man Authen::Radius () - provide simple Radius client facilities

NAME

Authen::Radius - provide simple Radius client facilities

SYNOPSIS

  use Authen::Radius;

  $r = new Authen::Radius(Host => 'myserver', Secret => 'mysecret');
  print "auth result=", $r->check_pwd('myname', 'mypwd'), "\n";

  $r = new Authen::Radius(Host => 'myserver', Secret => 'mysecret');
  Authen::Radius->load_dictionary();
  $r->add_attributes (
                { Name => 'User-Name', Value => 'myname' },
                { Name => 'Password', Value => 'mypwd' },
# RFC 2865 http://www.ietf.org/rfc/rfc2865.txt calls this attribute
# User-Password. Check your local RADIUS dictionary to find
# out which name is used on your system
#               { Name => 'User-Password', Value => 'mypwd' },
                { Name => 'h323-return-code', Value => '0' }, # Cisco AV pair
                { Name => 'Digest-Attributes', Value => { Method => 'REGISTER' } }
  );
  $r->send_packet(ACCESS_REQUEST) and $type = $r->recv_packet();
  print "server response type = $type\n";
  for $a ($r->get_attributes()) {
        print "attr: name=$a->{'Name'} value=$a->{'Value'}\n";
  }

DESCRIPTION

The CWAuthen::Radius module provides a simple class that allows you to send/receive Radius requests/responses to/from a Radius server.

CONSTRUCTOR

new ( Host => HOST, Secret => SECRET [, TimeOut => TIMEOUT] [,Service => SERVICE] [, Debug => Bool])
Creates & returns a blessed reference to a Radius object, or undef on failure. Error status may be retrieved with CWAuthen::Radius::get_error (errorcode) or CWAuthen::Radius::strerror (verbose error string). The default CWService is CWradius, the alternative is CWradius-acct. If you do not specify port in the CWHost as a CWhostname:port, then port specified in your /etc/services will be used. If there is nothing there, and you did not specify port either then default is 1812 for CWradius and 1813 for CWradius-acct. Optional parameter CWDebug with a Perl true value turns on debugging (verbose mode).

METHODS

load_dictionary ( [ DICTIONARY ] )
Loads the definitions in the specified Radius dictionary file (standard Livingston radiusd format). Tries to load 'CW/etc/raddb/dictionary' when no argument is specified, or dies. NOTE: you need to load valid dictionary if you plan to send Radius requests with other attributes than just CWUser-Name/CWPassword.
check_pwd ( USERNAME, PASSWORD [,NASIPADDRESS] )
Checks with the Radius server if the specified CWPASSWORD is valid for user CWUSERNAME. Unless CWNASIPADDRESS is soecified, 127.0.0.1 will be placed in the NAS-IP-Address attribute. This method is actually a wrapper for subsequent calls to CWclear_attributes, CWadd_attributes, CWsend_packet and CWrecv_packet. It returns 1 if the CWPASSWORD is correct, or undef otherwise.
add_attributes ( { Name => NAME, Value => VALUE [, Type => TYPE] [, Vendor => VENDOR] }, ... )
Adds any number of Radius attributes to the current Radius object. Attributes are specified as a list of anon hashes. They may be CWNamed with their dictionary name (provided a dictionary has been loaded first), or with their raw Radius attribute-type values. The CWType pair should be specified when adding attributes that are not in the dictionary (or when no dictionary was loaded). Values for CWTYPE can be 'CWstring', 'CWinteger', 'CWipaddr' or 'CWavpair'.
get_attributes
Returns a list of references to anon hashes with the following key/value pairs : { Name => NAME, Code => RAWTYPE, Value => VALUE, RawValue => RAWVALUE, Vendor => VENDOR }. Each hash represents an attribute in the current object. The CWName and CWValue pairs will contain values as translated by the dictionary (if one was loaded). The CWCode and CWRawValue pairs always contain the raw attribute type & value as received from the server.
clear_attributes
Clears all attributes for the current object.
send_packet ( REQUEST_TYPE )
Packs up a Radius packet based on the current secret & attributes and sends it to the server with a Request type of CWREQUEST_TYPE. Exported CWREQUEST_TYPE methods are 'CWACCESS_REQUEST', 'CWACCESS_ACCEPT' , 'CWACCESS_REJECT', 'CWACCOUNTING_REQUEST' and 'CWACCOUNTING_RESPONSE'. Returns the number of bytes sent, or undef on failure.
recv_packet
Receives a Radius reply packet. Returns the Radius Reply type (see possible values for CWREQUEST_TYPE in method CWsend_packet) or undef on failure. Note that failure may be due to a failed recv() or a bad Radius response authenticator. Use CWget_error to find out.
get_error
Returns the last CWERRORCODE for the current object. Errorcodes are one-word strings always beginning with an 'CWE'.
strerror ( [ ERRORCODE ] )
Returns a verbose error string for the last error for the current object, or for the specified CWERRORCODE.

AUTHOR

Carl Declerck <carl@miskatonic.inbe.net> - original design Alexander Kapitanenko <kapitan@portaone.com> and Andrew Zhilenko <andrew@portaone.com> - later modifications. Andrew Zhilenko <andrew@portaone.com> is a current module's maintaner at CPAN.