EAP-sim using freeradius

Song Zou a13519 at me.com
Mon Nov 19 13:18:31 CET 2018


please don’t send email

On Nov 19, 2018, at 20:16, Song Zou via Freeradius-Users <freeradius-users at lists.freeradius.org> wrote:

> please don’t send email
> 
> On Aug 26, 2015, at 06:14, Siddharth Katragadda via Freeradius-Users <freeradius-users at lists.freeradius.org> wrote:
> 
> Hi Matthew,
> 
> I tried adding this line as you suggested:
> 
> if ("%{escape:%{control:EAP-Sim-Rand1}}" == "h") {
>        EXPAND %{escape:%{control:EAP-Sim-Rand1}}
> }
> 
> I get this error:
> /usr/local/etc/raddb/sites-enabled/default[351]: Parse error after
> "control:EAP-Sim-Rand1": unexpected token "}"
> 
> Not sure if I messed up the syntax somewhere.
> 
> Also this the version of Freeradius we're using:
> radiusd: FreeRADIUS Version 3.0.9, for host x86_64-unknown-linux-gnu, built
> on Aug  7 2015 at 16:25:45
> 
> Could you please let me know if it;'s an issue with the version of radius
> we have.
> Thanks
> Sid
> 
> 
> On Fri, Aug 21, 2015 at 2:37 PM, Matthew Newton <mcn4 at leicester.ac.uk>
> wrote:
> 
> On Fri, Aug 21, 2015 at 10:15:16AM -0700, Siddharth Katragadda wrote:
> but I still get the  eap_sim: ERROR: EAP-SIM-RAND1 not found
> Although the  passwd file now says:  [passwd] = ok
> 
> So it looks like passwd file was able to find the User-Name in
> simtriplets.dat, so it should have extracted the  EAP-SIM-RAND1 etc from
> it
> right?
> 
> No idea: when I drop your simtriplets file and passwd config into
> a clean 3.0.x HEAD build here, then use radtest (so no eap) I get:
> 
> ...
> (0) suffix: Checking for suffix after "@"
> (0) suffix: Looking up realm "wlan.mnc001.mcc001.3gppnetwork.org" for
> User-Name = "1001010123456789 at wlan.mnc001.mcc001.3gppnetwork.org"
> (0) suffix: No such realm "wlan.mnc001.mcc001.3gppnetwork.org"
> (0)     [suffix] = noop
> (0) passwd: Added EAP-SIM-RAND1: '2ADE1426F93045258CCD7B9CF739CD51' to
> config
> (0) passwd: Added EAP-SIM-SRES1: 'CA1a6a73' to config
> (0) passwd: Added EAP-SIM-KC1: '44163dcd3063ee06' to config
> (0) passwd: Added EAP-SIM-RAND2: 'A7DB577E986F41e999981FE01E8E9351' to
> config
> (0) passwd: Added EAP-SIM-SRES2: '9E0ec181' to config
> (0) passwd: Added EAP-SIM-KC2: '2B3182377B3d2e05' to config
> (0) passwd: Added EAP-SIM-RAND3: '92F13B6BB93641b0914DD3D6DAAFB78C' to
> config
> (0) passwd: Added EAP-SIM-SRES3: '9Ca5541a' to config
> (0) passwd: Added EAP-SIM-KC3: '767e395d867fa4b0' to config
> (0)     [passwd] = ok
> (0) eap: No EAP-Message, not doing EAP
> (0)     [eap] = noop
> ...
> 
> That looks good enough to me - and checking the code, eap_sim just looks
> for
> eap-sim-rand1 in the control attributes.
> 
> You've trimmed the debug output, so I've no idea what version you are
> using to
> test against.
> 
> You could try adding something like this after your call to passwd
> to force a debug expansion and see what the value has actually
> been set to
> 
> 
> if ("%{escape:%{control:EAP-Sim-Rand1}}" == "h") {
> noop
> }
> 
> e.g.
> 
> (0)     if ("%{escape:%{control:EAP-Sim-Rand1}}" == "h") {
> (0)     EXPAND %{escape:%{control:EAP-Sim-Rand1}}
> (0)        -->
> 0x3241444531343236463933303435323538434344374239434637333943443531
> (0)     if ("%{escape:%{control:EAP-Sim-Rand1}}" == "h")  -> FALSE
> 
> If you get
> 
>  -->
> 
> instead, then EAP-Sim-Rand1 wasn't set properly for some reason.
> 
> Btw, I did have 10 fields in the simtriplets.dat (delimited by colon).
> Why
> did you find only 4??
> 
> Failing eyesight, dementia, or the fact that in your first e-mail there
> were
> only four fields in that file.
> 
> Matthew
> 
> 
> --
> Matthew Newton, Ph.D. <mcn4 at le.ac.uk>
> 
> Systems Specialist, Infrastructure Services,
> I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom
> 
> For IT help contact helpdesk extn. 2253, <ithelp at le.ac.uk>
> 
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html


More information about the Freeradius-Users mailing list