Would it be possible to change login_radius.c actually raddauth.c so that:

1. The admin can change what port login_radius uses, such as the
old datametrics port. It is currently hard coded to radius(1812).

2. Make it so it does not try an empty password 2 times before it kicks back a
prompt asking for a password.

This is the diff/changes I had in mind.

--- radius_current/raddauth.c   Tue Dec 11 12:28:41 2007
+++ raddauth.c  Wed Dec 12 00:29:43 2007
@@ -117,6 +117,7 @@
 int retries;
 int sockfd;
 int timeout;
+char *radius_port;
 in_addr_t alt_server;
 in_addr_t auth_server;

@@ -168,6 +169,10 @@

        timeout = login_getcapnum(lc, "radius-timeout", 2, 2);
        retries = login_getcapnum(lc, "radius-retries", 6, 6);
+       radius_port = login_getcapstr(lc, "radius-port", NULL, NULL);
+
+       if (radius_port == NULL) radius_port = "radius";
+
        if (timeout < 1)
                timeout = 1;
        if (retries < 2)
@@ -209,7 +214,7 @@
        }

        /* get port number */
-       svp = getservbyname ("radius", "udp");
+       svp = getservbyname (radius_port, "udp");
        if (svp == NULL) {
                *emsg = "No such service: radius/udp";
                return (1);
@@ -271,7 +276,7 @@
                }
        }

-       if (retries > 0) {
+       if (retries > 0 && passwd != "") {
                rad_request(req_id, userstyle, passwd, auth_port, vector,
                    pwstate);

@@ -417,9 +422,9 @@
        auth.length = htons(total_length);

        /* get radius port number */
-       rad_port = getservbyname("radius", "udp");
+       rad_port = getservbyname(radius_port, "udp");
        if (rad_port == NULL)
-               errx(1, "no such service: radius/udp");
+               errx(1, "no such service: %s/udp", radius_port);

        memset(&sin, 0, sizeof (sin));
        sin.sin_family = AF_INET;


Thanks,
-Brad

Reply via email to