Multiple Replay-Message attributes in the ACCESS-ACCEPT message

2007-07-12 Thread Michael Alexeev 
Hi all,

The script which is invoked by Exec-Program-Wait attribute produces
the output similar to the following:

Reply-Message=c5|c3|c14|, Reply-Message=ci5|c14|, Reply-Message=done

So I expect to see three Replay-Message attributes in the
ACCESS-ACCEPT message. According to the FreeRadius docs multiple
Replay-Message are allowed. But for some reason the response contains
only one (the first) attribute. Here is the RADIUS output:

Login OK: [jsullivan/no User-Password attribute] (from client
localhost port 0)
 Exec-Program-Wait: value-pairs: Reply-Message=c5|c3|c14|,
Reply-Message=ci5|c14|, Reply-Message=done
Exec-Program: returned: 0
Login OK: [jsullivan/no User-Password attribute] (from client
localhost port 0 cli 00-00-39-75-F8-39)
Sending Access-Accept of id 30 to 127.0.0.1 port 2396
MS-MPPE-Recv-Key =
0x516de53a5daa0328a4eef843b1b708b9fae38fd499bea816abe3c9627423031b
MS-MPPE-Send-Key =
0x8bbb3efff8abed1c71fb3e9ddd97503b8c9da2725a6e8061b8d2551a2b4ee9bf
EAP-Message = 0x03110004
Message-Authenticator = 0x
User-Name = jsullivan
Reply-Message = c5|c3|c14|

Any ideas what is going on?

Thanks,
Mike
- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Re: Exec-Program-Wait

2007-06-24 Thread Michael Alexeev 

   What led you to believe %C{User-Name} would be the user name?  The
 documentation says it's %{User-Name}.  Where did the extra 'C' come from?


I found it on the following site:
http://ftp.wayne.edu/pub/gnu/Manuals/radius-0.95/html_node/radius_182.html

quote
Example

Suppose the `users' file contains the following entry:

DEFAULT Auth-Type = System,
Simultaneous-Use = 1
Exec-Program-Wait = /usr/local/sbin/telauth \
 %C{User-Name} \
 %C{Calling-Station-Id}

Then, upon successful matching, the program `/usr/local/sbin/telauth'
will be executed. It will get as its arguments the values of User-Name
and Calling-Station-Id attributes from the request pairs.

end of quote

Anyway, after removing the extra 'C' evrything works like fine. Thanks
for the help.

Mike
- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Exec-Program-Wait

2007-06-23 Thread Michael Alexeev 
Hi all,

I am having trouble with macro substitution in Exec-Program-Wait
attribute. For some reason %C{User-Name} is expanded to
localhost{User-Name}  string instead of real user name. Here is an
excerpt from the users config file:

jsullivan   User-Password == mypass
Exec-Program-Wait = /bin/radius_chain %C{User-Name}

where /bin/radius_chain simply dumps the first parameter to the file:

#!/bin/sh
param=$1
echo param=$param  /bin/test/test.txt
exit 0

The content of the /bin/test/test.txt is

param=localhost{User-Name}

instead of expected
param=jsullivan

Any ideas what is going on?

I am using FreeRadius Version 1.1.6 on linux

Thanks,
Mike
- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html