From: Arran Cudbard-Bell Date: Thu, 25 Mar 2021 17:48:09 +0000 (+0000) Subject: Fix process authenticate to match the current structure of virtual servers.... X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=e4fde73cb4fc0dc9cfbe6e06800f3781e191cb90;p=thirdparty%2Ffreeradius-server.git Fix process authenticate to match the current structure of virtual servers.... --- diff --git a/src/lib/server/virtual_servers.c b/src/lib/server/virtual_servers.c index 10ef7d3c238..21a79293e2c 100644 --- a/src/lib/server/virtual_servers.c +++ b/src/lib/server/virtual_servers.c @@ -1383,10 +1383,9 @@ int virtual_servers_free(void) /** */ -unlang_action_t process_authenticate(rlm_rcode_t *p_result, int auth_type, request_t *request) +unlang_action_t process_authenticate(rlm_rcode_t *p_result, int auth_type, request_t *request, CONF_SECTION *server_cs) { rlm_rcode_t rcode; - CONF_SECTION *cs; char const *module; char const *component; fr_dict_attr_t const *da; @@ -1394,14 +1393,6 @@ unlang_action_t process_authenticate(rlm_rcode_t *p_result, int auth_type, reque CONF_SECTION *subcs; fr_dict_t const *dict_internal; - cs = cf_section_find(unlang_call_current(request), "authenticate", NULL); - if (!cs) { - RDEBUG2("Empty 'authenticate' section in virtual server \"%s\". Using default return value (%s)", - cf_section_name2(unlang_call_current(request)), - fr_table_str_by_value(rcode_table, RLM_MODULE_REJECT, "")); - RETURN_MODULE_REJECT; - } - /* * Figure out which section to run. */ @@ -1417,7 +1408,7 @@ unlang_action_t process_authenticate(rlm_rcode_t *p_result, int auth_type, reque dv = fr_dict_enum_by_value(da, fr_box_uint32((uint32_t) auth_type)); if (!dv) RETURN_MODULE_FAIL; - subcs = cf_section_find(cs, da->name, dv->name); + subcs = cf_section_find(server_cs, "authenticate", dv->name); if (!subcs) { RDEBUG2("%s %s sub-section not found. Using default return values.", da->name, dv->name); @@ -1426,7 +1417,6 @@ unlang_action_t process_authenticate(rlm_rcode_t *p_result, int auth_type, reque RDEBUG("Running %s %s from file %s", da->name, dv->name, cf_filename(subcs)); - cs = subcs; /* * Cache and restore these, as they're re-set when @@ -1439,10 +1429,10 @@ unlang_action_t process_authenticate(rlm_rcode_t *p_result, int auth_type, reque request->component = "authenticate"; - if (unlang_interpret_push_section(request, cs, RLM_MODULE_REJECT, UNLANG_TOP_FRAME) < 0) { + if (unlang_interpret_push_section(request, subcs, RLM_MODULE_REJECT, UNLANG_TOP_FRAME) < 0) { RETURN_MODULE_FAIL; } - rcode = unlang_interpret(request); + rcode = unlang_interpret_synchronous(request); request->component = component; request->module = module; diff --git a/src/lib/server/virtual_servers.h b/src/lib/server/virtual_servers.h index 287b1e88897..5460592eac1 100644 --- a/src/lib/server/virtual_servers.h +++ b/src/lib/server/virtual_servers.h @@ -89,7 +89,7 @@ int virtual_server_has_namespace(CONF_SECTION **out, CONF_ITEM *ci); /** @} */ -unlang_action_t process_authenticate(rlm_rcode_t *p_result, int auth_type, request_t *request); +unlang_action_t process_authenticate(rlm_rcode_t *p_result, int auth_type, request_t *request, CONF_SECTION *server_cs); rlm_rcode_t virtual_server_process_auth(request_t *request, CONF_SECTION *virtual_server, rlm_rcode_t default_rcode, diff --git a/src/modules/rlm_eap/types/rlm_eap_gtc/rlm_eap_gtc.c b/src/modules/rlm_eap/types/rlm_eap_gtc/rlm_eap_gtc.c index 7d0b2197d0f..5c25b5403d7 100644 --- a/src/modules/rlm_eap/types/rlm_eap_gtc/rlm_eap_gtc.c +++ b/src/modules/rlm_eap/types/rlm_eap_gtc/rlm_eap_gtc.c @@ -171,7 +171,8 @@ static unlang_action_t mod_process(rlm_rcode_t *p_result, module_ctx_t const *mc /* * Call the authenticate section of the *current* virtual server. */ - process_authenticate(&rcode, inst->auth_type->value->vb_uint32, request); + process_authenticate(&rcode, inst->auth_type->value->vb_uint32, + request, unlang_call_current(request->parent)); if (rcode != RLM_MODULE_OK) { eap_round->request->code = FR_EAP_CODE_FAILURE; RETURN_MODULE_RCODE(rcode); diff --git a/src/modules/rlm_eap/types/rlm_eap_mschapv2/rlm_eap_mschapv2.c b/src/modules/rlm_eap/types/rlm_eap_mschapv2/rlm_eap_mschapv2.c index 66df3030b35..cc65b7c2a9e 100644 --- a/src/modules/rlm_eap/types/rlm_eap_mschapv2/rlm_eap_mschapv2.c +++ b/src/modules/rlm_eap/types/rlm_eap_mschapv2/rlm_eap_mschapv2.c @@ -748,21 +748,13 @@ packet_ready: */ unlang = cf_section_find(unlang_call_current(request), "authenticate", inst->auth_type->name); if (!unlang) { - process_authenticate(&rcode, inst->auth_type->value->vb_uint32, request); + process_authenticate(&rcode, inst->auth_type->value->vb_uint32, + request, unlang_call_current(request->parent)); } else { if (unlang_interpret_push_section(request, unlang, RLM_MODULE_FAIL, UNLANG_TOP_FRAME) < 0) { RETURN_MODULE_FAIL; } - rcode = unlang_interpret(request); - - /* - * If it's yielding, set up the process function - * to continue after resume. - */ - if (rcode == RLM_MODULE_YIELD) { - eap_session->process = mod_process_auth_type; - return UNLANG_ACTION_YIELD; - } + rcode = unlang_interpret_synchronous(request); } return mschap_finalize(p_result, mctx, request, eap_session, rcode);