Alan DeKok wrote: >>>I see the patch you're referring to, but after rethinking my question, I >>>think what I'm really trying to do is rewrite $RAD_REQUEST, not >>>$RAD_REPLY, and it does not appear that I can alter $RAD_REQUEST in any >>>way - either change or add. > > Hmm... looking into it in a little more detail, I think it would be > even easier to do it another way. The code in CVS head has been > updated to allow for ":=", to over-write existing attributes. But I > think it might be even easier to simply use the hashes as-is, and > replace the existing attribute lists.
Sounds good. I assume you'll include %RAD_CHECK, as well as %RAD_REQUEST and %RAD_REPLY in this change. That would bring rlm_perl into line with other authentication modules, which can alter any of the three attribute lists. > i.e. put the attributes into perl hashes, and then make those perl > hashes definitive for the new values of the attributes. This would > involve throwing away the previous attributes entirely. So you would > have to be *very* careful about modifying the hashes, but you would > have complete flexibility. What would be likely to happen if I screw up one of the attribute hashes? If that just screws up the current RADIUS request, I'd say go for it; I'm happy to have the power to shoot myself in the foot. But if it could crash the radiusd, well, I guess I'll have to be *very*, *VERY* careful. -- George C. Kaplan [EMAIL PROTECTED] IST - Infrastructure Services 510-643-0496 University of California at Berkeley - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html