mysql freeradius "rlm_pap: empty password supplied"

serre serre at ibgc.cnrs.fr
Thu Oct 22 15:10:38 CEST 2009 

Hello,

After some hours of googling my problem, i come. I hope somebody will be 
able to help me!
I set up a mac based authentication, with users in mysql database. It is 
working properly when users are difined in the users file, but did not 
work with empty Cleartext-Password in the database.

Any idea? It is the only problem I've found when following this EXELLENT 
howto page:
http://wiki.freeradius.org/SQL_HOWTO

Thanks in advance





I show you to of my test users, one with password, the other without 
(hope i'm clear):
Sory, this post post is bigest that wath i was think.

Mysql tables:

mysql> select * from radcheck;
+----+----------+--------------------+----+----------+
| id | username | attribute          | op | value    |
+----+----------+--------------------+----+----------+
|  7 | seb      | Cleartext-Password | := | password |
|  8 | chris    | Cleartext-Password | := |          |


mysql> select * from radreply
    -> ;
+----+----------+-----------+----+--------+
| id | username | attribute | op | value  |
+----+----------+-----------+----+--------+
|  5 | seb      | Auth-Type | := | Accept |
|  6 | chris    | Auth-Type | := | Accept |


RADTEST whith user seb:

radius:/etc/freeradius# radtest seb password localhost 1812 testing123
Sending Access-Request of id 70 to 127.0.0.1 port 1812
        User-Name = "seb"
        User-Password = "password"
        NAS-IP-Address = 172.18.100.19
        NAS-Port = 1812
rad_recv: Access-Accept packet from host 127.0.0.1 port 1812, id=70, 
length=20

DEBUG OUTPUT:
++[sql] returns ok
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns updated
  rad_check_password:  Found Auth-Type
auth: type "PAP"
+- entering group PAP
rlm_pap: login attempt with password "password"
rlm_pap: Using clear text password "password"
rlm_pap: User authenticated successfully
++[pap] returns ok
Login OK: [seb/password] (from client localhost port 1812)
+- entering group post-auth


RADTEST WITH user tof:
radius:/etc/freeradius# radtest tof "" localhost 1812 testing123
Sending Access-Request of id 220 to 127.0.0.1 port 1812
        User-Name = "tof"
        User-Password = ""
        NAS-IP-Address = 172.18.100.19
        NAS-Port = 1812
rad_recv: Access-Reject packet from host 127.0.0.1 port 1812, id=220, 
length=20

DEBUG OUTPUT:
++[sql] returns ok
++[expiration] returns noop
++[logintime] returns noop
++[pap] returns updated
  rad_check_password:  Found Auth-Type
auth: type "PAP"
+- entering group PAP
++[pap] returns invalid
auth: Failed to validate the user.
Login incorrect (rlm_pap: empty password supplied): [tof/] (from client 
localhost port 1812)
  Found Post-Auth-Type Reject
+- entering group REJECT
        expand: %{User-Name} -> tof
 attr_filter: Matched entry DEFAULT at line 11
++[attr_filter.access_reject] returns updated

More information about the Freeradius-Users mailing list