3 # This program is free software; you can redistribute it and/or modify
4 # it under the terms of the GNU General Public License as published by
5 # the Free Software Foundation; either version 2 of the License, or
6 # (at your option) any later version.
8 # This program is distributed in the hope that it will be useful,
9 # but WITHOUT ANY WARRANTY; without even the implied warranty of
10 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
11 # GNU General Public License for more details.
13 # You should have received a copy of the GNU General Public License
14 # along with this program; if not, write to the Free Software
15 # Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
17 # Copyright 2002 The FreeRADIUS server project
18 # Copyright 2002 Boian Jordanov <bjordanov@orbitel.bg>
22 # Example code for use with rlm_perl
24 # You can use every module that comes with your perl distribution!
26 # If you are using DBI and do some queries to DB, please be sure to
27 # use the CLONE function to initialize the DBI connection to DB.
36 # Bring the global hashes into the package scope
37 our (%RAD_REQUEST, %RAD_REPLY, %RAD_CHECK, %RAD_STATE);
39 # This is hash wich hold original request from radius
41 # In this hash you add values that will be returned to NAS.
43 #This is for check items
45 # This is the session-sate
47 # This is configuration items from "config" perl module configuration section
50 # Multi-value attributes are mapped to perl arrayrefs.
57 # This results to the following entry in %RAD_REQUEST:
59 # $RAD_REQUEST{'Filter-Id'} = [ 'foo', 'bar' ];
61 # Likewise, you can assign an arrayref to return multi-value attributes
64 # This the remapping of return values
67 RLM_MODULE_REJECT => 0, # immediately reject the request
68 RLM_MODULE_OK => 2, # the module is OK, continue
69 RLM_MODULE_HANDLED => 3, # the module handled the request, so stop
70 RLM_MODULE_INVALID => 4, # the module considers the request invalid
71 RLM_MODULE_USERLOCK => 5, # reject the request (user is locked out)
72 RLM_MODULE_NOTFOUND => 6, # user not found
73 RLM_MODULE_NOOP => 7, # module succeeded without doing anything
74 RLM_MODULE_UPDATED => 8, # OK (pairs modified)
75 RLM_MODULE_NUMCODES => 9 # How many return codes there are
78 # Same as src/include/radiusd.h
79 use constant L_DBG=> 1;
80 use constant L_AUTH=> 2;
81 use constant L_INFO=> 3;
82 use constant L_ERR=> 4;
83 use constant L_PROXY=> 5;
84 use constant L_ACCT=> 6;
86 # Global variables can persist across different calls to the module.
90 # my %static_global_hash = ();
99 # Function to handle authorize
101 # For debugging purposes only
102 # &log_request_attributes;
104 # Here's where your authorization code comes
105 # You can call another function from here:
108 return RLM_MODULE_OK;
111 # Function to handle authenticate
113 # For debugging purposes only
114 # &log_request_attributes;
116 if ($RAD_REQUEST{'User-Name'} =~ /^baduser/i) {
117 # Reject user and tell him why
118 $RAD_REPLY{'Reply-Message'} = "Denied access by rlm_perl function";
119 return RLM_MODULE_REJECT;
121 # Accept user and set some attribute
122 $RAD_REPLY{'h323-credit-amount'} = "100";
123 return RLM_MODULE_OK;
127 # Function to handle preacct
129 # For debugging purposes only
130 # &log_request_attributes;
132 return RLM_MODULE_OK;
135 # Function to handle accounting
137 # For debugging purposes only
138 # &log_request_attributes;
140 # You can call another subroutine from here
143 return RLM_MODULE_OK;
146 # Function to handle checksimul
148 # For debugging purposes only
149 # &log_request_attributes;
151 return RLM_MODULE_OK;
154 # Function to handle pre_proxy
156 # For debugging purposes only
157 # &log_request_attributes;
159 return RLM_MODULE_OK;
162 # Function to handle post_proxy
164 # For debugging purposes only
165 # &log_request_attributes;
167 return RLM_MODULE_OK;
170 # Function to handle post_auth
172 # For debugging purposes only
173 # &log_request_attributes;
175 return RLM_MODULE_OK;
178 # Function to handle xlat
180 # For debugging purposes only
181 # &log_request_attributes;
183 # Loads some external perl and evaluate it
184 my ($filename,$a,$b,$c,$d) = @_;
185 &radiusd::radlog(L_DBG, "From xlat $filename ");
186 &radiusd::radlog(L_DBG,"From xlat $a $b $c $d ");
188 open FH, $filename or die "open '$filename' $!";
192 my $eval = qq{ sub handler{ $sub;} };
194 eval {main->handler;};
197 # Function to handle detach
199 # For debugging purposes only
200 # &log_request_attributes;
204 # Some functions that can be called from other functions
208 # Some code goes here
211 sub log_request_attributes {
212 # This shouldn't be done in production environments!
213 # This is only meant for debugging!
214 for (keys %RAD_REQUEST) {
215 &radiusd::radlog(L_DBG, "RAD_REQUEST: $_ = $RAD_REQUEST{$_}");