Thanks for the swift reply Dekok. I tried what you suggested and it doesn't work. Looking at dictionary.freeradius.internal and double checking the values in the pair everything looks okay. I'm going to play about with this a bit, but in the mean time here's some more details and I would greatly appreciate it if you would scan over them to see if there is anything obvious I am missing.
Here's my authenticate sub. # Function to handle authenticate sub authenticate { # For debugging purposes only &log_request_attributes; if (($RAD_REQUEST{'User-Name'} =~ /^test/) && ($RAD_REQUEST{'User-Password'} =~ /^pass/)) { $RAD_REPLY{'State'} = "challenge"; $RAD_REPLY{'Reply-Message'} = "Challenge: "; $RAD_REPLY{'Response-Packet-Type'} = "Access-Challenge"; &log_request_attributes; return RLM_MODULE_HANDLED; } else { # Reject user and tell him why $RAD_REPLY{'Reply-Message'} = "Denied access by rlm_perl function"; return RLM_MODULE_REJECT; } } And here's the debug output: perl_pool: item 0x827b1a0 asigned new request. Handled so far: 1 found interpetator at address 0x827b1a0 rlm_perl: RAD_REQUEST: User-Name = test rlm_perl: RAD_REQUEST: User-Password = pass rlm_perl: RAD_REQUEST: Service-Type = Login-User rlm_perl: RAD_REQUEST: NAS-IP-Address = 10.250.0.170 rlm_perl: RAD_REQUEST: NAS-Port = 6 rlm_perl: RAD_REQUEST: User-Name = test rlm_perl: RAD_REQUEST: User-Password = pass rlm_perl: RAD_REQUEST: Service-Type = Login-User rlm_perl: RAD_REQUEST: NAS-IP-Address = 10.250.0.170 rlm_perl: RAD_REQUEST: NAS-Port = 6 rlm_perl: RAD_REPLY: Reply-Message = Challenge: rlm_perl: RAD_REPLY: Response-Packet-Type = Access-Challenge rlm_perl: RAD_REPLY: State = challenge rlm_perl: Added pair User-Name = test rlm_perl: Added pair User-Password = pass rlm_perl: Added pair Service-Type = Login-User rlm_perl: Added pair NAS-IP-Address = 10.250.0.170 rlm_perl: Added pair NAS-Port = 6 rlm_perl: Added pair Reply-Message = Challenge: rlm_perl: Added pair Response-Packet-Type = Access-Challenge rlm_perl: Added pair State = challenge rlm_perl: Added pair Auth-Type = Perl perl_pool total/active/spare [32/0/32] Unreserve perl at address 0x827b1a0 ++[perl] returns handled There was no response configured: rejecting request 0 == The last line here is confusing me. Looking at the code that spits out this error, it seems to only happen when there is no Response-Packet-Type in a request_post_handler. switch (request->packet->code) { case PW_AUTHENTICATION_REQUEST: gettimeofday(&request->next_when, NULL); if (request->reply->code == 0) { /* * Check if the lack of response is intentional. */ vp = pairfind(request->config_items, PW_RESPONSE_PACKET_TYPE); if (!vp) { DEBUG2("There was no response configured: rejecting request %d", request->number); request->reply->code = PW_AUTHENTICATION_REJECT; } else if (vp->vp_integer == 256) { DEBUG2("Not responding to request %d", request->number); } else { request->reply->code = vp->vp_integer; } } On Tue, Aug 19, 2008 at 1:09 PM, Alan DeKok <[EMAIL PROTECTED]> wrote: > Harry J Walsh wrote: >> I want to develop some test cases for a radius client I am developing >> and I would like to be able to use rlm_perl to simulate various >> scenarios. The one I am having major problems with is >> Access-Challenge. I really like rlm_perl and the flexibility it >> provides and I would like to be able to specify the reply type. I've >> looked through documentation and the rlm_perl code for any hints on >> how to do this and at this stage I'm thinking I'll have to create a >> new interface to allow my perl script to specify the correct reply >> type to rlm_perl. > > Configure the reply with "Response-Packet-Type = Access-Challenge", > and make sure that the authenticate section returns "handled". That > should do it. > > And yes, this isn't documented. > > Alan DeKok. > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html > -- Harry J Walsh - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html