Final patches to make trust router work

diff --git a/raddb/mods-available/realm b/raddb/mods-available/realm
index 0b87548..b4c8ee3 100644 (file)
--- a/raddb/mods-available/realm
+++ b/raddb/mods-available/realm
@@ -28,6 +28,13 @@ realm IPASS {
 realm suffix {
        format = suffix
        delimiter = "@"
+
+       # The next 3 configuration items are valid ONLY
+       # for a trust-router.  For all other realms,
+       # they are ignored.
+#      trust_router = "localhost"
+#      rp_realm = "painless-security.com"
+#      default_community = "apc.moonshot.ja.net"
 }
 
 #  'username%realm'

diff --git a/raddb/policy.d/abfab-tr b/raddb/policy.d/abfab-tr
index 2b98329..b55adc8 100644 (file)
--- a/raddb/policy.d/abfab-tr
+++ b/raddb/policy.d/abfab-tr
@@ -29,9 +29,9 @@ abfab_pre_proxy {
        }
 
        # set trust-router-coi attribute from the client configuration
-       if ("%{client:trust-router_coi}") {
+       if ("%{client:trust_router_coi}") {
                update proxy-request {
-                       Trust-Router-COI := "%{client:moonshot_coi}"
+                       Trust-Router-COI := "%{client:trust_router_coi}"
                }
        }
 
@@ -43,7 +43,6 @@ abfab_pre_proxy {
        }
 }
 
-#
 #  A policy which is used to validate channel-bindings.
 #
 abfab_channel_bindings {

diff --git a/src/modules/rlm_eap/libeap/eap_chbind.c b/src/modules/rlm_eap/libeap/eap_chbind.c
index 99be8ce..fae1b77 100644 (file)
--- a/src/modules/rlm_eap/libeap/eap_chbind.c
+++ b/src/modules/rlm_eap/libeap/eap_chbind.c
@@ -290,7 +290,7 @@ VALUE_PAIR *eap_chbind_packet2vp(REQUEST *request, const chbind_packet_t *packet
 
        vp = paircreate(request->packet, PW_UKERNA_CHBIND, VENDORPEC_UKERNA);
        if (!vp) return NULL;
-       pairmemcpy(vp, (const uint8_t *) packet, talloc_array_length(packet));
+       pairmemcpy(vp, (const uint8_t *) packet, talloc_array_length((uint8_t *)packet));
 
        return vp;
 }

diff --git a/src/modules/rlm_realm/configure b/src/modules/rlm_realm/configure
index d13d2bf..32f9a24 100755 (executable)
--- a/src/modules/rlm_realm/configure
+++ b/src/modules/rlm_realm/configure
@@ -2921,7 +2921,7 @@ fi
 
 
 
-ac_safe=`echo "trust_router/tr_dh" | sed 'y%./+-%__pm%'`
+ac_safe=`echo "trust_router/tr_dh.h" | sed 'y%./+-%__pm%'`
 old_CPPFLAGS="$CPPFLAGS"
 smart_include=
 smart_include_dir="/usr/local/include /opt/include"
@@ -2941,13 +2941,13 @@ done
 
 if test "x$_smart_try_dir" != "x"; then
   for try in $_smart_try_dir; do
-    { $as_echo "$as_me:${as_lineno-$LINENO}: checking for trust_router/tr_dh in $try" >&5
-$as_echo_n "checking for trust_router/tr_dh in $try... " >&6; }
+    { $as_echo "$as_me:${as_lineno-$LINENO}: checking for trust_router/tr_dh.h in $try" >&5
+$as_echo_n "checking for trust_router/tr_dh.h in $try... " >&6; }
     CPPFLAGS="-isystem $try $old_CPPFLAGS"
     cat confdefs.h - <<_ACEOF >conftest.$ac_ext
 /* end confdefs.h.  */
 
-                   #include <trust_router/tr_dh>
+                   #include <trust_router/tr_dh.h>
 int
 main ()
 {
@@ -2977,13 +2977,13 @@ fi
 
 if test "x$smart_include" = "x"; then
   for _prefix in $smart_prefix; do
-    { $as_echo "$as_me:${as_lineno-$LINENO}: checking for ${_prefix}/trust_router/tr_dh" >&5
-$as_echo_n "checking for ${_prefix}/trust_router/tr_dh... " >&6; }
+    { $as_echo "$as_me:${as_lineno-$LINENO}: checking for ${_prefix}/trust_router/tr_dh.h" >&5
+$as_echo_n "checking for ${_prefix}/trust_router/tr_dh.h... " >&6; }
 
     cat confdefs.h - <<_ACEOF >conftest.$ac_ext
 /* end confdefs.h.  */
 
-                   #include <trust_router/tr_dh>
+                   #include <trust_router/tr_dh.h>
 int
 main ()
 {
@@ -3011,13 +3011,13 @@ rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
 fi
 
 if test "x$smart_include" = "x"; then
-    { $as_echo "$as_me:${as_lineno-$LINENO}: checking for trust_router/tr_dh" >&5
-$as_echo_n "checking for trust_router/tr_dh... " >&6; }
+    { $as_echo "$as_me:${as_lineno-$LINENO}: checking for trust_router/tr_dh.h" >&5
+$as_echo_n "checking for trust_router/tr_dh.h... " >&6; }
 
     cat confdefs.h - <<_ACEOF >conftest.$ac_ext
 /* end confdefs.h.  */
 
-                   #include <trust_router/tr_dh>
+                   #include <trust_router/tr_dh.h>
 int
 main ()
 {
@@ -3078,7 +3078,7 @@ eval "_smart_include_dir=\"\$_smart_include_dir $DIRS\""
 
 if test "x$LOCATE" != "x"; then
         DIRS=
-  file=trust_router/tr_dh
+  file=trust_router/tr_dh.h
 
   for x in `${LOCATE} $file 2>/dev/null`; do
                                         base=`echo $x | sed "s%/${file}%%"`
@@ -3103,13 +3103,13 @@ eval "_smart_include_dir=\"\$_smart_include_dir $DIRS\""
 
 
   for try in $_smart_include_dir; do
-    { $as_echo "$as_me:${as_lineno-$LINENO}: checking for trust_router/tr_dh in $try" >&5
-$as_echo_n "checking for trust_router/tr_dh in $try... " >&6; }
+    { $as_echo "$as_me:${as_lineno-$LINENO}: checking for trust_router/tr_dh.h in $try" >&5
+$as_echo_n "checking for trust_router/tr_dh.h in $try... " >&6; }
     CPPFLAGS="-isystem $try $old_CPPFLAGS"
     cat confdefs.h - <<_ACEOF >conftest.$ac_ext
 /* end confdefs.h.  */
 
-                   #include <trust_router/tr_dh>
+                   #include <trust_router/tr_dh.h>
 int
 main ()
 {
@@ -3146,9 +3146,9 @@ fi
 smart_prefix=
 
 
-       if test "x$ac_cv_have_tr_tid_tidc_create" != "x"; then
-               if test "x$ac_cv_have_trust_router_tr_dh" != "x"; then
-                       SMART_CPPFLAGS="$SMART_CPPFLAGS} -DHAVE_TRUSTROUTER_TR_DH_H"
+       if test "x$ac_cv_lib_tr_tid_tidc_create" != "x"; then
+               if test "x$ac_cv_header_trust_router_tr_dh_h" != "x"; then
+                       SMART_CPPFLAGS="$SMART_CPPFLAGS -DHAVE_TRUSTROUTER_TR_DH_H"
                        trustrouter=yes
                fi
        fi

diff --git a/src/modules/rlm_realm/configure.ac b/src/modules/rlm_realm/configure.ac
index 9d225c6..63c590e 100644 (file)
--- a/src/modules/rlm_realm/configure.ac
+++ b/src/modules/rlm_realm/configure.ac
@@ -8,11 +8,11 @@ if test x$with_[]modname != xno; then
        AC_PROG_CPP
 
        FR_SMART_CHECK_LIB(tr_tid, tidc_create)
-       FR_SMART_CHECK_INCLUDE(trust_router/tr_dh)
+       FR_SMART_CHECK_INCLUDE(trust_router/tr_dh.h)
 
-       if test "x$ac_cv_have_tr_tid_tidc_create" != "x"; then
-               if test "x$ac_cv_have_trust_router_tr_dh" != "x"; then
-                       SMART_CPPFLAGS="$SMART_CPPFLAGS} -DHAVE_TRUSTROUTER_TR_DH_H"
+       if test "x$ac_cv_lib_tr_tid_tidc_create" != "x"; then
+               if test "x$ac_cv_header_trust_router_tr_dh_h" != "x"; then
+                       SMART_CPPFLAGS="$SMART_CPPFLAGS -DHAVE_TRUSTROUTER_TR_DH_H"
                        trustrouter=yes
                fi
        fi