/*
* This does the exact same thing as the realm_authorize, it's just called
* differently.
*/
static rlm_rcode_t realm_preacct(void *instance, REQUEST *request)
{
int rcode;
const char *name = (char *)request->username->vp_strvalue;
REALM *realm;
if (!name)
return RLM_MODULE_OK;
/*
* Check if we've got to proxy the request.
* If not, return without adding a Proxy-To-Realm
* attribute.
*/
rcode = check_for_realm(instance, request, &realm);
if (rcode != RLM_MODULE_UPDATED) return rcode;
if (!realm) return RLM_MODULE_NOOP;
/*
* Maybe add a Proxy-To-Realm attribute to the request.
*/
RDEBUG2("Preparing to proxy accounting request to realm \"%s\"\n",
realm->name);
add_proxy_to_realm(&request->config_items, realm);
return RLM_MODULE_UPDATED; /* try the next module */
}
/*
* This does the exact same thing as the realm_authorize, it's just called
* differently.
*/
static int realm_preacct(void *instance, REQUEST *request)
{
const char *name = (char *)request->username->strvalue;
REALM *realm;
if (!name)
return RLM_MODULE_OK;
/*
* Check if we've got to proxy the request.
* If not, return without adding a Proxy-To-Realm
* attribute.
*/
if (check_for_realm(instance, request, &realm) < 0) {
return RLM_MODULE_FAIL;
}
if (!realm) {
return RLM_MODULE_NOOP;
}
/*
* Maybe add a Proxy-To-Realm attribute to the request.
*/
DEBUG2(" rlm_realm: Preparing to proxy accounting request to realm \"%s\"\n",
realm->realm);
add_proxy_to_realm(&request->config_items, realm);
return RLM_MODULE_UPDATED; /* try the next module */
}
/*
* Examine a request for a username with an realm, and if it
* corresponds to something in the realms file, set that realm as
* Proxy-To.
*
* This should very nearly duplicate the old proxy_send() code
*/
static int realm_authorize(void *instance, REQUEST *request)
{
REALM *realm;
/*
* Check if we've got to proxy the request.
* If not, return without adding a Proxy-To-Realm
* attribute.
*/
if (check_for_realm(instance, request, &realm) < 0) {
return RLM_MODULE_FAIL;
}
if (!realm) {
return RLM_MODULE_NOOP;
}
/*
* Maybe add a Proxy-To-Realm attribute to the request.
*/
DEBUG2(" rlm_realm: Preparing to proxy authentication request to realm \"%s\"\n",
realm->realm);
add_proxy_to_realm(&request->config_items, realm);
return RLM_MODULE_UPDATED; /* try the next module */
}
/*
* CoA realms via Operator-Name. Because the realm isn't in a
* User-Name, concepts like "prefix" and "suffix' don't matter.
*/
static rlm_rcode_t realm_coa(UNUSED void *instance, REQUEST *request)
{
VALUE_PAIR *vp;
REALM *realm;
if (pairfind(request->packet->vps, PW_REALM, 0, TAG_ANY) != NULL) {
RDEBUG2("Request already proxied. Ignoring.");
return RLM_MODULE_OK;
}
vp = pairfind(request->packet->vps, PW_OPERATOR_NAME, 0, TAG_ANY);
if (!vp) return RLM_MODULE_NOOP;
/*
* Catch the case of broken dictionaries.
*/
if (vp->da->type != PW_TYPE_STRING) return RLM_MODULE_NOOP;
/*
* The string is too short.
*/
if (vp->length == 1) return RLM_MODULE_NOOP;
/*
* '1' means "the rest of the string is a realm"
*/
if (vp->vp_strvalue[0] != '1') return RLM_MODULE_NOOP;
realm = realm_find(vp->vp_strvalue + 1);
if (!realm) return RLM_MODULE_NOTFOUND;
if (!realm->coa_pool) {
RDEBUG2("CoA realm is LOCAL.");
return RLM_MODULE_OK;
}
/*
* Maybe add a Proxy-To-Realm attribute to the request.
*/
RDEBUG2("Preparing to proxy authentication request to realm \"%s\"\n",
realm->name);
add_proxy_to_realm(&request->config_items, realm);
return RLM_MODULE_UPDATED; /* try the next module */
}
/*
* Examine a request for a username with an realm, and if it
* corresponds to something in the realms file, set that realm as
* Proxy-To.
*
* This should very nearly duplicate the old proxy_send() code
*/
static rlm_rcode_t realm_authorize(void *instance, REQUEST *request)
{
rlm_rcode_t rcode;
REALM *realm;
/*
* Check if we've got to proxy the request.
* If not, return without adding a Proxy-To-Realm
* attribute.
*/
rcode = check_for_realm(instance, request, &realm);
if (rcode != RLM_MODULE_UPDATED) return rcode;
if (!realm) return RLM_MODULE_NOOP;
/*
* Maybe add a Proxy-To-Realm attribute to the request.
*/
RDEBUG2("Preparing to proxy authentication request to realm \"%s\"\n",
realm->name);
add_proxy_to_realm(&request->config_items, realm);
return RLM_MODULE_UPDATED; /* try the next module */
}
