# MPD5: use external script for authentication



## reza (Jun 27, 2015)

Hi
I want to config MPD5 in such a way it uses external script for authentication in L2TP service, so I added these lines to mpd.conf

```
startup:
    set user admin 1234  admin
    set web self 127.0.0.1 5006
    set web open
    set console self 127.0.0.1 5005
    set console open

default:
    load l2tp_server

l2tp_server:
    set ippool add pool2 192.168.11.236 192.168.11.250 
    create bundle template D
    set iface enable proxy-arp
    set iface enable on-demand
    set iface idle 1800
    set iface enable tcpmssfix
    set ipcp yes vjcomp
    set ipcp ranges 192.168.11.2/32 ippool pool2
    set ipcp dns 8.8.8.8
    set bundle enable compression
    set ccp yes mppc
    set mppc yes e40
    set mppc yes e128
    set mppc yes stateless
    create link template D-L l2tp
    set link action bundle D
    set link enable multilink
    set link yes acfcomp protocomp
    set link no pap chap
    set link enable chap
    set link keep-alive 0
    set link mtu 1460
    set l2tp self 0.0.0.0 1701
    set link enable incoming
    set auth disable internal
    set auth enable ext-auth
    set auth extauth-script /root/CODE/test/fu.sh
```

According to this my script should work in this way:


> On invocation extauth/extacct scripts receive on stdin set of request attribute:value pairs terminated by empty line and must generate response in same format on stdout.



So for test my fu.sh I just added to it these lines:

```
#!/usr/local/bin/bash
echo "AUTH_TYPE:"
echo ""
```

But in mpd.log file I got "undefine attribute "AUTH_TYPE" ". So I decided to test other attribute but always get same result as before 

Can anybody help me and say me how exactly I should use fu.sh?


----------



## junovitch@ (Jun 28, 2015)

> On invocation extauth/extacct scripts receive on stdin set of request attribute:value pairs terminated by empty line and must generate response in same format on stdout.



Not an net/mpd5 user, but is this one of those situations where the attribute:value must be on the same line?

With no newlines printed by echo(1):

```
#!/bin/sh
echo -n "AUTH_TYPE:"
echo -n ""
```

With only one newline after the key:value pair printed by echo(1):

```
#!/bin/sh
echo -n "AUTH_TYPE:"
echo ""
```

The shells/bash requirement for a script like this is probably overkill considering that sh(1) will do.


----------



## reza (Jun 28, 2015)

iI found my mistake  . AUTH_TYPE is request attribute not response  . bBut now iI have other problem: how use external script for authentication, iI mean with stdin iI can get some attribute from MPD and iI have users and their passwords in text file but iI don't know how iI should response to MPD and check a username and password is valid or not for login?????????????????


----------



## junovitch@ (Jun 29, 2015)

Sorry, at this point I think you'll need some assistance from someone who is a user of net/mpd5.


----------

