(RADIATOR) AuthBy URL - not getting password in clear text

Mon Feb 9 05:27:59 CST 2004

Hi,

I've searched through the mailing lists, google and the source code by hand. Still having problems getting the password through in clear text.

I'm using NTRadPing as the radius client, using pap (tried chap as well). (NTRadPing works perfectly fine under freeradius, so I know the client isn't the problem).

Have setup a simple webpage which simply logs to a text file so I can see what's being passed.

Here is an output I've what data I've collected from the sample webpage.

<snip>
u=simon&c=q%DA%8B%E4%7C%EC%1C$%0E%0Em)f%DE%A4%8B
u=simon&c=H%a%06%8A'W%B6%20%87nj%A7%92%91
u=simon&c=%FC%AF%B3%C3%B0dg%80%14c%DB%BE3h~(
u=simon&c=Y%CC%A2z9%C0%E2%1E%93%DD%D0g%8CW%85
u=simon&c=rG%EF%D6]%7F%EA%90%0A,7[%07%D4%C6%C7
u=simon&c=%E3?%AB%B0%83%D2x%C5%20%DC%CC%CCl%8E%DD.
**u=simon&c=%B4Q%1A%92%99%F0%D9F%FB'.%1C1%B1N%12
**u=simon&c=)%B69Q%E3%D2d%0CT%C8%B9;%E2G%D5%11
</snip>

My radius.cfg contains:

<snip>
<Client DEFAULT>
	Secret	mysecret
	DupInterval 0
</Client>
<AuthBy URL>
    Identifier AURL
    Debug 1
    #AuthUrl http://localhost/radius/test_url.cgi
    AuthUrl http://localhost/radius/index.asp
    Timeout 5
    UserParam u
    PasswordParam c
    UrlMethod GET
    BadPasswordKeyword "wrong pass"
    BadUserKeyword "wrong user"
    AuthOKKeyword "all ok"
    PasswordEncryption Clear
</AuthBy>
<Handler>
	RewriteUsername	s/^([^@]+).*/$1/
	RejectHasReason
	PasswordLogFileName %L\password.log
	AuthBy AURL
</Handler>
</snip>

The password.log file contains:

<snip>
Fri Feb  6 16:38:14 2004:1076085494:simon:YÌ¢z9Àâ
“ÝÐgŒW…:URL:PASS
Fri Feb  6 16:49:45 2004:1076086185:simon:rGïÖ]ê,7[
ÔÆÇ:URL:PASS
Mon Feb  9 10:46:07 2004:1076323567:simon:ã?«°ƒÒxÅ ÜÌÌlŽÝ.:URL:PASS
Mon Feb  9 11:07:49 2004:1076324869:simon:´Q’™ðÙFû'.
1±N:URL:PASS
Mon Feb  9 11:08:12 2004:1076324892:simon:)¶9QãÒdTÈ¹;âGÕ:URL:PASS
</snip>

I've also tried modifying the AuthURL.pm module by changing as suggested from the mailing list archives:

<snip>
#my $pass = $p->decodedPassword();
my $pass = &Radius::Util::format_special('%P', $p);
</snip>

Also the radiusd debug output comes through as:

<snip>
User-Name = "simon"
User-Password = "{<237><192><250><227><219>;<156><234>p_<240>G<3><15>r"
</snip>

Any thoughts? Any suggestions?

Am I missing something simple?

TIA

Simon

===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.