Hello,
I am trying to get the Login-Time attribute to work but every time I
place it into either the radcheck or the radgroupcheck table, any
account which gets that attribute gets rejected by the rlm_sql module. I
have tried to trace it through the source code but I don't have enough C
knowledge to be able to proceed.
I have included my tables as well as the output of radiusd -X for each.
Can someone tell me if this is a bug (and if so what to do about it) and
if not, what am I doing wrong. Any help would be greatly appreciated. I
have uncommented the debugging comments in the rlm_sql.c file to print
out the complete list of attributes and replys to send out for that
user.
Thanks,
Matthew Enger
[EMAIL PROTECTED]
mysql> select * from radcheck;
+------+----------+-----------+------------+------+
| id | UserName | Attribute | Value | op |
+------+----------+-----------+------------+------+
| 1567 | menger | Password | testing123 | NULL |
+------+----------+-----------+------------+------+
1 row in set (0.01 sec)
mysql> select * from radreply;
Empty set (0.00 sec)
mysql> select * from radgroupcheck;
+----+-----------+------------+-----------+------+
| id | GroupName | Attribute | Value | op |
+----+-----------+------------+-----------+------+
| 3 | SIXTOSIX | Login-Time | 0800-1800 | NULL |
+----+-----------+------------+-----------+------+
1 row in set (0.00 sec)
mysql> select * from radgroupreply;
+----+-----------+-----------------+-------------+------+
| id | GroupName | Attribute | Value | op |
+----+-----------+-----------------+-------------+------+
| 30 | SIXTOSIX | Framed-Protocol | PPP | NULL |
| 31 | SIXTOSIX | Service-Type | Framed-User | NULL |
+----+-----------+-----------------+-------------+------+
2 rows in set (0.00 sec)
mysql> select * from usergroup;
+------+----------+-----------+
| id | UserName | GroupName |
+------+----------+-----------+
| 1567 | menger | SIXTOSIX |
+------+----------+-----------+
1 row in set (0.01 sec)
With login time:
rad_recv: Access-Request packet from host 192.168.2.42:1140, id=16,
length=46
User-Name = "menger"
User-Password = "\352O\024\005'\2706\312\322\254\366H\233\000\371\275"
rad_lowerpair: User-Name now 'menger'
modcall: entering group authorize
modcall[authorize]: module "preprocess" returns ok
rlm_realm: Looking up realm NULL for User-Name = "menger"
rlm_realm: No such realm NULL
modcall[authorize]: module "suffix" returns noop
radius_xlat: 'menger'
sql_set_user: escaped user --> 'menger'
radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM
radius.radcheck WHERE Username = 'menger' ORDER BY id'
rlm_sql: Reserving sql socket id: 24
query: SELECT id,UserName,Attribute,Value,op FROM radius.radcheck WHERE
Username = 'menger' ORDER BY id
radius_xlat: 'SELECT
radius.radgroupcheck.id,radius.radgroupcheck.GroupName,radius.radgroupcheck.Attribute,radius.radgroupcheck.Value,radius.radgroupcheck.op
FROM radius.radgroupcheck,radius.usergroup WHERE radius.usergroup.Username =
'menger' AND radius.usergroup.GroupName = radius.radgroupcheck.GroupName ORDER BY
radius.radgroupcheck.id'
query: SELECT
radius.radgroupcheck.id,radius.radgroupcheck.GroupName,radius.radgroupcheck.Attribute,radius.radgroupcheck.Value,radius.radgroupcheck.op
FROM radius.radgroupcheck,radius.usergroup WHERE radius.usergroup.Username =
'menger' AND radius.usergroup.GroupName = radius.radgroupcheck.GroupName ORDER BY
radius.radgroupcheck.id
radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM
radius.radreply WHERE Username = 'menger' ORDER BY id'
query: SELECT id,UserName,Attribute,Value,op FROM radius.radreply WHERE
Username = 'menger' ORDER BY id
radius_xlat: 'SELECT
radius.radgroupreply.id,radius.radgroupreply.GroupName,radius.radgroupreply.Attribute,radius.radgroupreply.Value,radius.radgroupreply.op
FROM radius.radgroupreply,radius.usergroup WHERE radius.usergroup.Username =
'menger' AND radius.usergroup.GroupName = radius.radgroupreply.GroupName ORDER BY
radius.radgroupreply.id'
query: SELECT
radius.radgroupreply.id,radius.radgroupreply.GroupName,radius.radgroupreply.Attribute,radius.radgroupreply.Value,radius.radgroupreply.op
FROM radius.radgroupreply,radius.usergroup WHERE radius.usergroup.Username =
'menger' AND radius.usergroup.GroupName = radius.radgroupreply.GroupName ORDER BY
radius.radgroupreply.id
rlm_sql: check items
Password = "testing123"
Login-Time = "Al0800-1800"
rlm_sql: reply items
Framed-Protocol = PPP
Service-Type = Framed-User
rlm_sql: Pairs do not match [menger]
rlm_sql: Released sql socket id: 24
modcall[authorize]: module "sql" returns notfound
modcall: group authorize returns ok
auth: No authenticate method (Auth-Type) configuration found for the
request: Rejecting the user
auth: Failed to validate the user.
Login incorrect: [menger/testing123] (from client mengertest port 0)
Delaying request 5 for 1 seconds
Finished request 5
Going to the next request
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Waking up in 1 seconds...
--- Walking the entire request list ---
Sending Access-Reject of id 16 to 192.168.2.42:1140
Waking up in 4 seconds...
Without login time:
rad_recv: Access-Request packet from host 192.168.2.42:1141, id=17,
length=46
User-Name = "menger"
User-Password = "]\200S\020n\273\356ZTU\367\364kZ\306l"
rad_lowerpair: User-Name now 'menger'
modcall: entering group authorize
modcall[authorize]: module "preprocess" returns ok
rlm_realm: Looking up realm NULL for User-Name = "menger"
rlm_realm: No such realm NULL
modcall[authorize]: module "suffix" returns noop
radius_xlat: 'menger'
sql_set_user: escaped user --> 'menger'
radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM
radius.radcheck WHERE Username = 'menger' ORDER BY id'
rlm_sql: Reserving sql socket id: 23
query: SELECT id,UserName,Attribute,Value,op FROM radius.radcheck WHERE
Username = 'menger' ORDER BY id
radius_xlat: 'SELECT
radius.radgroupcheck.id,radius.radgroupcheck.GroupName,radius.radgroupcheck.Attribute,radius.radgroupcheck.Value,radius.radgroupcheck.op
FROM radius.radgroupcheck,radius.usergroup WHERE radius.usergroup.Username =
'menger' AND radius.usergroup.GroupName = radius.radgroupcheck.GroupName ORDER BY
radius.radgroupcheck.id'
query: SELECT
radius.radgroupcheck.id,radius.radgroupcheck.GroupName,radius.radgroupcheck.Attribute,radius.radgroupcheck.Value,radius.radgroupcheck.op
FROM radius.radgroupcheck,radius.usergroup WHERE radius.usergroup.Username =
'menger' AND radius.usergroup.GroupName = radius.radgroupcheck.GroupName ORDER BY
radius.radgroupcheck.id
radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM
radius.radreply WHERE Username = 'menger' ORDER BY id'
query: SELECT id,UserName,Attribute,Value,op FROM radius.radreply WHERE
Username = 'menger' ORDER BY id
radius_xlat: 'SELECT
radius.radgroupreply.id,radius.radgroupreply.GroupName,radius.radgroupreply.Attribute,radius.radgroupreply.Value,radius.radgroupreply.op
FROM radius.radgroupreply,radius.usergroup WHERE radius.usergroup.Username =
'menger' AND radius.usergroup.GroupName = radius.radgroupreply.GroupName ORDER BY
radius.radgroupreply.id'
query: SELECT
radius.radgroupreply.id,radius.radgroupreply.GroupName,radius.radgroupreply.Attribute,radius.radgroupreply.Value,radius.radgroupreply.op
FROM radius.radgroupreply,radius.usergroup WHERE radius.usergroup.Username =
'menger' AND radius.usergroup.GroupName = radius.radgroupreply.GroupName ORDER BY
radius.radgroupreply.id
rlm_sql: check items
Password = "testing123"
rlm_sql: reply items
Framed-Protocol = PPP
Service-Type = Framed-User
radius_xlat: 'SELECT Value,Attribute FROM radius.radcheck WHERE
UserName = 'menger' AND ( Attribute = 'User-Password' OR Attribute =
'Password' OR Attribute = 'Crypt-Password' ) ORDER BY Attribute DESC'
query: SELECT Value,Attribute FROM radius.radcheck WHERE UserName =
'menger' AND ( Attribute = 'User-Password' OR Attribute = 'Password' OR
Attribute = 'Crypt-Password' ) ORDER BY Attribute DESC
rlm_sql: Released sql socket id: 23
modcall[authorize]: module "sql" returns ok
modcall: group authorize returns ok
auth: type Local
auth: user supplied User-Password matches local User-Password
Login OK: [menger] (from client mengertest port 0)
Sending Access-Accept of id 17 to 192.168.2.42:1141
Framed-Protocol = PPP
Service-Type = Framed-User
Finished request 6
Going to the next request
--- Walking the entire request list ---
Waking up in 6 seconds...
--- Walking the entire request list ---
Cleaning up request 6 ID 17 with timestamp 3d992db9
Nothing to do. Sleeping until we see a request.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
