#
auth_badpass = no
auth_goodpass = no
+
+ # Log additional text at the end of the "Login OK" messages.
+ # for these to work, the "auth" and "auth_goopass" or "auth_badpass"
+ # configurations above have to be set to "yes".
+ #
+ # The strings below are dynamically expanded, which means that
+ # you can put anything you want in them. However, note that
+ # this expansion can be slow, and can negatively impact server
+ # performance.
+ #
+# msg_goodpass = ""
+# msg_badpass = ""
}
# The program to execute to do concurrency checks.
* Make sure user/pass are clean
* and then log them
*/
-static int rad_authlog(const char *msg, REQUEST *request, int goodpass) {
-
+static int rad_authlog(const char *msg, REQUEST *request, int goodpass)
+{
+ int logit;
+ const char *extra_msg = NULL;
char clean_password[1024];
char clean_username[1024];
char buf[1024];
+ char extra[1024];
VALUE_PAIR *username = NULL;
if (!request->root->log_auth) {
}
if (goodpass) {
- radlog_request(L_AUTH, 0, request, "%s: [%s%s%s] (%s)",
- msg,
- clean_username,
- request->root->log_auth_goodpass ? "/" : "",
- request->root->log_auth_goodpass ? clean_password : "",
- auth_name(buf, sizeof(buf), request, 1));
+ logit = request->root->log_auth_goodpass;
+ extra_msg = request->root->auth_goodpass_msg;
+ } else {
+ logit = request->root->log_auth_badpass;
+ extra_msg = request->root->auth_badpass_msg;
+ }
+
+ if (extra_msg) {
+ extra[0] = ' ';
+ radius_xlat(extra + 1, sizeof(extra) - 1, extra_msg, request,
+ NULL);
} else {
- radlog_request(L_AUTH, 0, request, "%s: [%s%s%s] (%s)",
- msg,
- clean_username,
- request->root->log_auth_badpass ? "/" : "",
- request->root->log_auth_badpass ? clean_password : "",
- auth_name(buf, sizeof(buf), request, 1));
+ *extra = '\0';
}
+ radlog_request(L_AUTH, 0, request, "%s: [%s%s%s] (%s)%s",
+ msg,
+ clean_username,
+ logit ? "/" : "",
+ logit ? clean_password : "",
+ auth_name(buf, sizeof(buf), request, 1),
+ extra);
+
return 0;
}
{ "auth", PW_TYPE_BOOLEAN, 0, &mainconfig.log_auth, "no" },
{ "auth_badpass", PW_TYPE_BOOLEAN, 0, &mainconfig.log_auth_badpass, "no" },
{ "auth_goodpass", PW_TYPE_BOOLEAN, 0, &mainconfig.log_auth_goodpass, "no" },
+ { "msg_badpass", PW_TYPE_STRING_PTR, 0, &mainconfig.auth_badpass_msg, NULL},
+ { "msg_goodpass", PW_TYPE_STRING_PTR, 0, &mainconfig.auth_goodpass_msg, NULL},
{ NULL, -1, 0, NULL, NULL }
};