[exim] [PATCH] Adding support for libradius

Kezdőlap
Üzenet törlése
Válasz az üzenetre
Szerző: Alex Kiernan
Dátum:  
Címzett: exim-users
Tárgy: [exim] [PATCH] Adding support for libradius
For assorted reasons we wanted to use libradius (ships as part of
FreeBSD) rather than radiusclient, so we wrote patches to allow it as
an alternate which I've attached (though I'm not sure - does the
mailing list eat attachments?)

--
Alex Kiernan
Index: doc/OptionLists.txt
===================================================================
RCS file: /cvsroot/upstream/exim4/doc/OptionLists.txt,v
retrieving revision 1.7
diff -u -r1.7 OptionLists.txt
--- doc/OptionLists.txt    10 Sep 2004 09:42:03 -0000    1.7
+++ doc/OptionLists.txt    28 Sep 2004 09:15:24 -0000
@@ -817,6 +817,7 @@
 PERL_LIBS                    system*      library for compiling Perl interface
 PID_FILE_PATH                optional     path to daemon's pid file
 RADIUS_CONFIG_FILE           optional     path to Radius config file
+RADIUS_LIB_TYPE              optional     type of RADIUS library
 RANLIB                       system**     path to ranlib command
 RM_COMMAND                   system       path to rm command
 ROUTER_ACCEPT                driver       include accept router
Index: src/EDITME
===================================================================
RCS file: /cvsroot/upstream/exim4/src/EDITME,v
retrieving revision 1.1.1.13
retrieving revision 1.8
diff -u -r1.1.1.13 -r1.8
--- src/EDITME    26 Aug 2004 14:09:59 -0000    1.1.1.13
+++ src/EDITME    15 Sep 2004 11:59:50 -0000    1.8
@@ -643,6 +644,14 @@


# RADIUS_CONFIG_FILE=/etc/radiusclient/radiusclient.conf

+#------------------------------------------------------------------------------
+# If you have set RADIUS_CONFIG_FILE, you should also set one of these
+# to indicate which RADIUS library will be used.
+
+# RADIUS_LIB_TYPE=RADIUSCLIENT
+# RADIUS_LIB_TYPE=RADLIB
+
+# If you don't set any of these, Exim assumes the radiusclient library

 #------------------------------------------------------------------------------
 # Support for authentication via the Cyrus SASL pwcheck daemon is available.
Index: src/buildconfig.c
===================================================================
RCS file: /cvsroot/upstream/exim4/src/buildconfig.c,v
retrieving revision 1.1.1.12
retrieving revision 1.2
diff -u -r1.1.1.12 -r1.2
--- src/buildconfig.c    26 Aug 2004 14:09:59 -0000    1.1.1.12
+++ src/buildconfig.c    15 Sep 2004 11:59:50 -0000    1.2
@@ -627,6 +627,21 @@
         return 1;
         }
       }
+    else if (strcmp(name, "RADIUS_LIB_TYPE") == 0)
+      {
+      if (strcmp(value, "RADIUSCLIENT") == 0 ||
+          strcmp(value, "RADLIB") == 0)
+        {
+        fprintf(new, "#define RADIUS_LIB_%s\n", value);
+        }
+      else
+        {
+        printf("\n*** RADIUS_LIB_TYPE=%s is not a recognized RADIUS library type."
+          "\n*** Please review your build-time configuration.\n\n", value);
+        return 1;
+        }
+      }
+


     /* Other macros get set to the environment value. */


Index: src/config.h.defaults
===================================================================
RCS file: /cvsroot/upstream/exim4/src/config.h.defaults,v
retrieving revision 1.1.1.14
retrieving revision 1.8
diff -u -r1.1.1.14 -r1.8
--- src/config.h.defaults    26 Aug 2004 14:09:59 -0000    1.1.1.14
+++ src/config.h.defaults    15 Sep 2004 11:59:50 -0000    1.8
@@ -91,6 +91,8 @@


#define RADIUS_CONFIG_FILE

+#define RADIUS_LIB_TYPE
+
 #define ROUTER_ACCEPT
 #define ROUTER_DNSLOOKUP
 #define ROUTER_IPLITERAL
Index: src/auths/call_radius.c
===================================================================
RCS file: /cvsroot/upstream/exim4/src/auths/call_radius.c,v
retrieving revision 1.1.1.5
diff -u -r1.1.1.5 call_radius.c
--- src/auths/call_radius.c    26 Apr 2004 14:38:16 -0000    1.1.1.5
+++ src/auths/call_radius.c    1 Oct 2004 11:31:09 -0000
@@ -26,7 +26,11 @@
 #else  /* RADIUS_CONFIG_FILE */



+#ifndef RADIUS_LIB_RADLIB
#include <radiusclient.h>
+#else
+#include <radlib.h>
+#endif


/*************************************************
@@ -50,9 +54,13 @@
{
uschar *user;
uschar *radius_args = s;
+#ifndef RADIUS_LIB_RADLIB
VALUE_PAIR *send = NULL;
VALUE_PAIR *received;
unsigned int service = PW_AUTHENTICATE_ONLY;
+#else
+struct rad_handle *h;
+#endif
int result;
int sep = 0;
char msg[4096];
@@ -65,6 +73,7 @@

*errptr = NULL;

+#ifndef RADIUS_LIB_RADLIB
rc_openlog("exim");

 if (rc_read_config(RADIUS_CONFIG_FILE) != 0)
@@ -108,6 +117,52 @@
   *errptr = string_sprintf("RADIUS: unexpected response (%d)", result);
   return ERROR;
   }
+#else
+h = rad_auth_open();
+if (h == NULL)
+  {
+  *errptr = string_sprintf("RADIUS: can't initialise libradius");
+  return ERROR;
+  }
+if (rad_config(h, RADIUS_CONFIG_FILE) != 0 ||
+    rad_create_request(h, RAD_ACCESS_REQUEST) != 0 ||
+    rad_put_string(h, RAD_USER_NAME, CS user) != 0 ||
+    rad_put_string(h, RAD_USER_PASSWORD, CS radius_args) != 0 ||
+    rad_put_int(h, RAD_SERVICE_TYPE, RAD_AUTHENTICATE_ONLY) != 0)
+  {
+  *errptr = string_sprintf("RADIUS: %s", rad_strerror(h));
+  result = ERROR;
+  }
+else
+  {
+  result = rad_send_request(h);
+
+  switch(result)
+    {
+    case RAD_ACCESS_ACCEPT:
+    result = OK;
+    break;
+
+    case RAD_ACCESS_REJECT:
+    result = FAIL;
+    break;
+
+    case -1:
+    *errptr = string_sprintf("RADIUS: %s", rad_strerror(h));
+    result = ERROR;
+    break;
+
+    default:
+    *errptr = string_sprintf("RADIUS: unexpected response (%d)", result);
+    result= ERROR;
+    break;
+    }
+  }
+if (*errptr != NULL)
+  DEBUG(D_auth) debug_printf("%s\n", *errptr);
+rad_close(h);
+return result;
+#endif
 }


#endif /* RADIUS_CONFIG_FILE */