"Robert Dukes" <rbdukes@gmail.com> wrote:
This really sucks :) We invested so much into the gear here as our project is funding by caring people. So there is no way to get this done ah ????
Try the patch below, which should work in 1.1.x. No guarantees... it just compiles, and I haven't tested it. You'll also have to create a dictionary, but I leave that part up to you. Alan DeKok. Index: src/include/libradius.h =================================================================== RCS file: /source/radiusd/src/include/libradius.h,v retrieving revision 1.76.2.2.2.9 diff -u -r1.76.2.2.2.9 libradius.h --- src/include/libradius.h 15 Jun 2006 21:47:14 -0000 1.76.2.2.2.9 +++ src/include/libradius.h 13 Jul 2006 21:22:18 -0000 @@ -65,12 +65,13 @@ #define CHAP_VALUE_LENGTH 16 #define MAX_STRING_LEN 254 /* RFC2138: string 0-253 octets */ +# define VENDOR(x) ((x >> 16) & 0xffff) + #ifdef _LIBRADIUS # define AUTH_HDR_LEN 20 # define VENDORPEC_USR 429 #define VENDORPEC_LUCENT 4846 #define VENDORPEC_STARENT 8164 -# define VENDOR(x) ((x >> 16) & 0xffff) # define DEBUG if (librad_debug) printf # define debug_pair(vp) do { if (librad_debug) { \ putchar('\t'); \ Index: src/modules/rlm_preprocess/rlm_preprocess.c =================================================================== RCS file: /source/radiusd/src/modules/rlm_preprocess/rlm_preprocess.c,v retrieving revision 1.52.2.1.2.1 diff -u -r1.52.2.1.2.1 rlm_preprocess.c --- src/modules/rlm_preprocess/rlm_preprocess.c 5 May 2006 17:31:53 -0000 1.52.2.1.2.1 +++ src/modules/rlm_preprocess/rlm_preprocess.c 13 Jul 2006 21:22:18 -0000 @@ -48,6 +48,7 @@ int with_ntdomain_hack; int with_specialix_jetstream_hack; int with_cisco_vsa_hack; + int with_alvarion_vsa_hack; } rlm_preprocess_t; static CONF_PARSER module_config[] = { @@ -69,6 +70,8 @@ "no" }, { "with_cisco_vsa_hack", PW_TYPE_BOOLEAN, offsetof(rlm_preprocess_t,with_cisco_vsa_hack), NULL, "no" }, + { "with_alvarion_vsa_hack", PW_TYPE_BOOLEAN, + offsetof(rlm_preprocess_t,with_alvarion_vsa_hack), NULL, "no" }, { NULL, -1, 0, NULL, NULL } }; @@ -115,7 +118,7 @@ char newattr[MAX_STRING_LEN]; for ( ; vp != NULL; vp = vp->next) { - vendorcode = (vp->attribute >> 16); /* HACK! */ + vendorcode = VENDOR(vp->attribute); if (!((vendorcode == 9) || (vendorcode == 6618))) continue; /* not a Cisco or Quintum VSA, continue */ if (vp->type != PW_TYPE_STRING) continue; @@ -170,6 +173,26 @@ } } + +/* + * Don't even ask what this is doing... + */ +static void alvarion_vsa_hack(VALUE_PAIR *vp) +{ + int vendorcode; + int number = 1; + + for ( ; vp != NULL; vp = vp->next) { + vendorcode = VENDOR(vp->attribute); + if (vendorcode != 12394) continue; + if (vp->type != PW_TYPE_STRING) continue; + + vp->attribute = number | (12394 << 16); + snprintf(vp->name, sizeof(vp->name), + "Breezecom-Attr%d", number++); + } +} + /* * Mangle username if needed, IN PLACE. */ @@ -515,6 +538,14 @@ cisco_vsa_hack(request->packet->vps); } + if (data->with_alvarion_vsa_hack) { + /* + * We need to run this hack because the Alvarion + * people are crazy. + */ + alvarion_vsa_hack(request->packet->vps); + } + /* * Note that we add the Request-Src-IP-Address to the request * structure BEFORE checking huntgroup access. This allows