[RADIATOR] Question: global variables

Dubravko Penezic dpenezic at srce.hr
Fri Oct 1 08:04:34 UTC 2021 

Hi Heikki,

thanks for fast answers. I manage to implement it in my RADIATOR
configure. It is good to have reference :) (I found issue with my code
very fast :)) .

Regards,
Dubravko


On 9/30/21 1:48 PM, Heikki Vatiainen wrote:
> On 30.9.2021 10.32, Dubravko Penezic wrote:
> 
>> I wonder if $main::globals are valid only for one session/request or can
>> be used for more then one session/request ?
> 
> They are valid for more than one session or request. If needed, they can
> be set again and the new value then persists. In short: they are valid
> forever from the moment they are defined or redefined.
> 
> For example, eap_peap.cfg in goodies defines CertDir global variable and
> the configuration then uses something like this:
> 
>    EAPTLS_CertificateFile %{GlobalVar:CertDir}/cert-srv.pem
> 
> The definition happens at radiusd startup and the actual use happens
> some time later.
> 
>> Also how to handle request for global variables which have dot in name ?
>>
>> something like
>>
>>   &main::setVariable($realm.'ip', $parts[0]);
> 
> Add the dot in the fixed string:
> 
> main::setVariable($realm.'.ip', $parts[0]);
> 
> Or use variable interpolation:
> 
> main::setVariable("$realm.ip", $parts[0]);
> 
> But I'd say your original idea of using a fixed string with single
> quotes (') makes it clear what is the variable name.
> 
>> according setVariable definition , first argument is key in
>> $main::globals array .
>>
>> Something like
>>
>> %{GlobalVar:%R.ip}
>>
>> in AuthLog FILE return empty string.
> 
> Here's a test config that puts the above ideas together:
> 
> Foreground
> LogStdout
> LogDir        .
> DbDir        .
> Trace         4
> 
> <Client DEFAULT>
>     Secret mysecret
> </Client>
> 
> <Handler>
>     <AuthBy FILE>
>         UsernameMatchesWithoutRealm
>         Filename %D/users
>     </AuthBy>
> 
>     PostAuthHook sub { my $realm = 'example.com'; my @parts = ('first',
> 'second'); \
>                       main::setVariable($realm.'.ip', $parts[0]); }
> 
>    <AuthLog FILE>
>        Filename %L/auth.log
>        LogSuccess
>        SuccessFormat %l:%{GlobalVar:%R.ip}:OK
>    </AuthLog>
> </Handler>
> 
> 
> Trying to authenticate with 'radpwtst -user mikem at example.com' logs this
> in auth.log:
> 
> Thu Sep 30 14:44:46 2021:first:OK
> 
> 
> Thanks,
> Heikki
>

More information about the radiator mailing list