diff options
| -rw-r--r-- | etc/inc/auth.inc | 7 | ||||
| -rw-r--r-- | usr/local/www/system_authservers.php | 16 |
2 files changed, 21 insertions, 2 deletions
diff --git a/etc/inc/auth.inc b/etc/inc/auth.inc index 56a55eb..d59ee70 100644 --- a/etc/inc/auth.inc +++ b/etc/inc/auth.inc @@ -1146,12 +1146,15 @@ function radius_backed($username, $passwd, $authcfg, &$attributes = array()) { $radiusservers[0]['ipaddr'] = $authcfg['host']; $radiusservers[0]['port'] = $authcfg['radius_auth_port']; $radiusservers[0]['sharedsecret'] = $authcfg['radius_secret']; + $radiusservers[0]['timeout'] = $authcfg['radius_timeout']; } else return false; /* Add a new servers to our instance */ - foreach ($radiusservers as $radsrv) - $rauth->addServer($radsrv['ipaddr'], $radsrv['port'], $radsrv['sharedsecret']); + foreach ($radiusservers as $radsrv) { + $timeout = (is_numeric($radsrv['timeout'])) ? $radsrv['timeout'] : 5; + $rauth->addServer($radsrv['ipaddr'], $radsrv['port'], $radsrv['sharedsecret'], $timeout); + } if (PEAR::isError($rauth->start())) { $retvalue['auth_val'] = 1; diff --git a/usr/local/www/system_authservers.php b/usr/local/www/system_authservers.php index 2649d5b..39ac184 100644 --- a/usr/local/www/system_authservers.php +++ b/usr/local/www/system_authservers.php @@ -117,6 +117,7 @@ if ($act == "edit") { $pconfig['radius_auth_port'] = $a_server[$id]['radius_auth_port']; $pconfig['radius_acct_port'] = $a_server[$id]['radius_acct_port']; $pconfig['radius_secret'] = $a_server[$id]['radius_secret']; + $pconfig['radius_timeout'] = $a_server[$id]['radius_timeout']; if ($pconfig['radius_auth_port'] && $pconfig['radius_acct_port'] ) { @@ -212,6 +213,9 @@ if ($_POST) { if (auth_get_authserver($pconfig['name']) && !isset($id)) $input_errors[] = gettext("An authentication server with the same name already exists."); + if (isset($_POST['radius_timeout']) && (!is_numeric($_POST['radius_timeout']) || (is_numeric($_POST['radius_timeout']) && ($_POST['radius_timeout'] <= 0)))) + $input_errors[] = gettext("RADIUS Timeout value must be numeric and positive."); + /* if this is an AJAX caller then handle via JSON */ if (isAjax() && is_array($input_errors)) { input_errors2Ajax($input_errors); @@ -260,6 +264,9 @@ if ($_POST) { if ($pconfig['radius_secret']) $server['radius_secret'] = $pconfig['radius_secret']; + if ($pconfig['radius_timeout']) + $server['radius_timeout'] = $pconfig['radius_timeout']; + if ($pconfig['radius_srvcs'] == "both") { $server['radius_auth_port'] = $pconfig['radius_auth_port']; $server['radius_acct_port'] = $pconfig['radius_acct_port']; @@ -720,6 +727,15 @@ function select_clicked() { <input name="radius_acct_port" type="text" class="formfld unknown" id="radius_acct_port" size="5" value="<?=htmlspecialchars($pconfig['radius_acct_port']);?>"/> </td> </tr> + <tr> + <td width="22%" valign="top" class="vncellreq"><?=gettext("Authentication Timeout");?></td> + <td width="78%" class="vtable"> + <input name="radius_timeout" type="text" class="formfld unknown" id="radius_timeout" size="20" value="<?=htmlspecialchars($pconfig['radius_timeout']);?>"/> + <br /><?= gettext("This value controls how long, in seconds, that the RADIUS server may take to respond to an authentication request.") ?> + <br /><?= gettext("If left blank, the default value is 5 seconds.") ?> + <br /><br /><?= gettext("NOTE: If you are using an interactive two-factor authentication system, increase this timeout to account for how long it will take the user to receive and enter a token.") ?> + </td> + </tr> </table> <table width="100%" border="0" cellpadding="6" cellspacing="0"> |
