From: Alan T. DeKok <aland@freeradius.org>
Date: Mon, 16 May 2011 11:30:20 +0000 (+0200)
Subject: Added deprecated functionality as compile-time option
X-Git-Tag: release_2_1_11~35
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=fb0712327bd0dea1073ec509ad872ab9437dcc3d;p=thirdparty%2Ffreeradius-server.git

Added deprecated functionality as compile-time option
---

diff --git a/src/include/radiusd.h b/src/include/radiusd.h
index 0c338e07b7f..2809100a78e 100644
--- a/src/include/radiusd.h
+++ b/src/include/radiusd.h
@@ -377,6 +377,9 @@ typedef struct main_config_t {
 	const char	*name;
 	const char	*auth_badpass_msg;
 	const char	*auth_goodpass_msg;
+#ifdef WITH_POST_PROXY_AUTHORIZE
+	int		post_proxy_authorize;
+#endif
 } MAIN_CONFIG_T;
 
 #define DEBUG	if(debug_flag)log_debug
diff --git a/src/main/auth.c b/src/main/auth.c
index a74a0ce8b00..e6adeee8fbe 100644
--- a/src/main/auth.c
+++ b/src/main/auth.c
@@ -499,6 +499,9 @@ int rad_authenticate(REQUEST *request)
 						&request->config_items,
 						PW_AUTH_TYPE, PW_TYPE_INTEGER);
 			if (tmp) tmp->vp_integer = PW_AUTHTYPE_ACCEPT;
+#ifdef WITH_POXT_PROXY_AUTHORIZE
+			if (mainconfig.post_proxy_authorize) break;
+#endif
 			goto authenticate;
 
 		/*
diff --git a/src/main/modules.c b/src/main/modules.c
index 39f441fdf37..c299247f318 100644
--- a/src/main/modules.c
+++ b/src/main/modules.c
@@ -1559,6 +1559,19 @@ int setup_modules(int reload, CONF_SECTION *config)
  */
 int module_authorize(int autz_type, REQUEST *request)
 {
+#ifdef WITH_POST_PROXY_AUTHORIZE
+	/*
+	 *	We have a proxied packet, and we've been told
+	 *	to NOT pass proxied packets through 'authorize'
+	 *	a second time.  So stop.
+	 */
+	if ((request->proxy != NULL &&
+	     mainconfig.post_proxy_authorize == FALSE)) {
+		DEBUG2(" authorize: Skipping authorize in post-proxy stage");
+		return RLM_MODULE_NOOP;
+	}
+#endif
+
 	return indexed_modcall(RLM_COMPONENT_AUTZ, autz_type, request);
 }
 
diff --git a/src/main/realms.c b/src/main/realms.c
index 9fac06ad4b2..3196ea4c976 100644
--- a/src/main/realms.c
+++ b/src/main/realms.c
@@ -110,6 +110,11 @@ static const CONF_PARSER proxy_config[] = {
 	  offsetof(realm_config_t, wake_all_if_all_dead),
 	  NULL, "no" },
 
+#ifdef WITH_POST_PROXY_AUTHORIZE
+        { "post_proxy_authorize", PW_TYPE_BOOLEAN, 0,
+	  &mainconfig.post_proxy_authorize, "yes" },
+#endif
+
 	{ NULL, -1, 0, NULL, NULL }
 };
 #endif