x32333435363738393031
Tue Jun  9 14:59:48 2009 : Debug:  attr_filter: Matched entry DEFAULT at
line 11
Tue Jun  9 14:59:48 2009 : Info: ++[attr_filter.access_reject] returns
updated
Tue Jun  9 14:59:48 2009 : Info: Delaying reject of request 0 for 1 seconds
Tue Jun  9 14:59:48 2009 : Debug: Going to the next request
Tue Jun  9 14:59:48 2009 : Debug: Waking up in 0.9 seconds.
Tue Jun  9 14:59:49 2009 : Info: Sending delayed reject for request 0
Sending Access-Reject of id 0 to 127.0.0.1 port 44600
Tue Jun  9 14:59:49 2009 : Debug: Waking up in 4.9 seconds.
Tue Jun  9 14:59:54 2009 : Info: Cleaning up request 0 ID 0 with timestamp
+187
Tue Jun  9 14:59:54 2009 : Debug: Ready to process requests.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20090612/def9cba2/attachment.html>


More information about the Freeradius-Users mailing list