From: Alan Mizrahi <alan@mizrahi.com.ve>
Date: Wed, 29 Aug 2012 13:51:52 +0000 (-0600)
Subject: Bug 3609: several RADIUS helper improvements
X-Git-Tag: sourceformat-review-1~14^2~10
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=6ec3c3f6515c2bc5645f4df4138732fc3b8f28d9;p=thirdparty%2Fsquid.git

Bug 3609: several RADIUS helper improvements
---

diff --git a/helpers/basic_auth/RADIUS/basic_radius_auth.8 b/helpers/basic_auth/RADIUS/basic_radius_auth.8
index 5a9fde7666..7d5679489c 100644
--- a/helpers/basic_auth/RADIUS/basic_radius_auth.8
+++ b/helpers/basic_auth/RADIUS/basic_radius_auth.8
@@ -82,6 +82,10 @@ This directive is optional.
 .if !'po4a'hide' .BI "port " portnumber
 Specifies the port number or service name where the helper should connect.
 .
+.if !'po4a'hide' .TP
+.if !'po4a'hide' .BI "timeout " seconds
+Specifies the RADIUS request timeout.
+.
 .SH AUTHOR
 This program is written by 
 .if !'po4a'hide' .I Marc van Selm <selm@cistron.nl>
diff --git a/helpers/basic_auth/RADIUS/basic_radius_auth.cc b/helpers/basic_auth/RADIUS/basic_radius_auth.cc
index 41b6f2052a..3efa8b0562 100644
--- a/helpers/basic_auth/RADIUS/basic_radius_auth.cc
+++ b/helpers/basic_auth/RADIUS/basic_radius_auth.cc
@@ -116,7 +116,7 @@ static int nasport = 111;
 static int nasporttype = 0;
 static uint32_t nas_ipaddr;
 static uint32_t auth_ipaddr;
-static int retries = 30;
+static int retries = 10;
 
 char progname[] = "basic_radius_auth";
 
@@ -249,6 +249,8 @@ rad_auth_config(const char *cfname)
             sscanf(line, "service %s", svc_name);
         if (!memcmp(line, "port", 4))
             sscanf(line, "port %s", svc_name);
+        if (!memcmp(line, "timeout", 7))
+            sscanf(line, "timeout %d", &retries);
     }
     fclose(cf);
     if (srv && crt)
@@ -280,7 +282,7 @@ urldecode(char *dst, const char *src, int size)
     *dst = '\0';
 }
 
-static int
+static void
 authenticate(int socket_fd, const char *username, const char *passwd)
 {
     AUTH_HDR *auth;
@@ -445,16 +447,20 @@ authenticate(int socket_fd, const char *username, const char *passwd)
                 continue;
 
             rc = result_recv(saremote.sin_addr.s_addr, saremote.sin_port, recv_buffer, len);
-            if (rc == 0)
-                return 1;
-            if (rc == 1)
-                return 0;
+            if (rc == 0) {
+                SEND_OK("");
+                return;
+            }
+            if (rc == 1) {
+                SEND_ERR("");
+                return;
+            }
         }
     }
 
     fprintf(stderr, "%s: No response from RADIUS server\n", progname);
-
-    return 0;
+    SEND_ERR("No response from RADIUS server");
+    return;
 }
 
 int
@@ -596,10 +602,7 @@ main(int argc, char **argv)
             ++ptr;
         urldecode(passwd, ptr, MAXPASS);
 
-        if (authenticate(sockfd, username, passwd))
-            SEND_OK("");
-        else
-            SEND_ERR("");
+        authenticate(sockfd, username, passwd);
     }
     close(sockfd);
     exit(1);