[RADIATOR] AuthBy External under Windows hangs

Víktu Pons i Colomer viktu at rectorat.url.edu
Thu Dec 15 18:59:55 UTC 2016


Hi all, I am trying to configure an <AuthBy EXTERNAL> that will get VLAN information from our JIRA inventory using MAC authentication.

I am trying to achieve this using a perl script, but I am starting from the first as it does not work for me.

I just configured this Handler:

<Handler Client-Identifier=Extreme>
     <AuthBy EXTERNAL>
           Command "C:\perl\perl\bin\perl.exe C:\PROGRA~1\Radiator\MACAuth.pl"
           ResultInOutput
     </AuthBy>
</Handler>

The "MACAuth.pl" script is by now the perl sample found in the goodies directory, but slightly modified (code follows)

The issue is that I see in the logs that it runs the script, but then it never returns to radiator, and the daemon will stop processing requests. Basically, it hangs waiting for the response of the script.

I am running Server 2012 R2 with Strawberry Perl 5.18

Am I doing something wrong? Is this a bug?

This is the code of the script. Thank you!

#
# testcommand
# Example to demonstrate how to handle AuthBy EXTERNAL, using
# a perl script
#
# The incoming attributes are on stdin, one per line in to format
# <tab>attribute-name = value
# Some will have quoted values, and some wont
#
my $log = "C:\\Program Files\\Radiator\\log.txt";
while (<>)
{
    chomp;
    open(my $fh, '>>', $log);

    if ($_ =~ /^\s*([^\s=]+)\s*=\s*"((\\"|[^"])*)"/)
    {
        # Quoted value
        $input{$1} = $2;
    }
    elsif ($_ =~ /^([^\s=]+)\s*=\s*(.*)/)
    {
        # Unquoted value
        $input{$1} = $2;
    }
    print $fh "$1 = $2\n";
    close $fh;
}

# Now have all the incoming attributes in %input
# As a test we will see if User-Name is fred. If so,
# we will accept, else reject with a suitable Reply-Message
# You can set other reply attributes too, if you like.
# The exit value indicates accept or reject:
# 0 = Accept
# 1 = Reject
# 2 = Ignore
# 3 = Challenge
# Alternatively you can print one of the strings ACCEPT, REJECT
# IGNORE CHALLENGE or REJECT_IMMEDIATE on the first line if
# you are using ResultInOutput
if ($input{'User-Name'} eq '0022411fdeba')
{
    print "ACCEPT\n"; # If you are using ResultInOutput
    print "Tunnel-Type = VLAN\n";
    print "Tunnel-Medium-Type = Ether_802\n";
    print "Tunnel-Private-Group-ID = 15\n";
    sleep 1;
    exit 0; # accept, if not using ResultInOutput
}
else
{
    print "REJECT\n"; # If you are using ResultInOutput
    sleep 1;
    exit 1; # reject, if not using ResultInOutput
}





-------------------------
Viktu Pons i Colomer
-------------------------

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.open.com.au/pipermail/radiator/attachments/20161215/6f3ed1b7/attachment-0001.html>


More information about the radiator mailing list