]> git.ipfire.org Git - thirdparty/freeradius-server.git/commitdiff
Fix process authenticate to match the current structure of virtual servers....
authorArran Cudbard-Bell <a.cudbardb@freeradius.org>
Thu, 25 Mar 2021 17:48:09 +0000 (17:48 +0000)
committerArran Cudbard-Bell <a.cudbardb@freeradius.org>
Wed, 31 Mar 2021 15:10:53 +0000 (16:10 +0100)
src/lib/server/virtual_servers.c
src/lib/server/virtual_servers.h
src/modules/rlm_eap/types/rlm_eap_gtc/rlm_eap_gtc.c
src/modules/rlm_eap/types/rlm_eap_mschapv2/rlm_eap_mschapv2.c

index 10ef7d3c23873e2284c454c45bd5312b848a3fe1..21a79293e2c92d63b4a5a007f55fb8277727e53a 100644 (file)
@@ -1383,10 +1383,9 @@ int virtual_servers_free(void)
 
 /**
  */
-unlang_action_t process_authenticate(rlm_rcode_t *p_result, int auth_type, request_t *request)
+unlang_action_t process_authenticate(rlm_rcode_t *p_result, int auth_type, request_t *request, CONF_SECTION *server_cs)
 {
        rlm_rcode_t     rcode;
-       CONF_SECTION    *cs;
        char const      *module;
        char const      *component;
        fr_dict_attr_t const *da;
@@ -1394,14 +1393,6 @@ unlang_action_t process_authenticate(rlm_rcode_t *p_result, int auth_type, reque
        CONF_SECTION    *subcs;
        fr_dict_t const *dict_internal;
 
-       cs = cf_section_find(unlang_call_current(request), "authenticate", NULL);
-       if (!cs) {
-               RDEBUG2("Empty 'authenticate' section in virtual server \"%s\".  Using default return value (%s)",
-                       cf_section_name2(unlang_call_current(request)),
-                       fr_table_str_by_value(rcode_table, RLM_MODULE_REJECT, "<invalid>"));
-               RETURN_MODULE_REJECT;
-       }
-
        /*
         *      Figure out which section to run.
         */
@@ -1417,7 +1408,7 @@ unlang_action_t process_authenticate(rlm_rcode_t *p_result, int auth_type, reque
        dv = fr_dict_enum_by_value(da, fr_box_uint32((uint32_t) auth_type));
        if (!dv) RETURN_MODULE_FAIL;
 
-       subcs = cf_section_find(cs, da->name, dv->name);
+       subcs = cf_section_find(server_cs, "authenticate", dv->name);
        if (!subcs) {
                RDEBUG2("%s %s sub-section not found.  Using default return values.",
                        da->name, dv->name);
@@ -1426,7 +1417,6 @@ unlang_action_t process_authenticate(rlm_rcode_t *p_result, int auth_type, reque
 
        RDEBUG("Running %s %s from file %s",
               da->name, dv->name, cf_filename(subcs));
-       cs = subcs;
 
        /*
         *      Cache and restore these, as they're re-set when
@@ -1439,10 +1429,10 @@ unlang_action_t process_authenticate(rlm_rcode_t *p_result, int auth_type, reque
        request->component = "authenticate";
 
 
-       if (unlang_interpret_push_section(request, cs, RLM_MODULE_REJECT, UNLANG_TOP_FRAME) < 0) {
+       if (unlang_interpret_push_section(request, subcs, RLM_MODULE_REJECT, UNLANG_TOP_FRAME) < 0) {
                RETURN_MODULE_FAIL;
        }
-       rcode = unlang_interpret(request);
+       rcode = unlang_interpret_synchronous(request);
 
        request->component = component;
        request->module = module;
index 287b1e888972f532765ef9f8564b41ad08e8351b..5460592eac13083f79b9642052c03d1fff76214b 100644 (file)
@@ -89,7 +89,7 @@ int           virtual_server_has_namespace(CONF_SECTION **out,
                                             CONF_ITEM *ci);
 /** @} */
 
-unlang_action_t process_authenticate(rlm_rcode_t *p_result, int auth_type, request_t *request);
+unlang_action_t process_authenticate(rlm_rcode_t *p_result, int auth_type, request_t *request, CONF_SECTION *server_cs);
 
 rlm_rcode_t    virtual_server_process_auth(request_t *request, CONF_SECTION *virtual_server,
                                            rlm_rcode_t default_rcode,
index 7d0b2197d0fd092864b87cb3cb53fe61c5dc1120..5c25b5403d7047a6fd3339ed344a2cca77833a0b 100644 (file)
@@ -171,7 +171,8 @@ static unlang_action_t mod_process(rlm_rcode_t *p_result, module_ctx_t const *mc
                /*
                 *      Call the authenticate section of the *current* virtual server.
                 */
-               process_authenticate(&rcode, inst->auth_type->value->vb_uint32, request);
+               process_authenticate(&rcode, inst->auth_type->value->vb_uint32,
+                                    request, unlang_call_current(request->parent));
                if (rcode != RLM_MODULE_OK) {
                        eap_round->request->code = FR_EAP_CODE_FAILURE;
                        RETURN_MODULE_RCODE(rcode);
index 66df3030b35be7c45d50842a74c62347c89d01d3..cc65b7c2a9e508d9f38f81a10b030a73b531f055 100644 (file)
@@ -748,21 +748,13 @@ packet_ready:
         */
        unlang = cf_section_find(unlang_call_current(request), "authenticate", inst->auth_type->name);
        if (!unlang) {
-               process_authenticate(&rcode, inst->auth_type->value->vb_uint32, request);
+               process_authenticate(&rcode, inst->auth_type->value->vb_uint32,
+                                    request, unlang_call_current(request->parent));
        } else {
                if (unlang_interpret_push_section(request, unlang, RLM_MODULE_FAIL, UNLANG_TOP_FRAME) < 0) {
                        RETURN_MODULE_FAIL;
                }
-               rcode = unlang_interpret(request);
-
-               /*
-                *      If it's yielding, set up the process function
-                *      to continue after resume.
-                */
-               if (rcode == RLM_MODULE_YIELD) {
-                       eap_session->process = mod_process_auth_type;
-                       return UNLANG_ACTION_YIELD;
-               }
+               rcode = unlang_interpret_synchronous(request);
        }
 
        return mschap_finalize(p_result, mctx, request, eap_session, rcode);