ATTRIBUTE Expiration 1010 date
ATTRIBUTE Autz-Type 1011 integer
ATTRIBUTE Acct-Type 1011 integer
+ATTRIBUTE Session-Type 1012 integer
+ATTRIBUTE PostAuth-Type 1013 integer
#
# Integer Translations
# And accounting
#
VALUE Acct-Type Local 0
+
+#
+# And Session handling
+#
+VALUE Session-Type Local 0
+
+#
+# And Post-Auth
+VALUE PostAuth-Type Local 0
+
#
# Experimental Non-Protocol Integer Translations for Cistron-Radiusd
#
ATTRIBUTE Expiration 1010 date
ATTRIBUTE Autz-Type 1011 integer
ATTRIBUTE Acct-Type 1011 integer
+ATTRIBUTE Session-Type 1012 integer
+ATTRIBUTE PostAuth-Type 1013 integer
#
# Integer Translations
# And accounting
#
VALUE Acct-Type Local 0
+
+#
+# And Session handling
+#
+VALUE Session-Type Local 0
+
+#
+# And Post-Auth
+VALUE PostAuth-Type Local 0
+
#
# Experimental Non-Protocol Integer Translations for Cistron-Radiusd
#
int module_authorize(int type, REQUEST *request);
int module_authenticate(int type, REQUEST *request);
int module_preacct(REQUEST *request);
-int module_accounting(REQUEST *request);
-int module_checksimul(REQUEST *request, int maxsimul);
+int module_accounting(int type, REQUEST *request);
+int module_checksimul(int type, REQUEST *request, int maxsimul);
int module_pre_proxy(REQUEST *request);
int module_post_proxy(REQUEST *request);
-int module_post_auth(REQUEST *request);
int module_pre_proxy(REQUEST *request);
int module_post_proxy(REQUEST *request);
-int module_post_auth(REQUEST *request);
+int module_post_auth(int type, REQUEST *request);
#endif /* RADIUS_MODULES_H */
#define PW_EXPIRATION 1010
#define PW_AUTZTYPE 1011
#define PW_ACCTTYPE 1011
+#define PW_SESSTYPE 1012
+#define PW_POSTAUTHTYPE 1013
#define PW_USER_CATEGORY 1029
#define PW_GROUP_NAME 1030
#define PW_HUNTGROUP_NAME 1031
int exec_wait;
VALUE_PAIR *vp;
int rcode;
+ int acct_type = 0;
reply = module_preacct(request);
if (reply != RLM_MODULE_NOOP &&
* This is to ensure that we log the packet
* immediately, even if the proxy never does.
*/
- reply = module_accounting(request);
+ vp = pairfind(request->config_items, PW_ACCTTYPE);
+ if (vp)
+ acct_type = vp->lvalue;
+ reply = module_accounting(acct_type,request);
/*
* See if we need to execute a program.
VALUE_PAIR *module_msg;
VALUE_PAIR *tmp = NULL;
VALUE_PAIR *autz_type_item = NULL;
+ VALUE_PAIR *postauth_type_item = NULL;
int result, r;
char umsg[MAX_STRING_LEN + 1];
const char *user_msg = NULL;
char buf[1024], logstr[1024];
char autz_retry = 0;
int autz_type = 0;
+ int postauth_type = 0;
password = "";
if (result >= 0 &&
(check_item = pairfind(request->config_items, PW_SIMULTANEOUS_USE)) != NULL) {
+ VALUE_PAIR *session_type;
+ int sess_type = 0;
+
+ session_type = pairfind(request->config_items, PW_SESSTYPE);
+ if (session_type)
+ sess_type = session_type->lvalue;
+
/*
* User authenticated O.K. Now we have to check
* for the Simultaneous-Use parameter.
*/
if (namepair &&
- (r = module_checksimul(request, check_item->lvalue)) != 0) {
+ (r = module_checksimul(sess_type,request, check_item->lvalue)) != 0) {
char mpp_ok = 0;
if (r == 2){
* Do post-authentication calls. ignoring the return code.
* If the post-authentication
*/
- result = module_post_auth(request);
+ postauth_type_item = pairfind(request->config_items, PW_POSTAUTHTYPE);
+ if (postauth_type_item)
+ postauth_type = postauth_type_item->lvalue;
+ result = module_post_auth(postauth_type, request);
switch (result) {
break;
dval = dict_valbyname(PW_AUTZTYPE, cf_section_name2(cs));
} else if (comp == RLM_COMPONENT_ACCT) {
dval = dict_valbyname(PW_ACCTTYPE, cf_section_name2(cs));
+ } else if (comp == RLM_COMPONENT_SESS) {
+ dval = dict_valbyname(PW_SESSTYPE, cf_section_name2(cs));
+ } else if (comp == RLM_COMPONENT_POST_AUTH) {
+ dval = dict_valbyname(PW_POSTAUTHTYPE, cf_section_name2(cs));
}
if (dval) {
{ "authorize", "autztype", PW_AUTZTYPE },
{ "authenticate", "authtype", PW_AUTHTYPE },
{ "accounting", "accttype", PW_ACCTTYPE },
+ { "session", "sesstype", PW_SESSTYPE },
+ { "post-auth", "post-authtype", PW_POSTAUTHTYPE },
{ NULL, NULL, 0 }
};
/*
* Do accounting for ALL configured sessions
*/
-int module_accounting(REQUEST *request)
+int module_accounting(int acct_type, REQUEST *request)
{
- return indexed_modcall(RLM_COMPONENT_ACCT, 0, request);
+ return indexed_modcall(RLM_COMPONENT_ACCT, acct_type, request);
}
/*
*
* Returns: 0 == OK, 1 == double logins, 2 == multilink attempt
*/
-int module_checksimul(REQUEST *request, int maxsimul)
+int module_checksimul(int sess_type, REQUEST *request, int maxsimul)
{
int rcode;
request->simul_max = maxsimul;
request->simul_mpp = 1;
- rcode = indexed_modcall(RLM_COMPONENT_SESS, 0, request);
+ rcode = indexed_modcall(RLM_COMPONENT_SESS, sess_type, request);
if (rcode != RLM_MODULE_OK) {
/* FIXME: Good spot for a *rate-limited* warning to the log */
/*
* Do post-authentication for ALL configured sessions
*/
-int module_post_auth(REQUEST *request)
+int module_post_auth(int postauth_type, REQUEST *request)
{
- return indexed_modcall(RLM_COMPONENT_POST_AUTH, 0, request);
+ return indexed_modcall(RLM_COMPONENT_POST_AUTH, postauth_type, request);
}