diff options
author | pjd <pjd@FreeBSD.org> | 2007-01-20 08:52:04 +0000 |
---|---|---|
committer | pjd <pjd@FreeBSD.org> | 2007-01-20 08:52:04 +0000 |
commit | 14e97fe311a138dc0acd53104973ecfa05ed3604 (patch) | |
tree | dc6817fa6afbe2831792a5c7cf9a94124f8b4184 /lib | |
parent | 8d192bb376873e9abf524e52428b61b5f43f29f6 (diff) | |
download | FreeBSD-src-14e97fe311a138dc0acd53104973ecfa05ed3604.zip FreeBSD-src-14e97fe311a138dc0acd53104973ecfa05ed3604.tar.gz |
Send not only Access Request, but also Access Challenge with defined
NAS-Identifier and NAS-IP-Address.
Reviewed by: bz
MFC after: 1 month
Diffstat (limited to 'lib')
-rw-r--r-- | lib/libpam/modules/pam_radius/pam_radius.c | 12 |
1 files changed, 7 insertions, 5 deletions
diff --git a/lib/libpam/modules/pam_radius/pam_radius.c b/lib/libpam/modules/pam_radius/pam_radius.c index 511baf3..306c4b7 100644 --- a/lib/libpam/modules/pam_radius/pam_radius.c +++ b/lib/libpam/modules/pam_radius/pam_radius.c @@ -67,7 +67,7 @@ static int build_access_request(struct rad_handle *, const char *, size_t); static int do_accept(pam_handle_t *, struct rad_handle *); static int do_challenge(pam_handle_t *, struct rad_handle *, - const char *); + const char *, const char *, const char *); /* * Construct an access request, but don't send it. Returns 0 on success, @@ -162,7 +162,8 @@ do_accept(pam_handle_t *pamh, struct rad_handle *radh) } static int -do_challenge(pam_handle_t *pamh, struct rad_handle *radh, const char *user) +do_challenge(pam_handle_t *pamh, struct rad_handle *radh, const char *user, + const char *nas_id, const char *nas_ipaddr) { int retval; int attrtype; @@ -229,8 +230,8 @@ do_challenge(pam_handle_t *pamh, struct rad_handle *radh, const char *user) if ((retval = conv->conv(num_msgs, msg_ptrs, &resp, conv->appdata_ptr)) != PAM_SUCCESS) return (retval); - if (build_access_request(radh, user, resp[num_msgs-1].resp, NULL, - NULL, state, statelen) == -1) + if (build_access_request(radh, user, resp[num_msgs-1].resp, nas_id, + nas_ipaddr, state, statelen) == -1) return (PAM_SERVICE_ERR); memset(resp[num_msgs-1].resp, 0, strlen(resp[num_msgs-1].resp)); free(resp[num_msgs-1].resp); @@ -329,7 +330,8 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags __unused, return (PAM_AUTH_ERR); case RAD_ACCESS_CHALLENGE: - retval = do_challenge(pamh, radh, user); + retval = do_challenge(pamh, radh, user, nas_id, + nas_ipaddr); if (retval != PAM_SUCCESS) { rad_close(radh); return (retval); |