RADIUS server using APM to authenticate users
Problem this snippet solves: this code convert APM policy to a RADIUS server.
Code description
When a Radius request is accepted by the VS:
the radius client IP address is checked against a...
Updated Jun 06, 2023
Version 2.0
Stanislas_Piro2
Cumulonimbus
Cumulonimbus
Stanislas_Piro2Cumulonimbus
CumulonimbusKai,
to make it more elegant, I changed the decoding code to (all attributes are stored in a array with ID as key)
for {set record_offset 0} {$QLEN - $record_offset > 20} {incr record_offset $QAVP_LEN} {
binary scan $QAVP @${record_offset}cc QAVP_TYPE QAVP_LEN
binary scan $QAVP @${record_offset}x2a[expr {$QAVP_LEN -2}] QUERY_ATTR($QAVP_TYPE)
if {$QAVP_TYPE == 80} {
set UNSIGNED_RAVP [string replace $QAVP $record_offset [expr {$record_offset + 18}] [binary format ccH32 80 18 [string repeat 0 32]]]
set UNSIGNED_REQUEST [binary format cH2Sa16a* $QCODE $QID $QLEN $Q_AUTHENTICATOR $UNSIGNED_RAVP]
}
}
then each required attribute is copied to the expected variable
set USER_NAME [expr {[info exists QUERY_ATTR(1)] ? $QUERY_ATTR(1) : ""}]
set USER_PASSWORD [expr {[info exists QUERY_ATTR(2)] ? $QUERY_ATTR(2) : ""}]
set CHAP_PASSWORD [expr {[info exists QUERY_ATTR(3)] ? $QUERY_ATTR(3) : ""}]