[prev in list] [next in list] [prev in thread] [next in thread]
List: freeradius-users
Subject: RE: Proxying
From: "Justin Ainsworth" <jda () sunset ! net>
Date: 2002-03-29 17:07:59
[Download RAW message or body]
I applied the patch, but I am still getting the exact same results.
.~.
/v\
-- // \\
JA /( )\
^`~`^
L I N U X
[-----------------------------------------------------------]
Justin Ainsworth Systems Administrator &
PHONE: (530) 879-5660x108 Technical Support Supervisor
FAX: (530) 879-5676 Sunset Net LLC
WEB: http://www.sunset.net 1915 Mangrove Ave
EMAIL: jda@sunset.net Chico, CA 95926
[-----------------------------------------------------------]
> -----Original Message-----
> From: freeradius-users-admin@lists.cistron.nl
> [mailto:freeradius-users-admin@lists.cistron.nl] On Behalf Of
> Chris Parker
> Sent: Thursday, March 28, 2002 8:33 AM
> To: freeradius-users@lists.cistron.nl
> Subject: RE: Proxying
>
>
> At 09:46 AM 3/28/2002 -0600, Chris Parker wrote:
> >At 05:15 PM 3/27/2002 -0800, Justin Ainsworth wrote:
> >> > What does debug say ( radiusd -x -x -x ) about the part where
> >> > it is checking the realms?
> >>
> >>modcall: entering group authorize
> >> modcall[authorize]: module "preprocess" returns ok
> >> rlm_realm: Proxying request from user test@sunset.net to
> realm IPASS
> >> modcall[authorize]: module "prefix" returns updated
> >> rlm_realm: Proxying request from user IPASS/test to
> realm sunset.net
> >> modcall[authorize]: module "suffix" returns updated
> >
> >Hmmm, that is a problem. If the request has already been
> proxied, the
> >module should not be attempting to proxy it again.
> >
> >Let me check into that.
>
> Okay, I've added a check for 'Realm' attributes ( which rlm_realm adds
> when it finds a match and forwards a request ).
>
> It will now return 'noop' if it finds that it's already
> proxied. Here's
> the patch ( or update to the latest CVS ):
>
> Index: rlm_realm.c
> ===================================================================
> RCS file: /source/radiusd/src/modules/rlm_realm/rlm_realm.c,v
> retrieving revision 1.35
> diff -p -r1.35 rlm_realm.c
> *** rlm_realm.c 2002/03/26 15:37:35 1.35
> --- rlm_realm.c 2002/03/28 16:28:16
> *************** static REALM *check_for_realm(void *inst
> *** 78,84 ****
> */
> if ((request->proxy != NULL) ||
> (request->username == NULL)) {
> ! DEBUG2(" rlm_realm: Request was proxied,
> or no user
> name. Ignoring.");
> return NULL;
> }
>
> --- 78,94 ----
> */
> if ((request->proxy != NULL) ||
> (request->username == NULL)) {
> ! DEBUG2(" rlm_realm: Proxy reply, or no user
> name. Ignoring.");
> ! return NULL;
> ! }
> !
> ! /*
> ! * Check for 'Realm' attribute. If it exists,
> then we've proxied
> ! * it already ( via another rlm_realm instance )
> and should
> return.
> ! */
> !
> ! if ( (vp = pairfind(request->packet->vps, PW_REALM))
> != NULL ) {
> ! DEBUG2(" rlm_realm: Request already
> proxied. Ignoring.");
> return NULL;
> }
>
> -Chris
> --
> \\\|||/// \ StarNet Inc. \ Chris Parker
> \ ~ ~ / \ WX *is* Wireless! \ Director, Engineering
> | @ @ | \ http://www.starnetwx.net \ (847) 963-0116
> oOo---(_)---oOo--\--------------------------------------------
> ----------
> \ Wholesale Internet Services -
http://www.megapop.net
-
List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic