problem with rlm_perl

sameer khan khanzadap at hotmail.com
Tue Nov 23 22:31:06 CET 2010 

hey ppl

i m trying to authenticate with rlm_perl using chap with following perl script but doesn't seem to work. i m guessing chap-password should be in hex (0x) format but doesn't seem to be in. hope some one can help me out
Best Regards
my $want_password="123";my $given_password;my $given_chap_challenge;
$given_password=$RAD_REQUEST{'CHAP-Password'};$given_chap_challenge=$RAD_REQUEST{'CHAP-Challenge'};

$given_password =~ s/^0x//;$given_chap_challenge =~ s/^0x//;my $chap_password = pack("H*", $given_password);my $chap_challenge = pack("H*", $given_chap_challenge);my $md5 = new Digest::MD5;
$md5->reset;$md5->add(substr($chap_password, 0, 1));$md5->add($want_password);$md5->add($chap_challenge);
my $digest = $md5->digest();my $subby = substr($chap_password,1);my $subby2 = substr($chap_password,0,1);if ($digest ne substr($chap_password, 1)) {#return 0; #Bad pass returning 0
$RAD_REPLY{'Reply-Message'} = "Denied access for  invalid password";}
}else {#return 1; # Pass is OK Returning 1
return RLM_MODULE_OK;}
rlm_perl: Added pair User-Name = support-5rlm_perl: Added pair CHAP-Password = \010\235\243\232\006h\376\024\374㢵Ê?\021_\372rlm_perl: Added pair CHAP-Challenge = \220?\251\314\033\2067g\204z'Ú?\201X3rlm_perl: Added pair NAS-IP-Address = 221.132.115.82rlm_perl: Added pair NAS-Port = 1812rlm_perl: Added pair Reply-Message = Denied access for  invalid  passwordrlm_perl: Added pair Auth-Type = Perl++[perl] returns rejectFailed to authenticate the user.Login incorrect: [support-5/<CHAP-Password>] (from client localhost port 1812)Using Post-Auth-Type Reject# Executing group from file /etc/freeradius/sites-enabled/default+- entering group REJECT {...}[attr_filter.access_reject]     expand: %{User-Name} -> support-5 attr_filter: Matched entry DEFAULT at line 11++[attr_filter.access_reject] returns updatedDelaying reject of request 0 for 1 secondsGoing to the next requestWaking up in 0.9 seconds.Sending delayed reject for request 0Sending Access-Reject of id 8 to 127.0.0.1 port 49716
 		 	   		  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20101123/6f518386/attachment.html>

More information about the Freeradius-Users mailing list