Looking to pay for customization
Alexander Clouter
alex at digriz.org.uk
Tue Apr 14 20:17:48 CEST 2009
Alan DeKok <aland at deployingradius.com> wrote:
> Gabriel Blanchard wrote:
>> You should be able to achieve this with unlang without any source
>> modification if I understand what you are looking for
>
> Unfortunately, no.
>
> The signature for packets is checked *before* any modules are
> executed. And checking the signature requires the shared secret. And,
> unlike 1.x, the shared secret is *not* copied into the REQUEST
> structure. So it can't be re-written dynamically.
>
> It requires some additional work to do this...
>
Probably better to write a mini-proxy server infront of FreeRADIUS just
to do all the shared-secret malarkey and then pass back to
FreeRADIUS afterwards[1].
The following Perl module looks like it can do all the hard work:
http://search.cpan.org/~tpg/Net-Radius-PacketOrdered-1.54/lib/Net/Radius/PacketOrdered.pm
This is how I would do it, but my rate is a tad higher than $20/hour :)
Good Luck
Cheers
[1] FreeRADIUS can then do the interesting stuff
--
Alexander Clouter
.sigmonster says: Would that my hand were as swift as my tongue.
-- Alfieri
More information about the Freeradius-Devel
mailing list