Thanks to all. Problem solved. In file:
/etc/freeradius/sql/mysql/dialup.conf Uncomment string "safe-characters" and add to them {} So, now it looks like:safe-characters = "{}@abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_: /"
Again, thanks! 19.11.2012 15:04, Dmitry Korzhevin пишет:
I have users in database radius, table radcheck: 1. 19A7A770-CC08-B769-1894-6ED795DA2DB70 Cleartext-Password := pass 2. {19A7A770-CC08-B769-1894-6ED795DA2DB70} Cleartext-Password := pass 3. \{19A7A770-CC08-B769-1894-6ED795DA2DB70\} Cleartext-Password := pass When i try test connection with radtest: radtest "19A7A770-CC08-B769-1894-6ED795DA2DB70" "pass" RADIUS_SERVER_IP 0 psk Sending Access-Request of id 73 to IP port 1812 User-Name = "19A7A770-CC08-B769-1894-6ED795DA2DB70" User-Password = "pass" NAS-IP-Address = IP NAS-Port = 0 rad_recv: Access-Accept packet from host IP port 1812, id=73, length=20 So, auth without any problems for user (1). But, when i try to test with user, which login use "{}" characters (2) - it fails: radtest "{19A7A770-CC08-B769-1894-6ED795DA2DB70}" "pass" IP 0 psk Sending Access-Request of id 112 to IP port 1812 User-Name = "{19A7A770-CC08-B769-1894-6ED795DA2DB70}" User-Password = "pass" NAS-IP-Address = IP NAS-Port = 0 rad_recv: Access-Reject packet from host IP port 1812, id=112, length=20 On freeradius server side (with freeradius -X) i see: ------ [sql] expand: %{User-Name} -> {19A7A770-CC08-B769-1894-6ED795DA2DB70} [sql] sql_set_user escaped user --> '{19A7A770-CC08-B769-1894-6ED795DA2DB70}' rlm_sql (sql): Reserving sql socket id: 2 [sql] expand: SELECT id, username, attribute, value, op FROM radcheck WHERE username = '%{SQL-User-Name}' ORDER BY id -> SELECT id, username, attribute, value, op FROM radcheck WHERE username = '=7B19A7A770-CC08-B769-1894-6ED795DA2DB70=7D' ORDER BY id rlm_sql_mysql: query: SELECT id, username, attribute, value, op FROM radcheck WHERE username = '=7B19A7A770-CC08-B769-1894-6ED795DA2DB70=7D' ORDER BY id [sql] expand: SELECT groupname FROM radusergroup WHERE username = '%{SQL-User-Name}' ORDER BY priority -> SELECT groupname FROM radusergroup WHERE username = '=7B19A7A770-CC08-B769-1894-6ED795DA2DB70=7D' ORDER BY priority rlm_sql_mysql: query: SELECT groupname FROM radusergroup WHERE username = '=7B19A7A770-CC08-B769-1894-6ED795DA2DB70=7D' ORDER BY priority rlm_sql (sql): Released sql socket id: 2 [sql] User {19A7A770-CC08-B769-1894-6ED795DA2DB70} not found ++[sql] returns notfound ---------------- Why freeradius trying to search '=7B19A7A770-CC08-B769-1894-6ED795DA2DB70=7D' instead of correct username: '{19A7A770-CC08-B769-1894-6ED795DA2DB70}' ? 16.11.2012 17:58, Alan DeKok пишет:Dmitry Korzhevin wrote:Guys, does anybody know something about maximum username length and user password lengt?The RFCs say 253 octets for user name, and 128 for password.I try to use next login passwords without success (checked with radtest): http://dpaste.com/832115/Which is (a) pretty much self-evident. And (b) not following the daily instructions to post the full debug log. What does "User 19A7A770-CC08-B769-1894-6ED795DA2DB7 not found" mean to you? Have you tried running the SQL qeuries manually? That's why they're printed out. So you can USE THEM to DEBUG THE PROBLEM. Alan DeKok.Best Regards, Dmitry --- Dmitry KORZHEVIN System Administrator STIDIA S.A. - Luxembourg e: dmitry.korzhe...@stidia.com m: +38 093 874 5453 w: http://www.stidia.com - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Best Regards, Dmitry --- Dmitry KORZHEVIN System Administrator STIDIA S.A. - Luxembourg e: dmitry.korzhe...@stidia.com m: +38 093 874 5453 w: http://www.stidia.com
smime.p7s
Description: ÐÑипÑогÑаÑиÑеÑÐºÐ°Ñ Ð¿Ð¾Ð´Ð¿Ð¸ÑÑ S/MIME
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html