rlm_perl error

Bjørn Mork bjorn at mork.no
Tue Aug 31 10:42:30 CEST 2010


"JUND, Aurélien" <aurelien.jund at sfr.com> writes:

> example.pl:
>
> sub authorize {
>         if ($RAD_REQUEST{'Service-Type'} =  "Framed-User"){

This isn't a perl boolean expression...

>        $RAD_CHECK{'Cleartext-Password'} = "11111";
>        $RAD_REPLY{'Callback-Number'} = "Number";
>
>         return RLM_MODULE_OK }

But it will always be true, so these should be evaluated anyway.
However, I don't see you defining RLM_MODULE_OK anywhere which means
that we either don't see the complet script or that the script will
fail. Please see the example.pl script in freeradius.


Adding items to these lists *does* work.  Example:

This script:

use constant    RLM_MODULE_REJECT=>    0;#  /* immediately reject the request */
use constant    RLM_MODULE_FAIL=>      1;#  /* module failed, don't reply */
use constant    RLM_MODULE_OK=>        2;#  /* the module is OK, continue */
use constant    RLM_MODULE_HANDLED=>   3;#  /* the module handled the request, so stop. */
use constant    RLM_MODULE_INVALID=>   4;#  /* the module considers the request invalid. */
use constant    RLM_MODULE_USERLOCK=>  5;#  /* reject the request (user is locked out) */
use constant    RLM_MODULE_NOTFOUND=>  6;#  /* user not found */
use constant    RLM_MODULE_NOOP=>      7;#  /* module succeeded without doing anything */
use constant    RLM_MODULE_UPDATED=>   8;#  /* OK (pairs modified) */
use constant    RLM_MODULE_NUMCODES=>  9;#  /* How many return codes there are */

sub authorize {
        print "Here\n";
        $RAD_CHECK{'Cleartext-Password'} = "foo";
        return RLM_MODULE_UPDATED;
}


results in:

Ready to process requests.
rad_recv: Access-Request packet from host 127.0.0.1 port 55297, id=90, length=44
        User-Name = "test"
        User-Password = "foo"
+- entering group authorize {...}
++[preprocess] returns ok
++[chap] returns noop
++[mschap] returns noop
[suffix] No '@' in User-Name = "test", looking up realm NULL
[suffix] No such realm "NULL"
++[suffix] returns noop
[eap] No EAP-Message, not doing EAP
++[eap] returns noop
++[unix] returns notfound
++[files] returns noop
++[expiration] returns noop
++[logintime] returns noop
GOT CLONE 1554668288 0x267ae10
Here
rlm_perl: Added pair User-Name = test
rlm_perl: Added pair User-Password = foo
rlm_perl: Added pair NAS-IP-Address = 127.0.0.1
rlm_perl: Added pair Cleartext-Password = foo
++[perl] returns updated
++[pap] returns updated
Found Auth-Type = PAP
+- entering group PAP {...}
[pap] login attempt with password "foo"
[pap] Using clear text password "foo"
[pap] User authenticated successfully
++[pap] returns ok
+- entering group post-auth {...}
++[exec] returns noop
Sending Access-Accept of id 90 to 127.0.0.1 port 55297
Finished request 0.
Going to the next request
Waking up in 4.9 seconds.
Cleaning up request 0 ID 90 with timestamp +4
Ready to process requests.



Do also note that you can add print's while debugging the script.  This
is very useful when trying to figure out what happens while the server
run the script.



Bjørn




More information about the Freeradius-Users mailing list