(RADIATOR) passwords
Hugh Irvine
hugh at open.com.au
Thu Sep 20 18:16:45 CDT 2001
Hello -
*sigh*
One more time.
:-/
# -*- mode: Perl -*-
# addUsernameAsPassword
#
# PreAuthHook to add a Password attribute
# to an Access-Request.
# The User-Name is used for the Password.
# Note that the Password must be encoded
# with the shared secret of the original NAS.
#
# Author: Hugh Irvine (hugh at open.com.au)
# Copyright (C) 2001 Open System Consultants
#
sub
{
my $p = ${$_[0]};
my $rp = ${$_[1]};
# Get the request code and password.
my $code = $p->code;
my $password = $p->get_attr('User-Password');
if (($code eq 'Access-Request') && ($password eq ""))
{
my $secret = $p->{Client}->{Secret};
my $user = $p->get_attr('User-Name');
print "User-Name = $user, Secret = $secret \n";
$p->change_attr('User-Password',
$p->encode_password($user, $secret));
}
return;
}
Don't forget to remove the "print" statement when you are happy with the
operation of the hook (assuming we get it to work one day ...).
BTW - I also modified the code to check for the existence of a valid password.
My apologies - it hasn't been a good couple of weeks.
regards
Hugh
On Friday 21 September 2001 08:14, Tech wrote:
> Hi Hugh
>
> After making the changes as per last email I am now getting this in
> logfile.
>
> Fri Sep 21 08:00:18 2001: ERR: Error in PreAuthHook(): Can't call method
> "authen
> ticator" without a package or object reference at
> /usr/local/lib/perl5/site_perl
> /5.005/Radius/Radius.pm line 397.
>
> Hugh Irvine wrote:
> > Hello -
> >
> > On Thursday 20 September 2001 15:59, Tech wrote:
> > > > Hi Hugh
> > >
> > > I have made the changes to the hook file but am still getting reject
> > > because of an empty password.
> > >
> > > Is there any way I can see what is happening as the hook is working
> >
> > Sure - just add a print statement and run radiusd from the command line
> > so you can see what is printed.
> >
> > BTW - I apologise for dashing this off in a hurry, but there is another
> > problem, see below.
> >
> > # -*- mode: Perl -*-
> > # addUsernameAsPassword
> > #
> > # PreAuthHook to add a Password attribute
> > # to an Access-Request.
> > # The User-Name is used for the Password.
> > # Note that the Password must be encoded
> > # with the shared secret of the original NAS.
> > #
> > # Author: Hugh Irvine (hugh at open.com.au)
> > # Copyright (C) 2001 Open System Consultants
> > #
> >
> > sub
> > {
> > my $p = ${$_[0]};
> > my $rp = ${$_[1]};
> >
> > # Get the request code.
> > my $code = $p->code;
> >
> > if ($code eq 'Access-Request')
> > {
> > my $secret = $p->{Client}->{Secret};
> > my $user = $p->get_attr('User-Name');
> >
> > print "User-Name = $user, Secret = $secret \n";
> >
> > $password = &Radius::Radius::encode_password($user, $secret);
> > $p->add_attr('User-Password', $password);
> > }
> > return;
> > }
> >
> > As I mentioned, I hadn't tested it, sorry.
> >
> > Hopefully we will get there eventually.
> >
> > regards
> >
> > Hugh
> >
> > --
> > Radiator: the most portable, flexible and configurable RADIUS server
> > anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
> > -
> > Nets: internetwork inventory and management - graphical, extensible,
> > flexible with hardware, software, platform and database independence.
> > ===
> > Archive at http://www.open.com.au/archives/radiator/
> > Announcements on radiator-announce at open.com.au
> > To unsubscribe, email 'majordomo at open.com.au' with
> > 'unsubscribe radiator' in the body of the message.
--
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. Available on *NIX, *BSD, Windows 95/98/2000, NT, MacOS X.
-
Nets: internetwork inventory and management - graphical, extensible,
flexible with hardware, software, platform and database independence.
===
Archive at http://www.open.com.au/archives/radiator/
Announcements on radiator-announce at open.com.au
To unsubscribe, email 'majordomo at open.com.au' with
'unsubscribe radiator' in the body of the message.
More information about the radiator
mailing list