For assorted reasons we wanted to use libradius (ships as part of
FreeBSD) rather than radiusclient, so we wrote patches to allow it as
an alternate which I've attached (though I'm not sure - does the
mailing list eat attachments?)
--
Alex Kiernan
Index: doc/OptionLists.txt
===================================================================
RCS file: /cvsroot/upstream/exim4/doc/OptionLists.txt,v
retrieving revision 1.7
diff -u -r1.7 OptionLists.txt
--- doc/OptionLists.txt 10 Sep 2004 09:42:03 -0000 1.7
+++ doc/OptionLists.txt 28 Sep 2004 09:15:24 -0000
@@ -817,6 +817,7 @@
PERL_LIBS system* library for compiling Perl interface
PID_FILE_PATH optional path to daemon's pid file
RADIUS_CONFIG_FILE optional path to Radius config file
+RADIUS_LIB_TYPE optional type of RADIUS library
RANLIB system** path to ranlib command
RM_COMMAND system path to rm command
ROUTER_ACCEPT driver include accept router
Index: src/EDITME
===================================================================
RCS file: /cvsroot/upstream/exim4/src/EDITME,v
retrieving revision 1.1.1.13
retrieving revision 1.8
diff -u -r1.1.1.13 -r1.8
--- src/EDITME 26 Aug 2004 14:09:59 -0000 1.1.1.13
+++ src/EDITME 15 Sep 2004 11:59:50 -0000 1.8
@@ -643,6 +644,14 @@
# RADIUS_CONFIG_FILE=/etc/radiusclient/radiusclient.conf
+#------------------------------------------------------------------------------
+# If you have set RADIUS_CONFIG_FILE, you should also set one of these
+# to indicate which RADIUS library will be used.
+
+# RADIUS_LIB_TYPE=RADIUSCLIENT
+# RADIUS_LIB_TYPE=RADLIB
+
+# If you don't set any of these, Exim assumes the radiusclient library
#------------------------------------------------------------------------------
# Support for authentication via the Cyrus SASL pwcheck daemon is available.
Index: src/buildconfig.c
===================================================================
RCS file: /cvsroot/upstream/exim4/src/buildconfig.c,v
retrieving revision 1.1.1.12
retrieving revision 1.2
diff -u -r1.1.1.12 -r1.2
--- src/buildconfig.c 26 Aug 2004 14:09:59 -0000 1.1.1.12
+++ src/buildconfig.c 15 Sep 2004 11:59:50 -0000 1.2
@@ -627,6 +627,21 @@
return 1;
}
}
+ else if (strcmp(name, "RADIUS_LIB_TYPE") == 0)
+ {
+ if (strcmp(value, "RADIUSCLIENT") == 0 ||
+ strcmp(value, "RADLIB") == 0)
+ {
+ fprintf(new, "#define RADIUS_LIB_%s\n", value);
+ }
+ else
+ {
+ printf("\n*** RADIUS_LIB_TYPE=%s is not a recognized RADIUS library type."
+ "\n*** Please review your build-time configuration.\n\n", value);
+ return 1;
+ }
+ }
+
/* Other macros get set to the environment value. */
Index: src/config.h.defaults
===================================================================
RCS file: /cvsroot/upstream/exim4/src/config.h.defaults,v
retrieving revision 1.1.1.14
retrieving revision 1.8
diff -u -r1.1.1.14 -r1.8
--- src/config.h.defaults 26 Aug 2004 14:09:59 -0000 1.1.1.14
+++ src/config.h.defaults 15 Sep 2004 11:59:50 -0000 1.8
@@ -91,6 +91,8 @@
#define RADIUS_CONFIG_FILE
+#define RADIUS_LIB_TYPE
+
#define ROUTER_ACCEPT
#define ROUTER_DNSLOOKUP
#define ROUTER_IPLITERAL
Index: src/auths/call_radius.c
===================================================================
RCS file: /cvsroot/upstream/exim4/src/auths/call_radius.c,v
retrieving revision 1.1.1.5
diff -u -r1.1.1.5 call_radius.c
--- src/auths/call_radius.c 26 Apr 2004 14:38:16 -0000 1.1.1.5
+++ src/auths/call_radius.c 1 Oct 2004 11:31:09 -0000
@@ -26,7 +26,11 @@
#else /* RADIUS_CONFIG_FILE */
+#ifndef RADIUS_LIB_RADLIB
#include <radiusclient.h>
+#else
+#include <radlib.h>
+#endif
/*************************************************
@@ -50,9 +54,13 @@
{
uschar *user;
uschar *radius_args = s;
+#ifndef RADIUS_LIB_RADLIB
VALUE_PAIR *send = NULL;
VALUE_PAIR *received;
unsigned int service = PW_AUTHENTICATE_ONLY;
+#else
+struct rad_handle *h;
+#endif
int result;
int sep = 0;
char msg[4096];
@@ -65,6 +73,7 @@
*errptr = NULL;
+#ifndef RADIUS_LIB_RADLIB
rc_openlog("exim");
if (rc_read_config(RADIUS_CONFIG_FILE) != 0)
@@ -108,6 +117,52 @@
*errptr = string_sprintf("RADIUS: unexpected response (%d)", result);
return ERROR;
}
+#else
+h = rad_auth_open();
+if (h == NULL)
+ {
+ *errptr = string_sprintf("RADIUS: can't initialise libradius");
+ return ERROR;
+ }
+if (rad_config(h, RADIUS_CONFIG_FILE) != 0 ||
+ rad_create_request(h, RAD_ACCESS_REQUEST) != 0 ||
+ rad_put_string(h, RAD_USER_NAME, CS user) != 0 ||
+ rad_put_string(h, RAD_USER_PASSWORD, CS radius_args) != 0 ||
+ rad_put_int(h, RAD_SERVICE_TYPE, RAD_AUTHENTICATE_ONLY) != 0)
+ {
+ *errptr = string_sprintf("RADIUS: %s", rad_strerror(h));
+ result = ERROR;
+ }
+else
+ {
+ result = rad_send_request(h);
+
+ switch(result)
+ {
+ case RAD_ACCESS_ACCEPT:
+ result = OK;
+ break;
+
+ case RAD_ACCESS_REJECT:
+ result = FAIL;
+ break;
+
+ case -1:
+ *errptr = string_sprintf("RADIUS: %s", rad_strerror(h));
+ result = ERROR;
+ break;
+
+ default:
+ *errptr = string_sprintf("RADIUS: unexpected response (%d)", result);
+ result= ERROR;
+ break;
+ }
+ }
+if (*errptr != NULL)
+ DEBUG(D_auth) debug_printf("%s\n", *errptr);
+rad_close(h);
+return result;
+#endif
}
#endif /* RADIUS_CONFIG_FILE */
