ppp showing radius message

Wed, 25 Apr 2001 09:12:51 -0700 

    Hi,

    I made a simple (and ugly) patch to ppp to show the radius message when
a radius reject is received.  It also saves it in struct authinfo so the auth
failure routine can pass it to the peer.  The patch modifies pap.c to do this,
but I don't know how to modify the other auth types (I'm using pap only here).

    Someone finds this useful (except me)?

P.S. It's tested on the server side (with Windows client and a PicoBSD client
     for peers).

-- 
Players win and winners play
Have a lucky day

--- auth.h.orig Wed Apr 25 18:13:13 2001
+++ auth.h      Wed Apr 25 18:13:25 2001
@@ -42,6 +42,7 @@
   struct {
     struct fsm_retry fsm;      /* How often/frequently to resend requests */
   } cfg;
+  char *fail_message;
 };
 
 #define auth_Failure(a) (*a->fn.failure)(a);
--- pap.c.orig  Wed Apr 25 18:13:43 2001
+++ pap.c       Wed Apr 25 18:15:51 2001
@@ -149,7 +149,8 @@
 static void
 pap_Failure(struct authinfo *authp)
 {
-  SendPapCode(authp, PAP_NAK, "Login incorrect");
+  SendPapCode(authp, PAP_NAK,
+         (authp->fail_message ? authp->fail_message : "Login incorrect"));
   datalink_AuthNotOk(authp->physical->dl);
 }
 
--- radius.c.orig       Wed Apr 25 18:15:55 2001
+++ radius.c    Wed Apr 25 18:24:07 2001
@@ -83,6 +83,8 @@
 #include "datalink.h"
 #include "bundle.h"
 
+static char fail_message[128];
+
 /*
  * rad_continue_send_request() has given us `got' (non-zero).  Deal with it.
  */
@@ -111,10 +113,32 @@
       break;
 
     case RAD_ACCESS_REJECT:
-      log_Printf(LogPHASE, "Radius(%s): REJECT received\n", stype);
-      if (r->cx.auth)
-        auth_Failure(r->cx.auth);
-      rad_close(r->cx.rad);
+      {
+        int got2;
+
+        nuke = NULL;
+        while (!nuke && ((got2 = rad_get_attr(r->cx.rad, &data, &len)) > 0)) {
+         if (got2 == RAD_REPLY_MESSAGE) {
+           if ((nuke = rad_cvt_string(data, len)) == NULL) {
+             log_Printf(LogERROR, "rad_cvt_string: %s\n", rad_strerror(r->cx.rad));
+             rad_close(r->cx.rad);
+             return;
+           }
+         }
+       }
+       if (nuke) {
+         strlcpy(fail_message, nuke, sizeof(fail_message));
+         free(nuke);
+         r->cx.auth->fail_message = fail_message;
+         log_Printf(LogPHASE, "Radius(%s): REJECT received (%s)\n",
+                 stype, fail_message);
+       } else
+         log_Printf(LogPHASE, "Radius(%s): REJECT received\n", stype);
+
+        if (r->cx.auth)
+          auth_Failure(r->cx.auth);
+        rad_close(r->cx.rad);
+      }
       return;
 
     case RAD_ACCESS_CHALLENGE:

PGP signature

Reply via email to