diff --git a/usr.sbin/ppp/command.c b/usr.sbin/ppp/command.c index de5eec4e10a8..04ad0801b726 100644 --- a/usr.sbin/ppp/command.c +++ b/usr.sbin/ppp/command.c @@ -144,6 +144,7 @@ #define VAR_IPV6CPRETRY 37 #define VAR_RAD_ALIVE 38 #define VAR_PPPOE 39 +#define VAR_PORT_ID 40 /* ``accept|deny|disable|enable'' masks */ #define NEG_HISMASK (1) @@ -2311,6 +2312,29 @@ SetVariable(struct cmdargs const *arg) } break; +#ifndef NORADIUS + case VAR_PORT_ID: + if (strcasecmp(argp, "default") == 0) + arg->bundle->radius.port_id_type = RPI_DEFAULT; + else if (strcasecmp(argp, "pid") == 0) + arg->bundle->radius.port_id_type = RPI_PID; + else if (strcasecmp(argp, "ifnum") == 0) + arg->bundle->radius.port_id_type = RPI_IFNUM; + else if (strcasecmp(argp, "tunnum") == 0) + arg->bundle->radius.port_id_type = RPI_TUNNUM; + else { + log_Printf(LogWARN, + "RADIUS port id must be one of \"default\", \"pid\", \"ifnum\" or \"tunnum\"\n"); + res = 1; + } + + if (arg->bundle->radius.port_id_type && !arg->bundle->radius.cfg.file) { + log_Printf(LogWARN, "rad_port_id requires radius to be configured\n"); + res = 1; + } + + break; +#endif } return res; @@ -2415,7 +2439,9 @@ static struct cmdtab const SetCommands[] = { "RADIUS Config", "set radius cfgfile", (const void *)VAR_RADIUS}, {"rad_alive", NULL, SetVariable, LOCAL_AUTH, "Raduis alive interval", "set rad_alive value", - (const void *)VAR_RAD_ALIVE}, + (const void *)VAR_RAD_ALIVE}, + {"rad_port_id", NULL, SetVariable, LOCAL_AUTH, + "NAS-Port-Id", "set rad_port_id [default|pid|ifnum|tunnum]", (const void *)VAR_PORT_ID}, #endif {"reconnect", NULL, datalink_SetReconnect, LOCAL_AUTH | LOCAL_CX, "Reconnect timeout", "set reconnect value ntries", NULL}, diff --git a/usr.sbin/ppp/ppp.8.m4 b/usr.sbin/ppp/ppp.8.m4 index 983ef111578f..e71e6592fb0f 100644 --- a/usr.sbin/ppp/ppp.8.m4 +++ b/usr.sbin/ppp/ppp.8.m4 @@ -27,7 +27,7 @@ changecom(,)dnl .\" .\" $FreeBSD$ .\" -.Dd September 5, 2006 +.Dd May 24, 2007 .Dt PPP 8 .Os .Sh NAME @@ -5588,6 +5588,25 @@ value will tell to sent RADIUS accounting information to the RADIUS server every .Ar timeout seconds. +.It set rad_port_id Ar option +When RADIUS is configured, setting +.Dq rad_port_id +value allows to specify what should be sent to the RADIUS server as +NAS-Port-Id. +The +.Ar option Ns No s +are as follows: +.Pp +.Bl -tag -width Ds +.It pid +PID of the corresponding tunnel. +.It tunnum +tun(4) interface number. +.It ifnum +index of the interface as of returned by if_nametoindex(3). +.It default +keeps the default behavior. +.El .It set reconnect Ar timeout ntries Should the line drop unexpectedly (due to loss of CD or LQR failure), a connection will be re-established after the given diff --git a/usr.sbin/ppp/radius.c b/usr.sbin/ppp/radius.c index c26059ead9ab..6b1d685ee3e1 100644 --- a/usr.sbin/ppp/radius.c +++ b/usr.sbin/ppp/radius.c @@ -95,6 +95,7 @@ #include "ncp.h" #include "bundle.h" #include "proto.h" +#include "iface.h" #ifndef NODES struct mschap_response { @@ -825,7 +826,7 @@ radius_Destroy(struct radius *r) } static int -radius_put_physical_details(struct rad_handle *rad, struct physical *p) +radius_put_physical_details(struct radius *rad, struct physical *p) { int slot, type; @@ -853,16 +854,32 @@ radius_put_physical_details(struct rad_handle *rad, struct physical *p) break; } - if (rad_put_int(rad, RAD_NAS_PORT_TYPE, type) != 0) { - log_Printf(LogERROR, "rad_put: rad_put_int: %s\n", rad_strerror(rad)); - rad_close(rad); + if (rad_put_int(rad->cx.rad, RAD_NAS_PORT_TYPE, type) != 0) { + log_Printf(LogERROR, "rad_put: rad_put_int: %s\n", rad_strerror(rad->cx.rad)); + rad_close(rad->cx.rad); return 0; } - if ((slot = physical_Slot(p)) >= 0) - if (rad_put_int(rad, RAD_NAS_PORT, slot) != 0) { - log_Printf(LogERROR, "rad_put: rad_put_int: %s\n", rad_strerror(rad)); - rad_close(rad); + switch (rad->port_id_type) { + case RPI_PID: + slot = (int)getpid(); + break; + case RPI_IFNUM: + slot = p->dl->bundle->iface->index; + break; + case RPI_TUNNUM: + slot = p->dl->bundle->unit; + break; + case RPI_DEFAULT: + default: + slot = physical_Slot(p); + break; + } + + if (slot >= 0) + if (rad_put_int(rad->cx.rad, RAD_NAS_PORT, slot) != 0) { + log_Printf(LogERROR, "rad_put: rad_put_int: %s\n", rad_strerror(rad->cx.rad)); + rad_close(rad->cx.rad); return 0; } @@ -1031,7 +1048,7 @@ radius_Authenticate(struct radius *r, struct authinfo *authp, const char *name, return 0; } - radius_put_physical_details(r->cx.rad, authp->physical); + radius_put_physical_details(r, authp->physical); log_Printf(LogRADIUS, "Radius(auth): %s data sent for %s\n", what, name); @@ -1209,7 +1226,7 @@ radius_Account(struct radius *r, struct radacct *ac, struct datalink *dl, } } - radius_put_physical_details(r->cx.rad, dl->physical); + radius_put_physical_details(r, dl->physical); if (rad_put_int(r->cx.rad, RAD_ACCT_STATUS_TYPE, acct_type) != 0 || rad_put_string(r->cx.rad, RAD_ACCT_SESSION_ID, ac->session_id) != 0 || diff --git a/usr.sbin/ppp/radius.h b/usr.sbin/ppp/radius.h index bba7e45f8441..ab144a5e171e 100644 --- a/usr.sbin/ppp/radius.h +++ b/usr.sbin/ppp/radius.h @@ -32,6 +32,11 @@ #define MPPE_TYPE_40BIT 2 #define MPPE_TYPE_128BIT 4 +#define RPI_DEFAULT 1 +#define RPI_PID 2 +#define RPI_IFNUM 3 +#define RPI_TUNNUM 4 + struct radius { struct fdescriptor desc; /* We're a sort of (selectable) fdescriptor */ struct { @@ -70,6 +75,7 @@ struct radius { struct pppTimer timer; /* for this long */ int interval; } alive; + short unsigned int port_id_type; }; struct radacct {