generate a random value with unlang?
Phil Mayers
p.mayers at imperial.ac.uk
Wed Mar 21 12:01:19 CET 2012
On 21/03/12 10:07, Stefan Winter wrote:
> Hi,
>
> in some weird business case, I would like to generate a one-time use
> token for later consumption in post-auth. So when the user is accepted,
> trigger an
>
> {sql:INSERT randomvalue INTO someplace}
>
> The value should be new for every Access-Accept. I wonder how to
> generate such a random value with unlang. Is there some {%rand} or
> anything like that?
>
> Currently I do it embedded in the INSERT:
>
> INSERT ... SHA1(RAND())... INTO someplace
>
> but our MySQL admins don't like me doing that. So I'd prefer to do this
> on FreeRADIUS and send a simple string to the DB.
How secure a random value? You could generate a reasonably unique value
with something like:
update request {
My-Random := "%{md5:A-Secret-String/%l/%n/%I}"
}
There's no built-in xlat for "rand()" but it would be very trivial to add:
--- xlat.c 2012-03-21 11:00:51.736371799 +0000
+++ xlat.c~ 2012-01-05 17:06:51.512061373 +0000
@@ -628,17 +628,6 @@
return strlen(out);
}
-/**
- * @brief Return a random integer
- *
- */
-static size_t xlat_rand(UNUSED void *instance, REQUEST *request,
- char *fmt, char *out, size_t outlen,
- UNUSED RADIUS_ESCAPE_STRING func)
-{
- snprintf(out, outlen, "%d", fr_rand());
- return strlen(out);
-}
/**
* @brief Convert a string to lowercase
@@ -840,11 +829,6 @@
rad_assert(c != NULL);
c->internal = TRUE;
- xlat_register("rand", xlat_rand, &xlat_inst[0]);
- c = xlat_find("rand");
- rad_assert(c != NULL);
- c->internal = TRUE;
-
xlat_register("tolower", xlat_lc, &xlat_inst[0]);
c = xlat_find("tolower");
rad_assert(c != NULL);
More information about the Freeradius-Users
mailing list