projects
/
freeradius.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
|
inline
| side by side (parent:
3217785
)
Added WITH_PROXY to allow it to build without proxying
author
Alan T. DeKok
<aland@freeradius.org>
Wed, 21 Apr 2010 06:51:58 +0000
(08:51 +0200)
committer
Alan T. DeKok
<aland@freeradius.org>
Mon, 26 Apr 2010 13:52:43 +0000
(15:52 +0200)
src/main/modules.c
patch
|
blob
|
history
src/main/stats.c
patch
|
blob
|
history
src/main/util.c
patch
|
blob
|
history
src/modules/rlm_eap/types/rlm_eap_peap/peap.c
patch
|
blob
|
history
src/modules/rlm_eap/types/rlm_eap_ttls/ttls.c
patch
|
blob
|
history
diff --git
a/src/main/modules.c
b/src/main/modules.c
index
b4837ef
..
61e5d12
100644
(file)
--- a/
src/main/modules.c
+++ b/
src/main/modules.c
@@
-1452,7
+1452,9
@@
int setup_modules(int reload, CONF_SECTION *config)
listener = listener->next) {
char buffer[256];
listener = listener->next) {
char buffer[256];
+#ifdef WITH_PROXY
if (listener->type == RAD_LISTEN_PROXY) continue;
if (listener->type == RAD_LISTEN_PROXY) continue;
+#endif
cs = cf_section_sub_find_name2(config,
"server", listener->server);
cs = cf_section_sub_find_name2(config,
"server", listener->server);
diff --git
a/src/main/stats.c
b/src/main/stats.c
index
c8300f8
..
de5300e
100644
(file)
--- a/
src/main/stats.c
+++ b/
src/main/stats.c
@@
-533,6
+533,7
@@
void request_stats_reply(REQUEST *request)
#endif
}
#endif
}
+#ifdef WITH_PROXY
/*
* Home servers.
*/
/*
* Home servers.
*/
@@
-623,6
+624,7
@@
void request_stats_reply(REQUEST *request)
}
#endif
}
}
#endif
}
+#endif /* WITH_PROXY */
}
void radius_stats_init(int flag)
}
void radius_stats_init(int flag)
diff --git
a/src/main/util.c
b/src/main/util.c
index
4a9e5d6
..
c141274
100644
(file)
--- a/
src/main/util.c
+++ b/
src/main/util.c
@@
-198,7
+198,9
@@
void request_free(REQUEST **request_ptr)
request = *request_ptr;
rad_assert(!request->in_request_hash);
request = *request_ptr;
rad_assert(!request->in_request_hash);
+#ifdef WITH_PROXY
rad_assert(!request->in_proxy_hash);
rad_assert(!request->in_proxy_hash);
+#endif
rad_assert(!request->ev);
if (request->packet)
rad_assert(!request->ev);
if (request->packet)
diff --git
a/src/modules/rlm_eap/types/rlm_eap_peap/peap.c
b/src/modules/rlm_eap/types/rlm_eap_peap/peap.c
index
ec58edb
..
52f44fd
100644
(file)
--- a/
src/modules/rlm_eap/types/rlm_eap_peap/peap.c
+++ b/
src/modules/rlm_eap/types/rlm_eap_peap/peap.c
@@
-106,13
+106,21
@@
static int eapmessage_verify(REQUEST *request,
uint8_t eap_type;
char buffer[256];
uint8_t eap_type;
char buffer[256];
- if (!data || (data_len <= 1)) {
+ /*
+ * No data, OR only 1 byte of EAP type.
+ */
+ if (!data || (data_len == 0) ||
+ ((data_len <= 1) && (data[0] != PW_EAP_IDENTITY))) {
return 0;
}
eap_type = *data;
switch (eap_type) {
case PW_EAP_IDENTITY:
return 0;
}
eap_type = *data;
switch (eap_type) {
case PW_EAP_IDENTITY:
+ if (data_len == 1) {
+ RDEBUG2("Identity - ");
+ return 1;
+ }
RDEBUG2("Identity - %*s",
data_len - 1, data + 1);
return 1;
RDEBUG2("Identity - %*s",
data_len - 1, data + 1);
return 1;
@@
-401,7
+409,7
@@
static int process_reply(EAP_HANDLER *handler, tls_session_t *tls_session,
return rcode;
}
return rcode;
}
-
+#ifdef WITH_PROXY
/*
* Do post-proxy processing,
*/
/*
* Do post-proxy processing,
*/
@@
-551,6
+559,8
@@
static void my_request_free(void *data)
request_free(&request);
}
request_free(&request);
}
+#endif
+
static void print_tunneled_data(uint8_t *data, size_t data_len)
{
static void print_tunneled_data(uint8_t *data, size_t data_len)
{
@@
-843,6
+853,7
@@
int eappeap_process(EAP_HANDLER *handler, tls_session_t *tls_session)
*/
switch (fake->reply->code) {
case 0: /* No reply code, must be proxied... */
*/
switch (fake->reply->code) {
case 0: /* No reply code, must be proxied... */
+#ifdef WITH_PROXY
vp = pairfind(fake->config_items, PW_PROXY_TO_REALM);
if (vp) {
vp = pairfind(fake->config_items, PW_PROXY_TO_REALM);
if (vp) {
@@
-979,10
+990,12
@@
int eappeap_process(EAP_HANDLER *handler, tls_session_t *tls_session)
*/
rcode = RLM_MODULE_UPDATED;
*/
rcode = RLM_MODULE_UPDATED;
- } else {
+ } else
+#endif /* WITH_PROXY */
+ {
DEBUG2(" PEAP: Unknown RADIUS packet type %d: rejecting tunneled user", fake->reply->code);
rcode = RLM_MODULE_REJECT;
DEBUG2(" PEAP: Unknown RADIUS packet type %d: rejecting tunneled user", fake->reply->code);
rcode = RLM_MODULE_REJECT;
- }
+
}
break;
default:
break;
default:
diff --git
a/src/modules/rlm_eap/types/rlm_eap_ttls/ttls.c
b/src/modules/rlm_eap/types/rlm_eap_ttls/ttls.c
index
e4d8fb6
..
6dd4344
100644
(file)
--- a/
src/modules/rlm_eap/types/rlm_eap_ttls/ttls.c
+++ b/
src/modules/rlm_eap/types/rlm_eap_ttls/ttls.c
@@
-594,7
+594,7
@@
static int vp2diameter(REQUEST *request, tls_session_t *tls_session, VALUE_PAIR
if ((debug_flag > 2) && fr_log_fp) {
for (i = 0; i < total; i++) {
if ((debug_flag > 2) && fr_log_fp) {
for (i = 0; i < total; i++) {
-
if ((i & 0x0f) == 0) fprintf(fr_log_fp, " TTLS tunnel data out %04x: ",
i);
+
if ((i & 0x0f) == 0) fprintf(fr_log_fp, " TTLS tunnel data out %04x: ", (int)
i);
fprintf(fr_log_fp, "%02x ", buffer[i]);
fprintf(fr_log_fp, "%02x ", buffer[i]);
@@
-685,7
+685,7
@@
static int process_reply(EAP_HANDLER *handler, tls_session_t *tls_session,
* Use the tunneled reply, but not now.
*/
if (t->use_tunneled_reply) {
* Use the tunneled reply, but not now.
*/
if (t->use_tunneled_reply) {
- t->
reply
= reply->vps;
+ t->
accept_vps
= reply->vps;
reply->vps = NULL;
}
reply->vps = NULL;
}
@@
-790,6
+790,7
@@
static int process_reply(EAP_HANDLER *handler, tls_session_t *tls_session,
}
}
+#ifdef WITH_PROXY
/*
* Do post-proxy processing,
*/
/*
* Do post-proxy processing,
*/
@@
-924,7
+925,7
@@
static void my_request_free(void *data)
request_free(&request);
}
request_free(&request);
}
-
+#endif /* WITH_PROXY */
/*
* Process the "diameter" contents of the tunneled data.
/*
* Process the "diameter" contents of the tunneled data.
@@
-972,7
+973,7
@@
int eapttls_process(EAP_HANDLER *handler, tls_session_t *tls_session)
size_t i;
for (i = 0; i < data_len; i++) {
size_t i;
for (i = 0; i < data_len; i++) {
-
if ((i & 0x0f) == 0) fprintf(fr_log_fp, " TTLS tunnel data in %04x: ",
i);
+
if ((i & 0x0f) == 0) fprintf(fr_log_fp, " TTLS tunnel data in %04x: ", (int)
i);
fprintf(fr_log_fp, "%02x ", data[i]);
fprintf(fr_log_fp, "%02x ", data[i]);
@@
-1200,6
+1201,7
@@
int eapttls_process(EAP_HANDLER *handler, tls_session_t *tls_session)
*/
switch (fake->reply->code) {
case 0: /* No reply code, must be proxied... */
*/
switch (fake->reply->code) {
case 0: /* No reply code, must be proxied... */
+#ifdef WITH_PROXY
vp = pairfind(fake->config_items, PW_PROXY_TO_REALM);
if (vp) {
eap_tunnel_data_t *tunnel;
vp = pairfind(fake->config_items, PW_PROXY_TO_REALM);
if (vp) {
eap_tunnel_data_t *tunnel;
@@
-1261,7
+1263,9
@@
int eapttls_process(EAP_HANDLER *handler, tls_session_t *tls_session)
*/
rcode = PW_STATUS_CLIENT;
*/
rcode = PW_STATUS_CLIENT;
- } else {
+ } else
+#endif /* WITH_PROXY */
+ {
RDEBUG("No tunneled reply was found for request %d , and the request was not proxied: rejecting the user.",
request->number);
rcode = PW_AUTHENTICATION_REJECT;
RDEBUG("No tunneled reply was found for request %d , and the request was not proxied: rejecting the user.",
request->number);
rcode = PW_AUTHENTICATION_REJECT;