Alan DeKok wrote: > Please do not put pre-proxy code into the "authorize" section of a > module. We will fix the server.
The following patch will make the server run the modules in one of the {Pre,Post}-Proxy-Type stanzas. Index: src/include/modules.h =================================================================== RCS file: /source/radiusd/src/include/modules.h,v retrieving revision 1.22 diff -u -r1.22 modules.h --- src/include/modules.h 4 Jul 2003 19:11:07 -0000 1.22 +++ src/include/modules.h 15 Feb 2005 14:52:24 -0000 @@ -58,8 +58,8 @@ int module_preacct(REQUEST *request); int module_accounting(int type, REQUEST *request); int module_checksimul(int type, REQUEST *request, int maxsimul); -int module_pre_proxy(REQUEST *request); -int module_post_proxy(REQUEST *request); +int module_pre_proxy(int type, REQUEST *request); +int module_post_proxy(int type, REQUEST *request); int module_post_auth(int type, REQUEST *request); #endif /* RADIUS_MODULES_H */ Index: src/main/modules.c =================================================================== RCS file: /source/radiusd/src/main/modules.c,v retrieving revision 1.87 diff -u -r1.87 modules.c --- src/main/modules.c 15 Oct 2004 20:32:14 -0000 1.87 +++ src/main/modules.c 15 Feb 2005 14:52:25 -0000 @@ -498,6 +498,10 @@ dval = dict_valbyname(PW_ACCT_TYPE, cf_section_name2(cs)); } else if (comp == RLM_COMPONENT_SESS) { dval = dict_valbyname(PW_SESSION_TYPE, cf_section_name2(cs)); + } else if (comp == RLM_COMPONENT_PRE_PROXY) { + dval = dict_valbyname(PW_PRE_PROXY_TYPE, cf_section_name2(cs)); + } else if (comp == RLM_COMPONENT_POST_PROXY) { + dval = dict_valbyname(PW_POST_PROXY_TYPE, cf_section_name2(cs)); } else if (comp == RLM_COMPONENT_POST_AUTH) { dval = dict_valbyname(PW_POST_AUTH_TYPE, cf_section_name2(cs)); } @@ -939,17 +943,17 @@ /* * Do pre-proxying for ALL configured sessions */ -int module_pre_proxy(REQUEST *request) +int module_pre_proxy(int type, REQUEST *request) { - return indexed_modcall(RLM_COMPONENT_PRE_PROXY, 0, request); + return indexed_modcall(RLM_COMPONENT_PRE_PROXY, type, request); } /* * Do post-proxying for ALL configured sessions */ -int module_post_proxy(REQUEST *request) +int module_post_proxy(int type, REQUEST *request) { - return indexed_modcall(RLM_COMPONENT_POST_PROXY, 0, request); + return indexed_modcall(RLM_COMPONENT_POST_PROXY, type, request); } /* Index: src/main/proxy.c =================================================================== RCS file: /source/radiusd/src/main/proxy.c,v retrieving revision 1.77 diff -u -r1.77 proxy.c --- src/main/proxy.c 28 May 2004 21:45:07 -0000 1.77 +++ src/main/proxy.c 15 Feb 2005 14:52:25 -0000 @@ -53,6 +53,8 @@ int proxy_receive(REQUEST *request) { int rcode; + int post_proxy_type = 0; + VALUE_PAIR *vp; /* * Delete any reply we had accumulated until now. @@ -63,7 +65,12 @@ * Run the packet through the post-proxy stage, * BEFORE playing games with the attributes. */ - rcode = module_post_proxy(request); + vp = pairfind(request->config_items, PW_POST_PROXY_TYPE); + if (vp) { + DEBUG2(" Found Post-Proxy-Type %s", vp->strvalue); + post_proxy_type = vp->lvalue; + } + rcode = module_post_proxy(post_proxy_type, request); /* * Delete the Proxy-State Attributes from the reply. @@ -208,6 +215,7 @@ int proxy_send(REQUEST *request) { int rcode; + int pre_proxy_type = 0; VALUE_PAIR *realmpair; VALUE_PAIR *strippedname; VALUE_PAIR *delaypair; @@ -432,7 +440,12 @@ /* * Do pre-proxying */ - rcode = module_pre_proxy(request); + vp = pairfind(request->config_items, PW_PRE_PROXY_TYPE); + if (vp) { + DEBUG2(" Found Pre-Proxy-Type %s", vp->strvalue); + pre_proxy_type = vp->lvalue; + } + rcode = module_pre_proxy(pre_proxy_type, request); /* * Do NOT free request->proxy->vps, the pairs are needed Index: src/modules/rlm_eap/types/rlm_eap_peap/peap.c =================================================================== RCS file: /source/radiusd/src/modules/rlm_eap/types/rlm_eap_peap/peap.c,v retrieving revision 1.13 diff -u -r1.13 peap.c --- src/modules/rlm_eap/types/rlm_eap_peap/peap.c 21 Nov 2004 14:32:14 -0000 1.13 +++ src/modules/rlm_eap/types/rlm_eap_peap/peap.c 15 Feb 2005 14:52:25 -0000 @@ -419,7 +419,7 @@ fake->options &= ~RAD_REQUEST_OPTION_PROXY_EAP; DEBUG2(" PEAP: Passing reply back for EAP-MS-CHAP-V2 %p %d", fake, fake->reply->code); - rcode = module_post_proxy(fake); + rcode = module_post_proxy(0, fake); /* * FIXME: If rcode returns fail, do something -- Nicolas Baradakis - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html