From 199bd3556de16e4a92fd4e3d79ec6741c5959336 Mon Sep 17 00:00:00 2001 From: Kozlov Dmitry Date: Thu, 11 Apr 2013 14:05:15 +0400 Subject: radius: implemented default-realm option --- accel-pppd/accel-ppp.conf.5 | 4 ++++ accel-pppd/radius/radius.c | 26 ++++++++++++++++++++++++-- 2 files changed, 28 insertions(+), 2 deletions(-) diff --git a/accel-pppd/accel-ppp.conf.5 b/accel-pppd/accel-ppp.conf.5 index ba3a2b1..0854021 100644 --- a/accel-pppd/accel-ppp.conf.5 +++ b/accel-pppd/accel-ppp.conf.5 @@ -486,6 +486,10 @@ Specifies timeout of accounting interim update. .TP .BI "acct-delay-time=" 0|1 Specifies whether radius client should include Acct-Delay-Time attribute to accounting requests (default 0). +.TP +.BI "default-realme=" realm +Append specified realm to username. +.TP .SH [log] .br Configuration of log and log_file modules. diff --git a/accel-pppd/radius/radius.c b/accel-pppd/radius/radius.c index 2092625..d317bf9 100644 --- a/accel-pppd/radius/radius.c +++ b/accel-pppd/radius/radius.c @@ -42,6 +42,9 @@ int conf_accounting; int conf_fail_time; int conf_req_limit; +static const char *conf_default_realm; +static int conf_default_realm_len; + static LIST_HEAD(sessions); static pthread_rwlock_t sessions_lock = PTHREAD_RWLOCK_INITIALIZER; @@ -149,12 +152,27 @@ int rad_proc_attrs(struct rad_req_t *req) return res; } -static int check(struct pwdb_t *pwdb, struct ap_session *ses, const char *username, int type, va_list _args) +static int rad_pwdb_check(struct pwdb_t *pwdb, struct ap_session *ses, const char *username, int type, va_list _args) { int r = PWDB_NO_IMPL; va_list args; int chap_type; struct radius_pd_t *rpd = find_pd(ses); + char username1[256]; + + if (conf_default_realm && !strchr(username, '@')) { + int len = strlen(username); + if (len + conf_default_realm_len >= 256 - 2) { + log_ppp_error("radius: username is too large to append realm\n"); + return PWDB_DENIED; + } + + memcpy(username1, username, len); + username1[len] = '@'; + memcpy(username1 + len + 1, conf_default_realm, conf_default_realm_len); + username1[len + 1 + conf_default_realm_len] = 0; + username = username1; + } va_copy(args, _args); @@ -488,7 +506,7 @@ static struct ipdb_t ipdb = { }; static struct pwdb_t pwdb = { - .check = check, + .check = rad_pwdb_check, }; static int parse_server(const char *opt, in_addr_t *addr, int *port, char **secret) @@ -600,6 +618,10 @@ static int load_config(void) opt = conf_get_opt("radius", "req-limit"); if (opt) conf_req_limit = atoi(opt); + + conf_default_realm = conf_get_opt("radius", "default-realm"); + if (conf_default_realm) + conf_default_realm_len = strlen(conf_default_realm); return 0; } -- cgit v1.2.3