rlm_perl and accounting
George C. Kaplan
gckaplan at ack.berkeley.edu
Wed Aug 23 18:57:15 CEST 2006
Alan DeKok wrote:
>>>I see the patch you're referring to, but after rethinking my question, I
>>>think what I'm really trying to do is rewrite $RAD_REQUEST, not
>>>$RAD_REPLY, and it does not appear that I can alter $RAD_REQUEST in any
>>>way - either change or add.
>
> Hmm... looking into it in a little more detail, I think it would be
> even easier to do it another way. The code in CVS head has been
> updated to allow for ":=", to over-write existing attributes. But I
> think it might be even easier to simply use the hashes as-is, and
> replace the existing attribute lists.
Sounds good. I assume you'll include %RAD_CHECK, as well as
%RAD_REQUEST and %RAD_REPLY in this change. That would bring rlm_perl
into line with other authentication modules, which can alter any of the
three attribute lists.
> i.e. put the attributes into perl hashes, and then make those perl
> hashes definitive for the new values of the attributes. This would
> involve throwing away the previous attributes entirely. So you would
> have to be *very* careful about modifying the hashes, but you would
> have complete flexibility.
What would be likely to happen if I screw up one of the attribute
hashes? If that just screws up the current RADIUS request, I'd say go
for it; I'm happy to have the power to shoot myself in the foot. But if
it could crash the radiusd, well, I guess I'll have to be *very*, *VERY*
careful.
--
George C. Kaplan gckaplan at ack.berkeley.edu
IST - Infrastructure Services 510-643-0496
University of California at Berkeley
More information about the Freeradius-Users
mailing list