diff --git a/smradius/modules/authentication/mod_auth_pap.pm b/smradius/modules/authentication/mod_auth_pap.pm
index 1419f96937d64b67cf30b16199b76f63bdb36e38..b64835b433e0d46d675cdf5e46945521e7420b1b 100644
--- a/smradius/modules/authentication/mod_auth_pap.pm
+++ b/smradius/modules/authentication/mod_auth_pap.pm
@@ -26,10 +26,9 @@ use warnings;
# Modules we need
use smradius::constants;
+use smradius::logging;
use Digest::MD5;
-use Data::Dumper;
-
# Exporter stuff
@@ -82,22 +81,32 @@ sub authenticate
# Check if this is PAP authentication
return MOD_RES_SKIP if (!defined($encPassword));
- print(STDERR "RECEIVED\n");
- print(STDERR "User-Pass: len = ".length($encPassword).", hex = ".unpack("H*",$encPassword)."\n");
- print(STDERR "\n\n");
+# print(STDERR "RECEIVED\n");
+# print(STDERR "User-Pass: len = ".length($encPassword).", hex = ".unpack("H*",$encPassword)."\n");
+# print(STDERR "\n\n");
+ # FIXME - test is the radius secret, must pull it from the configuration attributes??
my $clearPassword = $packet->password("test","User-Password");
- print(STDERR "CALC\n");
- print(STDERR "Result : len = ".length($clearPassword).", hex = ".unpack("H*",$clearPassword).", password = $clearPassword\n");
+# print(STDERR "CALC\n");
+# print(STDERR "Result : len = ".length($clearPassword).", hex = ".unpack("H*",$clearPassword).", password = $clearPassword\n");
# Compare passwords
- if ($user->{'ClearPassword'} eq $clearPassword) {
- return MOD_RES_ACK;
+ if (defined($user->{'Attributes'}->{'User-Password'})) {
+ # Operator: ==
+ if (defined($user->{'Attributes'}->{'User-Password'}->{'=='})) {
+ # Compare
+ if ($user->{'Attributes'}->{'User-Password'}->{'=='}->{'Value'} eq $clearPassword) {
+ return MOD_RES_ACK;
+ }
+ } else {
+ $server->log(LOG_NOTICE,"[MOD_AUTH_PAP] No valid operators for attribute 'User-Password', supported operators are: ==");
+ }
+ } else {
+ $server->log(LOG_NOTICE,"[MOD_AUTH_PAP] No 'User-Password' attribute, cannot authenticate");
}
-
return MOD_RES_NACK;
}