Perl script error when testing locally

HORMAZABAL PI´┐ŻONES BARBARA FRANCISCA bhp001 at alumnos.ucn.cl
Tue Sep 22 23:40:37 CEST 2020


Hello again, I'm trying to follow the tutorial from this site
<https://kerker.website/freeradiusgmail802-1x%E8%A8%AD%E5%AE%9Apop3s/> (it's
in chinese but it's pretty understandable if you translate it) basically
using a perl script for authentication against gmail accounts using POP3.
So far I have reached to the part where it tests the script locally and the
error occurs, I haven't yet reached to the part where it configures the eap
file to EAP-GTC for the 802.1X.

Even though it's not in the tutorial I still added the user in the users
file anyway and the error is still there.

This is the output I get when doing radtest locally:

(0) Received Access-Request Id 63 from 127.0.0.1:41319 to 127.0.0.1:1812
length 93
(0)   User-Name = "pruebaucnperl at gmail.com"
(0)   User-Password = "password"
(0)   NAS-IP-Address = 146.83.124.26
(0)   NAS-Port = 0
(0)   Message-Authenticator = 0xf081ea4e44b9ed006a1316a93828157f
(0) # Executing section authorize from file
/etc/freeradius/3.0/sites-enabled/default
(0)   authorize {
(0)     policy filter_username {
(0)       if (&User-Name) {
(0)       if (&User-Name)  -> TRUE
(0)       if (&User-Name)  {
(0)         if (&User-Name =~ / /) {
(0)         if (&User-Name =~ / /)  -> FALSE
(0)         if (&User-Name =~ /@[^@]*@/ ) {
(0)         if (&User-Name =~ /@[^@]*@/ )  -> FALSE
(0)         if (&User-Name =~ /\.\./ ) {
(0)         if (&User-Name =~ /\.\./ )  -> FALSE
(0)         if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/))  {
(0)         if ((&User-Name =~ /@/) && (&User-Name !~ /@(.+)\.(.+)$/))   ->
FALSE
(0)         if (&User-Name =~ /\.$/)  {
(0)         if (&User-Name =~ /\.$/)   -> FALSE
(0)         if (&User-Name =~ /@\./)  {
(0)         if (&User-Name =~ /@\./)   -> FALSE
(0)       } # if (&User-Name)  = notfound
(0)     } # policy filter_username = notfound
(0)     [preprocess] = ok
(0)     [chap] = noop
(0)     [mschap] = noop
(0)     [digest] = noop
(0) suffix: Checking for suffix after "@"
(0) suffix: Looking up realm "gmail.com" for User-Name = "
pruebaucnperl at gmail.com"
(0) suffix: Found realm "gmail.com"
(0) suffix: Adding Realm = "gmail.com"
(0) suffix: Authentication realm is LOCAL
(0)     [suffix] = ok
(0) eap: No EAP-Message, not doing EAP
(0)     [eap] = noop
(0)     [files] = noop
(0)     [expiration] = noop
(0)     [logintime] = noop
(0) pap: WARNING: No "known good" password found for the user.  Not setting
Auth-Type
(0) pap: WARNING: Authentication will fail unless a "known good" password
is available
(0)     [pap] = noop
(0)     if (!control:Auth-Type && User-Password){
(0)     if (!control:Auth-Type && User-Password) -> TRUE
(0)     if (!control:Auth-Type && User-Password) {
(0)       update control {
(0)         Auth-Type := Perl
(0)       } # update control = noop
(0)     } # if (!control:Auth-Type && User-Password) = noop
(0)   } # authorize = ok
(0) Found Auth-Type = Perl
(0) # Executing group from file /etc/freeradius/3.0/sites-enabled/default
(0)   Auth-Type Perl {
(0) perl:   $RAD_REQUEST{'User-Name'} = &request:User-Name -> '
pruebaucnperl at gmail.com'
(0) perl:   $RAD_REQUEST{'User-Password'} = &request:User-Password ->
'password'
(0) perl:   $RAD_REQUEST{'NAS-IP-Address'} = &request:NAS-IP-Address ->
'146.83.124.26'
(0) perl:   $RAD_REQUEST{'NAS-Port'} = &request:NAS-Port -> '0'
(0) perl:   $RAD_REQUEST{'Event-Timestamp'} = &request:Event-Timestamp ->
'sep 22 2020 18:33:00 -03'
(0) perl:   $RAD_REQUEST{'Message-Authenticator'} =
&request:Message-Authenticator -> '0xf081ea4e44b9ed006a1316a93828157f'
(0) perl:   $RAD_REQUEST{'Realm'} = &request:Realm -> 'gmail.com'
(0) perl:   $RAD_CHECK{'Auth-Type'} = &control:Auth-Type -> 'Perl'
(0) perl:   $RAD_CONFIG{'Auth-Type'} = &control:Auth-Type -> 'Perl'
POP3 <- +OK Gpop ready for requests from 146.83.124.26 d17mb25011424qvc
 at /etc/freeradius/3.0/mods-config/perl/pop3.pl line 149.
POP3 -> QUIT
 at /etc/freeradius/3.0/mods-config/perl/pop3.pl line 149.
POP3 <- +OK Bye d17mb25011424qvc
 at /etc/freeradius/3.0/mods-config/perl/pop3.pl line 149.
(0) perl: &request:Realm = $RAD_REQUEST{'Realm'} -> 'gmail.com'
(0) perl: &request:User-Name = $RAD_REQUEST{'User-Name'} -> '
pruebaucnperl at gmail.com'
(0) perl: &request:Message-Authenticator =
$RAD_REQUEST{'Message-Authenticator'} ->
'0xf081ea4e44b9ed006a1316a93828157f'
(0) perl: &request:NAS-Port = $RAD_REQUEST{'NAS-Port'} -> '0'
(0) perl: &request:NAS-IP-Address = $RAD_REQUEST{'NAS-IP-Address'} ->
'146.83.124.26'
(0) perl: &request:User-Password = $RAD_REQUEST{'User-Password'} ->
'password'
(0) perl: &request:Event-Timestamp = $RAD_REQUEST{'Event-Timestamp'} ->
'sep 22 2020 18:33:00 -03'
(0) perl: &control:Auth-Type = $RAD_CHECK{'Auth-Type'} -> 'Perl'
(0)     [perl] = reject
(0)   } # Auth-Type Perl = reject
(0) Failed to authenticate the user
(0) Using Post-Auth-Type Reject
(0) Post-Auth-Type sub-section not found.  Ignoring.
(0) # Executing group from file /etc/freeradius/3.0/sites-enabled/default
(0) Delaying response for 1.000000 seconds
Waking up in 0.9 seconds.
(0) Sending delayed response
(0) Sent Access-Reject Id 63 from 127.0.0.1:1812 to 127.0.0.1:41319 length
20

Thank you in advance.


More information about the Freeradius-Users mailing list