Re: Freeradius2 and proxing

[Vincent Magnin <Vincent.Magnin@unil.ch>]

Well,

I've writen a patch for realms.c and now, I've a better behaviour:

    rlm_realm: Looking up realm "extern.realm.com" for User-Name =  
"anonymous@extern.realm.com"
    rlm_realm: Found realm "DEFAULT"
    rlm_realm: Proxying request from user anonymous to realm DEFAULT
    rlm_realm: Adding Realm = "DEFAULT"
    rlm_realm: Preparing to proxy authentication request to realm "DEFAULT"



Does exist a better way to use the DEFAULT realm?

Regards,

Vincent Magnin


Vincent Magnin <Vincent.Magnin@unil.ch> a écrit :

> In freeradius 1, if I need to proxy requests whose realm are remote,
> I put the following in proxy.conf:
>
> > realm DEFAULT {
> >        type = radius
> >        authhost = remote.server1.com:1812
> >        accthost = remote.server1.com:1813
> >        secret = ****************
> >        ldflag = round_robin
> >        nostrip }
> >
> > realm DEFAULT {
> >        type = radius
> >        authhost = remote.server2.com:1812
> >        accthost = remote.server2.com:1813
> >        secret = ****************
> >        ldflag = round_robin
> >        nostrip
> > }
>
>
> I've tried to put the same lines in my freeradius2 config file and it
> does not work as expected:
>
> radius -X output:
>
>     rlm_realm: Looking up realm "extern.realm.com" for User-Name =  
> "anonymous@extern.realm.com"
>     rlm_realm: No such realm "extern.realm.com"
>
> Then, the request is done locally.
>
>
> If I put in my proxy.conf file this domain explicitely, it works fine:
>
>
> > realm extern.realm.com {
> >        type = radius
> >        authhost = remote.server2.com:1812
> >        accthost = remote.server2.com:1813
> >        secret = ****************
> >        ldflag = round_robin
> >        nostrip
> > }
>
> radius -X output:
>
>     rlm_realm: Looking up realm "extern.realm.com" for User-Name =  
> "anonymous@extern.realm.com"
>     rlm_realm: Found realm "extern.realm.com"
>     rlm_realm: Proxying request from user anonymous to realm extern.realm.com
>     rlm_realm: Adding Realm = "extern.realm.com"
>     rlm_realm: Preparing to proxy accounting request to realm  
> "extern.realm.com"

Switzerland

--- freeradius-server-2.0.1/src/main/realms.c	2008-01-09 14:39:13.000000000 +0100
+++ freeradius-server-2.0.1-defaultrealm/src/main/realms.c	2008-02-07 14:14:26.000000000 +0100
@@ -1323,11 +1323,21 @@
 REALM *realm_find(const char *name)
 {
 	REALM myrealm;
-
+	REALM *ret;
+	
 	if (!name) name = "NULL";
 
 	myrealm.name = name;
-	return rbtree_finddata(realms_byname, &myrealm);
+	ret = rbtree_finddata(realms_byname, &myrealm);
+	
+	if (!ret) {
+		const char *defrealm = "DEFAULT";
+		
+		myrealm.name = defrealm;
+		ret = rbtree_finddata(realms_byname, &myrealm);
+	}
+	
+	return ret;
 }