Re: Wireless
Rio Martin wrote: On Wednesday 10 September 2003 00:14, Alan DeKok wrote: Troy Sanders [EMAIL PROTECTED] wrote: I am looking for a document that shows how to configure the Free Radius Server and wireless access points; http://www.freeradius.org/doc/ ? There are a number of such documents. Alan, Please check the website, URL broken. http://www.freeradius.org/radiusd/doc/ -- Nicolas Baradakis - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
EAP/MD5 question
Hello All, I would like some help configuring my Freeradius. I just started with Freeradius and i am not that familiar with wireless/certificates so i thougt to start with EAP/MD5 isof EAP/TLS. At this moment it looks like i can authenticate with my WinXP wireless client with Radius. After this first step, i believe WEP keys need to be negotiated, but i think i have that part missing/wrong. My AP is configurable for 64 / 128 / 256 keys incombination with Radius. Also no ip adress is provided, wich normally is dhcp. I guess this only starts after WEP is enabled correctly. I tried several options from the documentation / newsgroup but i could not find a satisfactory answer. Most use use EAP/TLS. Log from Dlink950+ : Sep 10 08:52:23 accesspoint Wireless PC connected 00-06-25-A8-1A-41^M Sep 10 08:52:23 accesspoint EAP-Request/Identity ^M Sep 10 08:52:27 accesspoint EAP-Request/Identity ^M Sep 10 08:52:28 accesspoint EAP-Response/Identity test^M Sep 10 08:52:28 accesspoint EAP-Success 00-06-25-A8-1A-41^M Sep 10 08:52:28 accesspoint Authentication success 00-06-25-A8-1A-41^M Log from 'radiusd -X' Listening on IP address *, ports 1812/udp and 1813/udp.Ready to process requests.rad_recv: Access-Request packet from host 192.168.1.50:1208, id=5, length=127 User-Name = "test" NAS-IP-Address = 192.168.1.50 NAS-Port = 0 Called-Station-Id = "00-06-25-57-19-30" Calling-Station-Id = "00-06-25-A8-1A-41" NAS-Identifier = "DLinksys" Framed-MTU = 1380 NAS-Port-Type = Wireless-802.11 EAP-Message = 0x020100090174657374 Message-Authenticator = 0x184aa44ed364409f16c602d99246001fmodcall: entering group authorize modcall[authorize]: module "preprocess" returns ok rlm_eap: EAP packet type notification id 1 length 9 rlm_eap: EAP Start not found modcall[authorize]: module "eap" returns updated rlm_realm: No '@' in User-Name = "test", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop users: Matched test at 65 modcall[authorize]: module "files" returns okmodcall: group authorize returns updated rad_check_password: Found Auth-Type Eapauth: type "EAP"modcall: entering group authenticate rlm_eap: EAP packet type notification id 1 length 9 rlm_eap: EAP Start not found rlm_eap: EAP Identity rlm_eap: processing type md5rlm_eap_md5: Issuing Challenge modcall[authenticate]: module "eap" returns okmodcall: group authenticate returns okSending Access-Challenge of id 5 to 192.168.1.50:1208 Service-Type = Framed-User Framed-IP-Address = 192.168.1.60 EAP-Message = 0x01020016041023d501626551f8686251a69aa65d1673 Message-Authenticator = 0x State = 0xfa177e6e7af08f0a7d81cdc88fb0ec36c7e85e3fef6eb9e9076194ae611171657670ad58Finished request 0Going to the next request--- Walking the entire request list ---Waking up in 6 seconds...rad_recv: Access-Request packet from host 192.168.1.50:1208, id=6, length=182 User-Name = "test" NAS-IP-Address = 192.168.1.50 NAS-Port = 0 Called-Station-Id = "00-06-25-57-19-30" Calling-Station-Id = "00-06-25-A8-1A-41" NAS-Identifier = "DLinksys" Framed-MTU = 1380 NAS-Port-Type = Wireless-802.11 EAP-Message = 0x0202001a0410dc1a846ef45ec42e6a34841cd457c24d74657374 State = 0xfa177e6e7af08f0a7d81cdc88fb0ec36c7e85e3fef6eb9e9076194ae611171657670ad58 Message-Authenticator = 0x9abd4fa94be9f54c3eb4d2a5f8b08e88modcall: entering group authorize modcall[authorize]: module "preprocess" returns ok rlm_eap: EAP packet type notification id 2 length 26 rlm_eap: EAP Start not found modcall[authorize]: module "eap" returns updated rlm_realm: No '@' in User-Name = "test", looking up realm NULL rlm_realm: No such realm "NULL" modcall[authorize]: module "suffix" returns noop users: Matched test at 65 modcall[authorize]: module "files" returns okmodcall: group authorize returns updated rad_check_password: Found Auth-Type Eapauth: type "EAP"modcall: entering group authenticate rlm_eap: EAP packet type notification id 2 length 26 rlm_eap: EAP Start not found rlm_eap: Request found, released from the list rlm_eap: EAP_TYPE - md5 rlm_eap: processing type md5 rlm_eap: Freeing handler modcall[authenticate]: module "eap" returns okmodcall: group authenticate returns okSending Access-Accept of id 6 to 192.168.1.50:1208 Service-Type = Framed-User Framed-IP-Address = 192.168.1.60 EAP-Message = 0x03020004 Message-Authenticator = 0xFinished request 1Going to the next requestWaking up in 6 seconds...--- Walking the entire request list ---Cleaning up request 0 ID 5 with timestamp 3f5ee8c7Cleaning up request 1 ID 6 with timestamp 3f5ee8c7Nothing to do. Sleeping until we see a request.[EMAIL PROTECTED]:/home/ron#
radacct time problem
hello! I'm having problems with my radius server. It seems that my acctstartime field logs date as dec 1 1969. I'm using the standard postgresql.conf. Thanks in advance. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: EAP/MD5 question
hi I would like some help configuring my Freeradius. I just started with Freeradius and i am not that familiar with wireless/certificates so i thougt to start with EAP/MD5 isof EAP/TLS. your EAP/MD5 is working but check www.freeradius.org/doc/EAP-MD5.html At this moment it looks like i can authenticate with my WinXP wireless client with Radius. not on wireless if your WinXP is SP1 (or later)... After this first step, i believe WEP keys need to be negotiated, but i think i have that part missing/wrong. no, no WEP keys are EVER negotiated in EAP/MD5. sorry, you have to set those manually - the same in the AP and the STA. My AP is configurable for 64 / 128 / 256 keys incombination with Radius. Also no ip adress is provided, wich normally is dhcp. I guess this only starts after WEP is enabled correctly. that's correct. and it doesn't work if something is wrong. 256 bit keys are not standard. your card should be from the same vendor then. I tried several options from the documentation / newsgroup but i could not find a satisfactory answer. Most use use EAP/TLS. because of dynamic WEP keys which are possible with EAP/TLS Log from Dlink950+ : Sep 10 08:52:23 accesspoint Wireless PC connected 00-06-25-A8-1A-41^M Sep 10 08:52:23 accesspoint EAP-Request/Identity ^M Sep 10 08:52:27 accesspoint EAP-Request/Identity ^M Sep 10 08:52:28 accesspoint EAP-Response/Identity test^M Sep 10 08:52:28 accesspoint EAP-Success 00-06-25-A8-1A-41^M Sep 10 08:52:28 accesspoint Authentication success 00-06-25-A8-1A-41^M your EAP/MD5 is working. Sending Access-Accept of id 6 to 192.168.1.50:1208 Service-Type = Framed-User Framed-IP-Address = 192.168.1.60 EAP-Message = 0x03020004 Message-Authenticator = 0x Finished request 1 idem. - set the WEP keys ciao artur - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
realm prefix suffix regular expression.
Hi all, I am still trying to know how freeradius can handle a string in a username. the username is like this 54zdzauj/[EMAIL PROTECTED] and I want to catch the string "" after "/" as my realm in oeder to authenticate these username in other manner but the problem is that this is not a prefix nor a suffix. How can I do this? someone answer me with "regulmar _expression_" but I didn't find any doc about it! can someone help me? --|-Moktar KONE|-MTDS S.A.|-tel +212.3.767.4861|-fax +212.3.767.4863|-gsm +212.6.113.0545|-14, rue 16 novembre|-Rabat, Kingdom of Morocco
Did you find the file?
VP-RX will take your sex life to new levels... Guaranteéd! Your penís will grow up to 3 ínches Your erectíons will be rock hard Your sex drive will be supercharged Your orgasms will be more intense Your partner will be astounded Clíck here to get VP-RX now! Remove me - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RadAcctId
hi all, when using freeradius with mysql, qhat is the the use of RadAcctId field?? i think i only need AcctSessionId, and AcctUniqueId to make sure this is the same session Thanks for your help, Best Regards Ossama -- Ossama Suleiman Systems Engineer TE Data S.A.E Email: [EMAIL PROTECTED] Web: www.tedata.net Phone: +(202)-416-6600, EXT: 1105 Learn from yesterday, live for today, hope for tomorrow. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Server is sending Reject packet :((
Hi
all
I have downloaded radius server
from free radius server configuration and instalation is fine
and there provide test case
Can you please help me what is
the reason that i m getting thisreject packet from server what all changes
need to be done
Thanks in
advance
Ram
Dixit
following are the
server output log
[EMAIL PROTECTED]
freeradius-0.9.1]# radiusd -X
Starting - reading
configuration files ...reread_config: reading
radiusd.confConfig: including file:
/usr/local/etc/raddb/proxy.confConfig: including file:
/usr/local/etc/raddb/clients.confConfig: including file:
/usr/local/etc/raddb/snmp.confConfig: including file:
/usr/local/etc/raddb/sql.confmain: prefix =
"/usr/local"main: localstatedir = "/usr/local/var"main:
logdir = "/usr/local/var/log/radius"main: libdir =
"/usr/local/lib"main: radacctdir =
"/usr/local/var/log/radius/radacct"main: hostname_lookups =
nomain: snmp = nomain: max_request_time = 30main:
cleanup_delay = 5main: max_requests = 1024main:
delete_blocked_requests = 0main: port = 0main:
allow_core_dumps = nomain: log_stripped_names = nomain:
log_file = "/usr/local/var/log/radius/radius.log"main: log_auth =
nomain: log_auth_badpass = nomain: log_auth_goodpass =
nomain: pidfile =
"/usr/local/var/run/radiusd/radiusd.pid"main: user =
"(null)"main: group = "(null)"main: usercollide =
nomain: lower_user = "no"main: lower_pass =
"no"main: nospace_user = "no"main: nospace_pass =
"no"main: checkrad = "/usr/local/sbin/checkrad"main:
proxy_requests = yesproxy: retry_delay = 5proxy: retry_count
= 3proxy: synchronous = noproxy: default_fallback =
yesproxy: dead_time = 120proxy: post_proxy_authorize =
yesproxy: wake_all_if_all_dead = nosecurity: max_attributes
= 200security: reject_delay = 1security: status_server =
nomain: debug_level = 0read_config_files: reading
dictionaryread_config_files: reading naslistUsing deprecated
naslist file. Support for this will go away
soon.read_config_files: reading clientsUsing deprecated clients
file. Support for this will go away soon.read_config_files:
reading realmsUsing deprecated realms file. Support for this will go
away soon.radiusd: entering modules setupModule: Library search
path is /usr/local/libModule: Loaded exprModule: Instantiated expr
(expr)Module: Loaded PAPpap: encryption_scheme =
"crypt"Module: Instantiated pap (pap)Module: Loaded CHAPModule:
Instantiated chap (chap)Module: Loaded MS-CHAPmschap: use_mppe =
yesmschap: require_encryption = nomschap: require_strong =
nomschap: passwd = "(null)"mschap: authtype =
"MS-CHAP"Module: Instantiated mschap (mschap)Module: Loaded
Systemunix: cache = nounix: passwd = "(null)"unix:
shadow = "(null)"unix: group = "(null)"unix: radwtmp =
"/usr/local/var/log/radius/radwtmp"unix: usegroup = nounix:
cache_reload = 600Module: Instantiated unix (unix)Module: Loaded
eapeap: default_eap_type = "md5"eap: timer_expire =
60rlm_eap: Loaded and initialized the type md5rlm_eap: Loaded and
initialized the type leapModule: Instantiated eap (eap)Module: Loaded
preprocesspreprocess: huntgroups =
"/usr/local/etc/raddb/huntgroups"preprocess: hints =
"/usr/local/etc/raddb/hints"preprocess: with_ascend_hack =
nopreprocess: ascend_channels_per_line = 23preprocess:
with_ntdomain_hack = nopreprocess: with_specialix_jetstream_hack =
nopreprocess: with_cisco_vsa_hack = noModule: Instantiated
preprocess (preprocess)Module: Loaded realmrealm: format =
"suffix"realm: delimiter = "@"Module: Instantiated realm
(suffix)Module: Loaded filesfiles: usersfile =
"/usr/local/etc/raddb/users"files: acctusersfile =
"/usr/local/etc/raddb/acct_users"files: preproxy_usersfile =
"/usr/local/etc/raddb/preproxy_users"files: compat = "no"Module:
Instantiated files (files)Module: Loaded
Acct-Unique-Session-Idacct_unique: key = "User-Name, Acct-Session-Id,
NAS-IP-Address, Client-IP-Address, NAS-Port-Id"Module: Instantiated
acct_unique (acct_unique)Module: Loaded detaildetail: detailfile =
"/usr/local/var/log/radius/radacct/%{Client-IP-Address}/detail-%Y%m%d"detail:
detailperm = 384detail: dirperm = 493detail: locking =
noModule: Instantiated detail (detail)Module: Loaded
radutmpradutmp: filename =
"/usr/local/var/log/radius/radutmp"radutmp: username =
"%{User-Name}"radutmp: case_sensitive = yesradutmp:
check_with_nas = yesradutmp: perm = 384radutmp: callerid =
yesModule: Instantiated radutmp (radutmp)Listening on IP address *,
ports 1812/udp and 1813/udp, with proxy on 1814/udp.Ready to process
requests.rad_recv: Access-Request packet from host 127.0.0.1:32923, id=214,
length=56 User-Name =
"test" User-Password =
"test" NAS-IP-Address =
255.255.255.255 NAS-Port =
0modcall: entering group authorize modcall[authorize]: module
"preprocess" returns ok modcall[authorize]: module "chap" returns
nooprlm_eap: EAP-Message not found modcall[authorize]: module
"eap" returns noop rlm_realm: No '@' in User-Name = "test", looking up realm
NULL
rlm_realm: No such realm
Re: EAP/MD5 question
Hi Arthur, It is that simple ! Thank you for pointing me into the right direction. I setted the WEP keys manual in the AP, next to the Radius config. At the moment only 64bits. My WindowsXP is without SP1, so for the moment it is working, although i want to move to EAP/TLS. - Original Message - From: Artur Hecker [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, September 10, 2003 12:36 PM Subject: Re: EAP/MD5 question hi I would like some help configuring my Freeradius. I just started with Freeradius and i am not that familiar with wireless/certificates so i thougt to start with EAP/MD5 isof EAP/TLS. your EAP/MD5 is working but check www.freeradius.org/doc/EAP-MD5.html At this moment it looks like i can authenticate with my WinXP wireless client with Radius. not on wireless if your WinXP is SP1 (or later)... After this first step, i believe WEP keys need to be negotiated, but i think i have that part missing/wrong. no, no WEP keys are EVER negotiated in EAP/MD5. sorry, you have to set those manually - the same in the AP and the STA. My AP is configurable for 64 / 128 / 256 keys incombination with Radius. Also no ip adress is provided, wich normally is dhcp. I guess this only starts after WEP is enabled correctly. that's correct. and it doesn't work if something is wrong. 256 bit keys are not standard. your card should be from the same vendor then. I tried several options from the documentation / newsgroup but i could not find a satisfactory answer. Most use use EAP/TLS. because of dynamic WEP keys which are possible with EAP/TLS Log from Dlink950+ : Sep 10 08:52:23 accesspoint Wireless PC connected 00-06-25-A8-1A-41^M Sep 10 08:52:23 accesspoint EAP-Request/Identity ^M Sep 10 08:52:27 accesspoint EAP-Request/Identity ^M Sep 10 08:52:28 accesspoint EAP-Response/Identity test^M Sep 10 08:52:28 accesspoint EAP-Success 00-06-25-A8-1A-41^M Sep 10 08:52:28 accesspoint Authentication success 00-06-25-A8-1A-41^M your EAP/MD5 is working. Sending Access-Accept of id 6 to 192.168.1.50:1208 Service-Type = Framed-User Framed-IP-Address = 192.168.1.60 EAP-Message = 0x03020004 Message-Authenticator = 0x Finished request 1 idem. - set the WEP keys ciao artur - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Server is sending Reject packet :((
take a look at the modules in your authenticate {} section in
radiusd.conf and on their configuration. put the user 'test' into the
'users' file:
test Auth-Type := Local User-Password == test
ciao
artur
rad_recv: Access-Request packet from host 127.0.0.1:32923, id=214, length=56
User-Name = test
User-Password = test
NAS-IP-Address = 255.255.255.255
NAS-Port = 0
modcall: entering group authorize
modcall[authorize]: module preprocess returns ok
modcall[authorize]: module chap returns noop
rlm_eap: EAP-Message not found
modcall[authorize]: module eap returns noop
rlm_realm: No '@' mailto:'@' in User-Name = test, looking up
realm NULL
rlm_realm: No such realm NULL
modcall[authorize]: module suffix returns noop
users: Matched DEFAULT at 152
modcall[authorize]: module files returns ok
modcall[authorize]: module mschap returns noop
modcall: group authorize returns ok
rad_check_password: Found Auth-Type System
auth: type System
modcall: entering group authenticate
modcall[authenticate]: module unix returns notfound
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: 0.9.1, gethostbyname_r again
From: Alex Kasatkin
Sent: Tuesday, 9 September 2003 1:40 AM
There is the problem with gethostbyname detection in 0.9.1:
dev:~/freeradius-0.9.1# uname -prs
FreeBSD 4.8-RELEASE-p4 i386
configure says:
checking gethostbyaddr_r() syntax... GNU-style
checking gethostbyname_r() syntax... configure: warning: ** BSD Style
gethostbyname might NOT be thread-safe! **
BSD-style
config.log:
configure:7978: checking gethostbyaddr_r() syntax
configure:7990: gcc -o conftest -g -O2 -pthread -D_THREAD_SAFE -Wall -D_GNU_SOURCE
-DNDEBUG conftest.c 15
configure: In function `main':
configure:7986: warning: implicit declaration of function `gethostbyaddr_r'
configure:8068: checking gethostbyname_r() syntax
configure:8080: gcc -o conftest -g -O2 -pthread -D_THREAD_SAFE -Wall -D_GNU_SOURCE
-DNDEBUG conftest.c 15
configure: In function `main':
configure:8076: warning: implicit declaration of function `gethostbyname_r'
/tmp/ccuKg0wk.o: In function `main':
/home/snoop/freeradius-0.9.1/configure(.text+0x16): undefined reference to
`gethostbyname_r'
configure: failed program was:
#line 8070 configure
#include confdefs.h
#include stdio.h
#include netdb.h
int main() {
gethostbyname_r(NULL, NULL, NULL, 0, NULL, NULL)
; return 0; }
configure:8106: gcc -o conftest -g -O2 -pthread -D_THREAD_SAFE -Wall -D_GNU_SOURCE
-DNDEBUG conftest.c 15
configure: In function `main':
configure:8102: warning: implicit declaration of function `gethostbyname_r'
/tmp/ccoZBWNY.o: In function `main':
/home/snoop/freeradius-0.9.1/configure(.text+0x14): undefined reference to
`gethostbyname_r'
configure: failed program was:
#line 8096 configure
#include confdefs.h
#include stdio.h
#include netdb.h
int main() {
gethostbyname_r(NULL, NULL, NULL, 0, NULL)
; return 0; }
configure:8133: gcc -o conftest -g -O2 -pthread -D_THREAD_SAFE -Wall -D_GNU_SOURCE
-DNDEBUG conftest.c 15
These outputs are consistent... For some reason, you have the GNU-style
gethostbyaddr_r able
to be linked, but not gethostbyname_r...
Building fails at this point:
gcc -g -O2 -pthread -D_THREAD_SAFE -Wall -D_GNU_SOURCE -DNDEBUG -I../../include
-DHAVE_NDBM_H -c rlm_dbm_parser.c -o
rlm_dbm_parser.o
rlm_dbm_parser.c: In function `storecontent':
rlm_dbm_parser.c:160: warning: assignment discards qualifiers from pointer target
type
/vol1/home/snoop/freeradius-0.9.1/libtool --mode=link gcc rlm_dbm_parser.o
../../lib/libradius.a -o rlm_dbm_parser
gcc rlm_dbm_parser.o -o rlm_dbm_parser ../../lib/libradius.a
../../lib/libradius.a(misc.o): In function `ip_hostname':
/vol1/home/snoop/freeradius-0.9.1/src/lib/misc.c:63: undefined reference to
`gethostbyaddr_r'
When I've add -lc_r, rlm_dbm_parser links normally, but with some warnings.
What's c_r? Is that where the ghostby{addr,name}_r stuff lives? I guess that could be
detected as
a required library for the gethostby{addr,name}_r function-using modules (hopefully
just libradius)
Is this documented somewhere on the 'net I could read?
There is the bug or feature ?
Looks like a bug due to lack of access to FreeBSD machine by anyone who's able to
replicate this.
Maybe it would have been easier to use gethostby{addr,name} with a couple of mutexes.
--
=
Paul TBBle Hampson
Bubblesworth Pty Ltd (ABN: 51 095 284 361)
[EMAIL PROTECTED]
This is a one line proof...if we start
sufficiently far to the left.
-- Cambridge University Math Department
-
Random signature generator 3.0 by Paul TBBle Hampson
=
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Problems authenticating with mpd, MSCHAPv2
Damian Gerow [EMAIL PROTECTED] wrote: Basically, I have set up mpd to authenticate via RADIUS, and I'm trying to have FreeRADIUS do it's authentication via rlm_pam, so I can have mpd (indirectly) authenticate off of a Windows Domain (so PAM is configured to authenticate via pam_winbind, from the Samba3 distro). That will work for PAP. Nothing else. The pam_winbind module doesn't so CHAP, or MS-CHAP. Even though rlm_chap complains about not being able to find a proper Chap-Password attribute, I can see the MS-CHAP-Challenge and -Response right in the packet debug. But no CHAP-Password. The names are different, that should be a hint. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: 0.9.1, gethostbyname_r again
Paul Hampson [EMAIL PROTECTED] wrote:
[skipped]
What's c_r? Is that where the ghostby{addr,name}_r stuff lives? I guess that could
be detected as
a required library for the gethostby{addr,name}_r function-using modules (hopefully
just libradius)
AFAIR it's threaded c library.
man 3 pthread_create
NAME
pthread_create - create a new thread
LIBRARY
Reentrant C Library (libc_r, -pthread)
regards.
Is this documented somewhere on the 'net I could read?
There is the bug or feature ?
Looks like a bug due to lack of access to FreeBSD machine by anyone who's able to
replicate this.
Maybe it would have been easier to use gethostby{addr,name} with a couple of mutexes.
--
=
Paul TBBle Hampson
Bubblesworth Pty Ltd (ABN: 51 095 284 361)
[EMAIL PROTECTED]
This is a one line proof...if we start
sufficiently far to the left.
-- Cambridge University Math Department
-
Random signature generator 3.0 by Paul TBBle Hampson
=
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
--
S.N.O.O.P.: Synthetic Networked Organism Optimized for Peacekeeping
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: 0.9.1, gethostbyname_r again
From: Alex Kasatkin
Sent: Thursday, 11 September 2003 12:16 AM
Paul Hampson [EMAIL PROTECTED] wrote:
[skipped]
What's c_r? Is that where the ghostby{addr,name}_r stuff lives? I guess that could
be detected as
a required library for the gethostby{addr,name}_r function-using modules
(hopefully just libradius)
AFAIR it's threaded c library.
man 3 pthread_create
NAME
pthread_create - create a new thread
LIBRARY
Reentrant C Library (libc_r, -pthread)
Is this a FreeBSD-only thing?
If you run
CFLAGS=-lc_r ./configure {etc}
what types get detected for gethostby{addr,name}_r? It _might_ be worth having
an extra check for that once we know what style is in the library.
--
=
Paul TBBle Hampson
Bubblesworth Pty Ltd (ABN: 51 095 284 361)
[EMAIL PROTECTED]
This is a one line proof...if we start
sufficiently far to the left.
-- Cambridge University Math Department
-
Random signature generator 3.0 by Paul TBBle Hampson
=
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: freeradius crashes while using PAM
Christophe Dupre [EMAIL PROTECTED] wrote: If there are memory leaks, they must not be that big because I've never noticed any pam-using executable getting that big. Most PAM programs don't stay around for too long, and most don't do thousands to millions of PAM requests. On many platforms, the PAM libraries themselves have massive memory leaks. If the program using them makes only 2-3 PAM calls, it's not a problem. For FreeRADIUS, it's a serious problem. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Calling-Station-Id
Eric [EMAIL PROTECTED] wrote: I need to authenticate users by Calling-Station-Id. Pass users who uses phone number, which begins at 69 DEFAULT Calling-Station-ID =~ ^69, Auth-Type := Accept Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Installation Error
[EMAIL PROTECTED] wrote: here is the last part everything before appears to be ok. libtool: install: `rlm_mschap.la' is not a valid libtool archive It looks like the rlm_mschap module wasn't built, but it's trying to install it. I've never seen that happen before, as the build system is set up to install ONLY those modules which it builds. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: 0.9.1, gethostbyname_r again
re,
Paul Hampson [EMAIL PROTECTED] wrote:
From: Alex Kasatkin
Sent: Thursday, 11 September 2003 12:16 AM
Paul Hampson [EMAIL PROTECTED] wrote:
[skipped]
What's c_r? Is that where the ghostby{addr,name}_r stuff lives? I guess that
could be detected as
a required library for the gethostby{addr,name}_r function-using modules
(hopefully just libradius)
AFAIR it's threaded c library.
man 3 pthread_create
NAME
pthread_create - create a new thread
LIBRARY
Reentrant C Library (libc_r, -pthread)
Is this a FreeBSD-only thing?
AFAIK OpenBSD has it too, not sure about NetBSD.
If you run
CFLAGS=-lc_r ./configure {etc}
what types get detected for gethostby{addr,name}_r? It _might_ be worth having
an extra check for that once we know what style is in the library.
dev:~/freeradius-0.9.1# setenv CFLAGS -lc_r ; ./configure ... blablabla.
checking whether the C compiler (gcc -lc_r -pthread -D_THREAD_SAFE -Wall -D_GNU_SOURCE
-DNDEBUG ) works... yes
checking whether the C compiler (gcc -lc_r -pthread -D_THREAD_SAFE -Wall -D_GNU_SOURCE
-DNDEBUG ) is a cross-compiler... no
...
checking gethostbyaddr_r() syntax... GNU-style
checking gethostbyname_r() syntax... configure: warning: ** BSD Style
gethostbyname might NOT be thread-safe! **
BSD-style
configure:7978: checking gethostbyaddr_r() syntax
configure:7990: gcc -o conftest -lc_r -pthread -D_THREAD_SAFE -Wall -D_GNU_SOURCE
-DNDEBUG conftest.c 15
configure: In function `main':
configure:7986: warning: implicit declaration of function `gethostbyaddr_r'
configure:8068: checking gethostbyname_r() syntax
configure:8080: gcc -o conftest -lc_r -pthread -D_THREAD_SAFE -Wall -D_GNU_SOURCE
-DNDEBUG conftest.c 15
configure: In function `main':
configure:8076: warning: implicit declaration of function `gethostbyname_r'
/tmp/ccPdZdUM.o: In function `main':
/tmp/ccPdZdUM.o(.text+0x16): undefined reference to `gethostbyname_r'
configure: failed program was:
#line 8070 configure
#include confdefs.h
#include stdio.h
#include netdb.h
int main() {
gethostbyname_r(NULL, NULL, NULL, 0, NULL, NULL)
; return 0; }
configure:8106: gcc -o conftest -lc_r -pthread -D_THREAD_SAFE -Wall -D_GNU_SOURCE
-DNDEBUG conftest.c 15
configure: In function `main':
configure:8102: warning: implicit declaration of function `gethostbyname_r'
/tmp/ccEe8ds7.o: In function `main':
/tmp/ccEe8ds7.o(.text+0x14): undefined reference to `gethostbyname_r'
configure: failed program was:
#line 8096 configure
#include confdefs.h
#include stdio.h
#include netdb.h
int main() {
gethostbyname_r(NULL, NULL, NULL, 0, NULL)
; return 0; }
configure:8133: gcc -o conftest -lc_r -pthread -D_THREAD_SAFE -Wall -D_GNU_SOURCE
-DNDEBUG conftest.c 15
--
=
Paul TBBle Hampson
Bubblesworth Pty Ltd (ABN: 51 095 284 361)
[EMAIL PROTECTED]
This is a one line proof...if we start
sufficiently far to the left.
-- Cambridge University Math Department
-
Random signature generator 3.0 by Paul TBBle Hampson
=
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
--
S.N.O.O.P.: Synthetic Networked Organism Optimized for Peacekeeping
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: GPL headers
From: Nicolas Baradakis Sent: Tuesday, 9 September 2003 1:33 AM Alan DeKok wrote: As FreeRADIUS is developed under the GNU General Public License, all the contributions fall under the GPL too. Therefore I was thinking it would be better to make it explicit in all files in the source tree. Or is it ok to leave it like that ? I don't really know. Submit patches, if it's important to you. It was really a boring job but I spent some time for that. Thankyou. I think it's a good thing to have, and will apply them once the following is cleared up. The following files already had a GPL header but it was incomplete or contained a typo: src/modules/rlm_acct_unique/rlm_acct_unique.c src/modules/rlm_always/rlm_always.c src/modules/rlm_attr_filter/rlm_attr_filter.c src/modules/rlm_dbm/rlm_dbm.c src/modules/rlm_dbm/rlm_dbm_cat.c src/modules/rlm_dbm/rlm_dbm_parser.c src/modules/rlm_detail/rlm_detail.c src/modules/rlm_unix/cache.c src/modules/rlm_unix/compat.c Can you make these a seperate patch? That should apply fairly safely and quickly. The following file had no licence, so I inserted a GPL header: src/lib/crypt.c src/lib/dict.c src/lib/hmac.c src/lib/log.c src/lib/misc.c src/lib/missing.c src/lib/print.c src/lib/radius.c src/lib/snprintf.c src/lib/token.c src/lib/valuepair.c I dunno how to tell you this after so much work, but src/lib (libradius) is under the LGPL, not the GPL. (I think this is specified in the COPYRIGHT file, if not, in the debian/copyright file). The following files already have a licence, but it's not GPL. In doubt, I didn't touch them. It should be wise to ask someone who knows well about free software licence stuff if it's all right to have these in Freeradius: I am not a lawyer, but I play one on TV... src/lib/filters.c (c) 1994 Ascend, may be used as long as banner remains; Alan DeKok, GPL. Should be LGPL, part of libradius src/lib/isaac.c Public Domain src/lib/md4.c (c) 1990,1991,1992 RSA Data Security, may be used as long as banner remains and we call it RSA Data Security, Inc. MD4 Message-Digest Algorithm src/lib/md5.c (c) 1991,1992 RSA Data Security, may be used as long as banner remains and we call it RSA Data Security, Inc. MD5 Message-Digest Algorithm EAP/RSA Data Security, Inc. MD5 Message-Digest Algorithm anyone? src/lib/sha1.csrc Public Domain So in short, we probably should look at the MD4/MD5 license and be sure we're obeying it. And Alan's parts of filters.c should be LGPL. Then the whole thing is fairly safely LGPL. Although maybe md4/md5 can be replaced with less licensed versions? I noticed a comment in md5.c about broken system md5 implementations... Maybe mcrypt solves this? And the only src/lib file not listed here somewhere is smbdes.c Oh yuck, that's GPLv2... Have to go look up whether LGPL can contain GPL'd code. (I don't think it can GPL can depend on LGPL'd code, as we're doing in FreeRADIUS. Not vice versa.) Maybe this could also be tossed in for a non-GPL-encumbered DES? (mcrypt again. :-) No idea how wide-spread mcrypt is though. :-( -- = Paul TBBle Hampson Bubblesworth Pty Ltd (ABN: 51 095 284 361) [EMAIL PROTECTED] This is a one line proof...if we start sufficiently far to the left. -- Cambridge University Math Department - Random signature generator 3.0 by Paul TBBle Hampson = - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
postgresql and freeradius accounting problem
hello list, i am just new to this list. i know igor chen is on of those i have seen posting some about postgresql and freeradius. i am having problem with postgresql and freeradius on its accounting. there seems to have no entries when i i try radtest using ntradping. i am using postgresql 7.2.3 and freeradis 0.4 or the latest. my box is on freebsd 4.8. is anyone here having the same specs as mine as well as having problems? if you do please let me know how you solved the same problem as i have. if you happen to have a step by step notes on configuration of the postgresql + freeradius, i would be honored to take it. thanks, francis ted a. seguerra www.1asialink.com brbr table border=0 width=100% height=9 tr td width=100% height=9 font face=Arial color=#006600-br iBringing First World Technology Closer to You./ibr bhttp://www.1asialink.com/b/font/td /tr /table - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: postgresql and freeradius accounting problem
At 09:43 AM 9/10/2003, [EMAIL PROTECTED] wrote: hello list, i am just new to this list. i know igor chen is on of those i have seen posting some about postgresql and freeradius. i am having problem with postgresql and freeradius on its accounting. there seems to have no entries when i i try radtest using ntradping. i am using postgresql 7.2.3 and freeradis 0.4 or the latest. my box is on freebsd 4.8. Please consider upgrading, the lastest release is 0.9.1. The version 0.4 is *very* *very* old and have many known bugs and memory leaks which are fixed in the current release. -Chris -- \\\|||/// \ StarNet Inc. \ Chris Parker \ ~ ~ / \ WX *is* Wireless!\ Director, Engineering | @ @ |\ http://www.starnetwx.net \ (847) 963-0116 oOo---(_)---oOo--\-- \ Wholesale Internet Services - http://www.megapop.net - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Minor (but crashing) bug in rlm_mschap
On Wed, 10 Sep 2003, Alan DeKok wrote: Peter Stamfest [EMAIL PROTECTED] wrote: The problem surfaces through the return of NULL at line 601 in pairparsevalue in src/lib/valuepair.c which makes pairmake return NULL in the case of an integer that does not start with a digit ( does not start with a digit). Ah. Fixed, thanks. It could very well be the case that similar problems exist in other places where an integer attribute has to be initialized (I did not check). It might be worth it to make this situation (integer attribute, empty string) a special case for pairmake, because such a bug could easily be introduced by somebody not aware of this special case. peter - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: GPL headers
Paul Hampson wrote: The following files already had a GPL header but it was incomplete or contained a typo: src/modules/rlm_acct_unique/rlm_acct_unique.c src/modules/rlm_always/rlm_always.c src/modules/rlm_attr_filter/rlm_attr_filter.c src/modules/rlm_dbm/rlm_dbm.c src/modules/rlm_dbm/rlm_dbm_cat.c src/modules/rlm_dbm/rlm_dbm_parser.c src/modules/rlm_detail/rlm_detail.c src/modules/rlm_unix/cache.c src/modules/rlm_unix/compat.c Can you make these a seperate patch? That should apply fairly safely and quickly. Ok, this is a new patch for these files only. $ cvs diff -u src/modules/rlm_acct_unique/rlm_acct_unique.c src/modules/rlm_always/rlm_always.c src/modules/rlm_attr_filter/rlm_attr_filter.c src/modules/rlm_dbm/rlm_dbm.c src/modules/rlm_dbm/rlm_dbm_cat.c src/modules/rlm_dbm/rlm_dbm_parser.c src/modules/rlm_detail/rlm_detail.c src/modules/rlm_unix/cache.c src/modules/rlm_unix/compat.c Index: src/modules/rlm_acct_unique/rlm_acct_unique.c === RCS file: /source/radiusd/src/modules/rlm_acct_unique/rlm_acct_unique.c,v retrieving revision 1.27 diff -u -r1.27 rlm_acct_unique.c --- src/modules/rlm_acct_unique/rlm_acct_unique.c 3 Dec 2002 16:27:37 - 1.27 +++ src/modules/rlm_acct_unique/rlm_acct_unique.c 10 Sep 2003 15:15:17 - @@ -1,7 +1,7 @@ /* * rlm_acct_unique.c * - * This program is is free software; you can redistribute it and/or modify + * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License, version 2 if the * License as published by the Free Software Foundation. * Index: src/modules/rlm_always/rlm_always.c === RCS file: /source/radiusd/src/modules/rlm_always/rlm_always.c,v retrieving revision 1.10 diff -u -r1.10 rlm_always.c --- src/modules/rlm_always/rlm_always.c 14 Jul 2003 17:27:34 - 1.10 +++ src/modules/rlm_always/rlm_always.c 10 Sep 2003 15:15:17 - @@ -1,7 +1,7 @@ /* * rlm_always.c * - * This program is is free software; you can redistribute it and/or modify + * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License, version 2 if the * License as published by the Free Software Foundation. * Index: src/modules/rlm_attr_filter/rlm_attr_filter.c === RCS file: /source/radiusd/src/modules/rlm_attr_filter/rlm_attr_filter.c,v retrieving revision 1.13 diff -u -r1.13 rlm_attr_filter.c --- src/modules/rlm_attr_filter/rlm_attr_filter.c 7 Jul 2003 19:04:05 - 1.13 +++ src/modules/rlm_attr_filter/rlm_attr_filter.c 10 Sep 2003 15:15:17 - @@ -5,7 +5,7 @@ * * Version: $Id: rlm_attr_filter.c,v 1.13 2003/07/07 19:04:05 aland Exp $ * - * This program is is free software; you can redistribute it and/or modify + * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License, version 2 if the * License as published by the Free Software Foundation. * Index: src/modules/rlm_dbm/rlm_dbm.c === RCS file: /source/radiusd/src/modules/rlm_dbm/rlm_dbm.c,v retrieving revision 1.6 diff -u -r1.6 rlm_dbm.c --- src/modules/rlm_dbm/rlm_dbm.c 7 Jul 2003 19:05:14 - 1.6 +++ src/modules/rlm_dbm/rlm_dbm.c 10 Sep 2003 15:15:17 - @@ -3,18 +3,22 @@ * * Version: $Id: rlm_dbm.c,v 1.6 2003/07/07 19:05:14 aland Exp $ * - * This program is is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License, version 2 if the - * License as published by the Free Software Foundation. + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * Copyright 2001 Koulik Andrei, Sandy Service + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + * Copyright 2001 Koulik Andrei, Sandy
Re: Installation Error
do you have a suggestion to resolve this issue? Adam Rothenberg Network Technician Palatine High School N. Rohlwing Rd. Palatine, IL 60074 (847) 755-1764 Alan DeKok [EMAIL PROTECTED] Sent by:To: [EMAIL PROTECTED] [EMAIL PROTECTED]cc: .cistron.nl Subject: Re: Installation Error 09/10/2003 09:29 AM Please respond to freeradius-users [EMAIL PROTECTED] wrote: here is the last part everything before appears to be ok. libtool: install: `rlm_mschap.la' is not a valid libtool archive It looks like the rlm_mschap module wasn't built, but it's trying to install it. I've never seen that happen before, as the build system is set up to install ONLY those modules which it builds. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Installation Error
At 10:26 AM 9/10/2003, [EMAIL PROTECTED] wrote: do you have a suggestion to resolve this issue? If you don't need the rlm_mschap module, an easy fix would be to simply rm -rf the src/modules/rlm_mschap directory so that it doesn't build/install it. -Chris -- \\\|||/// \ StarNet Inc. \ Chris Parker \ ~ ~ / \ WX *is* Wireless!\ Director, Engineering | @ @ |\ http://www.starnetwx.net \ (847) 963-0116 oOo---(_)---oOo--\-- \ Wholesale Internet Services - http://www.megapop.net - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: postgresql and freeradius accounting problem
sorry i made a mistake, i am using the latest snapshot for freeradius. but still i got errors on accounting. it doesnt insert any on the db when i try to use accounting start. At 09:43 AM 9/10/2003,[EMAIL PROTECTED]: hello list, i am just new to this list. i know igor chen is on of those i have seen posting some about postgresql and freeradius. i am having problem with postgresql and freeradius on its accounting. there seems to have no entries when i i try radtest using ntradping. i am using postgresql 7.2.3 and freeradis 0.4 or the latest. my box is on freebsd 4.8. Please consider upgrading, the lastest release is 0.9.1. The version 0.4 is *very* *very* old and have many known bugs and memory leaks which are fixed in the current release. -Chris -- \\\|||/// \ StarNet Inc. \ Chris Parker \ ~ ~ / \ WX *is* Wireless! \ Director, Engineering | @ [EMAIL PROTECTED]| \ http://www.starnetwx.net \ (847) 963-0116 oOo---(_)---oOo--\-- \ Wholesale Internet Services - http://www.megapop.net - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html brbr table border=0 width=100% height=9 tr td width=100% height=9 font face=Arial color=#006600-br iBringing First World Technology Closer to You./ibr bhttp://www.1asialink.com/b/font/td /tr /table - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: GPL headers
Paul Hampson wrote: The following file had no licence, so I inserted a GPL header: src/lib/crypt.c src/lib/dict.c src/lib/hmac.c src/lib/log.c src/lib/misc.c src/lib/missing.c src/lib/print.c src/lib/radius.c src/lib/snprintf.c src/lib/token.c src/lib/valuepair.c I dunno how to tell you this after so much work, but src/lib (libradius) is under the LGPL, not the GPL. (I think this is specified in the COPYRIGHT file, if not, in the debian/copyright file). Argh, I should have read this earlier. src/modules/rlm_ldap/rlm_ldap.c src/modules/rlm_mschap/smbencrypt.c src/modules/rlm_passwd/rlm_passwd.c src/modules/rlm_smb/valid.c src/modules/rlm_sql/drivers/rlm_sql_iodbc/sql_iodbc.c src/modules/rlm_sql/drivers/rlm_sql_oracle/sql_oracle.c src/modules/rlm_sql/drivers/rlm_sql_sybase/sql_sybase.c src/modules/rlm_sql/drivers/rlm_sql_unixodbc/sql_unixodbc.c The files above have no license and are not in src/lib, therefore I put them in a separate patch too. $ cvs diff -u src/modules/rlm_ldap/rlm_ldap.c src/modules/rlm_mschap/smbencrypt.c src/modules/rlm_passwd/rlm_passwd.c src/modules/rlm_smb/valid.c src/modules/rlm_sql/drivers/rlm_sql_iodbc/sql_iodbc.c src/modules/rlm_sql/drivers/rlm_sql_oracle/sql_oracle.c src/modules/rlm_sql/drivers/rlm_sql_sybase/sql_sybase.c src/modules/rlm_sql/drivers/rlm_sql_unixodbc/sql_unixodbc.c Index: src/modules/rlm_ldap/rlm_ldap.c === RCS file: /source/radiusd/src/modules/rlm_ldap/rlm_ldap.c,v retrieving revision 1.109 diff -u -r1.109 rlm_ldap.c --- src/modules/rlm_ldap/rlm_ldap.c 29 Aug 2003 12:11:51 - 1.109 +++ src/modules/rlm_ldap/rlm_ldap.c 10 Sep 2003 15:32:11 - @@ -1,7 +1,20 @@ /* - * rlm_ldap.c LDAP authorization and authentication module. - * - * + * rlm_ldap.c LDAP authorization and authentication module. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * * This module is based on LDAP patch to Cistron radiusd by James Golovich * [EMAIL PROTECTED], which in turn was based mostly on a Mysql+Cistron patch * from [EMAIL PROTECTED] Index: src/modules/rlm_mschap/smbencrypt.c === RCS file: /source/radiusd/src/modules/rlm_mschap/smbencrypt.c,v retrieving revision 1.4 diff -u -r1.4 smbencrypt.c --- src/modules/rlm_mschap/smbencrypt.c 4 Mar 2003 17:38:17 - 1.4 +++ src/modules/rlm_mschap/smbencrypt.c 10 Sep 2003 15:32:11 - @@ -1,9 +1,22 @@ /* - smbencrypt - produces LM-Passowrd and NT-Password from - cleartext password - - (c) 2002 3APA3A for FreeRADIUS project - + * smbencrypt.cProduces LM-Password and NT-Password from + * cleartext password + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + * Copyright 2002 3APA3A for FreeRADIUS project */ #include autoconf.h Index: src/modules/rlm_passwd/rlm_passwd.c === RCS file: /source/radiusd/src/modules/rlm_passwd/rlm_passwd.c,v retrieving revision 1.9 diff -u -r1.9 rlm_passwd.c --- src/modules/rlm_passwd/rlm_passwd.c 27 Jun 2003 10:48:41 - 1.9 +++ src/modules/rlm_passwd/rlm_passwd.c 10 Sep 2003 15:32:12 - @@ -1,3 +1,23 @@ +/* + * rlm_passwd.c + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option)
Re: 0.9.1, gethostbyname_r again
Alex Kasatkin wrote:
When I've add -lc_r, rlm_dbm_parser links normally, but with some warnings.
What's c_r? Is that where the ghostby{addr,name}_r stuff lives? I guess that
could be detected as
a required library for the gethostby{addr,name}_r function-using modules
(hopefully just libradius)
AFAIR it's threaded c library.
man 3 pthread_create
NAME
pthread_create - create a new thread
LIBRARY
Reentrant C Library (libc_r, -pthread)
Is this a FreeBSD-only thing?
AFAIK OpenBSD has it too, not sure about NetBSD.
There is no such library in NetBSD.
--
Nicolas Baradakis
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: postgresql and freeradius accounting problem
At 10:38 AM 9/10/2003, [EMAIL PROTECTED] wrote: sorry i made a mistake, i am using the latest snapshot for freeradius. but still i got errors on accounting. it doesnt insert any on the db when i try to use accounting start. What does the debug output say? ( running the server 'radiusd -x -x' ) -Chris -- \\\|||/// \ StarNet Inc. \ Chris Parker \ ~ ~ / \ WX *is* Wireless!\ Director, Engineering | @ @ |\ http://www.starnetwx.net \ (847) 963-0116 oOo---(_)---oOo--\-- \ Wholesale Internet Services - http://www.megapop.net - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Installation Error
well let me ask you if I would need that for a wireless radius server? I have not gotten to to reading how to implement that specifically, I was just concentrating on getting the install complete so I could start the wireless stuff. Adam Rothenberg Network Technician Palatine High School N. Rohlwing Rd. Palatine, IL 60074 (847) 755-1764 Chris Parker [EMAIL PROTECTED]To: [EMAIL PROTECTED] Sent by:cc: [EMAIL PROTECTED]Subject: Re: Installation Error .cistron.nl 09/10/2003 10:30 AM Please respond to freeradius-users At 10:26 AM 9/10/2003, [EMAIL PROTECTED] wrote: do you have a suggestion to resolve this issue? If you don't need the rlm_mschap module, an easy fix would be to simply rm -rf the src/modules/rlm_mschap directory so that it doesn't build/install it. -Chris -- \\\|||/// \ StarNet Inc. \ Chris Parker \ ~ ~ / \ WX *is* Wireless!\ Director, Engineering | @ @ |\ http://www.starnetwx.net \ (847) 963-0116 oOo---(_)---oOo--\-- \ Wholesale Internet Services - http://www.megapop.net - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Installation Error
I did remove that directory and here is the new error libtool: install: `rlm_unix.la' is not a valid libtool archive Try `libtool --help --mode=install' for more information. gmake[6]: Leaving directory `/root/radiusinstall/freeradius-0.9.1/src/modules/rlm_unix' Making install in rlm_x99_token... gmake[6]: Entering directory `/root/radiusinstall/freeradius-0.9.1/src/modules/rlm_x99_token' if [ xrlm_x99_token != x ]; then \ /root/radiusinstall/freeradius-0.9.1/libtool --mode=install /root/radiusinstall/freeradius-0.9.1/install-sh -c -c \ rlm_x99_token.la /usr/local/lib/rlm_x99_token.la; \ rm -f /usr/local/lib/rlm_x99_token-0.9.1.la; \ ln -s rlm_x99_token.la /usr/local/lib/rlm_x99_token-0.9.1.la; \ fi libtool: install: `rlm_x99_token.la' is not a valid libtool archive Try `libtool --help --mode=install' for more information. gmake[6]: Leaving directory `/root/radiusinstall/freeradius-0.9.1/src/modules/rlm_x99_token' gmake[5]: Leaving directory `/root/radiusinstall/freeradius-0.9.1/src/modules' gmake[4]: Leaving directory `/root/radiusinstall/freeradius-0.9.1/src/modules' Making install in main... gmake[4]: Entering directory `/root/radiusinstall/freeradius-0.9.1/src/main' /root/radiusinstall/freeradius-0.9.1/libtool --mode=install /root/radiusinstall/freeradius-0.9.1/install-sh -c -m 755 -s radiusd /usr/local/sbin /root/radiusinstall/freeradius-0.9.1/install-sh -c -m 755 -s radiusd /usr/local/sbin/radiusd install: radiusd does not exist gmake[4]: *** [install] Error 1 gmake[4]: Leaving directory `/root/radiusinstall/freeradius-0.9.1/src/main' gmake[3]: *** [common] Error 1 gmake[3]: Leaving directory `/root/radiusinstall/freeradius-0.9.1/src' gmake[2]: *** [install] Error 2 gmake[2]: Leaving directory `/root/radiusinstall/freeradius-0.9.1/src' gmake[1]: *** [common] Error 1 gmake[1]: Leaving directory `/root/radiusinstall/freeradius-0.9.1' make: *** [install] Error 2 Adam Rothenberg Network Technician Palatine High School N. Rohlwing Rd. Palatine, IL 60074 (847) 755-1764 Chris Parker [EMAIL PROTECTED]To: [EMAIL PROTECTED] Sent by:cc: [EMAIL PROTECTED]Subject: Re: Installation Error .cistron.nl 09/10/2003 10:30 AM Please respond to freeradius-users At 10:26 AM 9/10/2003, [EMAIL PROTECTED] wrote: do you have a suggestion to resolve this issue? If you don't need the rlm_mschap module, an easy fix would be to simply rm -rf the src/modules/rlm_mschap directory so that it doesn't build/install it. -Chris -- \\\|||/// \ StarNet Inc. \ Chris Parker \ ~ ~ / \ WX *is* Wireless!\ Director, Engineering | @ @ |\ http://www.starnetwx.net \ (847) 963-0116 oOo---(_)---oOo--\-- \ Wholesale Internet Services - http://www.megapop.net - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Installation Error
At 10:56 AM 9/10/2003, [EMAIL PROTECTED] wrote: well let me ask you if I would need that for a wireless radius server? I have not gotten to to reading how to implement that specifically, I was just concentrating on getting the install complete so I could start the wireless stuff. It depends highly on the wireless authentication that you need to support. Unless it specifically needs MSChap, you may not need it. It is hard to say as there are so many options/methods used by different wireless systems. -Chris -- \\\|||/// \ StarNet Inc. \ Chris Parker \ ~ ~ / \ WX *is* Wireless!\ Director, Engineering | @ @ |\ http://www.starnetwx.net \ (847) 963-0116 oOo---(_)---oOo--\-- \ Wholesale Internet Services - http://www.megapop.net - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Installation Error
[EMAIL PROTECTED] wrote: I did remove that directory and here is the new error libtool: install: `rlm_unix.la' is not a valid libtool archive Let me ask a stupid question: Did you follow the procedure set out in the INSTALL file, and actually *build* the modules, before trying to install them? Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: GPL headers
Paul Hampson wrote: I am not a lawyer, but I play one on TV... [...] You should look at src/lib/snprintf.c too. There is no licence in the header but it comes from mutt source code which is GPL... -- Nicolas Baradakis - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Installation Error
I followed the how to install on the FAQ Adam Rothenberg Network Technician Palatine High School N. Rohlwing Rd. Palatine, IL 60074 (847) 755-1764 Alan DeKok [EMAIL PROTECTED] Sent by:To: [EMAIL PROTECTED] [EMAIL PROTECTED]cc: .cistron.nl Subject: Re: Installation Error 09/10/2003 11:04 AM Please respond to freeradius-users [EMAIL PROTECTED] wrote: I did remove that directory and here is the new error libtool: install: `rlm_unix.la' is not a valid libtool archive Let me ask a stupid question: Did you follow the procedure set out in the INSTALL file, and actually *build* the modules, before trying to install them? Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Installation Error
[EMAIL PROTECTED] wrote: I followed the how to install on the FAQ That's nice, but I think either you did something different from what you said, OR your system is incredibly screwed up. The errors you're running into will be seen ONLY when the 'configure' process decided that the modules should be built, AND those modules weren't actually built, AND you're trying to install them. Let me make another guess, then. The 'make' process failed with an error, before it built 'rlm_mschap'. You ignored this error, and are now trying to install modules which were never built. The 'install' process decides to install ONLY the modules which get built. If those modules aren't built, then the install will fail. Stop playing games with the 'install' process, and find out why those modules weren't built. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Problems authenticating with mpd, MSCHAPv2
Thus spake Sean Perry ([EMAIL PROTECTED]) [09/09/03 19:55]: If I change the mpd configuration to use PAP instead of CHAP, I get authentication success, but then there's some weirdness going on on the mpd side of things that I'm also trying to figure out. Even though rlm_chap complains about not being able to find a proper Chap-Password attribute, I can see the MS-CHAP-Challenge and -Response right in the packet debug. as I was told recently, you can't get there from here. sigh That's what I was afraid of... There is currently no way to authenticate via CHAP against a Windows domain from Linux. Alan explains this in the thread I started last week. I have to do some reading up on CHAP. Before I started this, I had convinced myself, against my own judgement, that this would in fact be possible. The best possibility I have found is using a radius relay and a Windows based radius server like Internet Authentication Service which comes with win2k server. Haven't tried to get it to work yet, but it is the most likely way to get it working. Unfortunately the DC is not under my control. I'll have to convince the admins there to install the RADIUS server. You don't happen to know if NT4 comes with one, do you? /clutching at straws - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Problems authenticating with mpd, MSCHAPv2
Thus spake Alan DeKok ([EMAIL PROTECTED]) [10/09/03 10:10]: Even though rlm_chap complains about not being able to find a proper Chap-Password attribute, I can see the MS-CHAP-Challenge and -Response right in the packet debug. But no CHAP-Password. The names are different, that should be a hint. (This is going off on a tangent...) But rlm_chap consults the mschap module, does it not? Ah, but it tells mschap to look for Chap-Password, /not/ MS-CHAP-Password. Okay, I'll stop musing aloud, go re-learn myself some CHAP, and start over. Thanks for the help. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: postgresql and freeradius accounting problem
here are attached files.
At 10:38 AM 9/10/2003,[EMAIL PROTECTED]:
sorry i made a mistake, i am using the latest snapshot for freeradius.
but
still i got errors on accounting. it doesnt insert any on the db when i
try to use accounting start.
What does the debug output say? ( running the server 'radiusd -x -x' )
-Chris
--
\\\|||/// \ StarNet Inc. \ Chris Parker
\ ~ ~ / \ WX *is* Wireless! \ Director, Engineering
|[EMAIL PROTECTED]@ | \ http://www.starnetwx.net \ (847) 963-0116
oOo---(_)---oOo--\--
\ Wholesale Internet Services - http://www.megapop.net
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
brbr
table border=0 width=100% height=9
tr
td width=100% height=9
font face=Arial
color=#006600-br
iBringing First World Technology Closer to You./ibr
bhttp://www.1asialink.com/b/font/td
/tr
/tableStarting - reading configuration files ...
reread_config: reading radiusd.conf
Config: including file: /usr/local/etc/raddb/proxy.conf
Config: including file: /usr/local/etc/raddb/clients.conf
Config: including file: /usr/local/etc/raddb/snmp.conf
Config: including file: /usr/local/etc/raddb/sql.conf
main: prefix = /usr/local
main: localstatedir = /usr/local/var
main: logdir = /usr/local/var/log/radius
main: libdir = /usr/local/lib
main: radacctdir = /usr/local/var/log/radius/radacct
main: hostname_lookups = no
main: max_request_time = 30
main: cleanup_delay = 5
main: max_requests = 1024
main: delete_blocked_requests = 0
main: port = 0
main: allow_core_dumps = no
main: log_stripped_names = no
main: log_file = /usr/local/var/log/radius/radius.log
main: log_auth = no
main: log_auth_badpass = no
main: log_auth_goodpass = no
main: pidfile = /usr/local/var/run/radiusd/radiusd.pid
main: user = radius
main: group = radius
main: usercollide = no
main: lower_user = no
main: lower_pass = no
main: nospace_user = no
main: nospace_pass = no
main: checkrad = /usr/local/sbin/checkrad
main: proxy_requests = yes
proxy: retry_delay = 5
proxy: retry_count = 3
proxy: synchronous = no
proxy: default_fallback = yes
proxy: dead_time = 120
proxy: post_proxy_authorize = yes
proxy: wake_all_if_all_dead = no
security: max_attributes = 200
security: reject_delay = 1
security: status_server = no
main: debug_level = 0
read_config_files: reading dictionary
read_config_files: reading naslist
Using deprecated naslist file. Support for this will go away soon.
read_config_files: reading clients
Using deprecated clients file. Support for this will go away soon.
read_config_files: reading realms
Using deprecated realms file. Support for this will go away soon.
radiusd: entering modules setup
Module: Library search path is /usr/local/lib
Module: Loaded expr
Module: Instantiated expr (expr)
Module: Loaded PAP
pap: encryption_scheme = crypt
Module: Instantiated pap (pap)
Module: Loaded CHAP
Module: Instantiated chap (chap)
Module: Loaded MS-CHAP
mschap: use_mppe = yes
mschap: require_encryption = no
mschap: require_strong = no
mschap: passwd = (null)
mschap: authtype = MS-CHAP
Module: Instantiated mschap (mschap)
Module: Loaded preprocess
preprocess: huntgroups = /usr/local/etc/raddb/huntgroups
preprocess: hints = /usr/local/etc/raddb/hints
preprocess: with_ascend_hack = no
preprocess: ascend_channels_per_line = 23
preprocess: with_ntdomain_hack = no
preprocess: with_specialix_jetstream_hack = no
preprocess: with_cisco_vsa_hack = no
Module: Instantiated preprocess (preprocess)
Module: Loaded SQL
sql: driver = rlm_sql_postgresql
sql: server = localhost
sql: port =
sql: login = radius
sql: password = radius2k3
sql: radius_db = radius
sql: acct_table = radacct
sql: acct_table2 = radacct
sql: authcheck_table = radcheck
sql: authreply_table = radreply
sql: groupcheck_table = radgroupcheck
sql: groupreply_table = radgroupreply
sql: usergroup_table = usergroup
sql: nas_table = nas
sql: dict_table = dictionary
sql: sqltrace = yes
sql: sqltracefile = /usr/local/var/log/radius/sqltrace.sql
sql: deletestalesessions = yes
sql: num_sql_socks = 5
sql: sql_user_name = %{User-Name}
sql: default_user_profile =
sql: query_on_not_found = no
sql: authorize_check_query = SELECT id, UserName, Attribute, Value, Op ??FROM
radcheck ??WHERE Username = '%{SQL-User-Name}' ??ORDER BY id
sql: authorize_reply_query = SELECT id, UserName, Attribute, Value, Op ??FROM
radreply ??WHERE Username = '%{SQL-User-Name}' ??ORDER BY id
sql: authorize_group_check_query = SELECT radgroupcheck.id, radgroupcheck.GroupName,
??radgroupcheck.Attribute, radgroupcheck.Value,radgroupcheck.Op ??FROM radgroupcheck,
usergroup ??WHERE usergroup.Username = '%{SQL-User-Name}' AND usergroup.GroupName =
radgroupcheck.GroupName ??ORDER BY
Re: Problems authenticating with mpd, MSCHAPv2
Damian Gerow [EMAIL PROTECTED] wrote: But rlm_chap consults the mschap module, does it not? No. Ah, but it tells mschap to look for Chap-Password, /not/ MS-CHAP-Password. No. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Problems authenticating with mpd, MSCHAPv2
Thus spake Alan DeKok ([EMAIL PROTECTED]) [10/09/03 13:12]: Damian Gerow [EMAIL PROTECTED] wrote: But rlm_chap consults the mschap module, does it not? No. Ah, but it tells mschap to look for Chap-Password, /not/ MS-CHAP-Password. No. Okay... So can I get an explanation as to what's going on here: modcall: entering group authorize modcall[authorize]: module preprocess returns ok rlm_realm: No '@' in User-Name = damiang, looking up realm NULL rlm_realm: No such realm NULL modcall[authorize]: module suffix returns noop users: Matched DEFAULT at 2 modcall[authorize]: module files returns ok rlm_chap: Could not find proper Chap-Password attribute in request modcall[authorize]: module chap returns noop modcall[authorize]: module mschap returns notfound Is that saying, 'Could not contact the mschap module', or 'The mschap module said it couldn't find a Chap-Passowrd', or 'I'm not supposed to look at the mschap module, even though it's somewhere in my configuration'? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: postgresql and freeradius accounting problem
At 12:12 PM 9/10/2003, [EMAIL PROTECTED] wrote:
here are attached files.
Did you read the debug output, your error and the reason for it are
explained:
rlm_sql_postgresql: query: INSERT into radacct (AcctSessionId,
AcctUniqueId, UserName, Realm, NASIPAddress, NASPortId, NASPortType,
AcctStartTime, AcctSessionTime, AcctAuthentic, ConnectInfo_start,
ConnectInfo_stop, AcctInputOctets, AcctOutputOctets, CalledStationId,
CallingStationId, AcctTerminateCause, ServiceType, FramedProtocol,
FramedIPAddress, AcctStartDelay, AcctStopDelay) values('2836',
'3879d6b9c94adcc6', 'boggss', '', '10.10.80.23', '', '', '2003-09-11
00:12:19', '-1', '', '', '', '0', '0', '', '', '', '', '', '', '', '0')
rlm_sql_postgresql: Status: PGRES_FATAL_ERROR
rlm_sql_postgresql: affected rows =
rlm_sql_postgresql: Postgresql check_error: PGRES_FATAL_ERROR, returning
SQL_DOWN
rlm_sql (sql): failed after re-connect
rlm_sql (sql): Couldn't update SQL accounting for START packet -
ERROR: pg_atoi: zero-length string
You are 'faking' a start record with incomplete information. Send it
a real start packet, or one with more complete information. IE, you
need to include more information than just:
User-Name = boggss
Acct-Status-Type = Start
Acct-Session-Id = 2836
-Chris
--
\\\|||/// \ StarNet Inc. \ Chris Parker
\ ~ ~ / \ WX *is* Wireless!\ Director, Engineering
| @ @ |\ http://www.starnetwx.net \ (847) 963-0116
oOo---(_)---oOo--\--
\ Wholesale Internet Services - http://www.megapop.net
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Problems authenticating with mpd, MSCHAPv2
Damian Gerow [EMAIL PROTECTED] wrote: Okay... So can I get an explanation as to what's going on here: rlm_chap: Could not find proper Chap-Password attribute in request modcall[authorize]: module chap returns noop There's no CHAP-Password, so the 'chap' module doesn't do anything. modcall[authorize]: module mschap returns notfound You're using an old version of the server. Upgrade to 0.9.1. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Problems authenticating with mpd, MSCHAPv2
Thus spake Alan DeKok ([EMAIL PROTECTED]) [10/09/03 13:32]: Damian Gerow [EMAIL PROTECTED] wrote: Okay... So can I get an explanation as to what's going on here: rlm_chap: Could not find proper Chap-Password attribute in request modcall[authorize]: module chap returns noop There's no CHAP-Password, so the 'chap' module doesn't do anything. Makes sense. modcall[authorize]: module mschap returns notfound You're using an old version of the server. Upgrade to 0.9.1. I've been running 0.9.1 this entire time. I just installed it yesterday, from the FreeBSD ports system. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: FreeRadius to Novell Netware
woohooo! I got it to respond quicker. Stupid me didn't put an entry in the hosts file and that's why there was this delay. [EMAIL PROTECTED] 09/09/03 04:07PM RedHat 9 with FreeRadius 0.9.1 Novell Netware 6 sp3 I recently installed the latest FreeRadius and everything seemed fine. When I try to authenticate to LDAP on the Novell server it works fine but I don't get an instant response back. Rather, it takes about 20 seconds for an accept/reject response and if I try it again with the same user name/password, it takes about 10 seconds. I've also noticed that the LDAP bind takes awhile. I've searched through the FreeRadius mail archives and couldn't find anything useful. Can someone shed some light as to why I have this long delay? Any help would be greatly appreciated. Thanks in advance... Tin - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Problems authenticating with mpd, MSCHAPv2
Damian Gerow [EMAIL PROTECTED] wrote: You're using an old version of the server. Upgrade to 0.9.1. I've been running 0.9.1 this entire time. I just installed it yesterday, from the FreeBSD ports system. Then you have an older version of rlm_mschap sitting around. The rlm_mschap module in 0.9.1 NEVER returns 'notfound' from the 'authorize' stage. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: postgresql and freeradius accounting problem
sorry but i really dont know what your trying to say...please do some
suggestions to what i should do...
do you have a howto for this?
At 12:12 PM 9/10/2003,[EMAIL PROTECTED]:
here are attached files.
Did you read the debug output, your error and the reason for it are
explained:
rlm_sql_postgresql: query: INSERT into radacct (AcctSessionId,
AcctUniqueId, UserName, Realm, NASIPAddress, NASPortId, NASPortType,
AcctStartTime, AcctSessionTime, AcctAuthentic, ConnectInfo_start,
ConnectInfo_stop, AcctInputOctets, AcctOutputOctets, CalledStationId,
CallingStationId, AcctTerminateCause, ServiceType, FramedProtocol,
FramedIPAddress, AcctStartDelay, AcctStopDelay) values('2836',
'3879d6b9c94adcc6', 'boggss', '', '10.10.80.23', '', '', '2003-09-11
00:12:19', '-1', '', '', '', '0', '0', '', '', '', '', '', '', '', '0')
rlm_sql_postgresql: Status: PGRES_FATAL_ERROR
rlm_sql_postgresql: affected rows =
rlm_sql_postgresql: Postgresql check_error: PGRES_FATAL_ERROR, returning
SQL_DOWN
rlm_sql (sql): failed after re-connect
rlm_sql (sql): Couldn't update SQL accounting for START packet -
ERROR: pg_atoi: zero-length string
You are 'faking' a start record with incomplete information. Send it
a real start packet, or one with more complete information. IE, you
need to include more information than just:
User-Name = boggss
Acct-Status-Type = Start
Acct-Session-Id = 2836
-Chris
--
\\\|||/// \ StarNet Inc. \ Chris Parker
\ ~ ~ / \ WX *is* Wireless! \ Director, Engineering
| @ [EMAIL PROTECTED]| \ http://www.starnetwx.net \ (847) 963-0116
oOo---(_)---oOo--\--
\ Wholesale Internet Services - http://www.megapop.net
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
brbr
table border=0 width=100% height=9
tr
td width=100% height=9
font face=Arial
color=#006600-br
iBringing First World Technology Closer to You./ibr
bhttp://www.1asialink.com/b/font/td
/tr
/table
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Installation Error
I guess you are correct, I reran all the steps and it worked, but I did not have the MSChap folder in there. I am going to continue using the doc from the website you sited earlier and I will continue from there. Adam Rothenberg Network Technician Palatine High School N. Rohlwing Rd. Palatine, IL 60074 (847) 755-1764 Alan DeKok [EMAIL PROTECTED] Sent by:To: [EMAIL PROTECTED] [EMAIL PROTECTED]cc: .cistron.nl Subject: Re: Installation Error 09/10/2003 11:13 AM Please respond to freeradius-users [EMAIL PROTECTED] wrote: I followed the how to install on the FAQ That's nice, but I think either you did something different from what you said, OR your system is incredibly screwed up. The errors you're running into will be seen ONLY when the 'configure' process decided that the modules should be built, AND those modules weren't actually built, AND you're trying to install them. Let me make another guess, then. The 'make' process failed with an error, before it built 'rlm_mschap'. You ignored this error, and are now trying to install modules which were never built. The 'install' process decides to install ONLY the modules which get built. If those modules aren't built, then the install will fail. Stop playing games with the 'install' process, and find out why those modules weren't built. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: GPL headers
From: Nicolas Baradakis Sent: Thursday, 11 September 2003 1:21 AM $ cvs diff -u src/modules/rlm_acct_unique/rlm_acct_unique.c src/modules/rlm_always/rlm_always.c src/modules/rlm_attr_filter/rlm_attr_filter.c src/modules/rlm_dbm/rlm_dbm.c src/modules/rlm_dbm/rlm_dbm_cat.c src/modules/rlm_dbm/rlm_dbm_parser.c src/modules/rlm_detail/rlm_detail.c src/modules/rlm_unix/cache.c src/modules/rlm_unix/compat.c Index: src/modules/rlm_acct_unique/rlm_acct_unique.c === RCS file: /source/radiusd/src/modules/rlm_acct_unique/rlm_acct_unique.c,v retrieving revision 1.27 diff -u -r1.27 rlm_acct_unique.c --- src/modules/rlm_acct_unique/rlm_acct_unique.c 3 Dec 2002 16:27:37 - 1.27 +++ src/modules/rlm_acct_unique/rlm_acct_unique.c 10 Sep 2003 15:15:17 - @@ -1,7 +1,7 @@ /* * rlm_acct_unique.c * - * This program is is free software; you can redistribute it and/or modify + * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License, version 2 if the * License as published by the Free Software Foundation. * Is there a reason you let that (for example) version 2 if the ride but fixed Index: src/modules/rlm_dbm/rlm_dbm.c === RCS file: /source/radiusd/src/modules/rlm_dbm/rlm_dbm.c,v retrieving revision 1.6 diff -u -r1.6 rlm_dbm.c --- src/modules/rlm_dbm/rlm_dbm.c 7 Jul 2003 19:05:14 - 1.6 +++ src/modules/rlm_dbm/rlm_dbm.c 10 Sep 2003 15:15:17 - @@ -3,18 +3,22 @@ * * Version: $Id: rlm_dbm.c,v 1.6 2003/07/07 19:05:14 aland Exp $ * - * This program is is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License, version 2 if the - * License as published by the Free Software Foundation. + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. * - * Copyright 2001 Koulik Andrei, Sandy Service + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + * Copyright 2001 Koulik Andrei, Sandy Service */ - #include string.h #include stdlib.h more fully? -- = Paul TBBle Hampson Bubblesworth Pty Ltd (ABN: 51 095 284 361) [EMAIL PROTECTED] This is a one line proof...if we start sufficiently far to the left. -- Cambridge University Math Department - Random signature generator 3.0 by Paul TBBle Hampson = - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: GPL headers
From: Nicolas Baradakis Sent: Thursday, 11 September 2003 1:39 AM Paul Hampson wrote: src/modules/rlm_ldap/rlm_ldap.c src/modules/rlm_mschap/smbencrypt.c src/modules/rlm_passwd/rlm_passwd.c src/modules/rlm_smb/valid.c src/modules/rlm_sql/drivers/rlm_sql_iodbc/sql_iodbc.c src/modules/rlm_sql/drivers/rlm_sql_oracle/sql_oracle.c src/modules/rlm_sql/drivers/rlm_sql_sybase/sql_sybase.c src/modules/rlm_sql/drivers/rlm_sql_unixodbc/sql_unixodbc.c The files above have no license and are not in src/lib, therefore I put them in a separate patch too. Applied, thankyou. -- = Paul TBBle Hampson Bubblesworth Pty Ltd (ABN: 51 095 284 361) [EMAIL PROTECTED] This is a one line proof...if we start sufficiently far to the left. -- Cambridge University Math Department - Random signature generator 3.0 by Paul TBBle Hampson = - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Wireless
On Wednesday 10 September 2003 21:12, Alan DeKok wrote: Rio Martin [EMAIL PROTECTED] wrote; http://www.freeradius.org/doc/ ? There are a number of such documents. Please check the website, URL broken. Nonsense. That URL exists. Further, all of the wireless documents it points to exist. Yesterday morning, the url redirected to us.freeradius.org/doc if i am not mistake. But its okay now, i check again today, and the page displayed correctly. Regards, Rio Martin. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
RE: 0.9.1, gethostbyname_r again
From: Alex Kasatkin
Sent: Thursday, 11 September 2003 12:43 AM
Paul Hampson [EMAIL PROTECTED] wrote:
From: Alex Kasatkin
Sent: Thursday, 11 September 2003 12:16 AM
Paul Hampson [EMAIL PROTECTED] wrote:
What's c_r? Is that where the ghostby{addr,name}_r stuff lives? I guess that
could be detected as
a required library for the gethostby{addr,name}_r function-using modules
(hopefully just libradius)
AFAIR it's threaded c library.
If you run
CFLAGS=-lc_r ./configure {etc}
what types get detected for gethostby{addr,name}_r? It _might_ be worth having
an extra check for that once we know what style is in the library.
dev:~/freeradius-0.9.1# setenv CFLAGS -lc_r ; ./configure ... blablabla.
checking whether the C compiler (gcc -lc_r -pthread -D_THREAD_SAFE -Wall
-D_GNU_SOURCE -DNDEBUG ) works... yes
checking whether the C compiler (gcc -lc_r -pthread -D_THREAD_SAFE -Wall
-D_GNU_SOURCE -DNDEBUG ) is a cross-compiler... no
...
checking gethostbyaddr_r() syntax... GNU-style
checking gethostbyname_r() syntax... configure: warning: ** BSD Style
gethostbyname might NOT be thread-safe! **
BSD-style
OK, a little bit of reading:
http://unix.derkeiler.com/Mailing-Lists/FreeBSD/hackers/2003-06/0632.html
http://bugzilla.mozilla.org/show_bug.cgi?id=70213#c36
suggests that FreeBSD doesn't have the _r-style functions, and that the
gethostbyname_r being
detected is not in fact thread-safe, and pending removal.
So for the moment, I guess, this is not solved. The best bet currently is to force
FreeBSD to
use the BSD-style functions for both. Or wait for a new 4.x release w/out the
gethostby{addr,name}_r defines.
(Wider thinking/reading follows. Immediate results are unchanged from above... :-)
The FreeBSD manpage for the new way, getipnodeby{addr,name}
http://www.freebsd.org/cgi/man.cgi?query=getipnodebynameapropos=0sektion=0manpath=FreeBSD+4.8-RELEASEformat=html
notes that
hptr = gethostbyname(name);
can be replaced by
hptr = getipnodebyname(name, AF_INET6, AI_DEFAULT, error_num);
with requisite freehostent call.
But getipnodebyname is mentioned as being not thread-safe...
Linux doesn't have 'em either...
Aha! More reading, and apparently getnameinfo and getaddrinfo are the new new way to
go:
http://www.freebsd.org/cgi/man.cgi?query=getaddrinfoapropos=0sektion=0manpath=FreeBSD+4.8-RELEASEformat=html
http://www.freebsd.org/cgi/man.cgi?query=getnameinfoapropos=0sektion=0manpath=FreeBSD+4.8-RELEASEformat=html
And of course, under FreeBSD, getaddrinfo and getnameinfo aren't thread safe. ;-)
Maybe FreeBSD == --without-threads should be added to a FreeRADIUS FAQ?
So configure tests could check for _these_ by preference to the gethostby* and then
the two functions which wrap them for the rest of the server (in src/lib/misc.c) can
get
extra #define'd paths for them.
Well, maybe not by preference?... _I_ think they're preferable, 'cause it'll ease us
eventually
supporting IPv6 in the server (as opposed to IPv6 support in RADIUS, which I _think_
we have?)
Note: getnameinfo ~= gethostbyaddr, getaddrinfo ~= gethostbyname!
However, since they're not threadsafe under FreeBSD, and no-one else's detection is
barfing
AFAIK, this isn't really urgent.
Hopefully this whole ugly mess will soon be behind us. 'cause that's certainly where
the pain is in.
Volunteers? ;-)
--
=
Paul TBBle Hampson
Bubblesworth Pty Ltd (ABN: 51 095 284 361)
[EMAIL PROTECTED]
This is a one line proof...if we start
sufficiently far to the left.
-- Cambridge University Math Department
-
Random signature generator 3.0 by Paul TBBle Hampson
=
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Calling-Station-Id
Sorry, I'm using MySQL authentication. Could you wright the syntax for it. Thanks in advance. - Original Message - From: Alan DeKok [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, September 10, 2003 7:28 AM Subject: Re: Calling-Station-Id Eric [EMAIL PROTECTED] wrote: I need to authenticate users by Calling-Station-Id. Pass users who uses phone number, which begins at 69 DEFAULT Calling-Station-ID =~ ^69, Auth-Type := Accept Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Freeradius + mysql + minicom Test
Hi list, sorry for my poor english (im Brasilian), well, i'm starting at freeradius and mysql, i've installed freeradius + mysql following the www.frontios.com/freeradius.html howto, seems all ok, localy with radtest radius returns a message of OK using the table in mysql, but i want to test the authentication and logging (radacct) with mysql. Well, i heard that this test can be done with minicom + portslave localy, without the necessity of a modem installed, it true? if .. someone that already have passed of this it could help me? thanks! and sorry again... - Reinaldo Andrade Campo Grande - MS - Brasil
