mirror of
https://github.com/freebsd/freebsd-src
synced 2024-10-06 16:40:47 +00:00
If we've given a domain name prefix as the authentication name, strip
it off before passing it on to the RADIUS server for authentication.
This commit is contained in:
parent
0099af422c
commit
27dc75f10c
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=99384
|
@ -725,6 +725,7 @@ radius_Authenticate(struct radius *r, struct authinfo *authp, const char *name,
|
|||
struct timeval tv;
|
||||
int got;
|
||||
char hostname[MAXHOSTNAMELEN];
|
||||
const char *basename;
|
||||
#if 0
|
||||
struct hostent *hp;
|
||||
struct in_addr hostaddr;
|
||||
|
@ -764,7 +765,10 @@ radius_Authenticate(struct radius *r, struct authinfo *authp, const char *name,
|
|||
return 0;
|
||||
}
|
||||
|
||||
if (rad_put_string(r->cx.rad, RAD_USER_NAME, name) != 0 ||
|
||||
/* Don't give any domain\ prefix from the name to the RADIUS server */
|
||||
basename = strchr(name, '\\');
|
||||
basename = basename ? basename + 1 : name;
|
||||
if (rad_put_string(r->cx.rad, RAD_USER_NAME, basename) != 0 ||
|
||||
rad_put_int(r->cx.rad, RAD_SERVICE_TYPE, RAD_FRAMED) != 0 ||
|
||||
rad_put_int(r->cx.rad, RAD_FRAMED_PROTOCOL, RAD_PPP) != 0) {
|
||||
log_Printf(LogERROR, "rad_put: %s\n", rad_strerror(r->cx.rad));
|
||||
|
@ -894,6 +898,7 @@ radius_Account(struct radius *r, struct radacct *ac, struct datalink *dl,
|
|||
struct timeval tv;
|
||||
int got;
|
||||
char hostname[MAXHOSTNAMELEN];
|
||||
const char *name;
|
||||
#if 0
|
||||
struct hostent *hp;
|
||||
struct in_addr hostaddr;
|
||||
|
@ -930,9 +935,13 @@ radius_Account(struct radius *r, struct radacct *ac, struct datalink *dl,
|
|||
|
||||
/* Grab some accounting data and initialize structure */
|
||||
if (acct_type == RAD_START) {
|
||||
/* Don't give any domain\ prefix from the authname to the RADIUS server */
|
||||
name = strchr(dl->peer.authname, '\\');
|
||||
name = name ? name + 1 : dl->peer.authname;
|
||||
|
||||
ac->rad_parent = r;
|
||||
/* Fetch username from datalink */
|
||||
strncpy(ac->user_name, dl->peer.authname, sizeof ac->user_name);
|
||||
strncpy(ac->user_name, name, sizeof ac->user_name);
|
||||
ac->user_name[AUTHLEN-1] = '\0';
|
||||
|
||||
ac->authentic = 2; /* Assume RADIUS verified auth data */
|
||||
|
@ -940,7 +949,7 @@ radius_Account(struct radius *r, struct radacct *ac, struct datalink *dl,
|
|||
/* Generate a session ID */
|
||||
snprintf(ac->session_id, sizeof ac->session_id, "%s%ld-%s%lu",
|
||||
dl->bundle->cfg.auth.name, (long)getpid(),
|
||||
dl->peer.authname, (unsigned long)stats->uptime);
|
||||
name, (unsigned long)stats->uptime);
|
||||
|
||||
/* And grab our MP socket name */
|
||||
snprintf(ac->multi_session_id, sizeof ac->multi_session_id, "%s",
|
||||
|
|
Loading…
Reference in a new issue