ENV variables in external scripts
rsg
ranil.santhish at gmail.com
Wed Apr 9 18:23:45 CEST 2008
Hi,
it's 1.1.7
If this cannot bypass CHAP, will have to do it using the same perl script then.
My next query is when I tried to retrieve the CallerId from a Mysql DB
using the same perl script with,
---------
use Mysql;
:
:
$status = $db->Mysql::query("SELECT IF(EXISTS(SELECT callerid FROM
auth WHERE callerid='$RAD_REQUEST{/'Calling-Station-Id'/}'),'y','n')");
($callerid)=$status->FetchRow();
:
:
---------
it gives no CallerId leading to $status = "n".
Is '$RAD_REQUEST{/'Calling-Station-Id'/}' correct ?
Thanks,
rg
2008/4/9 Ivan Kalik <tnt at kalik.net>:
> What freeradius version? I don't think that you can bypass chap in 1.1.x
> but it can be done in 2.0 with unlang. pap is listed last, so it will be
> bypassed in both versions.
>
>
> Ivan Kalik
> Kalik Informatika ISP
>
>
>
> Dana 9/4/2008, "rsg" <ranil.santhish at gmail.com> piše:
>
>
>
> >Hi,
> >
> >Thanks a lot for the suggestion. I have a few more queries with regard
> >to rlm_perl integration.
> >
> >When this module is used for Calling-Station-Id based auth, would it
> >be independent of whether it is CHAP or PAP.
> >
> >I tried with
> >
> >.../users
> >
> >DEFAULT Auth-Type = perl
> > Fall-Through = 1
> >:
> >:
> >
> >And the rlm_perl for Authentication and Authorization
> >
> >Observations:
> >
> >1) When a "CHAP-Password" is received the perl script used does not
> >authenticate as it calls the CHAP module
> >2) When a "User-Password" is received the user authentication is successful.
> >
> >Here's the test perl script that I've tried with.
> >
> >-------------------
> >use warnings;
> >use vars qw(%RAD_REQUEST %RAD_REPLY %RAD_CHECK);
> >use Data::Dumper;
> >
> >
> >use constant RLM_MODULE_REJECT=> 0;# /* immediately reject the request */
> >use constant RLM_MODULE_FAIL=> 1;# /* module failed, don't reply */
> >use constant RLM_MODULE_OK=> 2;# /* the module is OK, continue */
> >use constant RLM_MODULE_HANDLED=> 3;# /* the module handled the
> >request, so stop. */
> >use constant RLM_MODULE_INVALID=> 4;# /* the module considers
> >the request invalid. */
> >use constant RLM_MODULE_USERLOCK=> 5;# /* reject the request
> >(user is locked out) */
> >use constant RLM_MODULE_NOTFOUND=> 6;# /* user not found */
> >use constant RLM_MODULE_NOOP=> 7;# /* module succeeded
> >without doing anything */
> >use constant RLM_MODULE_UPDATED=> 8;# /* OK (pairs modified) */
> >use constant RLM_MODULE_NUMCODES=> 9;# /* How many return codes
> >there are */
> >
> >
> ># Function to handle authenticate
> >sub authenticate {
> >if ($RAD_REQUEST{'Calling-Station-Id'} eq "4444444444") {
> > $RAD_REPLY{'Reply-Message'} = "OK --------->";
> > return RLM_MODULE_OK;
> > }else {
> > return RLM_MODULE_NOTFOUND;
> > }
> >}
> >
> ># Function to handle authorize
> >sub authorize {
> >
> >if ($RAD_REQUEST{'Calling-Station-Id'} eq "4444444444") {
> >
> > return RLM_MODULE_OK;
> >
> > }else {
> >
> > return RLM_MODULE_FAIL;
> > }
> >}
> >
> >------------------------------------------------------------------
> >
> >Could you advise how could I tackle this issue to bypass CHAP/PAP
> >status when CallerId is allowed ?
> >
> >Thanks,
> >rg
> >
> >
> >
> >
> >On Tue, Apr 8, 2008 at 7:57 PM, Ivan Kalik <tnt at kalik.net> wrote:
> >> >With rlm_perl can external perl scripts be easily used as with
> >> >Exec-Program-Wait ?
> >>
> >> Easier:
> >>
> >> http://wiki.freeradius.org/Rlm_perl
> >>
> >>
> >> Ivan Kalik
> >> Kalik Informatika ISP
> >>
> >>
> >>
> >> -
> >> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/usershtml
>
>
> >>
> >-
> >List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
> >
> >
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
More information about the Freeradius-Users
mailing list