[RADIATOR] [RFC] configurable hooks

Alexander Hartmaier alexander.hartmaier at t-systems.at
Wed Feb 6 03:38:17 CST 2013


On 2013-02-05 20:01, Alexander Hartmaier wrote:
> On 2013-02-05 19:39, Alexander Hartmaier wrote:
>> On 2013-01-31 15:31, Heikki Vatiainen wrote:
>>> On 01/31/2013 02:01 PM, Alexander Hartmaier wrote:
>>>
>>>> we'd need a way to pass config parameters to hooks to be able to use
>>>> them in multiple different handlers e.g. sending OTPs by SMS with
>>>> different accounts.
>>>> Is there already a way to do this which I've overlooked?
>>> How about this:
>>>
>>> # radiusd config file
>>>
>>> StartupHook sub { require "/etc/radiator/MyHooks.pm"; }
>>> <Handler ...>
>>>    # AuthBys
>>>    PostAuthHook sub { MyHooks::sendSMS(@_, 'account1', 'otherparam1'); }
>>> </Handler>
>>> <Handler ...>
>>>    # AuthBys
>>>    PostAuthHook sub { MyHooks::sendSMS(@_, 'account2', 'otherparam2'); }
>>> </Handler>
>>>
>>> File MyHooks.pm would be something like this:
>>>
>>> # start of MyHooks.pm
>>> package MyHooks;
>>> use strict;
>>> use warnings;
>>> # PostAuthHook
>>> #
>>> sub sendSMS {
>>>     my $p = ${$_[0]};      # Request packet
>>>     my $rp = ${$_[1]};     # Response packet
>>>     my $result = $_[2];    # Verdict: success or not
>>>     my $reason = $_[3];    # String that tells reason for a reject
>>>     my $account = $_[4];   # Account name
>>>     my $param = $_[5];     # Some other param
>>>
>>>     # code goes here
>>> }
>>>
>>> 1;
>>> # end of MyHooks.pm
>>>
>>>> I'm currently abusing Radius attributes to get those static parameters
>>>> into the hooks but being able to pass options in the config would make
>>>> the config much clearer.
>>> The above keeps the the existing PostAuthHook arguments as they are and
>>> adds the possibility for static arguments as additional options to
>>> existing PostAuthHook options.
>>>
>>> Would this work for you?
>>>
>>> Thanks,
>>> Heikki
>>>
>> I've looked into it today and have some questions:
>> - is it safe to assume that the list or arguments passed to the
>> ChallengeHook in my case is always ($self, $user, $p, $context)?
>> If one arg is missing my added arguments would shift and populate the
>> wrong variables. I was thinking about passing them by name in a hashref
>> as first instead of last argument instead.
>>
>> - is it safe to die in hook code or will that tear down the Radiator
>> process? I'm asking because that's the preferred way of doing argument
>> validation, e.g.
>> die 'id missing'
>>     unless defined $id;
>>
>> Another note, I've used %D instead of the hardcoded path which works
>> just as well:
>>
>> StartupHook sub { require "%D/MyHooks.pm"; }
>>
>>
>>
>>
> I've tested it and found out that it doesn't work: Error in
> ChallengeHook(): Undefined subroutine &Hooks::sendSMS called at (eval
> 233) line 1.
> I've tested my modules with perl -e 'require "/etc/radiator/Hooks.pm";
> Hooks::sendSMS();' which works fine. I've also tried replacing %D with
> /etc/radiator but this also fails. Adding warn's to several places
> doesn't show up in the radiator log, not even at trace 4. How can I
> debug that?
Thanks to mst on #perl-help I quickly found out that my StartupHook
isn't run at all because I've changed it to multiline without
terminating each line with \.
Please make Radiator log such an error, currently it's silently ignored!
>
>
> *"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*
> T-Systems Austria GesmbH Rennweg 97-99, 1030 Wien
> Handelsgericht Wien, FN 79340b
> *"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*
> Notice: This e-mail contains information that is confidential and may be privileged.
> If you are not the intended recipient, please notify the sender and then
> delete this e-mail immediately.
> *"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*
> _______________________________________________
> radiator mailing list
> radiator at open.com.au
> http://www.open.com.au/mailman/listinfo/radiator



More information about the radiator mailing list