ENV variables in external scripts

Ivan Kalik tnt at kalik.net
Wed Apr 9 22:05:58 CEST 2008 

You need to concatenate the value of the $RAD_REQUEST variable into the
query. It's plain text like this.

Ivan Kalik
Kalik Informatika ISP


-----Original Message-----
From: freeradius-users-bounces+tnt=kalik.net at lists.freeradius.org
[mailto:freeradius-users-bounces+tnt=kalik.net at lists.freeradius.org] On
Behalf Of rsg
Sent: 09 April 2008 17:24
To: FreeRadius users mailing list
Subject: Re: ENV variables in external scripts


Hi,

it's 1.1.7

If this cannot bypass CHAP, will have to do it using the same perl script
then.


My next query is when I tried to retrieve the CallerId from a Mysql DB using
the same perl script with,

---------
use Mysql;
:
:
$status = $db->Mysql::query("SELECT IF(EXISTS(SELECT callerid FROM auth
WHERE callerid='$RAD_REQUEST{/'Calling-Station-Id'/}'),'y','n')");

($callerid)=$status->FetchRow();
:
:
---------

it gives no CallerId leading to $status = "n".



Is   '$RAD_REQUEST{/'Calling-Station-Id'/}'   correct ?




Thanks,
rg


2008/4/9 Ivan Kalik <tnt at kalik.net>:
> What freeradius version? I don't think that you can bypass chap in 
> 1.1.x  but it can be done in 2.0 with unlang. pap is listed last, so 
> it will be  bypassed in both versions.
>
>
>  Ivan Kalik
>  Kalik Informatika ISP
>
>
>
> Dana 9/4/2008, "rsg" <ranil.santhish at gmail.com> piše:
>
>
>
> >Hi,
>  >
>  >Thanks a lot for the suggestion. I have a few more queries with 
> regard  >to rlm_perl integration.  >
>  >When this module is used for Calling-Station-Id based auth, would it
>  >be independent of whether it is CHAP or PAP.
>  >
>  >I tried with
>  >
>  >.../users
>  >
>  >DEFAULT Auth-Type = perl
>  >                Fall-Through = 1
>  >:
>  >:
>  >
>  >And the rlm_perl for Authentication and Authorization
>  >
>  >Observations:
>  >
>  >1) When a "CHAP-Password" is  received the perl script used does not
>  >authenticate as it calls the CHAP module
>  >2) When a "User-Password"  is received the user authentication is
successful.
>  >
>  >Here's the test perl script that I've tried with.
>  >
>  >-------------------
>  >use warnings;
>  >use vars qw(%RAD_REQUEST %RAD_REPLY %RAD_CHECK);
>  >use Data::Dumper;
>  >
>  >
>  >use constant    RLM_MODULE_REJECT=>    0;#  /* immediately reject the
request */
>  >use constant    RLM_MODULE_FAIL=>      1;#  /* module failed, don't
reply */
>  >use constant    RLM_MODULE_OK=>        2;#  /* the module is OK,
continue */
>  >use constant    RLM_MODULE_HANDLED=>   3;#  /* the module handled the
>  >request, so stop. */
>  >use constant    RLM_MODULE_INVALID=>   4;#  /* the module considers
>  >the request invalid. */
>  >use constant    RLM_MODULE_USERLOCK=>  5;#  /* reject the request
>  >(user is locked out) */
>  >use constant    RLM_MODULE_NOTFOUND=>  6;#  /* user not found */
>  >use constant    RLM_MODULE_NOOP=>      7;#  /* module succeeded
>  >without doing anything */
>  >use constant    RLM_MODULE_UPDATED=>   8;#  /* OK (pairs modified) */
>  >use constant    RLM_MODULE_NUMCODES=>  9;#  /* How many return codes
>  >there are */
>  >
>  >
>  ># Function to handle authenticate
>  >sub authenticate {
>  >if ($RAD_REQUEST{'Calling-Station-Id'} eq "4444444444") {
>  >  $RAD_REPLY{'Reply-Message'} = "OK --------->";
>  >  return RLM_MODULE_OK;
>  >  }else {
>  >  return RLM_MODULE_NOTFOUND;
>  >  }
>  >}
>  >
>  ># Function to handle authorize
>  >sub authorize {
>  >
>  >if ($RAD_REQUEST{'Calling-Station-Id'} eq "4444444444") {
>  >
>  >    return RLM_MODULE_OK;
>  >
>  >  }else {
>  >
>  >  return RLM_MODULE_FAIL;
>  >  }
>  >}
>  >
>  >------------------------------------------------------------------
>  >
>  >Could you advise how could I tackle this issue to bypass CHAP/PAP
>  >status when CallerId is allowed ?
>  >
>  >Thanks,
>  >rg
>  >
>  >
>  >
>  >
>  >On Tue, Apr 8, 2008 at 7:57 PM, Ivan Kalik <tnt at kalik.net> wrote:
>  >> >With rlm_perl can external perl scripts be easily used as with
>  >>  >Exec-Program-Wait ?
>  >>
>  >>  Easier:
>  >>
>  >>  http://wiki.freeradius.org/Rlm_perl
>  >>
>  >>
>  >>  Ivan Kalik
>  >>  Kalik Informatika ISP
>  >>
>  >>
>  >>
>  >> -
>  >>  List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/usershtml
>
>
> >>
>  >-
>  >List info/subscribe/unsubscribe? See 
> http://www.freeradius.org/list/users.html
>  >
>  >
>
>  -
>  List info/subscribe/unsubscribe? See 
> http://www.freeradius.org/list/users.html
>

-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html



-- 
No virus found in this incoming message.
Checked by AVG. 
Version: 7.5.519 / Virus Database: 269.22.10/1366 - Release Date: 2008-04-08
17:03

More information about the Freeradius-Users mailing list