rlm_perl - authorize - authenticate issue
Apostolos Pantsiopoulos
apant at kinetix.gr
Fri Apr 18 13:36:11 CEST 2008
Hi,
I am using freeradius (rlm_perl) for a VoIP system for a long time now
and today I tried to use it for routing purposes as well.
In my authorize function of my perl script I am assigning the routing info
to $RAD_REPLY :
...
my @final_routing = (
"MLPAMPLA01/1/$calling_num/$called_num/$calling_num/$called_num/xxx.xxx.xxx.xxx:1720",
"MLPAMPLA02/1/$calling_num/$called_num/$calling_num/$called_num/yyy.yyy.yyy.yyy:1720",
);
...
$RAD_REPLY{'Cisco-Command-Code'} = \@final_routing;
...
My authenticate section is very simple for now (accept everything):
sub authenticate
{
return RLM_MODULE_OK;
}
My problem is that when freeradius accepts a message it processes the
authorize section correctly :
rlm_perl: Added pair Cisco-Command-Code =
MLPAMPLA01/1//ddddddddddddd//ddddddddddddd/xxx.xxx.xxx.xxx:1720
rlm_perl: Added pair Cisco-Command-Code =
MLPAMPLA02/1//ddddddddddddd//ddddddddddddd/yyy.yyy.yyy.yyy:1720
and when it processes the authenticate section it adds the above two
pairs one more time leading to
this reply :
Sending Access-Accept of id 139 to zzz.zzz.zzz.zzz port 1814
Cisco-Command-Code +=
"MLPAMPLA01/1//ddddddddddddd//ddddddddddddd/xxx.xxx.xxx.xxx:1720"
Cisco-Command-Code +=
"MLPAMPLA02/1//ddddddddddddd//ddddddddddddd/yyy.yyy.yyy.yyy:1720"
Cisco-Command-Code +=
"MLPAMPLA01/1//ddddddddddddd//ddddddddddddd/xxx.xxx.xxx.xxx:1720"
Cisco-Command-Code +=
"MLPAMPLA02/1//ddddddddddddd//ddddddddddddd/yyy.yyy.yyy.yyy:1720"
...which is not the desired result. In which part does the second
addition of the attributes occur?
The debug output follows :
Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 0
rlm_realm: Looking up realm "LLL" for User-Name = "TEST at LLL"
rlm_realm: No such realm "LLL"
modcall[authorize]: module "suffix" returns noop for request 0
users: Matched entry DEFAULT at line 152
modcall[authorize]: module "files" returns ok for request 0
perl_pool: item 0x950f330 asigned new request. Handled so far: 1
found interpetator at address 0x950f330
rlm_perl: Added pair Cisco-Command-Code =
MLPAMPLA01/1//ddddddddddddd//ddddddddddddd/xxx.xxx.xxx.xxx:1720
rlm_perl: Added pair Cisco-Command-Code =
MLPAMPLA02/1//ddddddddddddd//ddddddddddddd/yyy.yyy.yyy.yyy:1720
rlm_perl: Added pair Auth-Type = PERL
perl_pool total/active/spare [10/0/10]
Unreserve perl at address 0x950f330
modcall[authorize]: module "perl" returns ok for request 0
modcall: leaving group authorize (returns ok) for request 0
rad_check_password: Found Auth-Type PERL
auth: type "PERL"
Processing the authenticate section of radiusd.conf
modcall: entering group PERL for request 0
perl_pool: item 0xa009ae0 asigned new request. Handled so far: 1
found interpetator at address 0xa009ae0
rlm_perl: Added pair Cisco-Command-Code =
MLPAMPLA01/1//ddddddddddddd//ddddddddddddd/xxx.xxx.xxx.xxx:1720
rlm_perl: Added pair Cisco-Command-Code =
MLPAMPLA02/1//ddddddddddddd//ddddddddddddd/yyy.yyy.yyy.yyy:1720
rlm_perl: Added pair Auth-Type = PERL
perl_pool total/active/spare [10/0/10]
Unreserve perl at address 0xa009ae0
modcall[authenticate]: module "perl" returns ok for request 0
modcall: leaving group PERL (returns ok) for request 0
Sending Access-Accept of id 17 to ooo.ooo.ooo.ooo port 1814
Cisco-Command-Code +=
"MLPAMPLA01/1//ddddddddddddd//ddddddddddddd/xxx.xxx.xxx.xxx:1720"
Cisco-Command-Code +=
"MLPAMPLA02/1//ddddddddddddd//ddddddddddddd/yyy.yyy.yyy.yyy:1720"
Cisco-Command-Code +=
"MLPAMPLA01/1//ddddddddddddd//ddddddddddddd/xxx.xxx.xxx.xxx:1720"
Cisco-Command-Code +=
"MLPAMPLA02/1//ddddddddddddd//ddddddddddddd/yyy.yyy.yyy.yyy:1720"
Finished request 0
--
-------------------------------------------
Apostolos Pantsiopoulos
Kinetix Tele.com Support Center
email: apant at kinetix.gr, support at kinetix.gr
Tel. & Fax: +30 2310556134
Mobile : +30 6937069097
MSN : apant2 at hotmail.com
WWW: http://www.kinetix.gr/
-------------------------------------------
More information about the Freeradius-Users
mailing list