Re: [RADIATOR] Copying OSC-Client-Identifier to Client-Identifier

2017-12-20 Thread Hugh Irvine 

Hello Vangelis -

As Tuure shows, his way is much preferable - you really shouldn’t change the 
Identifier in the Client clause.

Just use the OSC-Client-Identifier in your Handler’s.

regards

Hugh


> On 21 Dec 2017, at 00:05, Vangelis Kyriakakis  wrote:
> 
> Hi Tuure,
> 
>Thanks for the answer.
>Actually I have a configuration where a RADIUS server receives some
> requests directly from the clients and some other requests through a
> proxy RADIUS server from the same clients.
>So, at the proxy server I have some Client clauses which categorize
> the clients using different Client-Identifiers which are passed to the
> final RADIUS server through the OSC-Client-Identifier attribute.
>The final RADIUS server has the same Client clauses, plus a clause
> for the proxy RADIUS server in which I copy the OSC-Client-Identifier to
> Client-Identifier (using a PreHandlerHook), in order to be able to pass
> the requests through the same handlers which use the Client-Identifier
> as a check item:
> 
> 
> 
> # Proxy server as client
> PreHandlerHook file:"%D/ProxyClient.pl"
> 
> 
> ProxyClient.pl:
> sub
> {
> my $p = ${$_[0]};
> my $client = $p->get_attr('OSC-Client-Identifier');
> $p->{Client}->{Identifier}=$client;
> }
> 
> 
> Identifier Client1
> 
> 
> 
> 
> 
> 
> So I want requests that follow the paths
> 
> Client1->Final RADIUS
> 
> OR
> 
> Client1->proxy RADIUS->Final RADIUS
> 
> to be handled by the above Handler.
> 
> Is this a safe solution?
> 
>Regards
> Vangelis
> On 20/12/2017 1:35 μμ, Tuure Vartiainen wrote:
>> Hi,
>> 
>>> On 20 Dec 2017, at 8.27, Vangelis Kyriakakis  wrote:
>>> 
>>>   Is there a way to copy OSC-Client-Identifier which comes from a proxy
>>> RADIATOR server to Client-Identifier using a PrehandlerHook at the final
>>> RADIATOR server.
>>> 
>> Client-Identifier is Radius::Client object’s Identifier attribute’s value, 
>> and is accessible through Radius::Radius request object in a following way
>> 
>> $p->{Client}->{Identifier}
>> 
>> You should not assign a value to it as $p->{Client} is a reference to 
>> Radius::Client object from which the request was received and it would 
>> overwrite that Client’s Identifier’s value.
>> 
>> If you wan’t to unify usage of OSC-Client-Identifier attribute 
>> and local Client-Identifier, you could add Client’s Identifier to 
>> OSC-Client-Identifier attribute if the request does not have one.
>> 
>> E.g.
>> 
>> 
>>Identifier SomeClient
>> 
>>...
>> 
>># Add Client’s Identifier to OSC-Client-Identifier
>># if a request does not have one
>>AddToRequestIfNotExist OSC-Client-Identifier=%{Client:Identifier} 
>> 
>> 
>> ...
>> 
>> 
>>...
>> 
>> 
>> 
>> BR
> 
> ___
> radiator mailing list
> radiator@lists.open.com.au
> http://lists.open.com.au/mailman/listinfo/radiator


--

Hugh Irvine
h...@open.com.au

Radiator: the most portable, flexible and configurable RADIUS server 
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald, 
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS, 
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER, SIM, etc. 
Full source on Unix, Linux, Windows, MacOSX, Solaris, VMS, NetWare etc.

___
radiator mailing list
radiator@lists.open.com.au
http://lists.open.com.au/mailman/listinfo/radiator

Re: [RADIATOR] Copying OSC-Client-Identifier to Client-Identifier

2017-12-20 Thread Vangelis Kyriakakis 
Hi Tuure,

   Thanks for the answer.
   Actually I have a configuration where a RADIUS server receives some
requests directly from the clients and some other requests through a
proxy RADIUS server from the same clients.
   So, at the proxy server I have some Client clauses which categorize
the clients using different Client-Identifiers which are passed to the
final RADIUS server through the OSC-Client-Identifier attribute.
   The final RADIUS server has the same Client clauses, plus a clause
for the proxy RADIUS server in which I copy the OSC-Client-Identifier to
Client-Identifier (using a PreHandlerHook), in order to be able to pass
the requests through the same handlers which use the Client-Identifier
as a check item:



# Proxy server as client
    PreHandlerHook file:"%D/ProxyClient.pl"


ProxyClient.pl:
sub
{
    my $p = ${$_[0]};
    my $client = $p->get_attr('OSC-Client-Identifier');
    $p->{Client}->{Identifier}=$client;
}


    Identifier Client1



    


So I want requests that follow the paths

Client1->Final RADIUS

OR

Client1->proxy RADIUS->Final RADIUS

to be handled by the above Handler.

Is this a safe solution?

   Regards
    Vangelis
On 20/12/2017 1:35 μμ, Tuure Vartiainen wrote:
> Hi,
>
>> On 20 Dec 2017, at 8.27, Vangelis Kyriakakis  wrote:
>>
>>Is there a way to copy OSC-Client-Identifier which comes from a proxy
>> RADIATOR server to Client-Identifier using a PrehandlerHook at the final
>> RADIATOR server.
>>
> Client-Identifier is Radius::Client object’s Identifier attribute’s value, 
> and is accessible through Radius::Radius request object in a following way
>
> $p->{Client}->{Identifier}
>
> You should not assign a value to it as $p->{Client} is a reference to 
> Radius::Client object from which the request was received and it would 
> overwrite that Client’s Identifier’s value.
>
> If you wan’t to unify usage of OSC-Client-Identifier attribute 
> and local Client-Identifier, you could add Client’s Identifier to 
> OSC-Client-Identifier attribute if the request does not have one.
>
> E.g.
>
> 
> Identifier SomeClient
>
> ...
>
> # Add Client’s Identifier to OSC-Client-Identifier
> # if a request does not have one
> AddToRequestIfNotExist OSC-Client-Identifier=%{Client:Identifier} 
> 
>
> ...
>
> 
> ...
> 
>
>
> BR

___
radiator mailing list
radiator@lists.open.com.au
http://lists.open.com.au/mailman/listinfo/radiator

Re: [RADIATOR] Copying OSC-Client-Identifier to Client-Identifier

2017-12-20 Thread Tuure Vartiainen 
Hi,

> On 20 Dec 2017, at 8.27, Vangelis Kyriakakis  wrote:
> 
>Is there a way to copy OSC-Client-Identifier which comes from a proxy
> RADIATOR server to Client-Identifier using a PrehandlerHook at the final
> RADIATOR server.
> 

Client-Identifier is Radius::Client object’s Identifier attribute’s value, 
and is accessible through Radius::Radius request object in a following way

$p->{Client}->{Identifier}

You should not assign a value to it as $p->{Client} is a reference to 
Radius::Client object from which the request was received and it would 
overwrite that Client’s Identifier’s value.

If you wan’t to unify usage of OSC-Client-Identifier attribute 
and local Client-Identifier, you could add Client’s Identifier to 
OSC-Client-Identifier attribute if the request does not have one.

E.g.


Identifier SomeClient

...

# Add Client’s Identifier to OSC-Client-Identifier
# if a request does not have one
AddToRequestIfNotExist OSC-Client-Identifier=%{Client:Identifier} 


...


...



BR
-- 
Tuure Vartiainen 

Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
NetWare etc.

___
radiator mailing list
radiator@lists.open.com.au
http://lists.open.com.au/mailman/listinfo/radiator