perl scripts

Alan Lumb freeradius at siblin.co.uk
Sun Mar 19 18:03:46 CET 2006 

This is the routine I use, uses the MD5 modules from CPAN.
Very messy and stolen from about 5 different sources...

The three inputs are the hashed reply, the actual password from your
database and the challenge that was sent to the user.

I think this works OK.

        my $cpass =    $_[0];
        my $actualpass = $_[1];
        my $cchal =      $_[2];

        #Freeradius adds 0x to the beginning of the chap password.
        #this little hack removes the first two characters

        $cpass=substr($cpass,2);
        $cchal=substr($cchal,2);

        #pack the hex stuff into 8bit code
        my $chap_password = pack("H*", $cpass);
        my $chap_challenge = pack("H*", $cchal);

        # Compile an MD5 digest of the authentication information
        my $md5 = new MD5;
        $md5->reset;
        $md5->add(substr($chap_password, 0, 1)); # Packet ID
        $md5->add($actualpass);
        $md5->add($chap_challenge);

        # Check that the digest matches the CHAP password
        if ($md5->digest() ne substr($chap_password, 1)) {
                # CHAP doesnt match.
                return 0 ;
        }
        return 1;



> OK. I the user authentication works.
> But how do I decode the password in my script.
> The user sends CHAP password and I dont know how to decode this password
> to match the value to mo password that is in my database.
> Is it possible ??
>   ----- Original Message -----
>   From: Thor Spruyt
>   To: FreeRadius users mailing list
>   Sent: Wednesday, March 15, 2006 8:24 PM
>   Subject: Re: perl scripts
>
>
>   Add this in your script and then run radiusd in debugging mode:
>
>    for (keys %RAD_REQUEST) {
>     &radiusd::radlog(1, "RAD_REQUEST: $_ = $RAD_REQUEST{$_}");
>    }
>
>   --
>   Groeten, Regards, Salutations,
>
>   Thor Spruyt
>   M: +32 (0)475 67 22 65
>   E: thor.spruyt at telenet.be
>   W: www.thor-spruyt.com
>
>   www.salesguide.be
>   www.telenethotspot.be
>
>     ----- Original Message -----
>     From: debik
>     To: FreeRadius users mailing list
>     Sent: Wednesday, March 15, 2006 7:38 PM
>     Subject: Re: perl scripts
>
>
>     Hello again. I have stuckon writing that perl script to autheticate
> users from onother database.
>     How can i grep the User-Name and Password from RAD_REQUEST to my perl
> script as a variable.
>     I have tried to do something like this:
>     my $username = $RAD_REQUEST{'User-Name'}
>
>     Is it anyway possibble what im trying to do ?
>
>       ----- Original Message -----
>       From: debik
>       To: FreeRadius users mailing list
>       Sent: Sunday, March 12, 2006 12:28 PM
>       Subject: Re: perl scripts
>
>
>       I tried to add new sql1.conf. But when i trie starting te radius
> server he told me that the database is nit in the Attribute Value. I
> that onother dsatabase i have got users of my network, and i wont,
> that teh radius server use that logins which are in that database.
>
>       Sorry for that HTML, and for my english.
>
>         ----- Original Message -----
>         From: mnisay
>         To: 'FreeRadius users mailing list'
>         Sent: Sunday, March 12, 2006 10:55 AM
>         Subject: RE: perl scripts
>
>
>         what do you want to achieve with this perl script, freeradius can
> do the authentication.
>         is this script for management of database? if it is, you can use
> server side php scripts as well.
>         if its not, does the perl script manipulates user database
> differently?
>         sorry i think i did not get you well.
>
>
>
>
> ------------------------------------------------------------------------
>         From:
> freeradius-users-bounces+mnisay=aim-consultants.com at lists.freeradius.org
> [mailto:freeradius-users-bounces+mnisay=aim-consultants.com at lists.freeradius.org]
> On Behalf Of debik
>         Sent: Saturday, March 11, 2006 2:43 PM
>         To: FreeRadius users mailing list
>         Subject: Re: perl scripts
>
>
>         Yes. But that onother database is not in radius format like: op,
> value, etc. So I have to write a perl script.
>
>           ----- Original Message -----
>           From: mnisay
>           To: 'FreeRadius users mailing list'
>           Sent: Saturday, March 11, 2006 11:27 AM
>           Subject: RE: perl scripts
>
>
>
>
>
>
> ----------------------------------------------------------------------
>           From:
> freeradius-users-bounces+mnisay=aim-consultants.com at lists.freeradius.org
> [mailto:freeradius-users-bounces+mnisay=aim-consultants.com at lists.freeradius.org]
> On Behalf Of debik
>           Sent: Friday, March 10, 2006 8:41 PM
>           To: FreeRadius users mailing list
>           Subject: Re: perl scripts
>
>
>            >  I have got onother mysql base and i wont to write perl
> script to tel the radius server to use the data in that
> database.
>
>           do you mean use MySQL for freeradius authentication?
>             ----- Original Message -----
>             From: mnisay
>             To: 'FreeRadius users mailing list'
>             Sent: Friday, March 10, 2006 11:26 AM
>             Subject: RE: perl scripts
>
>
>
>
>              > Could somebody share with some scripts that authorize users
> in radius.
>              > Im trying to write my own script, but i don't find any
> docs.
>              > Could somebody help me.
>
>             authorize users in radius?
>             freeradius can authorize users by default.
>
>
>
>             --
>             No virus found in this incoming message.
>             Checked by AVG Free Edition.
>             Version: 7.1.375 / Virus Database: 268.2.1/278 - Release Date:
> 3/9/2006
>
>
>
>
>
>             --
>             No virus found in this outgoing message.
>             Checked by AVG Free Edition.
>             Version: 7.1.375 / Virus Database: 268.2.1/278 - Release Date:
> 3/9/2006
>
>
>
>
> --------------------------------------------------------------------
>
>
>             -
>             List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
>
>           --
>           No virus found in this incoming message.
>           Checked by AVG Free Edition.
>           Version: 7.1.375 / Virus Database: 268.2.1/278 - Release Date:
> 3/9/2006
>
>
>
>
>
>           --
>           No virus found in this outgoing message.
>           Checked by AVG Free Edition.
>           Version: 7.1.375 / Virus Database: 268.2.1/279 - Release Date:
> 3/10/2006
>
>
>
>
> ----------------------------------------------------------------------
>
>
>           -
>           List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
>
>         --
>         No virus found in this incoming message.
>         Checked by AVG Free Edition.
>         Version: 7.1.375 / Virus Database: 268.2.1/279 - Release Date:
> 3/10/2006
>
>
>
>
>
>         --
>         No virus found in this outgoing message.
>         Checked by AVG Free Edition.
>         Version: 7.1.375 / Virus Database: 268.2.1/279 - Release Date:
> 3/10/2006
>
>
>
>
> ------------------------------------------------------------------------
>
>
>         -
>         List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
>
> --------------------------------------------------------------------------
>
>
>       -
>       List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
>
> ----------------------------------------------------------------------------
>
>
>     -
>     List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
>
>
> ------------------------------------------------------------------------------
>
>
>   -
>   List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html-
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html

More information about the Freeradius-Users mailing list