Help on Getting Cleartext-Password attribute in my module

Alan DeKok aland at
Wed Jan 30 16:51:32 CET 2019

On Jan 30, 2019, at 10:44 AM, shivu prasad <shivaprasad2452 at> wrote:
> In my module I want to restrict  only  Cleartext-Password passwords, and
> need  reject(ignore) the other type of passwords request like mds sha and
> all.

  OK... you can do that via "unlang", too.

> I am able to get only User-Password attribute not  Cleartext-Password

  If the Cleartext-Password exists, you can get it in the module.  The other modules do it, so it's absolutely possible.

> in mod_authorize I am checking for the vp->da->attr type
> I even try to extract cleartext_passord from request packet  if not i check
> in request_config  like below
>    pass = fr_pair_find_by_num(request->packet->vps, PW_CLEARTEXT_PASSWORD,
> 0, TAG_ANY);
>    password = fr_pair_find_by_num(request->config, PW_CLEARTEXT_PASSWORD,
> 0, TAG_ANY);
> But both the way I not  able to get Cleartext-Password

  Did it get added by *another* module?  The server doesn't magically invent that attribute.  It gets the attribute from a database.

> I verified sending  the  request in rad-client

  Hmm... trying to debug the server, and looking at the client logs. That's not useful.

  Alan DeKok.

More information about the Freeradius-Users mailing list