Allow returning attributes from rejected RADIUS authentication.
git-svn-id: http://voip.null.ro/svn/yate@4369 acf43c95-373e-0410-b603-e72c3f656dc1
This commit is contained in:
parent
9ed9ec13c5
commit
21d64d3c43
|
@ -71,6 +71,9 @@
|
|||
; ret: will set authentication returned attributes back into message
|
||||
;ret:attribute-name=paramname
|
||||
|
||||
; ret-fail: will set returned attributes from auth rejection back into message
|
||||
;ret-fail:attribute-name=paramname
|
||||
|
||||
; Any other parameter will attempt to match the right hand Regexp
|
||||
;paramname=REGEXP
|
||||
|
||||
|
|
|
@ -351,7 +351,7 @@ public:
|
|||
bool addAttribute(const char* attrib, unsigned char subType, const char* val, bool emptyOk = false);
|
||||
void addAttributes(NamedList& params, NamedList* list);
|
||||
bool prepareAttributes(NamedList& params, bool forAcct = true, String* user = 0);
|
||||
bool returnAttributes(NamedList& params, const ObjList* attributes);
|
||||
bool returnAttributes(NamedList& params, const ObjList* attributes, bool ok = true);
|
||||
static bool fillRandom(DataBlock& data, int len);
|
||||
|
||||
private:
|
||||
|
@ -1292,7 +1292,7 @@ bool RadiusClient::prepareAttributes(NamedList& params, bool forAcct, String* us
|
|||
}
|
||||
|
||||
// Copy some attributes back from RADIUS answer to parameter list (message)
|
||||
bool RadiusClient::returnAttributes(NamedList& params, const ObjList* attributes)
|
||||
bool RadiusClient::returnAttributes(NamedList& params, const ObjList* attributes, bool ok)
|
||||
{
|
||||
Lock lock(s_cfgMutex);
|
||||
NamedList* sect = s_cfg.getSection(m_section);
|
||||
|
@ -1309,7 +1309,7 @@ bool RadiusClient::returnAttributes(NamedList& params, const ObjList* attributes
|
|||
attr->getString(val);
|
||||
attrDump << "\r\n " << attr->name() << "='" << val << "'";
|
||||
}
|
||||
String tmp("ret:");
|
||||
String tmp(ok ? "ret:" : "ret-fail:");
|
||||
tmp += attr->name();
|
||||
String* par = sect->getParam(tmp);
|
||||
if (par && *par) {
|
||||
|
@ -1366,13 +1366,15 @@ bool AuthHandler::received(Message& msg)
|
|||
radclient.addAttribute("h323-remote-address",address);
|
||||
|
||||
ObjList result;
|
||||
if (radclient.doAuthenticate(&result) != AuthSuccess)
|
||||
if (radclient.doAuthenticate(&result) != AuthSuccess) {
|
||||
radclient.returnAttributes(msg,&result,false);
|
||||
return false;
|
||||
}
|
||||
// copy back the username we actually authenticated
|
||||
if (user)
|
||||
msg.setParam("username",user);
|
||||
// and pick whatever other parameters we want to return
|
||||
radclient.returnAttributes(msg,&result);
|
||||
radclient.returnAttributes(msg,&result,true);
|
||||
if (s_pb_enabled)
|
||||
portaBillingRoute(msg,&result);
|
||||
// signal we don't return a password
|
||||
|
|
Loading…
Reference in New Issue