I just installed Freeradius 1.1.2 to see how the Digest-HA1 modifications work and i was unable get it to work when using a sql/mysql storage backend. Manually defining the user/attribute in the "users" file works
I had a look at the wiki on the freeradius site however it doesn't mention anything regarding a SQL backend, am i missing somthing? Output from radiusd -X: rad_recv: Access-Request packet from host 127.0.0.1:32923, id=186, length=258 User-Name = "[EMAIL PROTECTED]" Digest-Attributes = 0x0a0e323030313130303035333339 Digest-Attributes = 0x010e68712e67616c6e65742e6361 Digest-Attributes = 0x022a34343930393537353134653736633735626235613463353361636163373161393264323365623339 Digest-Attributes = 0x04177369703a737062332e68712e67616c6e65742e6361 Digest-Attributes = 0x030a5245474953544552 Digest-Attributes = 0x050661757468 Digest-Attributes = 0x090a3030303030303031 Digest-Attributes = 0x080a3764626539636533 Digest-Response = "054d7dc7b2d6d969bcd60c5000d1bf3c" Service-Type = IAPP-Register Sip-Uri-User = "200110005339" NAS-Port = 5060 NAS-IP-Address = 127.0.0.1 Processing the authorize section of radiusd.conf modcall: entering group authorize for request 37 modcall[authorize]: module "preprocess" returns ok for request 37 rlm_realm: Looking up realm "hq.galnet.ca" for User-Name = "[EMAIL PROTECTED]" rlm_realm: Found realm "DEFAULT" rlm_realm: Adding Stripped-User-Name = "200110005339" rlm_realm: Proxying request from user 200110005339 to realm DEFAULT rlm_realm: Adding Realm = "DEFAULT" rlm_realm: Authentication realm is LOCAL. modcall[authorize]: module "DEFAULT" returns noop for request 37 rlm_digest: Adding Auth-Type = DIGEST modcall[authorize]: module "digest" returns ok for request 37 radius_xlat: '200110005339' rlm_sql (sql): sql_set_user escaped user --> '200110005339' radius_xlat: 'SELECT id,UserName,Attribute,Value,op FROM radius_check WHERE Username = '200110005339' ORDER BY id' rlm_sql (sql): Reserving sql socket id: 2 radius_xlat: '' radius_xlat: 'SELECT id,UserName,Attribute,CONCAT(IFNULL(SubAttribute,''), IFNULL(Value, '')) AS Value,op FROM radius_reply WHERE Username = '200110005339' ORDER BY id' radius_xlat: '' rlm_sql (sql): Released sql socket id: 2 rlm_sql (sql): No matching entry in the database for request from user [200110005339] modcall[authorize]: module "sql" returns notfound for request 37 users: Matched entry DEFAULT at line 11 modcall[authorize]: module "files" returns ok for request 37 modcall: leaving group authorize (returns ok) for request 37 rad_check_password: Found Auth-Type Digest auth: type "digest" Processing the authenticate section of radiusd.conf modcall: entering group authenticate for request 37 rlm_digest: Configuration item "User-Password" or Digest-HA1 is required for authentication. modcall[authenticate]: module "digest" returns invalid for request 37 modcall: leaving group authenticate (returns invalid) for request 37 auth: Failed to validate the user. Sending Access-Reject of id 186 to 127.0.0.1 port 32923 Finished request 37 MySQL output when manually executing the queries defined above: mysql> SELECT id,UserName,Attribute,Value,op FROM radius_check WHERE Username = '200110005339' ORDER BY id; +----+--------------+--------------+----------------------------------+----+ | id | UserName | Attribute | Value | op | +----+--------------+--------------+----------------------------------+----+ | 17 | 200110005339 | Digest-HA1 | e5282fc6665a69aed77b7d0a42d8f544 | = | +----+--------------+--------------+----------------------------------+----+ 1 row in set (0.00 sec) mysql> SELECT id,UserName,Attribute,CONCAT(IFNULL(SubAttribute,''), IFNULL(Value, '')) AS Value,op FROM radius_reply WHERE Username = '200110005339' ORDER BY id -> ; +----+--------------+-----------+------------+----+ | id | UserName | Attribute | Value | op | +----+--------------+-----------+------------+----+ | 24 | 200110005339 | SIP-AVP | is_local#1 | += | +----+--------------+-----------+------------+----+ 1 row in set (0.00 sec) Database Schemas(MySQL 5.0.22): CREATE TABLE `radius_check` ( `id` int(11) unsigned NOT NULL auto_increment, `UserName` varchar(64) NOT NULL default '', `Attribute` varchar(32) NOT NULL default '', `op` char(2) NOT NULL default '==', `Value` varchar(253) NOT NULL default '', PRIMARY KEY (`id`), KEY `UserName` (`UserName`(32)) ) ENGINE=MyISAM DEFAULT CHARSET=latin1 CREATE TABLE `radius_reply` ( `id` int(11) unsigned NOT NULL auto_increment, `UserName` varchar(64) NOT NULL default '', `Attribute` varchar(32) NOT NULL default '', `SubAttribute` varchar(64) default NULL, `op` char(2) NOT NULL default '=', `Value` varchar(253) NOT NULL default '', PRIMARY KEY (`id`), KEY `UserName` USING BTREE (`UserName`(32),`SubAttribute`(32)) ) ENGINE=MyISAM DEFAULT CHARSET=latin1 - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html