ENV variables in external scripts

rsg ranil.santhish at gmail.com
Wed Apr 9 16:54:47 CEST 2008 

Hi,

Thanks a lot for the suggestion. I have a few more queries with regard
to rlm_perl integration.

When this module is used for Calling-Station-Id based auth, would it
be independent of whether it is CHAP or PAP.

I tried with

../users

DEFAULT Auth-Type = perl
                Fall-Through = 1
:
:

And the rlm_perl for Authentication and Authorization

Observations:

1) When a "CHAP-Password" is  received the perl script used does not
authenticate as it calls the CHAP module
2) When a "User-Password"  is received the user authentication is successful.

Here's the test perl script that I've tried with.

-------------------
use warnings;
use vars qw(%RAD_REQUEST %RAD_REPLY %RAD_CHECK);
use Data::Dumper;


use constant    RLM_MODULE_REJECT=>    0;#  /* immediately reject the request */
use constant    RLM_MODULE_FAIL=>      1;#  /* module failed, don't reply */
use constant    RLM_MODULE_OK=>        2;#  /* the module is OK, continue */
use constant    RLM_MODULE_HANDLED=>   3;#  /* the module handled the
request, so stop. */
use constant    RLM_MODULE_INVALID=>   4;#  /* the module considers
the request invalid. */
use constant    RLM_MODULE_USERLOCK=>  5;#  /* reject the request
(user is locked out) */
use constant    RLM_MODULE_NOTFOUND=>  6;#  /* user not found */
use constant    RLM_MODULE_NOOP=>      7;#  /* module succeeded
without doing anything */
use constant    RLM_MODULE_UPDATED=>   8;#  /* OK (pairs modified) */
use constant    RLM_MODULE_NUMCODES=>  9;#  /* How many return codes
there are */


# Function to handle authenticate
sub authenticate {
if ($RAD_REQUEST{'Calling-Station-Id'} eq "4444444444") {
  $RAD_REPLY{'Reply-Message'} = "OK --------->";
  return RLM_MODULE_OK;
  }else {
  return RLM_MODULE_NOTFOUND;
  }
}

# Function to handle authorize
sub authorize {

if ($RAD_REQUEST{'Calling-Station-Id'} eq "4444444444") {

    return RLM_MODULE_OK;

  }else {

  return RLM_MODULE_FAIL;
  }
}

------------------------------------------------------------------

Could you advise how could I tackle this issue to bypass CHAP/PAP
status when CallerId is allowed ?

Thanks,
rg




On Tue, Apr 8, 2008 at 7:57 PM, Ivan Kalik <tnt at kalik.net> wrote:
> >With rlm_perl can external perl scripts be easily used as with
>  >Exec-Program-Wait ?
>
>  Easier:
>
>  http://wiki.freeradius.org/Rlm_perl
>
>
>  Ivan Kalik
>  Kalik Informatika ISP
>
>
>
> -
>  List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>

More information about the Freeradius-Users mailing list