Radius with mysql issue
Hi All, Need help a bit, I've several freeradius (2.x) servers with mysql as backend running for several services. Lately I noticed there is 1 of the radius who will accept any password so long the user account is exist in radcheck. Still trying to trace where the problem is, and would appreciate if someone can share with me is any. Cheers, CK -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Radius with mysql issue
On 2 Sep 2011, at 10:29, cktan wrote: Hi All, Need help a bit, I've several freeradius (2.x) servers with mysql as backend running for several services. Lately I noticed there is 1 of the radius who will accept any password so long the user account is exist in radcheck. Still trying to trace where the problem is, and would appreciate if someone can share with me is any. Ok, so what type of authentication are you doing? Can you post the debug log and org virtual server config... -Arran Arran Cudbard-Bell a.cudba...@freeradius.org RADIUS - Half the complexity of Diameter - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Radius with mysql issue
OK, I think I know what is the problem d, I noticed the operator of User-Password is set to :=, when I changed it to ==, it work fine and wrong password would be rejected. Can someone confirm this? Regards CK On 09/02/2011 04:29 PM, cktan wrote: Hi All, Need help a bit, I've several freeradius (2.x) servers with mysql as backend running for several services. Lately I noticed there is 1 of the radius who will accept any password so long the user account is exist in radcheck. Still trying to trace where the problem is, and would appreciate if someone can share with me is any. Cheers, CK -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Radius with mysql issue
Hi, OK, I think I know what is the problem d, I noticed the operator of User-Password is set to :=, when I changed it to ==, it work fine and wrong password would be rejected. Can someone confirm this? it should be := and in fact it should be Cleartext-Password := (though thats if you are running a reasonably up to date FR version) alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Radius with mysql issue
I've conducted another test at another machine, the result is same, whenever User-Password the OP is :=, the password would not be check. Changed to == then OK.. By the way, my FR is running on 2.1.7-7 CK On 09/02/2011 05:27 PM, Alan Buxey wrote: Hi, OK, I think I know what is the problem d, I noticed the operator of User-Password is set to :=, when I changed it to ==, it work fine and wrong password would be rejected. Can someone confirm this? it should be := and in fact it should be Cleartext-Password := (though thats if you are running a reasonably up to date FR version) alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Radius with mysql issue
Tested on 3rd FR (same 2.1.7-7), both OP (:= ==) work fine. would it be my configuration error? Hereby confirmed op == is working fine but not for :=. Any different to use := or ==? CK On 09/02/2011 05:36 PM, cktan wrote: I've conducted another test at another machine, the result is same, whenever User-Password the OP is :=, the password would not be check. Changed to == then OK.. By the way, my FR is running on 2.1.7-7 CK On 09/02/2011 05:27 PM, Alan Buxey wrote: Hi, OK, I think I know what is the problem d, I noticed the operator of User-Password is set to :=, when I changed it to ==, it work fine and wrong password would be rejected. Can someone confirm this? it should be := and in fact it should be Cleartext-Password := (though thats if you are running a reasonably up to date FR version) alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Radius with mysql issue
Hi, I've conducted another test at another machine, the result is same, whenever User-Password the OP is :=, the password would not be check. Changed to == then OK.. By the way, my FR is running on 2.1.7-7 well, thats wrong - and do you have fail-through = yes ? if so, then it'll fall through if things are wrong alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Radius with mysql issue
On 2 Sep 2011, at 11:36, cktan wrote: I've conducted another test at another machine, the result is same, whenever User-Password the OP is :=, the password would not be check. Changed to == then OK.. By the way, my FR is running on 2.1.7-7 If you want an answer it helps to actually listen to responses from list members... -Arran Arran Cudbard-Bell a.cudba...@freeradius.org RADIUS - Half the complexity of Diameter - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
Re: Radius with mysql issue
You broke the server... somehow... On 9/2/2011 11:36 AM, cktan wrote: I've conducted another test at another machine, the result is same, whenever User-Password the OP is :=, the password would not be check. Changed to == then OK.. By the way, my FR is running on 2.1.7-7 CK On 09/02/2011 05:27 PM, Alan Buxey wrote: Hi, OK, I think I know what is the problem d, I noticed the operator of User-Password is set to :=, when I changed it to ==, it work fine and wrong password would be rejected. Can someone confirm this? it should be := and in fact it should be Cleartext-Password := (though thats if you are running a reasonably up to date FR version) alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
