Hello Alex -
The way to do this with GlobalVar's is to use different Identifiers in the
Handlers thus:
…..
DefineFormattedGlobalVar Handler1-param1 whatever
DefineFormattedGlobalVar Handler1-param2 whatever-else
DefineFormattedGlobalVar Handler2-param1 something
DefineFormattedGlobalVar Handler2-param2 something-else
…..
<Handler …..>
Identifier Handler1
……
…… %{GlobalVar:%{Handler-Identifier}-param1} …..
…… %{GlobalVar:%{Handler-Identifier}-param2} …..
</Handler>
<Handler …..>
Identifier Handler2
……
…… %{GlobalVar:%{Handler-Identifier}-param1} …..
…… %{GlobalVar:%{Handler-Identifier}-param2} …..
</Handler>
…..
Here is an example:
…..
Radiator-4.11 hugh$ cat global.cfg
AuthPort 11645
AcctPort 11646
LogDir ./logs
DbDir .
Trace 4
DefineFormattedGlobalVar Handler1-param1 whatever
DefineFormattedGlobalVar Handler1-param2 whatever-else
DefineFormattedGlobalVar Handler2-param1 something
DefineFormattedGlobalVar Handler2-param1 something-else
<Client localhost>
Secret mysecret
</Client>
<Handler>
Identifier Handler1
<AuthBy INTERNAL>
DefaultResult ACCEPT
AddToReply Reply-Message =
%{GlobalVar:%{Handler:Identifier}-param1}
</AuthBy>
</Handler>
here is the result:
Radiator-4.11 hugh$ perl radpwtst -auth_port 11645 -noacct -user hugh -password
hugh -trace 4
Fri Feb 1 20:02:16 2013: DEBUG: Reading dictionary file './dictionary'
sending Access-Request...
Fri Feb 1 20:02:16 2013: DEBUG: Packet dump:
*** Sending to 127.0.0.1 port 11645 ....
Code: Access-Request
Identifier: 121
Authentic: <143><6><136>9o<141>% @<148><2>vO<15>/<212>
Attributes:
User-Name = "hugh"
Service-Type = Framed-User
NAS-IP-Address = 203.63.154.1
NAS-Identifier = "203.63.154.1"
NAS-Port = 1234
Called-Station-Id = "123456789"
Calling-Station-Id = "987654321"
NAS-Port-Type = Async
User-Password = T<142><153>t<137>lv<193>$I1_<249><14><201><164>
Fri Feb 1 20:02:16 2013: DEBUG: Packet dump:
*** Received from 127.0.0.1 port 51957 ....
Code: Access-Request
Identifier: 121
Authentic: <143><6><136>9o<141>% @<148><2>vO<15>/<212>
Attributes:
User-Name = "hugh"
Service-Type = Framed-User
NAS-IP-Address = 203.63.154.1
NAS-Identifier = "203.63.154.1"
NAS-Port = 1234
Called-Station-Id = "123456789"
Calling-Station-Id = "987654321"
NAS-Port-Type = Async
User-Password = T<142><153>t<137>lv<193>$I1_<249><14><201><164>
Fri Feb 1 20:02:16 2013: DEBUG: Handling request with Handler '', Identifier
'Handler1'
Fri Feb 1 20:02:16 2013: DEBUG: Deleting session for hugh, 203.63.154.1, 1234
Fri Feb 1 20:02:16 2013: DEBUG: Handling with AuthINTERNAL:
Fri Feb 1 20:02:16 2013: DEBUG: AuthBy INTERNAL result: ACCEPT, Fixed by
DefaultResult
Fri Feb 1 20:02:16 2013: DEBUG: Access accepted for hugh
Fri Feb 1 20:02:16 2013: DEBUG: Packet dump:
*** Sending to 127.0.0.1 port 51957 ....
Code: Access-Accept
Identifier: 121
Authentic: A<195>P<232><<2>z<217>Fmg<153><185><149><16>$
Attributes:
Reply-Message = "whatever"
Fri Feb 1 20:02:16 2013: DEBUG: Packet dump:
*** Received from 127.0.0.1 port 11645 ....
Code: Access-Accept
Identifier: 121
Authentic: A<195>P<232><<2>z<217>Fmg<153><185><149><16>$
Attributes:
Reply-Message = "whatever"
OK
…..
You can of course expand the GlobalVar's in your hook code too.
regards
Hugh
On 1 Feb 2013, at 18:46, Alexander Hartmaier <[email protected]>
wrote:
> On 2013-01-31 22:58, Hugh Irvine wrote:
>> Hello Alex -
>>
>> You can also use GlobalVar's for static parameters.
>>
>> See section 5.6.23 in the Radiator 4.11 reference manual ("doc/ref.pdf").
>>
>> There is an example in "goodies/hooks.txt".
>>
>> regards
>>
>> Hugh
>>
>>
>> On 1 Feb 2013, at 01:31, Heikki Vatiainen <[email protected]> wrote:
>>
>>> On 01/31/2013 02:01 PM, Alexander Hartmaier wrote:
>>>
>>>> we'd need a way to pass config parameters to hooks to be able to use
>>>> them in multiple different handlers e.g. sending OTPs by SMS with
>>>> different accounts.
>>>> Is there already a way to do this which I've overlooked?
>>> How about this:
>>>
>>> # radiusd config file
>>>
>>> StartupHook sub { require "/etc/radiator/MyHooks.pm"; }
>>> <Handler ...>
>>> # AuthBys
>>> PostAuthHook sub { MyHooks::sendSMS(@_, 'account1', 'otherparam1'); }
>>> </Handler>
>>> <Handler ...>
>>> # AuthBys
>>> PostAuthHook sub { MyHooks::sendSMS(@_, 'account2', 'otherparam2'); }
>>> </Handler>
>>>
>>> File MyHooks.pm would be something like this:
>>>
>>> # start of MyHooks.pm
>>> package MyHooks;
>>> use strict;
>>> use warnings;
>>> # PostAuthHook
>>> #
>>> sub sendSMS {
>>> my $p = ${$_[0]}; # Request packet
>>> my $rp = ${$_[1]}; # Response packet
>>> my $result = $_[2]; # Verdict: success or not
>>> my $reason = $_[3]; # String that tells reason for a reject
>>> my $account = $_[4]; # Account name
>>> my $param = $_[5]; # Some other param
>>>
>>> # code goes here
>>> }
>>>
>>> 1;
>>> # end of MyHooks.pm
>>>
>>>> I'm currently abusing Radius attributes to get those static parameters
>>>> into the hooks but being able to pass options in the config would make
>>>> the config much clearer.
>>> The above keeps the the existing PostAuthHook arguments as they are and
>>> adds the possibility for static arguments as additional options to
>>> existing PostAuthHook options.
>>>
>>> Would this work for you?
>>>
>>> Thanks,
>>> Heikki
>>>
>>> --
>>> Heikki Vatiainen <[email protected]>
>>>
>>> Radiator: the most portable, flexible and configurable RADIUS server
>>> anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
>>> Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
>>> TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
>>> DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
>>> NetWare etc.
>>> _______________________________________________
>>> radiator mailing list
>>> [email protected]
>>> http://www.open.com.au/mailman/listinfo/radiator
>>
>> --
>>
>> Hugh Irvine
>> [email protected]
>>
>> Radiator: the most portable, flexible and configurable RADIUS server
>> anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
>> Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
>> TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
>> DIAMETER etc.
>> Full source on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc.
>>
> Hi Hugh,
> I haven't had time to reply to Heikki's post yesterday, his solution is
> what I was looking for, thanks!
> GlobalVars won't help help there because I need to use the same handler
> multiple times in a single Radiator instance with different params.
>
>
> *"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*
> T-Systems Austria GesmbH Rennweg 97-99, 1030 Wien
> Handelsgericht Wien, FN 79340b
> *"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*
> Notice: This e-mail contains information that is confidential and may be
> privileged.
> If you are not the intended recipient, please notify the sender and then
> delete this e-mail immediately.
> *"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*"*
--
Hugh Irvine
[email protected]
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER etc.
Full source on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc.
_______________________________________________
radiator mailing list
[email protected]
http://www.open.com.au/mailman/listinfo/radiator
