RLM_PERL Integration Issue

tnt at kalik.co.yu tnt at kalik.co.yu
Tue Jul 17 13:50:04 CEST 2007


Well, you are sending digest attributes in your request so you will need
to enable digest module on the server to process them. Script did send
OK, so that bit is fine.

Ivan Kalik
Kalik Informatika ISP


Dana 17/7/2007, "FreeRadius-ML" <freeradius at zap2link.com> piše:

>Well, right now I would like to start of with something really simple. I'd like to have OpenSER authenticate
>on FreeRadius, Digest is not a must - for all I care at this point, it can be clear-text. I'm currently using
>the perl script example from the FreeRadius website, which if i understand correctly, should answer OK on any
>request to it. That is what I where i want to get to at this point, once that is working, i can continue onwards.
>
>Z2L
>
>----- Original Message -----
>From: tnt at kalik.co.yu
>To: freeradius-users at lists.freeradius.org
>Sent: 14:06:58 (GMT+0200) Asia/Jerusalem יום ׊לי׊י 17 יולי 2007
>Subject: Re: RLM_PERL Integration Issue
>
>I don't know what is your pearl script supposed to do. If you are doing
>digest authentication (looking at that request) you need to uncomment
>the digest entries in authentication and authorization sections od
>radiusd.conf.
>
>Ivan Kalik
>Kalik Informatika ISP
>
>
>Dana 17/7/2007, "FreeRadius-ML" <freeradius at zap2link.com> piĹĄe:
>
>>Ok, now we are getting somewhere, I'm getting the following output:
>>
>>rad_recv: Access-Request packet from host 192.168.2.80:43835, id=102, length=234
>>        User-Name = "101 at 192.168.2.80"
>>        Digest-Attributes = 0x0a05313031
>>        Digest-Attributes = 0x010e3139322e3136382e322e3830
>>        Digest-Attributes = 0x022a34363939653236343763333537313631373066343236656466366262383661666535633736636466
>>        Digest-Attributes = 0x04127369703a3139322e3136382e322e3830
>>        Digest-Attributes = 0x030a5245474953544552
>>        Digest-Attributes = 0x050661757468
>>        Digest-Attributes = 0x090a3030303134313333
>>        Digest-Attributes = 0x081237633762663032366635646533653537
>>        Digest-Response = "90ea471ad7040bab866ffa15ee80e21d"
>>        Service-Type = Authenticate-Only
>>        Sip-Uri-User = "101"
>>        NAS-Port = 5060
>>        NAS-IP-Address = 192.168.2.80
>>  Processing the authorize section of radiusd.conf
>>modcall: entering group authorize for request 6
>>  modcall[authorize]: module "preprocess" returns ok for request 6
>>radius_xlat:  '/var/log/radius/radacct/192.168.2.80/auth-detail-20070715'
>>rlm_detail: /var/log/radius/radacct/%{Client-IP-Address}/auth-detail-%Y%m%d expands to /var/log/radius/radacct/192.168.2.80/auth-detail-20070715
>>  modcall[authorize]: module "auth_log" returns ok for request 6
>>perl_pool: item 0x8af4268 asigned new request. Handled so far: 1 found interpetator at address 0x8af4268 perl_pool total/active/spare [32/0/32] Unreserve perl at address 0x8af4268
>>  modcall[authorize]: module "perl" returns ok for request 6
>>modcall: leaving group authorize (returns ok) for request 6
>>auth: No authenticate method (Auth-Type) configuration found for the request: Rejecting the user
>>auth: Failed to validate the user.
>>Login incorrect: [101 at 192.168.2.80/<no User-Password attribute>] (from client openser port 5060) Delaying request 6 for 1 seconds Finished request 6 Going to the next request Waking up in 2 seconds...
>>
>>I think I have a section missing from FreeRadius configuration, is that correct?
>>
>>Zap2Link
>>
>>-----Original Message-----
>>From: freeradius-users-bounces+freeradius=zap2link.com at lists.freeradius.org [mailto:freeradius-users-bounces+freeradius=zap2link.com at lists.freeradiusorg] On Behalf Of tnt at kalik.co.yu
>>Sent: Tuesday, July 17, 2007 12:08 PM
>>To: FreeRadius users mailing list
>>Subject: Re: RLM_PERL integration issue
>>
>>radiusd -X
>>
>>Ivan Kalik
>>Kalik Informatika ISP
>>
>>
>>
>>
>>Dana 17/7/2007, "freeradius at zap2link.com" <freeradius at zap2link.com>
>>piĚĄe:
>>
>>>Hi All,
>>>
>>>
>>>
>>>  I've followed the rlm_perl information to integrate a PERL based 
>>>example for Radius Authentication.
>>>
>>>I basically used the same example that is in the document. I know that 
>>>the script is loaded whe FreeRadius is loaded, however, It would seem 
>>>that all requests to the Radius server are not processed via rlm_perl.
>>>
>>>
>>>
>>>  Is there a way to verify that rlm_perl is invoked?
>>>
>>>
>>>
>>>Zap2Link
>>>
>>>
>>>
>>
>>-
>>List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>>
>>
>>- 
>>List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
>- 
>List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
>
>- 
>List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html




More information about the Freeradius-Users mailing list