ENV variables in external scripts

rsg ranil.santhish at gmail.com
Wed Apr 16 18:29:02 CEST 2008 

Yes, that works well. Many thanks.

In fact by changing the logic slightly you can achieve the required
functionality fairly easily.
e.g. changing the UserID/Password upon radius_request such that
corresponding policies can be applied based on the modified UserName.

rg.


2008/4/16 Ivan Kalik <tnt at kalik.net>:
> No. Use it to bypass chap.
>
>  http://www.freeradius.org/radiusd/man/unlang.html
>
>
>  Ivan Kalik
>  Kalik Informatika ISP
>
>
>  Dana 16/4/2008, "rsg" <ranil.santhish at gmail.com> piše:
>
>
>
>  >Could unlang be used check Calling-station-Id for instance, from an SQL backend?
>  >
>  >
>  >2008/4/10 Ivan Kalik <tnt at kalik.net>:
>  >> You use unlang for that. Read man unlang.
>  >>
>  >>
>  >>
>  >>  Ivan Kalik
>  >>  Kalik Informatika ISP
>  >>
>  >>
>  >>  Dana 10/4/2008, "rsg" <ranil.santhish at gmail.com> piše:
>  >>
>  >>  >Hi,
>  >>  >
>  >>  >After a brief review of the logic, i managed to get it working. My
>  >>  >apologies for the trouble and thank you for your time.
>  >>  >
>  >>  >
>  >>  >
>  >>  >rlm_perl related question once again:
>  >>  > When performing credential based Auth, how could I simply fall-though
>  >>  >to the next check when there isn't a match.
>  >>  >
>  >>  >With RAD_REQUEST if Calling-Station-Id is found Password
>  >>  >authentication could be bypassed.
>  >>  >
>  >>  >If not found how to hand the process into a different module e.g. PAP or CHAP?
>  >>  >
>  >>  >Is it possible to achieve this with rlm_perl?
>  >>  >
>  >>  >Also could it be possible to go to a deeper level like user credential
>  >>  >checking? E.g. to check on a particular user profile and perform IP
>  >>  >allocation,etc? And this should come after the Calling-station-id
>  >>  >check.
>  >>  >
>  >>  >Thanks once again for your valuable thoughts.
>  >>  >
>  >>  >rg.
>  >>  >
>  >>  >
>  >>  >
>  >>  >
>  >>  >
>  >>  >
>  >>  >
>  >>  >2008/4/10 Ivan Kalik <tnt at kalik.net>:
>  >>  >> $myvalue = $RAD_REQUEST{'Calling-Station-Id'};
>  >>  >>  # Print it or check in some other way
>  >>  >>
>  >>  >>  $myquery = "SELECT IF(EXISTS(SELECT callerid FROM auth WHERE
>  >>  >>  callerid='" . $myvalue . "'),'y','n')";
>  >>  >>  # Now print or check in some other way the query to see if it is joined
>  >>  >>  well
>  >>  >>
>  >>  >>  $yourquery = "SELECT IF(EXISTS(SELECT callerid FROM auth WHERE
>  >>  >>  callerid='$RAD_REQUEST{/'Calling-Station-Id'/}'),'y','n')";
>  >>  >>  # And print or check in some other way this to see why it doesn't work
>  >>  >>
>  >>  >>  $status = $db->Mysql::query($myquery);
>  >>  >>
>  >>  >>
>  >>  >>  Ivan Kalik
>  >>  >>  Kalik Informatika ISP
>  >>  >>
>  >>  >>
>  >>  >>  Dana 10/4/2008, "rsg" <ranil.santhish at gmail.com> piše:
>  >>  >>
>  >>  >>
>  >>  >>
>  >>  >>  >Hi,
>  >>  >>  >
>  >>  >>  >I attempted setting it to a local variable as well.
>  >>  >>  >
>  >>  >>  >Result was the same.
>  >>  >>  >
>  >>  >>  >Thanks so much for your suggestions & guidance. It's really appreciated.
>  >>  >>  >
>  >>  >>  >
>  >>  >>  >
>  >>  >>  >On Thu, Apr 10, 2008 at 1:02 PM,  <A.L.M.Buxey at lboro.ac.uk> wrote:
>  >>  >>  >> Hi,
>  >>  >>  >>
>  >>  >>  >>
>  >>  >>  >>  > My next query is when I tried to retrieve the CallerId from a Mysql DB
>  >>  >>  >>  > using the same perl script with,
>  >>  >>  >>  >
>  >>  >>  >>  > ---------
>  >>  >>  >>  > use Mysql;
>  >>  >>  >>  > :
>  >>  >>  >>  > :
>  >>  >>  >>  > $status = $db->Mysql::query("SELECT IF(EXISTS(SELECT callerid FROM
>  >>  >>  >>  > auth WHERE callerid='$RAD_REQUEST{/'Calling-Station-Id'/}'),'y','n')");
>  >>  >>  >>
>  >>  >>  >>  your escape characters are wrong
>  >>  >>  >>
>  >>  >>  >>  $RAD_REQUEST{\'Calling-Station-Id\'}
>  >>  >>  >>
>  >>  >>  >>  personally, i would set the value into a local variable and do some
>  >>  >>  >>  sanity checking to ensure it'll not screw up the SQL... a nasty
>  >>  >>  >>  person could do something trivial like set their Calling station id
>  >>  >>  >>  to "'; drop all from users" :-)
>  >>  >>  >>
>  >>  >>  >>  alan
>  >>  >>  >>
>  >>  >>  >>
>  >>  >>  >> -
>  >>  >>  >>  List info/subscribe/unsubscribe? See http://www.freeradius.org/list/usershtml
>  >>  >>
>  >>  >>
>  >>  >> >>
>  >>  >>  >-
>  >>  >>  >List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>  >>  >>  >
>  >>  >>  >
>  >>  >>
>  >>  >>  -
>  >>  >>  List info/subscribe/unsubscribe? See http://www.freeradius.org/list/usershtml
>  >>  >>
>  >>  >
>  >>  >-
>  >>  >List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>  >>  >
>  >>  >
>  >>
>  >>  -
>  >>  List info/subscribe/unsubscribe? See http://www.freeradius.org/list/usershtml
>  >>
>  >
>  >-
>  >List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>  >
>  >
>
>  -
>  List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>

More information about the Freeradius-Users mailing list