Added WITH_PROXY to allow it to build without proxying

diff --git a/src/main/modules.c b/src/main/modules.c
index b4837ef..61e5d12 100644 (file)
--- a/src/main/modules.c
+++ b/src/main/modules.c
@@ -1452,7 +1452,9 @@ int setup_modules(int reload, CONF_SECTION *config)
             listener = listener->next) {
                char buffer[256];
 
+#ifdef WITH_PROXY
                if (listener->type == RAD_LISTEN_PROXY) continue;
+#endif
 
                cs = cf_section_sub_find_name2(config,
                                               "server", listener->server);

diff --git a/src/main/util.c b/src/main/util.c
index 6cd01b3..da6948b 100644 (file)
--- a/src/main/util.c
+++ b/src/main/util.c
@@ -198,7 +198,9 @@ void request_free(REQUEST **request_ptr)
        request = *request_ptr;
 
        rad_assert(!request->in_request_hash);
+#ifdef WITH_PROXY
        rad_assert(!request->in_proxy_hash);
+#endif
        rad_assert(!request->ev);
 
        if (request->packet)

diff --git a/src/modules/rlm_eap/types/rlm_eap_peap/peap.c b/src/modules/rlm_eap/types/rlm_eap_peap/peap.c
index 45d14e6..bd1cab2 100644 (file)
--- a/src/modules/rlm_eap/types/rlm_eap_peap/peap.c
+++ b/src/modules/rlm_eap/types/rlm_eap_peap/peap.c
@@ -106,13 +106,21 @@ static int eapmessage_verify(REQUEST *request,
        uint8_t eap_type;
        char buffer[256];
 
-       if (!data || (data_len <= 1)) {
+       /*
+        *      No data, OR only 1 byte of EAP type.
+        */
+       if (!data || (data_len == 0) ||
+           ((data_len <= 1) && (data[0] != PW_EAP_IDENTITY))) {
                return 0;
        }
 
        eap_type = *data;
        switch (eap_type) {
        case PW_EAP_IDENTITY:
+               if (data_len == 1) {
+                       RDEBUG2("Identity - ");
+                       return 1;
+               }
                RDEBUG2("Identity - %*s",
                       data_len - 1, data + 1);
                return 1;
@@ -401,7 +409,7 @@ static int process_reply(EAP_HANDLER *handler, tls_session_t *tls_session,
        return rcode;
 }
 
-
+#ifdef WITH_PROXY
 /*
  *     Do post-proxy processing,
  */
@@ -551,6 +559,8 @@ static void my_request_free(void *data)
 
        request_free(&request);
 }
+#endif
+
 
 static void print_tunneled_data(uint8_t *data, size_t data_len)
 {
@@ -843,6 +853,7 @@ int eappeap_process(EAP_HANDLER *handler, tls_session_t *tls_session)
         */
        switch (fake->reply->code) {
        case 0:                 /* No reply code, must be proxied... */
+#ifdef WITH_PROXY
                vp = pairfind(fake->config_items, PW_PROXY_TO_REALM);
 
                if (vp) {
@@ -979,10 +990,12 @@ int eappeap_process(EAP_HANDLER *handler, tls_session_t *tls_session)
                         */
                        rcode = RLM_MODULE_UPDATED;
 
-               } else {
+               } else
+#endif /* WITH_PROXY */
+                 {
                        DEBUG2("  PEAP: Unknown RADIUS packet type %d: rejecting tunneled user", fake->reply->code);
                        rcode = RLM_MODULE_REJECT;
-               }
+                 }
                break;
 
        default:

diff --git a/src/modules/rlm_eap/types/rlm_eap_ttls/ttls.c b/src/modules/rlm_eap/types/rlm_eap_ttls/ttls.c
index 303df35..d2fb512 100644 (file)
--- a/src/modules/rlm_eap/types/rlm_eap_ttls/ttls.c
+++ b/src/modules/rlm_eap/types/rlm_eap_ttls/ttls.c
@@ -594,7 +594,7 @@ static int vp2diameter(REQUEST *request, tls_session_t *tls_session, VALUE_PAIR
 
                if ((debug_flag > 2) && fr_log_fp) {
                        for (i = 0; i < total; i++) {
-                               if ((i & 0x0f) == 0) fprintf(fr_log_fp, "  TTLS tunnel data out %04x: ", i);
+                         if ((i & 0x0f) == 0) fprintf(fr_log_fp, "  TTLS tunnel data out %04x: ", (int) i);
 
                                fprintf(fr_log_fp, "%02x ", buffer[i]);
 
@@ -685,7 +685,7 @@ static int process_reply(EAP_HANDLER *handler, tls_session_t *tls_session,
                         *      Use the tunneled reply, but not now.
                         */
                        if (t->use_tunneled_reply) {
-                               t->reply = reply->vps;
+                               t->accept_vps = reply->vps;
                                reply->vps = NULL;
                        }
 
@@ -790,6 +790,7 @@ static int process_reply(EAP_HANDLER *handler, tls_session_t *tls_session,
 }
 
 
+#ifdef WITH_PROXY
 /*
  *     Do post-proxy processing,
  */
@@ -924,7 +925,7 @@ static void my_request_free(void *data)
 
        request_free(&request);
 }
-
+#endif /* WITH_PROXY */
 
 /*
  *     Process the "diameter" contents of the tunneled data.
@@ -972,7 +973,7 @@ int eapttls_process(EAP_HANDLER *handler, tls_session_t *tls_session)
                size_t i;
 
                for (i = 0; i < data_len; i++) {
-                       if ((i & 0x0f) == 0) fprintf(fr_log_fp, "  TTLS tunnel data in %04x: ", i);
+                 if ((i & 0x0f) == 0) fprintf(fr_log_fp, "  TTLS tunnel data in %04x: ", (int) i);
 
                        fprintf(fr_log_fp, "%02x ", data[i]);
 
@@ -1200,6 +1201,7 @@ int eapttls_process(EAP_HANDLER *handler, tls_session_t *tls_session)
         */
        switch (fake->reply->code) {
        case 0:                 /* No reply code, must be proxied... */
+#ifdef WITH_PROXY
                vp = pairfind(fake->config_items, PW_PROXY_TO_REALM);
                if (vp) {
                        eap_tunnel_data_t *tunnel;
@@ -1261,7 +1263,9 @@ int eapttls_process(EAP_HANDLER *handler, tls_session_t *tls_session)
                         */
                        rcode = PW_STATUS_CLIENT;
 
-               } else {
+               } else
+#endif /* WITH_PROXY */
+                 {
                        RDEBUG("No tunneled reply was found for request %d , and the request was not proxied: rejecting the user.",
                               request->number);
                        rcode = PW_AUTHENTICATION_REJECT;