[RADIATOR] Executing an external script from Radiator

M P antmtp at hotmail.com
Tue Jun 28 04:00:53 CDT 2011


Hello all,

If you have noticed, I am trying to get the values of the User-Name and User-Password attributes in my BASH script that is being executed by the Command parameter inside my <AuthBy EXTERNAL> clause. In my test, I can only get the value of the User-Name attribute but not with the User-Password attribute as it appears blank. If I can pass the value of the User-Password attribute to the $PASSWORD variable, I will be able to compare it with the return value when I do the wget command.

Please advice on how am I able to proceed from here.

Regards,

MP


From: antmtp at hotmail.com
To: radiator at open.com.au
Date: Tue, 28 Jun 2011 14:50:51 +0800
Subject: Re: [RADIATOR] Executing an external script from Radiator









 Hello all,
 
How am I able to read the value of the User-Password attribute and pass it to a variable from an (AuthBy) EXTERNAL BASH script? Also, how am I able to send back the result to the user either successful (Access-Accept) or failed (Access-Reject)?
 
Below is a snippet of my Radiator configuration:
 
- - - < s n i p > - - -
<Realm DEFAULT>
    <AuthBy EXTERNAL>
        DecryptPassword
        Command /usr/local/sbin/testauth.sh
        Fork
        RejectEmptyPassword
    </AuthBy>
        AcctLogFileName %L/accounting/detail-%Y%m%d.log
</Realm>
- - - < s n i p > - - -
 
Below is my BASH script:
 
- - - < s n 
 i p > - - -
#!/bin/bash
USERNAME=$(grep -i User-Name | awk -F'61|@' '{print $2}')
PASSWORD=$(grep -i User-Password | awk -F'= ' '{print $2}')
HOST=192.168.1.101
HTTP_PORT=80
URL="http://$HOST/credentials.php?command=password_retrieve&phonenumber=$USERNAME"
RETVAL=0
set -x
function die()
{
    echo -e "$@" >> /var/log/messages
    exit 1
}
if echo "" | telnet $HOST $HTTP_PORT 2>&1 | grep -i Connected ; then
    if [ $PASSWORD == $(wget -c -O - $URL | cut -d\| -f 1) ] ; then
    #    Make an Access-Accept reply to the user.
    else
    #    Make an Access-Reject reply to the user.
    fi
else
    die "ERROR: The $HOST is dow
 n or unreachable on $(date)."
fi
exit ${RETVAL}
- - - < s n i p > - - -
 
Lastly, I am getting the below line in my radiusd.log file:
 
Tue Jun 28 13:53:01 2011 476732: ERR: Bad attribute=value pair: Connected to 192.168.1.201.
 
Please advice. Thank you in advance.
 
Regards,
 
MP 
From: antmtp at hotmail.com
To: radiator at open.com.au
Date: Wed, 22 Jun 2011 13:50:30 +0800
Subject: Re: [RADIATOR] Executing an external script from Radiator








Hello all,
 
Thank you for all who responded to my e-mail.
 
Now, I have a problem though. First, I am just going to write the script in BASH as I don't know Perl. Second, there is no database here to verify the User-Name and User-Password. Everytime there is an Access-Request that is received by the Radiator, it should execute the BASH script to (maybe) wget or curl with an input parameter of the User-Name from an HTTP or HTTPS URL and will receive the output with the User-Name and User-Password to verify and then reply back with an Access-Accept. If during the wget or curl from the URL and the output is other than what I expect (the User-Name and User-Password), then Radiator should respond with an Access-Reject.
 
[NAS Client] <---> (RADIUS TRaffic) <---> [Radiator] <---> (Execute Script) <---> (HTTP/HTTPS Traffic) <---> [HTTP Server]
 
Please ad
 vice. Thank you in advance.
 
From: antmtp at hotmail.com
To: radiator at open.com.au
Date: Tue, 21 Jun 2011 14:34:37 +0800
Subject: [RADIATOR] Executing an external script from Radiator











Hello all,
 
How am I going to execute an external script when Radiator receives an Access-Request? This script will actually do an HTTP API request from an external HTTP server to get the userid then once the script have it on the same server as where the Radiator is running, Radiator will now respond an Access-Accept.
 
Please advice. Thank you in advance.
 		 	   		  

_______________________________________________
radiator mailing list
radiator at open.com.au
http://www.open.com.au/mailman/listinfo/radiator 		 	   		  

_______________________________________________
radiator mailing list
radiator at open.com.au
http://www.open.com.au/mailman/listinfo/radiator 		 	   		  

_______________________________________________
radiator mailing list
radiator at open.com.au
http://www.open.com.au/mailman/listinfo/radiator 		 	   		  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://www.open.com.au/pipermail/radiator/attachments/20110628/b74aa3d4/attachment-0001.html 


More information about the radiator mailing list