const char *name;
const char *auth_badpass_msg;
const char *auth_goodpass_msg;
+#ifdef WITH_POST_PROXY_AUTHORIZE
+ int post_proxy_authorize;
+#endif
} MAIN_CONFIG_T;
#define DEBUG if(debug_flag)log_debug
&request->config_items,
PW_AUTH_TYPE, PW_TYPE_INTEGER);
if (tmp) tmp->vp_integer = PW_AUTHTYPE_ACCEPT;
+#ifdef WITH_POXT_PROXY_AUTHORIZE
+ if (mainconfig.post_proxy_authorize) break;
+#endif
goto authenticate;
/*
*/
int module_authorize(int autz_type, REQUEST *request)
{
+#ifdef WITH_POST_PROXY_AUTHORIZE
+ /*
+ * We have a proxied packet, and we've been told
+ * to NOT pass proxied packets through 'authorize'
+ * a second time. So stop.
+ */
+ if ((request->proxy != NULL &&
+ mainconfig.post_proxy_authorize == FALSE)) {
+ DEBUG2(" authorize: Skipping authorize in post-proxy stage");
+ return RLM_MODULE_NOOP;
+ }
+#endif
+
return indexed_modcall(RLM_COMPONENT_AUTZ, autz_type, request);
}
offsetof(realm_config_t, wake_all_if_all_dead),
NULL, "no" },
+#ifdef WITH_POST_PROXY_AUTHORIZE
+ { "post_proxy_authorize", PW_TYPE_BOOLEAN, 0,
+ &mainconfig.post_proxy_authorize, "yes" },
+#endif
+
{ NULL, -1, 0, NULL, NULL }
};
#endif
projects / thirdparty / freeradius-server.git / commitdiff
