%%%------------------------------------------------------------------- %%% File : eradius_server_example.erl %%% Author : Sean Hinde <sean@Seans-Mac.local> %%% Description : Example implementation module for eradius server %%% Note CHAP is untested as of 26th March 2004, but %%% this is how I thihk it should work ! %%% Created : 26 Mar 2004 by Sean Hinde <sean@Seans-Mac.local> %%%------------------------------------------------------------------- -module(eradius_server_example). -export([test/2, auth/2]). -include("eradius_lib.hrl"). -include("eradius_dict.hrl"). -include("dictionary.hrl"). %% Minimal (!) example of Access Request handler test(#rad_pdu{}, #nas_prop{}) -> %io:format("Test spawned~n"), #rad_accept{}. %% Example which does a bit more. %% First tries Pap, then CHAP, then gives up. auth(#rad_pdu{} = Pdu, #nas_prop{} = Nas) -> {request, Attrs} = Pdu#rad_pdu.cmd, case lookup(?User_Name, Attrs) of {ok, User} -> case lookup(?User_Password, Attrs) of {ok, Pass} -> pap(User, Pass, Nas#nas_prop.secret, Pdu#rad_pdu.authenticator); false -> case lookup(?CHAP_Password, Attrs) of {ok, Chap_pass} -> Challenge = case lookup(?CHAP_Challenge, Attrs) of {ok, Val} -> Val; false -> Pdu#rad_pdu.authenticator end, chap(User, list_to_binary(Chap_pass), Challenge); false -> #rad_reject{} end end; false -> #rad_reject{} end. pap(User, Req_pass, Secret, Auth) -> case get_user(User) of {ok, Passwd} -> Enc_pass = eradius_lib:mk_password(Secret, Auth, Passwd), Req_pass1 = list_to_binary(Req_pass), if Enc_pass == Req_pass1 -> #rad_accept{}; true -> io:format("PAP~p~n",[{User, Req_pass, Secret, Auth, Enc_pass}]), #rad_reject{} end; false -> #rad_reject{} end. chap(User, <<Chap_id, Chap_pass/binary>>, Chap_challenge) -> case get_user(User) of {ok, Passwd} -> Enc_pass = erlang:md5([Chap_id, Passwd, Chap_challenge]), if Enc_pass == Chap_pass -> #rad_accept{}; true -> #rad_reject{} end; false -> #rad_reject{} end. get_user("sean") -> {ok, <<"Sean_passzektrw8&">>}; get_user("tobbe") -> {ok, <<"qwe123">>}; get_user(_) -> false. lookup(Key, [{#attribute{id = Key}, Val}|T]) -> {ok, Val}; lookup(Key, [_|T]) -> lookup(Key, T); lookup(_, []) -> false.