Hello
I just installed freeradius from the newest CVS snapshot (2002-01-25) and
configured it to work with mysql -only-. I configured the daemon as such:
===================================================
./configure
--without-snmp --without-rlm_always --without-rlm_attr_filter
--without-rlm_attr_rewrite --without-rlm_chap --without-rlm_counter
--without-rlm_dbm --without-rlm_detail --without-rlm_eap
--without-rlm_example --without-rlm_fastusers --without-rlm_files
--without-rlm_krb5 --without-rlm_ldap --without-rlm_mschap
--without-rlm_ns_mta_md5 --without-rlm_pam --without-rlm_pap
--without-rlm_passwd --without-rlm_preprocess --without-rlm_realm
--without-rlm_unix --without-rlm_x99_token --without-rlm_sql_db2
--without-rlm_sql_iodbc --without-rlm_sql_oracle
--without-rlm_sql_postgresql
===================================================
The compile worked fine and the daemon starts up perfectly. I've attached
the radiusd.conf file that I'm using to this e-mail message.
After starting the daemon by typing
===================================================
radiusd -x
===================================================
I get the usual debug output. Then, in another window, I typed the
following:
===================================================
radtest tim blah 209.67.21.205 1 testing123
===================================================
The test program sent a request to the server, and the debug window
output:
===================================================
Starting - reading
configuration files ...
Module: Loaded SQL
rlm_sql: Driver rlm_sql_mysql loaded and linked
rlm_sql: Attempting to connect to [EMAIL PROTECTED]:/falconsoft
rlm_sql: Connected new DB handle, #0
rlm_sql: Connected new DB handle, #1
rlm_sql: Connected new DB handle, #2
rlm_sql: Connected new DB handle, #3
rlm_sql: Connected new DB handle, #4
Module: Instantiated sql (sql)
Initializing the thread pool...
Listening on IP address 209.67.21.205, ports 1812/udp and 1813/udp, with
proxy on 1814/udp.
Ready to process requests.
rad_recv: Access-Request packet from host 209.67.21.205:2814, id=23,
length=55
User-Name = "tim"
User-Password = "\243\\\245\351\225\252\2654\r@i\025$\216\211\236"
NAS-IP-Address = 255.255.255.255
NAS-Port-Id = 1
Sending Access-Reject of id 23 to 209.67.21.205:2814
===================================================
And the test program returned:
===================================================
Sending Access-Request of id 23 to 209.67.21.205:1812
User-Name = "tim"
User-Password = "\243\\\245\351\225\252\2654\r@i\025$\216\211\236"
NAS-IP-Address = esther.falconsoft.com
NAS-Port-Id = 1
rad_recv: Access-Reject packet from host 209.67.21.205:1812, id=23,
length=20
===================================================
Now, as far as I can tell, my config is set up as it should be, and I know
my tables are in order exactly as described. There is -no- SQL debug
output anywhere that I can find, so I don't know for sure. Is there some
switch I have to turn on to get SQL output during configure or
something? Can anyone see a good reason why the access request is being
rejected, despite the fact that the login for tim/blah does exist in the
SQL database? does the SQL database's password need to be encrypt()'d or
password()'d?
Any help at all is appreciated.
Thanks.
Tim
PS - Great product. I was waiting for someone to produce a RADIUS server
that wasn't so convoluted and that worked with SQL databases.
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Tim Gustafson - [EMAIL PROTECTED] http://www.falconsoft.com/
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Share your knowledge - it's a way to achieve immortality.
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
prefix = /usr/local
exec_prefix = ${prefix}
sysconfdir = ${prefix}/etc
localstatedir = /var
sbindir = ${exec_prefix}/sbin
logdir = ${localstatedir}/log
libdir = ${exec_prefix}/lib
raddbdir = ${sysconfdir}/raddb
radacctdir = ${logdir}/radacct
confdir = ${raddbdir}
run_dir = ${localstatedir}/run
pidfile = ${run_dir}/radiusd.pid
user = nobody
group = nobody
max_request_time = 30
cleanup_delay = 5
max_requests = 1024
bind_address = 209.67.21.205
port = 0
checkrad = ${sbindir}/checkrad
hostname_lookups = no
allow_core_dumps = no
regular_expressions = yes
extended_expressions = yes
log_stripped_names = no
log_auth = no
log_auth_badpass = no
log_auth_goodpass = no
usercollide = no
lower_user = before
lower_pass = no
nospace_user = before
nospace_pass = no
client 209.67.21.205 {
secret = testing123
shortname = localhost
}
thread pool {
start_servers = 5
max_servers = 32
min_spare_servers = 3
max_spare_servers = 10
max_requests_per_server = 0
}
authenticate {
authtype SQL {
sql
}
}
modules {
sql {
driver = "rlm_sql_mysql"
server = "209.67.21.205"
login = "tim"
password = "password"
radius_db = "falconsoft"
deletestalesessions = no
sqltrace = yes
sqltracefile = stdout
num_sql_socks = 5
authorize_check_query = "SELECT 0, '%{User-Name}', NULL, NULL, NULL";
authorize_reply_query = "SELECT 0, '%{User-Name}', NULL, NULL, NULL";
authorize_group_check_query = "SELECT 0, '%{User-Name}', NULL, NULL, NULL";
authorize_group_reply_query = "SELECT 0, '%{User-Name}', NULL, NULL, NULL";
authenticate_query = "SELECT Password FROM DialUpAccounts WHERE Login =
'%{User-Name}'"
accounting_onoff_query = "SELECT now()"
accounting_update_query = "SELECT now()"
accounting_start_query = "INSERT INTO DialUpAccountsLog (SessionID, Login,
LoggedInAt) VALUES ('%{Acct-Unique-Session-Id}', '%{User-Name}', now())"
accounting_start_query_alt = "SELECT now()"
accounting_stop_query = "UPDATE DialUpAccountsLog SET LoggedOutAt = now(),
BytesSent = '%{Acct-Output-Octets}', BytesReceived = '%{Acct-Input-Octets}' where
SessionID = %{Acct-Unique-Session-Id}"
accounting_stop_query_alt = "SELECT now()"
}
}
