Set some reasonable defaults for various options, if not supplied.
Patch from Ben McKeegan.
ATTRIBUTE Termination-Action 29 integer
ATTRIBUTE Called-Station-Id 30 string
ATTRIBUTE Calling-Station-Id 31 string
+ATTRIBUTE NAS-Identifier 32 string
ATTRIBUTE Acct-Status-Type 40 integer
ATTRIBUTE Acct-Delay-Time 41 integer
ATTRIBUTE Acct-Input-Octets 42 integer
# this server is asked.
auth_order radius
-# maximum login tries a user has
+# maximum login tries a user has (default 4)
login_tries 4
-# timeout for all login tries
-# if this time is exceeded the user is kicked out
+# timeout for all login tries (default 60)
+# if this time is exceeded the user is kicked out
login_timeout 60
# name of the nologin file which when it exists disables logins.
# it may be extended by the ttyname which will result in
# a terminal specific lock (e.g. /etc/nologin.ttyS2 will disable
-# logins on /dev/ttyS2)
+# logins on /dev/ttyS2) (default /etc/nologin)
nologin /etc/nologin
# name of the issue file. it's only display when no username is passed
-# on the radlogin command line
+# on the radlogin command line (default /etc/radiusclient/issue)
issue @pkgsysconfdir@/issue
# RADIUS settings
# just like in the normal RADIUS distributions
dictionary @pkgsysconfdir@/dictionary
-# program to call for a RADIUS authenticated login
+# program to call for a RADIUS authenticated login
+# (default /usr/sbin/login.radius)
login_radius @sbindir@/login.radius
# file which holds sequence number for communication with the
# resend request this many times before trying the next server
radius_retries 3
+# NAS-Identifier
+#
+# If supplied, this option will cause the client to send the given string
+# as the contents of the NAS-Identifier attribute in RADIUS requests. No
+# NAS-IP-Address attribute will be sent in this case.
+#
+# The default behavior is to send a NAS-IP-Address option and not send
+# a NAS-Identifier. The value of the NAS-IP-Address option is chosen
+# by resolving the system hostname.
+
+# nas_identifier MyUniqueNASName
+
# LOCAL settings
# program to execute for local login
/*
- * $Id: buildreq.c,v 1.3 2002/04/02 14:09:35 dfs Exp $
+ * $Id: buildreq.c,v 1.4 2002/10/01 09:51:01 fcusack Exp $
*
* Copyright (C) 1995,1997 Lars Fenneberg
*
unsigned char rc_get_seqnbr(void);
+/*
+ * Function: rc_get_nas_id
+ *
+ * Purpose: fills in NAS-Identifier or NAS-IP-Address in request
+ *
+ */
+
+int rc_get_nas_id(VALUE_PAIR **sendpairs)
+{
+ UINT4 client_id;
+ char *nasid;
+
+ nasid = rc_conf_str("nas_identifier");
+ if (strlen(nasid)) {
+ /*
+ * Fill in NAS-Identifier
+ */
+ if (rc_avpair_add(sendpairs, PW_NAS_IDENTIFIER, nasid, 0,
+ VENDOR_NONE) == NULL)
+ return (ERROR_RC);
+
+ return (OK_RC);
+
+ } else {
+ /*
+ * Fill in NAS-IP-Address
+ */
+ if ((client_id = rc_own_ipaddress()) == 0)
+ return (ERROR_RC);
+
+ if (rc_avpair_add(sendpairs, PW_NAS_IP_ADDRESS, &client_id,
+ 0, VENDOR_NONE) == NULL)
+ return (ERROR_RC);
+ }
+
+ return (OK_RC);
+}
+
/*
* Function: rc_buildreq
*
char *msg, REQUEST_INFO *info)
{
SEND_DATA data;
- UINT4 client_id;
int result;
int i;
int timeout = rc_conf_int("radius_timeout");
data.receive_pairs = NULL;
/*
- * Fill in NAS-IP-Address
+ * Fill in NAS-IP-Address or NAS-Identifier
*/
- if ((client_id = rc_own_ipaddress()) == 0)
- return (ERROR_RC);
-
- if (rc_avpair_add(&(data.send_pairs), PW_NAS_IP_ADDRESS, &client_id, 0, VENDOR_NONE) == NULL)
- return (ERROR_RC);
+ if (rc_get_nas_id(&(data.send_pairs)) == ERROR_RC)
+ return (ERROR_RC);
/*
* Fill in NAS-Port
* Purpose: Builds an accounting request for port id client_port
* with the value_pairs send. You explicitly supply server list.
*
- * Remarks: NAS-IP-Address, NAS-Port and Acct-Delay-Time get filled
- * in by this function, the rest has to be supplied.
+ * Remarks: NAS-Identifier/NAS-IP-Address, NAS-Port and Acct-Delay-Time get
+ * filled in by this function, the rest has to be supplied.
*/
int rc_acct_using_server(SERVER *acctserver,
{
SEND_DATA data;
VALUE_PAIR *adt_vp;
- UINT4 client_id;
int result;
time_t start_time, dtime;
char msg[4096];
data.receive_pairs = NULL;
/*
- * Fill in NAS-IP-Address
+ * Fill in NAS-IP-Address or NAS-Identifier
*/
- if ((client_id = rc_own_ipaddress()) == 0)
- return (ERROR_RC);
-
- if (rc_avpair_add(&(data.send_pairs), PW_NAS_IP_ADDRESS, &client_id, 0, VENDOR_NONE) == NULL)
- return (ERROR_RC);
+ if (rc_get_nas_id(&(data.send_pairs)) == ERROR_RC)
+ return (ERROR_RC);
/*
* Fill in NAS-Port
* Purpose: Builds an accounting request for port id client_port
* with the value_pairs send
*
- * Remarks: NAS-IP-Address, NAS-Port and Acct-Delay-Time get filled
- * in by this function, the rest has to be supplied.
+ * Remarks: NAS-Identifier/NAS-IP-Address, NAS-Port and Acct-Delay-Time get
+ * filled in by this function, the rest has to be supplied.
*/
int rc_acct(UINT4 client_port, VALUE_PAIR *send)
{
SEND_DATA data;
int result;
- UINT4 client_id, service_type;
+ UINT4 service_type;
int timeout = rc_conf_int("radius_timeout");
int retries = rc_conf_int("radius_retries");
data.send_pairs = data.receive_pairs = NULL;
/*
- * Fill in NAS-IP-Address, although it isn't neccessary
+ * Fill in NAS-IP-Address or NAS-Identifier,
+ * although it isn't neccessary
*/
- if ((client_id = rc_own_ipaddress()) == 0)
- return (ERROR_RC);
-
- rc_avpair_add(&(data.send_pairs), PW_NAS_IP_ADDRESS, &client_id, 0, VENDOR_NONE);
+ if (rc_get_nas_id(&(data.send_pairs)) == ERROR_RC)
+ return (ERROR_RC);
/*
* Fill in Service-Type
/*
- * $Id: config.c,v 1.2 2002/02/27 15:51:20 dfs Exp $
+ * $Id: config.c,v 1.3 2002/10/01 09:51:01 fcusack Exp $
*
* Copyright (C) 1995,1996,1997 Lars Fenneberg
*
return (-1);
}
- if ((myipaddr = rc_own_ipaddress()) == 0)
- return (-1);
+ myipaddr = rc_own_ipaddress();
result = 0;
while (fgets (buffer, sizeof (buffer), clientfd) != (char *) NULL)
/*
- * $Id: options.h,v 1.1 2002/01/22 16:03:02 dfs Exp $
+ * $Id: options.h,v 1.2 2002/10/01 09:51:01 fcusack Exp $
*
* Copyright (C) 1996 Lars Fenneberg
*
static SERVER acctserver = {0};
static SERVER authserver = {0};
+int default_tries = 4;
+int default_timeout = 60;
+
static OPTION config_options[] = {
/* internally used options */
{"config_file", OT_STR, ST_UNDEF, NULL},
/* General options */
{"auth_order", OT_AUO, ST_UNDEF, NULL},
-{"login_tries", OT_INT, ST_UNDEF, NULL},
-{"login_timeout", OT_INT, ST_UNDEF, NULL},
-{"nologin", OT_STR, ST_UNDEF, NULL},
-{"issue", OT_STR, ST_UNDEF, NULL},
+{"login_tries", OT_INT, ST_UNDEF, &default_tries},
+{"login_timeout", OT_INT, ST_UNDEF, &default_timeout},
+{"nologin", OT_STR, ST_UNDEF, "/etc/nologin"},
+{"issue", OT_STR, ST_UNDEF, "/etc/radiusclient/issue"},
/* RADIUS specific options */
{"authserver", OT_SRV, ST_UNDEF, &authserver},
{"acctserver", OT_SRV, ST_UNDEF, &acctserver},
{"servers", OT_STR, ST_UNDEF, NULL},
{"dictionary", OT_STR, ST_UNDEF, NULL},
-{"login_radius", OT_STR, ST_UNDEF, NULL},
+{"login_radius", OT_STR, ST_UNDEF, "/usr/sbin/login.radius"},
{"seqfile", OT_STR, ST_UNDEF, NULL},
{"mapfile", OT_STR, ST_UNDEF, NULL},
{"default_realm", OT_STR, ST_UNDEF, NULL},
{"radius_timeout", OT_INT, ST_UNDEF, NULL},
{"radius_retries", OT_INT, ST_UNDEF, NULL},
+{"nas_identifier", OT_STR, ST_UNDEF, ""},
/* local options */
{"login_local", OT_STR, ST_UNDEF, NULL},
};