argonaut-freeradius 0.9.2-1 / usr / sbin / argonaut-freeradius-get-vlan

This file is indexed.

/usr/sbin/argonaut-freeradius-get-vlan is in argonaut-freeradius 0.9.2-1.

This file is owned by root:root, with mode 0o755.

The actual contents of the file can be viewed below. 

  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
#!/usr/bin/perl -w

#######################################################################
#
# argonaut-freeradius-get-vlan - Is used to get the vlan from the user radius group from ldap
#
# Copyright (C) 2011-2015 FusionDirectory project
#
# Based in the example code of rlm_perl 
#
# Authors: Côme BERNIGAUD
#          Alejandro Escanero Blanco
#
#  This program is free software; you can redistribute it and/or modify
#  it under the terms of the GNU General Public License as published by
#  the Free Software Foundation; either version 2 of the License, or
#  (at your option) any later version.
#
#  This program is distributed in the hope that it will be useful,
#  but WITHOUT ANY WARRANTY; without even the implied warranty of
#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#  GNU General Public License for more details.
#
#  You should have received a copy of the GNU General Public License
#  along with this program; if not, write to the Free Software
#  Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA.
#
#######################################################################


use strict;
use Net::LDAP;
use Net::LDAP::Util;
use Net::LDAP::Message;
use Net::LDAP::Search;

use Argonaut::Common qw(:ldap);

# use ...
# This is very important ! Without this script will not get the filled hashesh from main.
use vars qw(%RAD_REQUEST %RAD_REPLY %RAD_CHECK);
use Data::Dumper;

# This is hash wich hold original request from radius
#my %RAD_REQUEST;
# In this hash you add values that will be returned to NAS.
#my %RAD_REPLY;
#This is for check items
#my %RAD_CHECK;

#LDAP vars

my $configfile = "/etc/argonaut/argonaut.conf";

my $config = Config::IniFiles->new( -file => $configfile, -allowempty => 1, -nocase => 1);

my $ldap_configfile                 =   $config->val( ldap => "config"      ,"/etc/ldap/ldap.conf");
my $ldap_dn                         =   $config->val( ldap => "dn"          ,"");
my $ldap_password                   =   $config->val( ldap => "password"    ,"");

#
# This the remapping of return values
#
use constant    RLM_MODULE_REJECT=>    0;#  /* immediately reject the request */
use constant    RLM_MODULE_FAIL=>      1;#  /* module failed, don't reply */
use constant    RLM_MODULE_OK=>        2;#  /* the module is OK, continue */
use constant    RLM_MODULE_HANDLED=>   3;#  /* the module handled the request, so stop. */
use constant    RLM_MODULE_INVALID=>   4;#  /* the module considers the request invalid. */
use constant    RLM_MODULE_USERLOCK=>  5;#  /* reject the request (user is locked out) */
use constant    RLM_MODULE_NOTFOUND=>  6;#  /* user not found */
use constant    RLM_MODULE_NOOP=>      7;#  /* module succeeded without doing anything */
use constant    RLM_MODULE_UPDATED=>   8;#  /* OK (pairs modified) */
use constant    RLM_MODULE_NUMCODES=>  9;#  /* How many return codes there are */

# Function to handle authorize
sub authorize {
  my $ldapinfos = argonaut_ldap_init ($ldap_configfile, 0, $ldap_dn, 0, $ldap_password);

  if ( $ldapinfos->{'ERROR'} > 0) {
    &radiusd::radlog(1, $ldapinfos->{'ERRORMSG'});
    return RLM_MODULE_FAIL;
  }

  my ($ldap,$LDAPBASE) = ($ldapinfos->{'HANDLE'},$ldapinfos->{'BASE'});

  my $sres = $ldap->search(
    base    => $LDAPBASE,
    filter  => "(&(objectClass=radiusProfile)(memberUid=$RAD_REQUEST{'User-Name'}))",
    scope   => "sub",
    attrs   => ['cn','radiusAuthType','radiusSessionTimeout','radiusIdleTimeout','radiusTunnelType','radiusTunnelMediumType','radiusTunnelPrivateGroupId']
  );

  if ($sres->count == 0) {
    return RLM_MODULE_NOOP;
  }


  my $entry = $sres->entry(0);
  if ($entry->exists('radiusAuthType')) {
    &radiusd::radlog(1, "radiusAuthType: ".$entry->get_value('radiusAuthType'));
  }
  if ($entry->exists('radiusTunnelPrivateGroupId')) {
    &radiusd::radlog(1, "radiusTunnelPrivateGroupId: ".$entry->get_value('radiusTunnelPrivateGroupId'));
  }
  if ($entry->exists('radiusTunnelPrivateGroupId')) {
    $RAD_REPLY{'Tunnel-Private-Group-Id'} = $entry->get_value('radiusTunnelPrivateGroupId');
  }
  if ($entry->exists('cn')) {
    &radiusd::radlog(1, "cn: ".$entry->get_value('cn'));
  }

  $ldap->unbind;

  return RLM_MODULE_OK;
}

sub xlat {
}

sub detach {
  &radiusd::radlog(0,"rlm_perl::Detaching. Reloading. Done.");
}

APT Browse - Built by Thomas Orozco.