#define CHAP_VALUE_LENGTH 16
#define MAX_STRING_LEN 254 /* RFC2138: string 0-253 octets */
+# define VENDOR(x) ((x >> 16) & 0xffff)
+
#ifdef _LIBRADIUS
# define AUTH_HDR_LEN 20
# define VENDORPEC_USR 429
#define VENDORPEC_LUCENT 4846
#define VENDORPEC_STARENT 8164
-# define VENDOR(x) ((x >> 16) & 0xffff)
# define DEBUG if (librad_debug) printf
# define debug_pair(vp) do { if (librad_debug) { \
putchar('\t'); \
int with_ntdomain_hack;
int with_specialix_jetstream_hack;
int with_cisco_vsa_hack;
+ int with_alvarion_vsa_hack;
} rlm_preprocess_t;
static CONF_PARSER module_config[] = {
"no" },
{ "with_cisco_vsa_hack", PW_TYPE_BOOLEAN,
offsetof(rlm_preprocess_t,with_cisco_vsa_hack), NULL, "no" },
+ { "with_alvarion_vsa_hack", PW_TYPE_BOOLEAN,
+ offsetof(rlm_preprocess_t,with_alvarion_vsa_hack), NULL, "no" },
{ NULL, -1, 0, NULL, NULL }
};
char newattr[MAX_STRING_LEN];
for ( ; vp != NULL; vp = vp->next) {
- vendorcode = (vp->attribute >> 16); /* HACK! */
+ vendorcode = VENDOR(vp->attribute);
if (!((vendorcode == 9) || (vendorcode == 6618))) continue; /* not a Cisco or Quintum VSA, continue */
if (vp->type != PW_TYPE_STRING) continue;
}
}
+
+/*
+ * Don't even ask what this is doing...
+ */
+static void alvarion_vsa_hack(VALUE_PAIR *vp)
+{
+ int vendorcode;
+ int number = 1;
+
+ for ( ; vp != NULL; vp = vp->next) {
+ vendorcode = VENDOR(vp->attribute);
+ if (vendorcode != 12394) continue;
+ if (vp->type != PW_TYPE_STRING) continue;
+
+ vp->attribute = number | (12394 << 16);
+ snprintf(vp->name, sizeof(vp->name),
+ "Breezecom-Attr%d", number++);
+ }
+}
+
/*
* Mangle username if needed, IN PLACE.
*/
cisco_vsa_hack(request->packet->vps);
}
+ if (data->with_alvarion_vsa_hack) {
+ /*
+ * We need to run this hack because the Alvarion
+ * people are crazy.
+ */
+ alvarion_vsa_hack(request->packet->vps);
+ }
+
/*
* Note that we add the Request-Src-IP-Address to the request
* structure BEFORE checking huntgroup access. This allows