Re: [RADIATOR] AuthBy External under Windows hangs
On 15.12.2016 20.59, Víktu Pons i Colomer wrote: The issue is that I see in the logs that it runs the script, but then it never returns to radiator, and the daemon will stop processing requests. Basically, it hangs waiting for the response of the script. I am running Server 2012 R2 with Strawberry Perl 5.18 Am I doing something wrong? Is this a bug? Thanks for reporting this. I think your approach is correct and this is a problem that shows on Windows platform and is caused by the way Radiator calls the script. After a quick look it might be that we need to change how the call is done on Windows to make it reliable. My suggestion is to consider AuthBy INTERNAL and its hooks to process the request. You might even be able to do it more easily since you don't have to prepare an external script if you can do everything with a hook. See goodies/logformat.cfg for an example of how to create a module for the hooks. This might be useful if the hook starts to become large and it would be useful, for example, to split it in separate functions. If you want to stay with AuthBy EXTERNAL, you should change to a unix-like host. There the current way of running external commands works better since it uses very unix-like methods for inter process communications. Thanks, Heikki -- Heikki Vatiainen Radiator: the most portable, flexible and configurable RADIUS server anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP, DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS, NetWare etc. ___ radiator mailing list radiator@lists.open.com.au http://lists.open.com.au/mailman/listinfo/radiator
[RADIATOR] AuthBy External under Windows hangs
Hi all, I am trying to configure an that will get VLAN information from our JIRA inventory using MAC authentication. I am trying to achieve this using a perl script, but I am starting from the first as it does not work for me. I just configured this Handler: Command "C:\perl\perl\bin\perl.exe C:\PROGRA~1\Radiator\MACAuth.pl" ResultInOutput The "MACAuth.pl" script is by now the perl sample found in the goodies directory, but slightly modified (code follows) The issue is that I see in the logs that it runs the script, but then it never returns to radiator, and the daemon will stop processing requests. Basically, it hangs waiting for the response of the script. I am running Server 2012 R2 with Strawberry Perl 5.18 Am I doing something wrong? Is this a bug? This is the code of the script. Thank you! # # testcommand # Example to demonstrate how to handle AuthBy EXTERNAL, using # a perl script # # The incoming attributes are on stdin, one per line in to format # attribute-name = value # Some will have quoted values, and some wont # my $log = "C:\\Program Files\\Radiator\\log.txt"; while (<>) { chomp; open(my $fh, '>>', $log); if ($_ =~ /^\s*([^\s=]+)\s*=\s*"((\\"|[^"])*)"/) { # Quoted value $input{$1} = $2; } elsif ($_ =~ /^([^\s=]+)\s*=\s*(.*)/) { # Unquoted value $input{$1} = $2; } print $fh "$1 = $2\n"; close $fh; } # Now have all the incoming attributes in %input # As a test we will see if User-Name is fred. If so, # we will accept, else reject with a suitable Reply-Message # You can set other reply attributes too, if you like. # The exit value indicates accept or reject: # 0 = Accept # 1 = Reject # 2 = Ignore # 3 = Challenge # Alternatively you can print one of the strings ACCEPT, REJECT # IGNORE CHALLENGE or REJECT_IMMEDIATE on the first line if # you are using ResultInOutput if ($input{'User-Name'} eq '0022411fdeba') { print "ACCEPT\n"; # If you are using ResultInOutput print "Tunnel-Type = VLAN\n"; print "Tunnel-Medium-Type = Ether_802\n"; print "Tunnel-Private-Group-ID = 15\n"; sleep 1; exit 0; # accept, if not using ResultInOutput } else { print "REJECT\n"; # If you are using ResultInOutput sleep 1; exit 1; # reject, if not using ResultInOutput } - Viktu Pons i Colomer - ___ radiator mailing list radiator@lists.open.com.au http://lists.open.com.au/mailman/listinfo/radiator