Would it be possible to change login_radius.c actually raddauth.c so that:
1. The admin can change what port login_radius uses, such as the
old datametrics port. It is currently hard coded to radius(1812).
2. Make it so it does not try an empty password 2 times before it kicks back a
prompt asking for a password.
This is the diff/changes I had in mind.
--- radius_current/raddauth.c Tue Dec 11 12:28:41 2007
+++ raddauth.c Wed Dec 12 00:29:43 2007
@@ -117,6 +117,7 @@
int retries;
int sockfd;
int timeout;
+char *radius_port;
in_addr_t alt_server;
in_addr_t auth_server;
@@ -168,6 +169,10 @@
timeout = login_getcapnum(lc, "radius-timeout", 2, 2);
retries = login_getcapnum(lc, "radius-retries", 6, 6);
+ radius_port = login_getcapstr(lc, "radius-port", NULL, NULL);
+
+ if (radius_port == NULL) radius_port = "radius";
+
if (timeout < 1)
timeout = 1;
if (retries < 2)
@@ -209,7 +214,7 @@
}
/* get port number */
- svp = getservbyname ("radius", "udp");
+ svp = getservbyname (radius_port, "udp");
if (svp == NULL) {
*emsg = "No such service: radius/udp";
return (1);
@@ -271,7 +276,7 @@
}
}
- if (retries > 0) {
+ if (retries > 0 && passwd != "") {
rad_request(req_id, userstyle, passwd, auth_port, vector,
pwstate);
@@ -417,9 +422,9 @@
auth.length = htons(total_length);
/* get radius port number */
- rad_port = getservbyname("radius", "udp");
+ rad_port = getservbyname(radius_port, "udp");
if (rad_port == NULL)
- errx(1, "no such service: radius/udp");
+ errx(1, "no such service: %s/udp", radius_port);
memset(&sin, 0, sizeof (sin));
sin.sin_family = AF_INET;
Thanks,
-Brad
