On Tue, Feb 15, 2005 at 04:22:48PM +0100, Nicolas Baradakis wrote: > Alan DeKok wrote: > > > Please do not put pre-proxy code into the "authorize" section of a > > module. We will fix the server. > > The following patch will make the server run the modules in one of > the {Pre,Post}-Proxy-Type stanzas. >
Hi! Thanks for the patch! This patch is required for freeradius 1.02 to run modules in post-proxy { Post-Proxy-Type foo { some_module } } Without this patch the above does NOT work. Please apply this patch to next freeradius release! > Index: src/include/modules.h > =================================================================== > RCS file: /source/radiusd/src/include/modules.h,v > retrieving revision 1.22 > diff -u -r1.22 modules.h > --- src/include/modules.h 4 Jul 2003 19:11:07 -0000 1.22 > +++ src/include/modules.h 15 Feb 2005 14:52:24 -0000 > @@ -58,8 +58,8 @@ > int module_preacct(REQUEST *request); > int module_accounting(int type, REQUEST *request); > int module_checksimul(int type, REQUEST *request, int maxsimul); > -int module_pre_proxy(REQUEST *request); > -int module_post_proxy(REQUEST *request); > +int module_pre_proxy(int type, REQUEST *request); > +int module_post_proxy(int type, REQUEST *request); > int module_post_auth(int type, REQUEST *request); > > #endif /* RADIUS_MODULES_H */ > Index: src/main/modules.c > =================================================================== > RCS file: /source/radiusd/src/main/modules.c,v > retrieving revision 1.87 > diff -u -r1.87 modules.c > --- src/main/modules.c 15 Oct 2004 20:32:14 -0000 1.87 > +++ src/main/modules.c 15 Feb 2005 14:52:25 -0000 > @@ -498,6 +498,10 @@ > dval = dict_valbyname(PW_ACCT_TYPE, cf_section_name2(cs)); > } else if (comp == RLM_COMPONENT_SESS) { > dval = dict_valbyname(PW_SESSION_TYPE, cf_section_name2(cs)); > + } else if (comp == RLM_COMPONENT_PRE_PROXY) { > + dval = dict_valbyname(PW_PRE_PROXY_TYPE, cf_section_name2(cs)); > + } else if (comp == RLM_COMPONENT_POST_PROXY) { > + dval = dict_valbyname(PW_POST_PROXY_TYPE, cf_section_name2(cs)); > } else if (comp == RLM_COMPONENT_POST_AUTH) { > dval = dict_valbyname(PW_POST_AUTH_TYPE, cf_section_name2(cs)); > } > @@ -939,17 +943,17 @@ > /* > * Do pre-proxying for ALL configured sessions > */ > -int module_pre_proxy(REQUEST *request) > +int module_pre_proxy(int type, REQUEST *request) > { > - return indexed_modcall(RLM_COMPONENT_PRE_PROXY, 0, request); > + return indexed_modcall(RLM_COMPONENT_PRE_PROXY, type, request); > } > > /* > * Do post-proxying for ALL configured sessions > */ > -int module_post_proxy(REQUEST *request) > +int module_post_proxy(int type, REQUEST *request) > { > - return indexed_modcall(RLM_COMPONENT_POST_PROXY, 0, request); > + return indexed_modcall(RLM_COMPONENT_POST_PROXY, type, request); > } > > /* > Index: src/main/proxy.c > =================================================================== > RCS file: /source/radiusd/src/main/proxy.c,v > retrieving revision 1.77 > diff -u -r1.77 proxy.c > --- src/main/proxy.c 28 May 2004 21:45:07 -0000 1.77 > +++ src/main/proxy.c 15 Feb 2005 14:52:25 -0000 > @@ -53,6 +53,8 @@ > int proxy_receive(REQUEST *request) > { > int rcode; > + int post_proxy_type = 0; > + VALUE_PAIR *vp; > > /* > * Delete any reply we had accumulated until now. > @@ -63,7 +65,12 @@ > * Run the packet through the post-proxy stage, > * BEFORE playing games with the attributes. > */ > - rcode = module_post_proxy(request); > + vp = pairfind(request->config_items, PW_POST_PROXY_TYPE); > + if (vp) { > + DEBUG2(" Found Post-Proxy-Type %s", vp->strvalue); > + post_proxy_type = vp->lvalue; > + } > + rcode = module_post_proxy(post_proxy_type, request); > > /* > * Delete the Proxy-State Attributes from the reply. > @@ -208,6 +215,7 @@ > int proxy_send(REQUEST *request) > { > int rcode; > + int pre_proxy_type = 0; > VALUE_PAIR *realmpair; > VALUE_PAIR *strippedname; > VALUE_PAIR *delaypair; > @@ -432,7 +440,12 @@ > /* > * Do pre-proxying > */ > - rcode = module_pre_proxy(request); > + vp = pairfind(request->config_items, PW_PRE_PROXY_TYPE); > + if (vp) { > + DEBUG2(" Found Pre-Proxy-Type %s", vp->strvalue); > + pre_proxy_type = vp->lvalue; > + } > + rcode = module_pre_proxy(pre_proxy_type, request); > > /* > * Do NOT free request->proxy->vps, the pairs are needed > Index: src/modules/rlm_eap/types/rlm_eap_peap/peap.c > =================================================================== > RCS file: /source/radiusd/src/modules/rlm_eap/types/rlm_eap_peap/peap.c,v > retrieving revision 1.13 > diff -u -r1.13 peap.c > --- src/modules/rlm_eap/types/rlm_eap_peap/peap.c 21 Nov 2004 14:32:14 > -0000 1.13 > +++ src/modules/rlm_eap/types/rlm_eap_peap/peap.c 15 Feb 2005 14:52:25 > -0000 > @@ -419,7 +419,7 @@ > fake->options &= ~RAD_REQUEST_OPTION_PROXY_EAP; > DEBUG2(" PEAP: Passing reply back for EAP-MS-CHAP-V2 %p %d", > fake, fake->reply->code); > - rcode = module_post_proxy(fake); > + rcode = module_post_proxy(0, fake); > > /* > * FIXME: If rcode returns fail, do something > > -- > Nicolas Baradakis > > - > List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html -- ^ . . Linux / - \ Choice.of.the .Next.Generation. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html