radius: add support for Access-Accept username

once radius server has returned User-Name attribute in Access-Accept
packet, it'll be used for any subsequent Accounting-Request packets
instead of internal username per RFC2865 5.1

other way of just replacing session username is possible, but not
desired at the moment due potential issues with single-session modes
in case of different ppp logins / ipoe macs and same contract number
returned by radius for that accounts.

4 files changed, 22 insertions, 0 deletions

diff --git a/accel-pppd/radius/backup.c b/accel-pppd/radius/backup.c
index 46041d78..b73d3bab 100644
--- a/accel-pppd/radius/backup.c
+++ b/accel-pppd/radius/backup.c
@@ -22,6 +22,7 @@
 #define RAD_TAG_ACCT_SERVER_ADDR            9
 #define RAD_TAG_ACCT_SERVER_PORT           10
 #define RAD_TAG_IDLE_TIMEOUT               11
+#define RAD_TAG_ACCT_USERNAME              12
 
 
 #define add_tag(id, data, size) if (!backup_add_tag(m, id, 0, data, size)) return -1;
@@ -68,6 +69,9 @@ static int session_save(struct ap_session *ses, struct backup_mod *m)
 
 	add_tag(RAD_TAG_TERMINATION_ACTION, &rpd->termination_action, 4);
 
+	if (rpd->acct_username)
+		add_tag(RAD_TAG_ACCT_USERNAME, rpd->acct_username, strlen(rpd->acct_username));
+
 	if (rpd->acct_req) {
 		add_tag(RAD_TAG_ACCT_SERVER_ADDR, &rpd->acct_req->server_addr, 4);
 		add_tag(RAD_TAG_ACCT_SERVER_PORT, &rpd->acct_req->server_port, 2);
@@ -144,6 +148,9 @@ void radius_restore_session(struct ap_session *ses, struct radius_pd_t *rpd)
 			case RAD_TAG_TERMINATION_ACTION:
 				rpd->termination_action = *(uint32_t *)tag->data;
 				break;
+			case RAD_TAG_ACCT_USERNAME:
+				rpd->acct_username = _strndup(tag->data, tag->size);
+				break;
 			case RAD_TAG_ACCT_SERVER_ADDR:
 				acct_addr = *(in_addr_t *)tag->data;
 				break;
diff --git a/accel-pppd/radius/radius.c b/accel-pppd/radius/radius.c
index 7cf25092..7cb01d80 100644
--- a/accel-pppd/radius/radius.c
+++ b/accel-pppd/radius/radius.c
@@ -303,6 +303,14 @@ int rad_proc_attrs(struct rad_req_t *req)
 			continue;
 
 		switch(attr->attr->id) {
+			case User_Name:
+				if (rpd->acct_username)
+					_free(rpd->acct_username);
+				if (attr->len)
+					rpd->acct_username = _strndup(attr->val.string, attr->len);
+				else if (rpd->acct_username)
+					rpd->acct_username = NULL;
+				break;
 			case Framed_IP_Address:
 				if (!conf_gw_ip_address && rpd->ses->ctrl->ppp)
 					log_ppp_warn("radius: gw-ip-address not specified, cann't assign IP address...\n");
@@ -664,6 +672,9 @@ static void ses_finished(struct ap_session *ses)
 		}
 	}
 
+	if (rpd->acct_username)
+		_free(rpd->acct_username);
+
 	if (rpd->auth_reply)
 		rad_packet_free(rpd->auth_reply);
 
diff --git a/accel-pppd/radius/radius_p.h b/accel-pppd/radius/radius_p.h
index db8d277f..172504cf 100644
--- a/accel-pppd/radius/radius_p.h
+++ b/accel-pppd/radius/radius_p.h
@@ -67,6 +67,7 @@ struct radius_pd_t {
 	struct ipv6db_prefix_t ipv6_dp;
 	int acct_interim_interval;
 
+	char *acct_username;
 	uint8_t *attr_class;
 	int attr_class_len;
 	uint8_t *attr_state;
diff --git a/accel-pppd/radius/req.c b/accel-pppd/radius/req.c
index b6c4cf0b..b9b6536f 100644
--- a/accel-pppd/radius/req.c
+++ b/accel-pppd/radius/req.c
@@ -72,6 +72,9 @@ static struct rad_req_t *__rad_req_alloc(struct radius_pd_t *rpd, int code, cons
 	if (!req->pack)
 		goto out_err;
 
+	if (code == CODE_ACCOUNTING_REQUEST && rpd->acct_username)
+		username = rpd->acct_username;
+
 	if (rad_packet_add_str(req->pack, NULL, "User-Name", username))
 		goto out_err;