[RADIATOR] Unknown keyword 'CheckPasswordHook'

Hugh Irvine hugh at open.com.au
Mon Jan 2 22:16:43 UTC 2017 

Hello Benjamin -

I have added your CheckPasswordHook line to the example “ldap.cfg” from the goodies directory and have no problem:

…..

Radiator-4.17 hugh$ perl radiusd -foreground -log_stdout -trace 4 -config ldap.cfg 
Tue Jan  3 09:08:49 2017: DEBUG: Finished reading configuration file 'ldap.cfg'
Tue Jan  3 09:08:49 2017: DEBUG: Reading dictionary file './dictionary'
Tue Jan  3 09:08:49 2017: DEBUG: This system is IPv6 capable. IPv6 capability provided by: core
Tue Jan  3 09:08:49 2017: INFO: Using Net::SSLeay 1.72 with SSL/TLS library version 0x9081df (OpenSSL 0.9.8zh 14 Jan 2016)
Tue Jan  3 09:08:49 2017: INFO: SSL/TLS library version 0x9081df (OpenSSL 0.9.8zh 14 Jan 2016) does not support TLSv1.1 or TLSv1.2
Tue Jan  3 09:08:49 2017: DEBUG: Creating authentication port 0.0.0.0:1645
Tue Jan  3 09:08:49 2017: DEBUG: Creating accounting port 0.0.0.0:1646
Tue Jan  3 09:08:49 2017: NOTICE: Server started: Radiator 4.17 on TiTi.fritz.box

…….

here is the relevant part of the configuration file:

#
# You should consider this file to be a starting point only
# $Id: ldap.cfg,v 1.30 2015/07/14 16:10:51 hvn Exp $

Foreground
LogStdout
LogDir		.
DbDir		.
Trace		4

# You will probably want to add other Clients to suit your site.
<Client DEFAULT>
	Secret	mysecret
</Client>

<Handler>
	<AuthBy LDAP2>
		CheckPasswordHook sub {use Data::Dumper; print "=============\n"; print Dumper($_[1]); print "=============\n"}
		# Tell Radiator how to talk to the LDAP server
		Host		localhost
		# Or you can have multiple space separated Host names, and Net::LDAP will choose
		# the first available one
		#Host ldaphost1 ldaphost2 ldaphost3

		# You will only need these if your LDAP server
		# requires authentication. These are the examples
		# in a default OpenLDAP installation
		# see /etc/openldap/slapd.conf
		AuthDN		cn=Manager, dc=example, dc=com
		AuthPassword	secret

…..

I think you must have something else in your configuration file that is causing the problem.

regards

Hugh


> On 2 Jan 2017, at 22:13, Benjamin VERGNAUD <bvergnaud at online.net> wrote:
> 
> Hi everyone,
> 
> I wanted to try and use the CheckPasswordHook, but can't for some reason.
> 
> Whenever I load my config with it, I log this:
> ERR: Unknown keyword 'CheckPasswordHook' in goodies/custom.cfg line 33
> 
> Config file excerpt :
> 
> ...
> 	<AuthBy LDAP2>
> 		CheckPasswordHook sub {use Data::Dumper; print "=============\n"; print Dumper($_[1]); print "=============\n"}
> 		Host ldap.**********.tld
> 		AuthDN uid=**********,ou=**********,dc=**********,dc=**********
> 		AuthPassword **********
> 		BaseDN dc=**********,dc=**********
> 		UsernameAttr uid
> 		NoDefault
> 		PasswordAttr userPassword
> 		...
> 	</AuthBy>
> ...
> 
> I've searched through the ML archive but the only mention of this hook dates back to 2014 and is a copy of the release notes. Some Googling yielded no answer either.
> Am I missing something ?
> 
> Thanks.
> _______________________________________________
> radiator mailing list
> radiator at lists.open.com.au
> http://lists.open.com.au/mailman/listinfo/radiator


--

Hugh Irvine
hugh at open.com.au

Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, 
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER, SIM, etc. 
Full source on Unix, Linux, Windows, MacOSX, Solaris, VMS, NetWare etc.

More information about the radiator mailing list