The approach I would use is to include in the users file:
default Auth-type := System
Exec-Program-Wait = '/etc/raddb/local'
...Then for local.c (very simplistic version based on my recollection of your needs)
#include <stdio.h>
int main (int argc, char *argv[], char *envp[])
{
char *str; str = getenv ("USER_NAME");
if (strlen(str) != 8) return 1; str = getenv ("USER_PASSWORD");
if (strlen(str) !=16) return 1;
return 0;
}I don't recall the sizes you need so made them up.
Use radclient to test it. There examples somewhere in the distribution on how to do that. The one problem you will find is picking a secret such that the encrypted size of the desired password is the required size. I have no idea how to do that. Passwords are encrypted - not sent in the clear so the size of the encrypted password may have no obvious relationship to the size of the password.
On Dec 1, 2004, at 12:47, Panagiotis Mavros wrote:
Now you have understood the whole idea........
Yes universities are a dream world where professors try to prove their value writing papers...The problem is that someone must prove what they wrote is applicable (or not!!!!)And guess who must do it...
Ok i am sorry that i waste your time with these nonsense but i have spent 3 months trying to do something that has no value...If you say that this is nonsense read this: we want to send accounting packets to radius server, but we dont have proper nas equipment.So what did the professor proposed ? Find software that creates radius accounting packets (like AXL rad client). Then capture EAP Log off messages from Access Point MIB with SNMP to triger the software!!!!!!!! How does this sound?!!
As you can understand the situation is really bad. Dont tell me that what they propose sucks because believe me i know. I just want to present something that does what they want. I dont care if it a module or a script. I just want to know what i must do. I am lost in freeradius src code.
Would you be kind enough to give me some directions?
Please help. I am desperate
From: Doug Hardie <[EMAIL PROTECTED]> Reply-To: [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: Source code Date: Wed, 1 Dec 2004 10:36:46 -0800
On Dec 1, 2004, at 10:17, Alan DeKok wrote:
"Panagiotis Mavros" <[EMAIL PROTECTED]> wrote:we are proposing a lightweight WLAN roaming architecture. This means that we
implement a roaming architecture for a small community. The scenario is
Client-->AP-->foreign server -->Home server and so on...
All this is done using EAP-MD5 authentication (only this authentication
scheme) and mysql for keeping user profiles.
Read "raddb/eap.conf". EAp-MD5 is not recommended for new installations. It's not secure.
The idea is to minimize the lenght of packets in order to provide faster
roaming.
Huh? No wonder you're confused.
The length of the packets makes ZERO difference for roaming.
Read that again. ZERO. What you are trying to do is useless.]
There was a hint in one of his earlier postings: He lives in an alternate universe (academic institution) were things like the laws of physics and thermodynamics do not apply. Reality is entirely established by the professor's dreams. The fact that the professor has his head up his ... is not relevant. This guy needs to come up with something that looks like it implements the professor's dream. It only has to appear to do such as our reality doesn't appear in that universe. I believe the best solution was previously posted - a module or script which checks the lengths and then rejects the request if they are not the right size. Easy to develop and can be demonstrated using a series of radcheck commands.
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
_________________________________________________________________
FREE pop-up blocking with the new MSN Toolbar - get it now! http://toolbar.msn.click-url.com/go/onm00200415ave/direct/01/
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
