[RADIATOR] Question: global variables

Heikki Vatiainen hvn at open.com.au
Thu Sep 30 11:48:39 UTC 2021 

On 30.9.2021 10.32, Dubravko Penezic wrote:

> I wonder if $main::globals are valid only for one session/request or can
> be used for more then one session/request ?

They are valid for more than one session or request. If needed, they can 
be set again and the new value then persists. In short: they are valid 
forever from the moment they are defined or redefined.

For example, eap_peap.cfg in goodies defines CertDir global variable and 
the configuration then uses something like this:

    EAPTLS_CertificateFile %{GlobalVar:CertDir}/cert-srv.pem

The definition happens at radiusd startup and the actual use happens 
some time later.

> Also how to handle request for global variables which have dot in name ?
> 
> something like
> 
>   &main::setVariable($realm.'ip', $parts[0]);

Add the dot in the fixed string:

main::setVariable($realm.'.ip', $parts[0]);

Or use variable interpolation:

main::setVariable("$realm.ip", $parts[0]);

But I'd say your original idea of using a fixed string with single 
quotes (') makes it clear what is the variable name.

> according setVariable definition , first argument is key in
> $main::globals array .
> 
> Something like
> 
> %{GlobalVar:%R.ip}
> 
> in AuthLog FILE return empty string.

Here's a test config that puts the above ideas together:

Foreground
LogStdout
LogDir    	.
DbDir    	.
Trace     	4

<Client DEFAULT>
     Secret mysecret
</Client>

<Handler>
     <AuthBy FILE>
         UsernameMatchesWithoutRealm
         Filename %D/users
     </AuthBy>

     PostAuthHook sub { my $realm = 'example.com'; my @parts = ('first', 
'second'); \
                       main::setVariable($realm.'.ip', $parts[0]); }

    <AuthLog FILE>
        Filename %L/auth.log
        LogSuccess
        SuccessFormat %l:%{GlobalVar:%R.ip}:OK
    </AuthLog>
</Handler>


Trying to authenticate with 'radpwtst -user mikem at example.com' logs this 
in auth.log:

Thu Sep 30 14:44:46 2021:first:OK


Thanks,
Heikki

-- 
Heikki Vatiainen
OSC, makers of Radiator
Visit radiatorsoftware.com for Radiator AAA server software

More information about the radiator mailing list