From 9960563934a7da222528a1d82224aecc207c8aa8 Mon Sep 17 00:00:00 2001 From: "Alan T. DeKok" Date: Wed, 29 Sep 2010 16:05:24 +0200 Subject: [PATCH] Enable building #WITHOUT_PROXY --- src/lib/radius.c | 10 ++++++- src/main/event.c | 5 ++-- src/main/listen.c | 14 ++++++---- src/main/modules.c | 7 +++-- src/modules/rlm_attr_filter/rlm_attr_filter.c | 6 ++++ src/modules/rlm_attr_rewrite/rlm_attr_rewrite.c | 12 ++++++++ src/modules/rlm_detail/rlm_detail.c | 8 ++++++ src/modules/rlm_exec/rlm_exec.c | 11 ++++++-- src/modules/rlm_files/rlm_files.c | 37 +++++++++++++++++-------- src/modules/rlm_jradius/rlm_jradius.c | 11 ++++++-- src/modules/rlm_perl/rlm_perl.c | 27 +++++++++++++++++- src/modules/rlm_policy/evaluate.c | 4 +++ src/modules/rlm_realm/rlm_realm.c | 5 ++++ 13 files changed, 129 insertions(+), 28 deletions(-) diff --git a/src/lib/radius.c b/src/lib/radius.c index 37757a8..359756a 100644 --- a/src/lib/radius.c +++ b/src/lib/radius.c @@ -2881,8 +2881,11 @@ VALUE_PAIR *rad_attr2vp(const RADIUS_PACKET *packet, DICT_ATTR *da; da = dict_attrbyvalue(attribute, VENDORPEC_EXTENDED); - if (da && (da->flags.extended || da->flags.extended_flags)) { + if (da) { /* flags.extended MUST be set */ + /* + * MUST have at least an "extended type" octet. + */ if (length == 0) return NULL; attribute |= (data[0] << fr_wimax_shift[1]); @@ -2917,6 +2920,11 @@ VALUE_PAIR *rad_attr2vp(const RADIUS_PACKET *packet, attribute, length, data); } } + + /* + * We could avoid another dictionary lookup here + * by using pairalloc(da), but it's not serious... + */ } vp = paircreate(attribute, vendor, PW_TYPE_OCTETS); if (!vp) return NULL; diff --git a/src/main/event.c b/src/main/event.c index 7570614..5254374 100644 --- a/src/main/event.c +++ b/src/main/event.c @@ -1945,8 +1945,8 @@ static int request_pre_handler(REQUEST *request) #ifdef WITH_PROXY if (request->proxy) { return process_proxy_reply(request); -#endif } +#endif return 1; } @@ -2642,6 +2642,7 @@ static void request_post_handler(REQUEST *request) } +#ifdef WITH_PROXY static void rad_retransmit_packet(REQUEST *request) { char buffer[256]; @@ -2731,7 +2732,7 @@ static int rad_retransmit(REQUEST *request) return 1; } - +#endif static void received_retransmit(REQUEST *request, const RADCLIENT *client) { diff --git a/src/main/listen.c b/src/main/listen.c index 02977a5..92c6fde 100644 --- a/src/main/listen.c +++ b/src/main/listen.c @@ -725,6 +725,7 @@ static int socket_print(const rad_listen_t *this, char *buffer, size_t bufsize) return 1; } +#ifdef WITH_PROXY /* * Maybe it's a socket that we opened to a home server. */ @@ -755,7 +756,8 @@ static int socket_print(const rad_listen_t *this, char *buffer, size_t bufsize) return 1; } -#endif +#endif /* WITH_PROXY */ +#endif /* WITH_TCP */ ADDSTRING(" address "); @@ -868,13 +870,15 @@ static int common_socket_parse(CONF_SECTION *cs, rad_listen_t *this) * TCP requires a destination IP for sockets. * UDP doesn't, so it's allowed. */ +#ifdef WITH_PROXY if ((this->type == RAD_LISTEN_PROXY) && (sock->proto != IPPROTO_UDP)) { cf_log_err(cf_sectiontoitem(cs), "Proxy listeners can only listen on proto = udp"); return -1; } -#endif +#endif /* WITH_PROXY */ +#endif /* WITH_TCP */ } sock->my_ipaddr = ipaddr; @@ -2809,12 +2813,12 @@ void listen_free(rad_listen_t **head) } #ifdef WITH_TCP - if ((this->type == RAD_LISTEN_AUTH) || + if ((this->type == RAD_LISTEN_AUTH) #ifdef WITH_ACCT - (this->type == RAD_LISTEN_ACCT) || + || (this->type == RAD_LISTEN_ACCT) #endif #ifdef WITH_PROXY - (this->type == RAD_LISTEN_PROXY) + || (this->type == RAD_LISTEN_PROXY) #endif ) { listen_socket_t *sock = this->data; diff --git a/src/main/modules.c b/src/main/modules.c index accb8b9..a569c07 100644 --- a/src/main/modules.c +++ b/src/main/modules.c @@ -1093,17 +1093,18 @@ static int load_byserver(CONF_SECTION *cs) cf_log_module(cs, "Checking %s {...} for more modules to load", section_type_value[comp].section); -#ifdef WITH_PROXY /* * Skip pre/post-proxy sections if we're not * proxying. */ - if (!mainconfig.proxy_requests && + if ( +#ifdef WITH_PROXY + !mainconfig.proxy_requests && +#endif ((comp == RLM_COMPONENT_PRE_PROXY) || (comp == RLM_COMPONENT_POST_PROXY))) { continue; } -#endif if (load_component_section(subcs, components, comp) < 0) { goto error; diff --git a/src/modules/rlm_attr_filter/rlm_attr_filter.c b/src/modules/rlm_attr_filter/rlm_attr_filter.c index 4b2ed29..cb8f61c 100644 --- a/src/modules/rlm_attr_filter/rlm_attr_filter.c +++ b/src/modules/rlm_attr_filter/rlm_attr_filter.c @@ -337,6 +337,7 @@ static int attr_filter_accounting(void *instance, REQUEST *request) return attr_filter_common(instance, request, request->reply); } +#ifdef WITH_PROXY static int attr_filter_preproxy(void *instance, REQUEST *request) { return attr_filter_common(instance, request, request->proxy); @@ -346,6 +347,7 @@ static int attr_filter_postproxy(void *instance, REQUEST *request) { return attr_filter_common(instance, request, request->proxy_reply); } +#endif static int attr_filter_postauth(void *instance, REQUEST *request) { @@ -371,8 +373,12 @@ module_t rlm_attr_filter = { attr_filter_preacct, /* pre-acct */ attr_filter_accounting, /* accounting */ NULL, /* checksimul */ +#ifdef WITH_PROXY attr_filter_preproxy, /* pre-proxy */ attr_filter_postproxy, /* post-proxy */ +#else + NULL, NULL, +#endif attr_filter_postauth /* post-auth */ }, }; diff --git a/src/modules/rlm_attr_rewrite/rlm_attr_rewrite.c b/src/modules/rlm_attr_rewrite/rlm_attr_rewrite.c index e6f4f4f..fd47702 100644 --- a/src/modules/rlm_attr_rewrite/rlm_attr_rewrite.c +++ b/src/modules/rlm_attr_rewrite/rlm_attr_rewrite.c @@ -124,10 +124,12 @@ static int attr_rewrite_instantiate(CONF_SECTION *conf, void **instance) data->searchin = RLM_REGEX_INCONFIG; else if (strcmp(data->searchin_str, "reply") == 0) data->searchin = RLM_REGEX_INREPLY; +#ifdef WITH_PROXY else if (strcmp(data->searchin_str, "proxy") == 0) data->searchin = RLM_REGEX_INPROXY; else if (strcmp(data->searchin_str, "proxy_reply") == 0) data->searchin = RLM_REGEX_INPROXYREPLY; +#endif else { radlog(L_ERR, "rlm_attr_rewrite: Illegal searchin directive given. Assuming packet."); data->searchin = RLM_REGEX_INPACKET; @@ -196,6 +198,7 @@ static int do_attr_rewrite(void *instance, REQUEST *request) case RLM_REGEX_INREPLY: pairadd(&request->reply->vps,attr_vp); break; +#ifdef WITH_PROXY case RLM_REGEX_INPROXY: if (!request->proxy) { pairbasicfree(attr_vp); @@ -210,6 +213,7 @@ static int do_attr_rewrite(void *instance, REQUEST *request) } pairadd(&request->proxy_reply->vps, attr_vp); break; +#endif default: radlog(L_ERR, "%s: Illegal value for searchin. Changing to packet.", data->name); data->searchin = RLM_REGEX_INPACKET; @@ -237,6 +241,7 @@ static int do_attr_rewrite(void *instance, REQUEST *request) case RLM_REGEX_INREPLY: tmp = request->reply->vps; break; +#ifdef WITH_PROXY case RLM_REGEX_INPROXYREPLY: if (!request->proxy_reply) return RLM_MODULE_NOOP; @@ -247,6 +252,7 @@ static int do_attr_rewrite(void *instance, REQUEST *request) return RLM_MODULE_NOOP; tmp = request->proxy->vps; break; +#endif default: radlog(L_ERR, "%s: Illegal value for searchin. Changing to packet.", data->name); data->searchin = RLM_REGEX_INPACKET; @@ -438,6 +444,7 @@ static int attr_rewrite_checksimul(void *instance, REQUEST *request) return do_attr_rewrite(instance, request); } +#ifdef WITH_PROXY static int attr_rewrite_preproxy(void *instance, REQUEST *request) { return do_attr_rewrite(instance, request); @@ -447,6 +454,7 @@ static int attr_rewrite_postproxy(void *instance, REQUEST *request) { return do_attr_rewrite(instance, request); } +#endif static int attr_rewrite_postauth(void *instance, REQUEST *request) { @@ -480,8 +488,12 @@ module_t rlm_attr_rewrite = { attr_rewrite_preacct, /* preaccounting */ attr_rewrite_accounting, /* accounting */ attr_rewrite_checksimul, /* checksimul */ +#ifdef WITH_PROXY attr_rewrite_preproxy, /* pre-proxy */ attr_rewrite_postproxy, /* post-proxy */ +#else + NULL, NULL, +#endif attr_rewrite_postauth /* post-auth */ }, }; diff --git a/src/modules/rlm_detail/rlm_detail.c b/src/modules/rlm_detail/rlm_detail.c index fba5e9d..6446359 100644 --- a/src/modules/rlm_detail/rlm_detail.c +++ b/src/modules/rlm_detail/rlm_detail.c @@ -432,6 +432,7 @@ static int do_detail(void *instance, REQUEST *request, RADIUS_PACKET *packet, * Add non-protocol attibutes. */ if (compat) { +#ifdef WITH_PROXY if (request->proxy) { char proxy_buffer[128]; @@ -443,6 +444,7 @@ static int do_detail(void *instance, REQUEST *request, RADIUS_PACKET *packet, RDEBUG("Freeradius-Proxied-To = %s", proxy_buffer); } +#endif fprintf(outfp, "\tTimestamp = %ld\n", (unsigned long) request->timestamp); @@ -523,6 +525,7 @@ static int detail_send_coa(void *instance, REQUEST *request) /* * Outgoing Access-Request to home server - write the detail files. */ +#ifdef WITH_PROXY static int detail_pre_proxy(void *instance, REQUEST *request) { if (request->proxy && @@ -563,6 +566,7 @@ static int detail_post_proxy(void *instance, REQUEST *request) return RLM_MODULE_NOOP; } +#endif /* globally exported name */ @@ -578,8 +582,12 @@ module_t rlm_detail = { NULL, /* preaccounting */ detail_accounting, /* accounting */ NULL, /* checksimul */ +#ifdef WITH_PROXY detail_pre_proxy, /* pre-proxy */ detail_post_proxy, /* post-proxy */ +#else + NULL, NULL, +#endif detail_postauth /* post-auth */ #ifdef WITH_COA , detail_recv_coa, diff --git a/src/modules/rlm_exec/rlm_exec.c b/src/modules/rlm_exec/rlm_exec.c index 24e1d24..bf62521 100644 --- a/src/modules/rlm_exec/rlm_exec.c +++ b/src/modules/rlm_exec/rlm_exec.c @@ -88,6 +88,7 @@ static VALUE_PAIR **decode_string(REQUEST *request, const char *string) return &request->reply->vps; } +#ifdef WITH_PROXY if (strcmp(string, "proxy-request") == 0) { if (!request->proxy) return NULL; @@ -99,6 +100,7 @@ static VALUE_PAIR **decode_string(REQUEST *request, const char *string) return &request->proxy_reply->vps; } +#endif if (strcmp(string, "config") == 0) { return &request->config_items; @@ -280,11 +282,14 @@ static int exec_dispatch(void *instance, REQUEST *request) */ if (!((inst->packet_code == 0) || (request->packet->code == inst->packet_code) || - (request->reply->code == inst->packet_code) || - (request->proxy && + (request->reply->code == inst->packet_code) +#ifdef WITH_PROXY + || (request->proxy && (request->proxy->code == inst->packet_code)) || (request->proxy_reply && - (request->proxy_reply->code == inst->packet_code)))) { + (request->proxy_reply->code == inst->packet_code)) +#endif + )) { RDEBUG2("Packet type is not %s. Not executing.", inst->packet_type); return RLM_MODULE_NOOP; diff --git a/src/modules/rlm_files/rlm_files.c b/src/modules/rlm_files/rlm_files.c index 7803a4e..e0bc59a 100644 --- a/src/modules/rlm_files/rlm_files.c +++ b/src/modules/rlm_files/rlm_files.c @@ -40,21 +40,24 @@ struct file_instance { char *usersfile; fr_hash_table_t *users; + + /* authenticate */ + char *auth_usersfile; + fr_hash_table_t *auth_users; + /* preacct */ char *acctusersfile; fr_hash_table_t *acctusers; +#ifdef WITH_PROXY /* pre-proxy */ char *preproxy_usersfile; fr_hash_table_t *preproxy_users; - /* authenticate */ - char *auth_usersfile; - fr_hash_table_t *auth_users; - /* post-proxy */ char *postproxy_usersfile; fr_hash_table_t *postproxy_users; +#endif /* post-authenticate */ char *postauth_usersfile; @@ -78,12 +81,14 @@ static const CONF_PARSER module_config[] = { offsetof(struct file_instance,usersfile), NULL, NULL }, { "acctusersfile", PW_TYPE_FILENAME, offsetof(struct file_instance,acctusersfile), NULL, NULL }, +#ifdef WITH_PROXY { "preproxy_usersfile", PW_TYPE_FILENAME, offsetof(struct file_instance,preproxy_usersfile), NULL, NULL }, - { "auth_usersfile", PW_TYPE_FILENAME, - offsetof(struct file_instance,auth_usersfile), NULL, NULL }, { "postproxy_usersfile", PW_TYPE_FILENAME, offsetof(struct file_instance,postproxy_usersfile), NULL, NULL }, +#endif + { "auth_usersfile", PW_TYPE_FILENAME, + offsetof(struct file_instance,auth_usersfile), NULL, NULL }, { "postauth_usersfile", PW_TYPE_FILENAME, offsetof(struct file_instance,postauth_usersfile), NULL, NULL }, { "compat", PW_TYPE_STRING_PTR, @@ -319,9 +324,11 @@ static int file_detach(void *instance) struct file_instance *inst = instance; fr_hash_table_free(inst->users); fr_hash_table_free(inst->acctusers); +#ifdef WITH_PROXY fr_hash_table_free(inst->preproxy_users); - fr_hash_table_free(inst->auth_users); fr_hash_table_free(inst->postproxy_users); +#endif + fr_hash_table_free(inst->auth_users); fr_hash_table_free(inst->postauth_users); free(inst); return 0; @@ -362,6 +369,7 @@ static int file_instantiate(CONF_SECTION *conf, void **instance) return -1; } +#ifdef WITH_PROXY /* * Get the pre-proxy stuff */ @@ -372,16 +380,17 @@ static int file_instantiate(CONF_SECTION *conf, void **instance) return -1; } - rcode = getusersfile(inst->auth_usersfile, &inst->auth_users, inst->compat_mode); + rcode = getusersfile(inst->postproxy_usersfile, &inst->postproxy_users, inst->compat_mode); if (rcode != 0) { - radlog(L_ERR|L_CONS, "Errors reading %s", inst->auth_usersfile); + radlog(L_ERR|L_CONS, "Errors reading %s", inst->postproxy_usersfile); file_detach(inst); return -1; } +#endif - rcode = getusersfile(inst->postproxy_usersfile, &inst->postproxy_users, inst->compat_mode); + rcode = getusersfile(inst->auth_usersfile, &inst->auth_users, inst->compat_mode); if (rcode != 0) { - radlog(L_ERR|L_CONS, "Errors reading %s", inst->postproxy_usersfile); + radlog(L_ERR|L_CONS, "Errors reading %s", inst->auth_usersfile); file_detach(inst); return -1; } @@ -526,6 +535,7 @@ static int file_preacct(void *instance, REQUEST *request) request->packet->vps, &request->reply->vps); } +#ifdef WITH_PROXY static int file_preproxy(void *instance, REQUEST *request) { struct file_instance *inst = instance; @@ -543,6 +553,7 @@ static int file_postproxy(void *instance, REQUEST *request) inst->postproxy_users, request->proxy_reply->vps, &request->reply->vps); } +#endif static int file_authenticate(void *instance, REQUEST *request) { @@ -576,8 +587,12 @@ module_t rlm_files = { file_preacct, /* preaccounting */ NULL, /* accounting */ NULL, /* checksimul */ +#ifdef WITH_PROXY file_preproxy, /* pre-proxy */ file_postproxy, /* post-proxy */ +#else + NULL, NULL, +#endif file_postauth /* post-auth */ }, }; diff --git a/src/modules/rlm_jradius/rlm_jradius.c b/src/modules/rlm_jradius/rlm_jradius.c index 3dd362f..bd8179e 100644 --- a/src/modules/rlm_jradius/rlm_jradius.c +++ b/src/modules/rlm_jradius/rlm_jradius.c @@ -924,8 +924,8 @@ static int read_request(JRADIUS *inst, JRSOCK *jrsock, REQUEST *p) static int rlm_jradius_call(char func, void *instance, REQUEST *req, int isproxy) { JRADIUS * inst = instance; - RADIUS_PACKET * request = isproxy ? req->proxy : req->packet; - RADIUS_PACKET * reply = isproxy ? req->proxy_reply : req->reply; + RADIUS_PACKET * request = req->packet; + RADIUS_PACKET * reply = req->reply; JRSOCK * jrsock = 0; JRSOCK sjrsock; @@ -943,6 +943,13 @@ static int rlm_jradius_call(char func, void *instance, REQUEST *req, int isproxy #define W_ERR(s) { err=s; goto packerror; } #define R_ERR(s) { err=s; goto parseerror; } +#ifdef WITH_PROXY + if (isproxy) { + request = req->proxy; + reply = req->proxy_reply; + } +#endif + if (inst->keepalive) { jrsock = get_socket(inst); if (!jrsock) return exitstatus; diff --git a/src/modules/rlm_perl/rlm_perl.c b/src/modules/rlm_perl/rlm_perl.c index 14267cf..8acb1f0 100644 --- a/src/modules/rlm_perl/rlm_perl.c +++ b/src/modules/rlm_perl/rlm_perl.c @@ -66,8 +66,10 @@ typedef struct perl_inst { char *func_checksimul; char *func_detach; char *func_xlat; +#ifdef WITH_PROXY char *func_pre_proxy; char *func_post_proxy; +#endif char *func_post_auth; #ifdef WITH_COA char *func_recv_coa; @@ -104,10 +106,12 @@ static const CONF_PARSER module_config[] = { offsetof(PERL_INST,func_detach), NULL, "detach"}, { "func_xlat", PW_TYPE_STRING_PTR, offsetof(PERL_INST,func_xlat), NULL, "xlat"}, +#ifdef WITH_PROXY { "func_pre_proxy", PW_TYPE_STRING_PTR, offsetof(PERL_INST,func_pre_proxy), NULL, "pre_proxy"}, { "func_post_proxy", PW_TYPE_STRING_PTR, offsetof(PERL_INST,func_post_proxy), NULL, "post_proxy"}, +#endif { "func_post_auth", PW_TYPE_STRING_PTR, offsetof(PERL_INST,func_post_auth), NULL, "post_auth"}, #ifdef WITH_COA @@ -402,8 +406,10 @@ static int perl_instantiate(CONF_SECTION *conf, void **instance) HV *rad_check_hv; HV *rad_config_hv; HV *rad_request_hv; +#ifdef WITH_PROXY HV *rad_request_proxy_hv; HV *rad_request_proxy_reply_hv; +#endif AV *end_AV; char **embed; @@ -497,15 +503,19 @@ static int perl_instantiate(CONF_SECTION *conf, void **instance) rad_check_hv = newHV(); rad_config_hv = newHV(); rad_request_hv = newHV(); +#ifdef WITH_PROXY rad_request_proxy_hv = newHV(); rad_request_proxy_reply_hv = newHV(); +#endif rad_reply_hv = get_hv("RAD_REPLY",1); rad_check_hv = get_hv("RAD_CHECK",1); rad_config_hv = get_hv("RAD_CONFIG",1); rad_request_hv = get_hv("RAD_REQUEST",1); +#ifdef WITH_PROXY rad_request_proxy_hv = get_hv("RAD_REQUEST_PROXY",1); rad_request_proxy_reply_hv = get_hv("RAD_REQUEST_PROXY_REPLY",1); +#endif xlat_name = cf_section_name2(conf); if (xlat_name == NULL) @@ -648,8 +658,10 @@ static int rlmperl_call(void *instance, REQUEST *request, char *function_name) HV *rad_check_hv; HV *rad_config_hv; HV *rad_request_hv; +#ifdef WITH_PROXY HV *rad_request_proxy_hv; HV *rad_request_proxy_reply_hv; +#endif #ifdef USE_ITHREADS PerlInterpreter *interp; @@ -681,15 +693,17 @@ static int rlmperl_call(void *instance, REQUEST *request, char *function_name) rad_check_hv = get_hv("RAD_CHECK",1); rad_config_hv = get_hv("RAD_CONFIG",1); rad_request_hv = get_hv("RAD_REQUEST",1); +#ifdef WITH_PROXY rad_request_proxy_hv = get_hv("RAD_REQUEST_PROXY",1); rad_request_proxy_reply_hv = get_hv("RAD_REQUEST_PROXY_REPLY",1); - +#endif perl_store_vps(request->reply->vps, rad_reply_hv); perl_store_vps(request->config_items, rad_check_hv); perl_store_vps(request->packet->vps, rad_request_hv); perl_store_vps(request->config_items, rad_config_hv); +#ifdef WITH_PROXY if (request->proxy != NULL) { perl_store_vps(request->proxy->vps, rad_request_proxy_hv); } else { @@ -701,6 +715,7 @@ static int rlmperl_call(void *instance, REQUEST *request, char *function_name) } else { hv_undef(rad_request_proxy_reply_hv); } +#endif PUSHMARK(SP); /* @@ -764,6 +779,7 @@ static int rlmperl_call(void *instance, REQUEST *request, char *function_name) vp = NULL; } +#ifdef WITH_PROXY if (request->proxy && (get_hv_content(rad_request_proxy_hv, &vp) > 0)) { pairfree(&request->proxy->vps); @@ -777,6 +793,7 @@ static int rlmperl_call(void *instance, REQUEST *request, char *function_name) request->proxy_reply->vps = vp; vp = NULL; } +#endif } return exitstatus; @@ -862,6 +879,8 @@ static int perl_checksimul(void *instance, REQUEST *request) return rlmperl_call(instance, request, ((PERL_INST *)instance)->func_checksimul); } + +#ifdef WITH_PROXY /* * Pre-Proxy request */ @@ -878,6 +897,8 @@ static int perl_post_proxy(void *instance, REQUEST *request) return rlmperl_call(instance, request, ((PERL_INST *)instance)->func_post_proxy); } +#endif + /* * Pre-Auth request */ @@ -1004,8 +1025,12 @@ module_t rlm_perl = { perl_preacct, /* preacct */ perl_accounting, /* accounting */ perl_checksimul, /* check simul */ +#ifdef WITH_PROXY perl_pre_proxy, /* pre-proxy */ perl_post_proxy, /* post-proxy */ +#else + NULL, NULL, +#endif perl_post_auth /* post-auth */ #ifdef WITH_COA , perl_recv_coa, diff --git a/src/modules/rlm_policy/evaluate.c b/src/modules/rlm_policy/evaluate.c index 4ddcfa8..3c1a000 100644 --- a/src/modules/rlm_policy/evaluate.c +++ b/src/modules/rlm_policy/evaluate.c @@ -438,6 +438,7 @@ static VALUE_PAIR *find_vp(REQUEST *request, const char *name) } else if (strncasecmp(name, "reply:", 6) == 0) { p += 6; vps = request->reply->vps; +#ifdef WITH_PROXY } else if (strncasecmp(name, "proxy-request:", 14) == 0) { p += 14; if (request->proxy) { @@ -448,6 +449,7 @@ static VALUE_PAIR *find_vp(REQUEST *request, const char *name) if (request->proxy_reply) { vps = request->proxy_reply->vps; } +#endif } else if (strncasecmp(name, "control:", 8) == 0) { p += 8; vps = request->config_items; @@ -885,6 +887,7 @@ static int evaluate_attr_list(policy_state_t *state, const policy_item_t *item) vps = &(state->request->reply->vps); break; +#ifdef WITH_PROXY case POLICY_RESERVED_PROXY_REQUEST: if (!state->request->proxy) return 0; /* FIXME: print error */ vps = &(state->request->proxy->vps); @@ -894,6 +897,7 @@ static int evaluate_attr_list(policy_state_t *state, const policy_item_t *item) if (!state->request->proxy_reply) return 0; /* FIXME: print error */ vps = &(state->request->proxy_reply->vps); break; +#endif default: return 0; diff --git a/src/modules/rlm_realm/rlm_realm.c b/src/modules/rlm_realm/rlm_realm.c index c9d163b..e960a26 100644 --- a/src/modules/rlm_realm/rlm_realm.c +++ b/src/modules/rlm_realm/rlm_realm.c @@ -80,11 +80,13 @@ static int check_for_realm(void *instance, REQUEST *request, REALM **returnrealm * Also, if there's no User-Name attribute, we can't * proxy it, either. */ +#ifdef WITH_PROXY if ((request->proxy != NULL) || (request->username == NULL)) { RDEBUG2("Proxy reply, or no User-Name. Ignoring."); return RLM_MODULE_OK; } +#endif /* * Check for 'Realm' attribute. If it exists, then we've proxied @@ -236,6 +238,7 @@ static int check_for_realm(void *instance, REQUEST *request, REALM **returnrealm break; } +#ifdef WITH_PROXY RDEBUG2("Proxying request from user %s to realm %s", username, realm->name); @@ -310,11 +313,13 @@ static int check_for_realm(void *instance, REQUEST *request, REALM **returnrealm } } +#endif /* * We got this far, which means we have a realm, set returnrealm */ *returnrealm = realm; + return RLM_MODULE_UPDATED; } -- 2.1.4