diff options
author | novel <novel@FreeBSD.org> | 2007-05-25 13:45:49 +0000 |
---|---|---|
committer | novel <novel@FreeBSD.org> | 2007-05-25 13:45:49 +0000 |
commit | 60802ef7dc4f1df45d1ea0d4cc9424fd63c2d015 (patch) | |
tree | 0b7fc3c36efe80634384ddfb16cb683acf70eec2 /usr.sbin | |
parent | 715570504895f60f8b3269230042bf48b02f04d7 (diff) | |
download | FreeBSD-src-60802ef7dc4f1df45d1ea0d4cc9424fd63c2d015.zip FreeBSD-src-60802ef7dc4f1df45d1ea0d4cc9424fd63c2d015.tar.gz |
Add a new option for ppp.conf: rad_port_id. It allows to
change the way of what ppp submits to the RADIUS server
as NAS-Port-Id. Possible options are: the PID of the process
owning the corresponding interface, tun(4) interface number,
interface index (as it would get returned by if_nametoindex(3)),
or it's possible to keep the default behavior. Check the ppp(8)
manual page for details.
PR: bin/112764
Submitted by: novel (myself)
Reviewed by: flz
Approved by: flz
MFC after: 1 month
Diffstat (limited to 'usr.sbin')
-rw-r--r-- | usr.sbin/ppp/command.c | 28 | ||||
-rw-r--r-- | usr.sbin/ppp/ppp.8.m4 | 21 | ||||
-rw-r--r-- | usr.sbin/ppp/radius.c | 37 | ||||
-rw-r--r-- | usr.sbin/ppp/radius.h | 6 |
4 files changed, 80 insertions, 12 deletions
diff --git a/usr.sbin/ppp/command.c b/usr.sbin/ppp/command.c index de5eec4..04ad080 100644 --- a/usr.sbin/ppp/command.c +++ b/usr.sbin/ppp/command.c @@ -144,6 +144,7 @@ #define VAR_IPV6CPRETRY 37 #define VAR_RAD_ALIVE 38 #define VAR_PPPOE 39 +#define VAR_PORT_ID 40 /* ``accept|deny|disable|enable'' masks */ #define NEG_HISMASK (1) @@ -2311,6 +2312,29 @@ SetVariable(struct cmdargs const *arg) } break; +#ifndef NORADIUS + case VAR_PORT_ID: + if (strcasecmp(argp, "default") == 0) + arg->bundle->radius.port_id_type = RPI_DEFAULT; + else if (strcasecmp(argp, "pid") == 0) + arg->bundle->radius.port_id_type = RPI_PID; + else if (strcasecmp(argp, "ifnum") == 0) + arg->bundle->radius.port_id_type = RPI_IFNUM; + else if (strcasecmp(argp, "tunnum") == 0) + arg->bundle->radius.port_id_type = RPI_TUNNUM; + else { + log_Printf(LogWARN, + "RADIUS port id must be one of \"default\", \"pid\", \"ifnum\" or \"tunnum\"\n"); + res = 1; + } + + if (arg->bundle->radius.port_id_type && !arg->bundle->radius.cfg.file) { + log_Printf(LogWARN, "rad_port_id requires radius to be configured\n"); + res = 1; + } + + break; +#endif } return res; @@ -2415,7 +2439,9 @@ static struct cmdtab const SetCommands[] = { "RADIUS Config", "set radius cfgfile", (const void *)VAR_RADIUS}, {"rad_alive", NULL, SetVariable, LOCAL_AUTH, "Raduis alive interval", "set rad_alive value", - (const void *)VAR_RAD_ALIVE}, + (const void *)VAR_RAD_ALIVE}, + {"rad_port_id", NULL, SetVariable, LOCAL_AUTH, + "NAS-Port-Id", "set rad_port_id [default|pid|ifnum|tunnum]", (const void *)VAR_PORT_ID}, #endif {"reconnect", NULL, datalink_SetReconnect, LOCAL_AUTH | LOCAL_CX, "Reconnect timeout", "set reconnect value ntries", NULL}, diff --git a/usr.sbin/ppp/ppp.8.m4 b/usr.sbin/ppp/ppp.8.m4 index 983ef11..e71e659 100644 --- a/usr.sbin/ppp/ppp.8.m4 +++ b/usr.sbin/ppp/ppp.8.m4 @@ -27,7 +27,7 @@ changecom(,)dnl .\" .\" $FreeBSD$ .\" -.Dd September 5, 2006 +.Dd May 24, 2007 .Dt PPP 8 .Os .Sh NAME @@ -5588,6 +5588,25 @@ value will tell to sent RADIUS accounting information to the RADIUS server every .Ar timeout seconds. +.It set rad_port_id Ar option +When RADIUS is configured, setting +.Dq rad_port_id +value allows to specify what should be sent to the RADIUS server as +NAS-Port-Id. +The +.Ar option Ns No s +are as follows: +.Pp +.Bl -tag -width Ds +.It pid +PID of the corresponding tunnel. +.It tunnum +tun(4) interface number. +.It ifnum +index of the interface as of returned by if_nametoindex(3). +.It default +keeps the default behavior. +.El .It set reconnect Ar timeout ntries Should the line drop unexpectedly (due to loss of CD or LQR failure), a connection will be re-established after the given diff --git a/usr.sbin/ppp/radius.c b/usr.sbin/ppp/radius.c index c26059e..6b1d685 100644 --- a/usr.sbin/ppp/radius.c +++ b/usr.sbin/ppp/radius.c @@ -95,6 +95,7 @@ #include "ncp.h" #include "bundle.h" #include "proto.h" +#include "iface.h" #ifndef NODES struct mschap_response { @@ -825,7 +826,7 @@ radius_Destroy(struct radius *r) } static int -radius_put_physical_details(struct rad_handle *rad, struct physical *p) +radius_put_physical_details(struct radius *rad, struct physical *p) { int slot, type; @@ -853,16 +854,32 @@ radius_put_physical_details(struct rad_handle *rad, struct physical *p) break; } - if (rad_put_int(rad, RAD_NAS_PORT_TYPE, type) != 0) { - log_Printf(LogERROR, "rad_put: rad_put_int: %s\n", rad_strerror(rad)); - rad_close(rad); + if (rad_put_int(rad->cx.rad, RAD_NAS_PORT_TYPE, type) != 0) { + log_Printf(LogERROR, "rad_put: rad_put_int: %s\n", rad_strerror(rad->cx.rad)); + rad_close(rad->cx.rad); return 0; } - if ((slot = physical_Slot(p)) >= 0) - if (rad_put_int(rad, RAD_NAS_PORT, slot) != 0) { - log_Printf(LogERROR, "rad_put: rad_put_int: %s\n", rad_strerror(rad)); - rad_close(rad); + switch (rad->port_id_type) { + case RPI_PID: + slot = (int)getpid(); + break; + case RPI_IFNUM: + slot = p->dl->bundle->iface->index; + break; + case RPI_TUNNUM: + slot = p->dl->bundle->unit; + break; + case RPI_DEFAULT: + default: + slot = physical_Slot(p); + break; + } + + if (slot >= 0) + if (rad_put_int(rad->cx.rad, RAD_NAS_PORT, slot) != 0) { + log_Printf(LogERROR, "rad_put: rad_put_int: %s\n", rad_strerror(rad->cx.rad)); + rad_close(rad->cx.rad); return 0; } @@ -1031,7 +1048,7 @@ radius_Authenticate(struct radius *r, struct authinfo *authp, const char *name, return 0; } - radius_put_physical_details(r->cx.rad, authp->physical); + radius_put_physical_details(r, authp->physical); log_Printf(LogRADIUS, "Radius(auth): %s data sent for %s\n", what, name); @@ -1209,7 +1226,7 @@ radius_Account(struct radius *r, struct radacct *ac, struct datalink *dl, } } - radius_put_physical_details(r->cx.rad, dl->physical); + radius_put_physical_details(r, dl->physical); if (rad_put_int(r->cx.rad, RAD_ACCT_STATUS_TYPE, acct_type) != 0 || rad_put_string(r->cx.rad, RAD_ACCT_SESSION_ID, ac->session_id) != 0 || diff --git a/usr.sbin/ppp/radius.h b/usr.sbin/ppp/radius.h index bba7e45..ab144a5 100644 --- a/usr.sbin/ppp/radius.h +++ b/usr.sbin/ppp/radius.h @@ -32,6 +32,11 @@ #define MPPE_TYPE_40BIT 2 #define MPPE_TYPE_128BIT 4 +#define RPI_DEFAULT 1 +#define RPI_PID 2 +#define RPI_IFNUM 3 +#define RPI_TUNNUM 4 + struct radius { struct fdescriptor desc; /* We're a sort of (selectable) fdescriptor */ struct { @@ -70,6 +75,7 @@ struct radius { struct pppTimer timer; /* for this long */ int interval; } alive; + short unsigned int port_id_type; }; struct radacct { |