freeradius, rlm_sql and tagged attributes

Wed, 04 Aug 2010 07:03:37 -0700 

I need to reply to NAS with same attributes with different tags.
All works ok when i'm using users file. But when i'm migrating to rlm_sql, only first instance of attribute goes in reply: 


mysql> SELECT id, groupname, attribute, value, op FROM radgroupreply 
WHERE groupname = 'test' ORDER BY id;

+----+-----------+-----------------------+-----------------+----+
| id | groupname | attribute             | value           | op |
+----+-----------+-----------------------+-----------------+----+
|  6 | test      | Framed-IP-Address     | 255.255.255.254 | =  |
|  7 | test      | Service-Type          | Framed-User     | =  |
|  8 | test      | Acct-Interim-Interval | 1800            | =  |
|  9 | test      | PPPD-Pool-Number      | ippool          | =  |
| 16 | test      | Ip-Address-Pool-Name  | ippool          | =  |
| 19 | test      | Service-Name:1        | GUEST           | =  |
| 20 | test      | Service-Name:2        | INET            | =  |
| 21 | test      | Service-Options:1     | 0               | =  |
| 22 | test      | Service-Options:2     | 1               | =  |
| 28 | test      | Context-Name          | Internet        | =  |
+----+-----------+-----------------------+-----------------+----+
10 rows in set (0.01 sec)


rad_recv: Access-Request packet from host 127.0.0.1 port 11113, id=248, 
length=252

        User-Name = "t...@test"
        CHAP-Password = 0x01f304695c088000b6a248776d9ec67084
        CHAP-Challenge = 0xc581f30d3a2736d1a039596397c627fd
        Service-Type = Framed-User
        Framed-Protocol = PPP
        NAS-Identifier = "Redback"
        NAS-Port = 33619968
        NAS-Real-Port = 553652128
        NAS-Port-Type = Virtual
        NAS-Port-Id = "2/1 vlan-id 4000 pppoe 6"
        Medium-Type = 11
        Mac-Address = "00-0c-29-bd-8b-a1"
        Platform-Type = 3
        OS-Version = "6.2.1.2"
        Acct-Session-Id = "0100FFFF680000BE-4C596DEB"
        NAS-IP-Address = 172.26.201.21
        Proxy-State = 0x3632
server guest {
+- entering group authorize
++[preprocess] returns ok
  rlm_chap: Setting 'Auth-Type := CHAP'
++[chap] returns ok
    users: Matched entry DEFAULT at line 163
++[files] returns ok
        expand: %{User-Name} -> t...@test
rlm_sql (sql): sql_set_user escaped user --> 't...@test'
rlm_sql (sql): Reserving sql socket id: 65

        expand: SELECT id, username, attribute, value, op 
FROM radcheck           WHERE username = '%{SQL-User-Name}' 
ORDER BY id -> SELECT id, username, attribute, value, op           FROM 
radcheck           WHERE username = 't...@test'           ORDER BY id

rlm_sql (sql): User found in radcheck table

        expand: SELECT id, username, attribute, value, op 
FROM radreply           WHERE username = '%{SQL-User-Name}' 
ORDER BY id -> SELECT id, username, attribute, value, op           FROM 
radreply           WHERE username = 't...@test'           ORDER BY id
        expand: SELECT groupname           FROM radusergroup 
WHERE username = '%{SQL-User-Name}'           ORDER BY priority -> 
SELECT groupname           FROM radusergroup           WHERE username = 
't...@test'           ORDER BY priority
        expand: SELECT id, groupname, attribute,           Value, op 
        FROM radgroupcheck           WHERE groupname = '%{Sql-Group}' 
         ORDER BY id -> SELECT id, groupname, attribute, 
Value, op           FROM radgroupcheck           WHERE groupname = 
'test'           ORDER BY id

rlm_sql (sql): User found in group test

        expand: SELECT id, groupname, attribute,           value, op 
        FROM radgroupreply           WHERE groupname = '%{Sql-Group}' 
         ORDER BY id -> SELECT id, groupname, attribute, 
value, op           FROM radgroupreply           WHERE groupname = 
'test'           ORDER BY id

rlm_sql (sql): Released sql socket id: 65
++[sql] returns ok
  rad_check_password:  Found Auth-Type CHAP
auth: type "CHAP"
+- entering group CHAP
  rlm_chap: login attempt by "t...@test" with CHAP password

  rlm_chap: Using clear text password "ilser56" for user t...@test 
authentication.

  rlm_chap: chap user t...@test authenticated succesfully
++[chap] returns ok
Login OK: [t...@test/<CHAP-Password>] (from client localhost port 33619968)
} # server guest
Sending Access-Accept of id 248 to 127.0.0.1 port 11113
        Framed-Protocol = PPP
        Session-Timeout = 172800
        Framed-IP-Address = 255.255.255.254
        Framed-Compression = Van-Jacobson-TCP-IP
        Service-Type = Framed-User
        Acct-Interim-Interval = 1800
        PPPD-Pool-Number = "ippool"
        Ip-Address-Pool-Name = "ippool"
        Service-Name:1 = "GUEST"
        Service-Options:1 = 0
        Context-Name = "Internet"
        Proxy-State = 0x3632
Finished request 374.


--
С уважением, Евгений Кожуховский
Руководитель группы сервисных платформ
УИТ ЦИТС МГТС РУП Белтелеком
+375-29-3998175
+375-29-7561625
+375-17-3060026


-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html





















					Reply via email to