add more WARNINGs so that people who read them will be enlightened.

The default configuration depends on either User-Name or
Stripped-User-Name containing the identity of the user logging in.
If the identity is anonymized, and there's no Stripped-User-Name,
we need to warn the administrator that there is not enough
information to identify the user.

diff --git a/src/main/auth.c b/src/main/auth.c
index d43d65e46e83ce429161bc792793910f6a4e7041..c3b776083e9fb85cbc488e8a4e9636cc8a55a86e 100644 (file)
--- a/src/main/auth.c
+++ b/src/main/auth.c
@@ -861,6 +861,22 @@ int rad_virtual_server(REQUEST *request)
        }
 
        if (request->reply->code == PW_CODE_ACCESS_ACCEPT) {
+               /*
+                *      Check that there is a name which can be used
+                *      to identify the user.  The configuration
+                *      depends on User-Name or Stripped-User-Name
+                *      existing, and being (mostly) unique to that
+                *      user.
+                */
+               if (!request->parent &&
+                   (request->username->da->attr == PW_USER_NAME) &&
+                   (request->username->vp_strvalue[0] == '@') &&
+                   !fr_pair_find_by_num(request->packet->vps, PW_STRIPPED_USER_NAME, 0, TAG_ANY)) {
+                       RWDEBUG("User-Name is anonymized, and no Stripped-User-Name exists.");
+                       RWDEBUG("It may be difficult or impossible to identify the user");
+                       RWDEBUG("Please update Stripped-User-Name with information which identifies the user");
+               }
+
                rad_postauth(request);
        }