Alan,<br>Thanks for the info,but can you giude me more on this this patch. i am very newbie in the linux and freebsd world. I am more of a window person. <br><br><br><br><div><span class="gmail_quote">On 7/14/06, <b class="gmail_sendername">
Alan DeKok</b> <<a href="mailto:aland@nitros9.org">aland@nitros9.org</a>> wrote:</span><blockquote class="gmail_quote" style="margin-top: 0; margin-right: 0; margin-bottom: 0; margin-left: 0; margin-left: 0.80ex; border-left-color: #cccccc; border-left-width: 1px; border-left-style: solid; padding-left: 1ex">
"Robert Dukes" <<a href="mailto:rbdukes@gmail.com">rbdukes@gmail.com</a>> wrote:<br>> This really sucks :) We invested so much into the gear here as our project<br>> is funding by caring people. So there is no way to get this done ah ????
<br><br> Try the patch below, which should work in 1.1.x.<br><br> No guarantees... it just compiles, and I haven't tested it.<br>You'll also have to create a dictionary, but I leave that part up to<br>you.<br><br> Alan DeKok.
<br><br>Index: src/include/libradius.h<br>===================================================================<br>RCS file: /source/radiusd/src/include/libradius.h,v<br>retrieving revision 1.76.2.2.2.9<br>diff -u -r1.76.2.2.2.9
libradius.h<br>--- src/include/libradius.h 15 Jun 2006 21:47:14 -0000 1.76.2.2.2.9<br>+++ src/include/libradius.h 13 Jul 2006 21:22:18 -0000<br>@@ -65,12 +65,13 @@<br> #define CHAP_VALUE_LENGTH 16<br> #define MAX_STRING_LEN 254 /* RFC2138: string 0-253 octets */
<br><br>+# define VENDOR(x) ((x >> 16) & 0xffff)<br>+<br> #ifdef _LIBRADIUS<br> # define AUTH_HDR_LEN 20<br> # define VENDORPEC_USR 429<br> #define VENDORPEC_LUCENT 4846
<br> #define VENDORPEC_STARENT 8164<br>-# define VENDOR(x) ((x >> 16) & 0xffff)<br> # define DEBUG if (librad_debug) printf<br> # define debug_pair(vp) do { if (librad_debug) { \
<br> putchar('\t'); \<br>Index: src/modules/rlm_preprocess/rlm_preprocess.c<br>===================================================================<br>RCS file: /source/radiusd/src/modules/rlm_preprocess/rlm_preprocess.c,v
<br>retrieving revision 1.52.2.1.2.1<br>diff -u -r1.52.2.1.2.1 rlm_preprocess.c<br>--- src/modules/rlm_preprocess/rlm_preprocess.c 5 May 2006 17:31:53 -0000 1.52.2.1.2.1<br>+++ src/modules/rlm_preprocess/rlm_preprocess.c 13 Jul 2006 21:22:18 -0000
<br>@@ -48,6 +48,7 @@<br> int with_ntdomain_hack;<br> int with_specialix_jetstream_hack;<br> int with_cisco_vsa_hack;<br>+ int with_alvarion_vsa_hack;
<br> } rlm_preprocess_t;<br><br> static CONF_PARSER module_config[] = {<br>@@ -69,6 +70,8 @@<br> "no" },<br> { "with_cisco_vsa_hack", PW_TYPE_BOOLEAN,<br> offsetof(rlm_preprocess_t,with_cisco_vsa_hack), NULL, "no" },
<br>+ { "with_alvarion_vsa_hack", PW_TYPE_BOOLEAN,<br>+ offsetof(rlm_preprocess_t,with_alvarion_vsa_hack), NULL, "no" },<br><br> { NULL, -1, 0, NULL, NULL }<br> };<br>@@ -115,7 +118,7 @@
<br> char newattr[MAX_STRING_LEN];<br><br> for ( ; vp != NULL; vp = vp->next) {<br>- vendorcode = (vp->attribute >> 16); /* HACK! */<br>+ vendorcode = VENDOR(vp->attribute);
<br> if (!((vendorcode == 9) || (vendorcode == 6618))) continue; /* not a Cisco or Quintum VSA, continue */<br><br> if (vp->type != PW_TYPE_STRING) continue;<br>@@ -170,6 +173,26 @@<br> }
<br> }<br><br>+<br>+/*<br>+ * Don't even ask what this is doing...<br>+ */<br>+static void alvarion_vsa_hack(VALUE_PAIR *vp)<br>+{<br>+ int vendorcode;<br>+ int number = 1;<br>+<br>
+ for ( ; vp != NULL; vp = vp->next) {<br>+ vendorcode = VENDOR(vp->attribute);<br>+ if (vendorcode != 12394) continue;<br>+ if (vp->type != PW_TYPE_STRING) continue;
<br>+<br>+ vp->attribute = number | (12394 << 16);<br>+ snprintf(vp->name, sizeof(vp->name),<br>+ "Breezecom-Attr%d", number++);<br>+ }<br>
+}<br>+<br> /*<br> * Mangle username if needed, IN PLACE.<br> */<br>@@ -515,6 +538,14 @@<br> cisco_vsa_hack(request->packet->vps);<br> }<br><br>+ if (data->with_alvarion_vsa_hack) {
<br>+ /*<br>+ * We need to run this hack because the Alvarion<br>+ * people are crazy.<br>+ */<br>+ alvarion_vsa_hack(request->packet->vps);
<br>+ }<br>+<br> /*<br> * Note that we add the Request-Src-IP-Address to the request<br> * structure BEFORE checking huntgroup access. This allows<br><br>-<br>List info/subscribe/unsubscribe? See
<a href="http://www.freeradius.org/list/users.html">http://www.freeradius.org/list/users.html</a><br></blockquote></div><br><br clear="all"><br>-- <br>Robert Dukes