[RADIATOR] [RFC] configurable hooks
Alexander Hartmaier
alexander.hartmaier at t-systems.at
Tue Feb 5 13:01:59 CST 2013
On 2013-02-05 19:39, Alexander Hartmaier wrote:
> On 2013-01-31 15:31, Heikki Vatiainen wrote:
>> On 01/31/2013 02:01 PM, Alexander Hartmaier wrote:
>>
>>> we'd need a way to pass config parameters to hooks to be able to use
>>> them in multiple different handlers e.g. sending OTPs by SMS with
>>> different accounts.
>>> Is there already a way to do this which I've overlooked?
>> How about this:
>>
>> # radiusd config file
>>
>> StartupHook sub { require "/etc/radiator/MyHooks.pm"; }
>> <Handler ...>
>> # AuthBys
>> PostAuthHook sub { MyHooks::sendSMS(@_, 'account1', 'otherparam1'); }
>> </Handler>
>> <Handler ...>
>> # AuthBys
>> PostAuthHook sub { MyHooks::sendSMS(@_, 'account2', 'otherparam2'); }
>> </Handler>
>>
>> File MyHooks.pm would be something like this:
>>
>> # start of MyHooks.pm
>> package MyHooks;
>> use strict;
>> use warnings;
>> # PostAuthHook
>> #
>> sub sendSMS {
>> my $p = ${$_[0]}; # Request packet
>> my $rp = ${$_[1]}; # Response packet
>> my $result = $_[2]; # Verdict: success or not
>> my $reason = $_[3]; # String that tells reason for a reject
>> my $account = $_[4]; # Account name
>> my $param = $_[5]; # Some other param
>>
>> # code goes here
>> }
>>
>> 1;
>> # end of MyHooks.pm
>>
>>> I'm currently abusing Radius attributes to get those static parameters
>>> into the hooks but being able to pass options in the config would make
>>> the config much clearer.
>> The above keeps the the existing PostAuthHook arguments as they are and
>> adds the possibility for static arguments as additional options to
>> existing PostAuthHook options.
>>
>> Would this work for you?
>>
>> Thanks,
>> Heikki
>>
> I've looked into it today and have some questions:
> - is it safe to assume that the list or arguments passed to the
> ChallengeHook in my case is always ($self, $user, $p, $context)?
> If one arg is missing my added arguments would shift and populate the
> wrong variables. I was thinking about passing them by name in a hashref
> as first instead of last argument instead.
>
> - is it safe to die in hook code or will that tear down the Radiator
> process? I'm asking because that's the preferred way of doing argument
> validation, e.g.
> die 'id missing'
> unless defined $id;
>
> Another note, I've used %D instead of the hardcoded path which works
> just as well:
>
> StartupHook sub { require "%D/MyHooks.pm"; }
>
>
>
>
I've tested it and found out that it doesn't work: Error in
ChallengeHook(): Undefined subroutine &Hooks::sendSMS called at (eval
233) line 1.
I've tested my modules with perl -e 'require "/etc/radiator/Hooks.pm";
Hooks::sendSMS();' which works fine. I've also tried replacing %D with
/etc/radiator but this also fails. Adding warn's to several places
doesn't show up in the radiator log, not even at trace 4. How can I
debug that?
*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*
T-Systems Austria GesmbH Rennweg 97-99, 1030 Wien
Handelsgericht Wien, FN 79340b
*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*
Notice: This e-mail contains information that is confidential and may be privileged.
If you are not the intended recipient, please notify the sender and then
delete this e-mail immediately.
*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*
More information about the radiator
mailing list