Re: [RadiusNT] Encryption doesnot work

S.Tumurbaatar ( (no email) )
Fri, 20 Aug 1999 11:32:55 +0800

Ok, below is RadiusNt debug mode output without any modification.
My SubAccount table has record for login "test4" and password as
"pseqh5XB2ZCz6" (hash of "tttt"). I used "radlogin test4 tttt" and
after reject "radlogin test4 pseqh5XB2ZCz6". The last auth was accepted.
PS: Command line options is "-x255 -E" and registry settings put below in
format
as RadiusNt displayed:
0) IgnoreCase: 3
1) TrimName: 1
2) AuthPort: 1645
3) ReqAcctAuth: 1
4) AllowMalformed: 0
5) AcctPort: 1646
6) Mode: 1
7) Proxy: 0
8) Options: 5391
9) SNMP: 0
10) Debug: 15
11) LogFile:
12) AcctLogFile:
13) ODBCDatasource: RadDb
14) Username: ttt
15) Password: rad
16) AcctODBCDatasource:
17) AcctUsername:
18) AcctPassword:
19) TestDatabaseSecs:
20) DataDirectory: c:\
21) AcctDirectory: c:\
22) UsersFile: Users
23) CompanyName:
24) License:
25) IPAddress: All
26) EncryptPasswords: 1

// RadiusNt session

radrecv: Request from host 7f000001 code=1, id=164, length=57
NAS-Identifier = 127.0.0.1
NAS-Port = 0
User-Name = "test4"
Password = "0\373\343\247<\311\024\304\301ZRe\242\261\267\337"
rad_authenticate_ODBC()

SQL Statement: Select DateDiff('n', Now, DateAdd('d', ma.Extension+1,
maExpireD
ate)), DateDiff('n', Now, DateAdd('d', ma.Extension+1, maExpireDate)),
sa.Accoun
tID, sa.AccountType, sa.Password, sa.Login, sa.Shell, sa.TimeLeft,
ma.Balance, m
a.OverLimit From MasterAccounts ma, SubAccounts sa Where sa.Login='test4'
AND
ma.CustomerID=sa.CustomerID and sa.Active<>0 and ma.Active<>0

Decrypted Password: tttt
Database Password: pseqh5XB2ZCz6
Sending Reject of id 164 to 7f000001 (localhost)

SQL Statement: INSERT INTO RadLogs(RadLogMsgID, LogDate, Username, Data,
Caller
ID) VALUES (11, Now, 'test4', 'tttt', NULL)

User: test4 Bad Password
Resp Time: 2594 Auth: 0/1 -> 1 Acct: 0/0/0 -> 0

radrecv: Request from host 7f000001 code=1, id=108, length=57
NAS-Identifier = 127.0.0.1
NAS-Port = 0
User-Name = "test4"
Password = "\006\026\027\211\004\274 \031jZ2\370\023\322\327\366"
rad_authenticate_ODBC()

SQL Statement: Select DateDiff('n', Now, DateAdd('d', ma.Extension+1,
maExpireD
ate)), DateDiff('n', Now, DateAdd('d', ma.Extension+1, maExpireDate)),
sa.Accoun
tID, sa.AccountType, sa.Password, sa.Login, sa.Shell, sa.TimeLeft,
ma.Balance, m
a.OverLimit From MasterAccounts ma, SubAccounts sa Where sa.Login='test4'
AND
ma.CustomerID=sa.CustomerID and sa.Active<>0 and ma.Active<>0

Checking for duplicate logins.

SQL Statement: Select Count(Username) From ServerPorts Where
Username='test4' a
nd AcctStatusType=1

test4 found on-line 0 time(s).
Checking for port access.

SQL Statement: Select MaxSessionLength, StartTime, StopTime, (DatePart('h',
Now
) * 60) + DatePart('n', Now) From Servers s, ServerAccess sa Where
s.ServerID =
sa.ServerID AND s.IPAddress = '127.0.0.1' AND (sa.Port=0 or sa.Port=NULL)
AND sa
..AccountType = 'PPP'

Checking for DNIS access.
No DNIS attribute to check

SQL Statement: Select ra.RadAttributeID, Name, Data, Value, Type,
rc.RadVendorI
D, rc.RadVendorType, rc.RadCheck From RadConfigs rc, RadAttributes ra Where
ra.R
adAttributeID=rc.RadAttributeID AND rc.AccountID=35

SQL Statement: Select ra.RadAttributeID, Name, Data, Value, Type,
rc.RadVendorI
D, rc.RadVendorType, rc.RadCheck From RadATConfigs rc, RadAttributes ra
Where ra
..RadAttributeID=rc.RadAttributeID AND rc.AccountType='PPP'

Sending Ack of id 108 to 7f000001 (localhost)
User-Service = Framed-User
Framed-Protocol = PPP
Session-Timeout = 600

SQL Statement: Select FileName, Parameters, Directory, Type from
RadTriggers Wh
ere AccountID=35

Resp Time: 1513 Auth: 1/1 -> 2 Acct: 0/0/0 -> 0

For more information about this list (including removal) go to:
http://www.iea-software.com/support/maillists/liststart