"JUND, Aurélien" <aurelien.jund@sfr.com> writes:
example.pl:
sub authorize { if ($RAD_REQUEST{'Service-Type'} = "Framed-User"){
This isn't a perl boolean expression...
$RAD_CHECK{'Cleartext-Password'} = "11111"; $RAD_REPLY{'Callback-Number'} = "Number";
return RLM_MODULE_OK }
But it will always be true, so these should be evaluated anyway. However, I don't see you defining RLM_MODULE_OK anywhere which means that we either don't see the complet script or that the script will fail. Please see the example.pl script in freeradius. Adding items to these lists *does* work. Example: This script: use constant RLM_MODULE_REJECT=> 0;# /* immediately reject the request */ use constant RLM_MODULE_FAIL=> 1;# /* module failed, don't reply */ use constant RLM_MODULE_OK=> 2;# /* the module is OK, continue */ use constant RLM_MODULE_HANDLED=> 3;# /* the module handled the request, so stop. */ use constant RLM_MODULE_INVALID=> 4;# /* the module considers the request invalid. */ use constant RLM_MODULE_USERLOCK=> 5;# /* reject the request (user is locked out) */ use constant RLM_MODULE_NOTFOUND=> 6;# /* user not found */ use constant RLM_MODULE_NOOP=> 7;# /* module succeeded without doing anything */ use constant RLM_MODULE_UPDATED=> 8;# /* OK (pairs modified) */ use constant RLM_MODULE_NUMCODES=> 9;# /* How many return codes there are */ sub authorize { print "Here\n"; $RAD_CHECK{'Cleartext-Password'} = "foo"; return RLM_MODULE_UPDATED; } results in: Ready to process requests. rad_recv: Access-Request packet from host 127.0.0.1 port 55297, id=90, length=44 User-Name = "test" User-Password = "foo" +- entering group authorize {...} ++[preprocess] returns ok ++[chap] returns noop ++[mschap] returns noop [suffix] No '@' in User-Name = "test", looking up realm NULL [suffix] No such realm "NULL" ++[suffix] returns noop [eap] No EAP-Message, not doing EAP ++[eap] returns noop ++[unix] returns notfound ++[files] returns noop ++[expiration] returns noop ++[logintime] returns noop GOT CLONE 1554668288 0x267ae10 Here rlm_perl: Added pair User-Name = test rlm_perl: Added pair User-Password = foo rlm_perl: Added pair NAS-IP-Address = 127.0.0.1 rlm_perl: Added pair Cleartext-Password = foo ++[perl] returns updated ++[pap] returns updated Found Auth-Type = PAP +- entering group PAP {...} [pap] login attempt with password "foo" [pap] Using clear text password "foo" [pap] User authenticated successfully ++[pap] returns ok +- entering group post-auth {...} ++[exec] returns noop Sending Access-Accept of id 90 to 127.0.0.1 port 55297 Finished request 0. Going to the next request Waking up in 4.9 seconds. Cleaning up request 0 ID 90 with timestamp +4 Ready to process requests. Do also note that you can add print's while debugging the script. This is very useful when trying to figure out what happens while the server run the script. Bjørn