ENV variables in external scripts

rsg ranil.santhish at gmail.com
Thu Apr 10 16:46:21 CEST 2008 

Hi,

After a brief review of the logic, i managed to get it working. My
apologies for the trouble and thank you for your time.



rlm_perl related question once again:
 When performing credential based Auth, how could I simply fall-though
to the next check when there isn't a match.

With RAD_REQUEST if Calling-Station-Id is found Password
authentication could be bypassed.

If not found how to hand the process into a different module e.g. PAP or CHAP?

Is it possible to achieve this with rlm_perl?

Also could it be possible to go to a deeper level like user credential
checking? E.g. to check on a particular user profile and perform IP
allocation,etc? And this should come after the Calling-station-id
check.

Thanks once again for your valuable thoughts.

rg.







2008/4/10 Ivan Kalik <tnt at kalik.net>:
> $myvalue = $RAD_REQUEST{'Calling-Station-Id'};
>  # Print it or check in some other way
>
>  $myquery = "SELECT IF(EXISTS(SELECT callerid FROM auth WHERE
>  callerid='" . $myvalue . "'),'y','n')";
>  # Now print or check in some other way the query to see if it is joined
>  well
>
>  $yourquery = "SELECT IF(EXISTS(SELECT callerid FROM auth WHERE
>  callerid='$RAD_REQUEST{/'Calling-Station-Id'/}'),'y','n')";
>  # And print or check in some other way this to see why it doesn't work
>
>  $status = $db->Mysql::query($myquery);
>
>
>  Ivan Kalik
>  Kalik Informatika ISP
>
>
>  Dana 10/4/2008, "rsg" <ranil.santhish at gmail.com> piše:
>
>
>
>  >Hi,
>  >
>  >I attempted setting it to a local variable as well.
>  >
>  >Result was the same.
>  >
>  >Thanks so much for your suggestions & guidance. It's really appreciated.
>  >
>  >
>  >
>  >On Thu, Apr 10, 2008 at 1:02 PM,  <A.L.M.Buxey at lboro.ac.uk> wrote:
>  >> Hi,
>  >>
>  >>
>  >>  > My next query is when I tried to retrieve the CallerId from a Mysql DB
>  >>  > using the same perl script with,
>  >>  >
>  >>  > ---------
>  >>  > use Mysql;
>  >>  > :
>  >>  > :
>  >>  > $status = $db->Mysql::query("SELECT IF(EXISTS(SELECT callerid FROM
>  >>  > auth WHERE callerid='$RAD_REQUEST{/'Calling-Station-Id'/}'),'y','n')");
>  >>
>  >>  your escape characters are wrong
>  >>
>  >>  $RAD_REQUEST{\'Calling-Station-Id\'}
>  >>
>  >>  personally, i would set the value into a local variable and do some
>  >>  sanity checking to ensure it'll not screw up the SQL... a nasty
>  >>  person could do something trivial like set their Calling station id
>  >>  to "'; drop all from users" :-)
>  >>
>  >>  alan
>  >>
>  >>
>  >> -
>  >>  List info/subscribe/unsubscribe? See http://www.freeradius.org/list/usershtml
>
>
> >>
>  >-
>  >List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>  >
>  >
>
>  -
>  List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>

More information about the Freeradius-Users mailing list