improvements to radius patch
This commit is contained in:
Oliver Gorwits
@@ -13,12 +13,9 @@ use Dancer::Plugin::DBIC;
|
||||
use Dancer::Plugin::Passphrase;
|
||||
use Digest::MD5;
|
||||
use Net::LDAP;
|
||||
use Authen::Radius;
|
||||
use Try::Tiny;
|
||||
|
||||
if (setting('radius') and ref {} eq ref setting('radius')) {
|
||||
use Authen::Radius;
|
||||
}
|
||||
|
||||
sub authenticate_user {
|
||||
my ($self, $username, $password) = @_;
|
||||
return unless defined $username;
|
||||
@@ -107,21 +104,20 @@ sub match_password {
|
||||
my $settings = $self->realm_settings;
|
||||
my $username_column = $settings->{users_username_column} || 'username';
|
||||
|
||||
# return $user->ldap
|
||||
# ? $self->match_with_ldap($password, $user->$username_column)
|
||||
# : $self->match_with_local_pass($password, $user);
|
||||
my $pwmatch_result=0;
|
||||
my $pwmatch_result = 0;
|
||||
my $username = $user->$username_column;
|
||||
|
||||
if ($user->ldap) {
|
||||
$pwmatch_result = $self->match_with_ldap($password, $user->$username_column);
|
||||
} else {
|
||||
if ( setting('radius') and ref {} eq ref setting('radius') ) {
|
||||
$pwmatch_result = ( $self->match_with_radius($password, $username) || $self->match_with_local_pass($password, $user) );
|
||||
} else {
|
||||
$pwmatch_result = $self->match_with_local_pass($password, $user);
|
||||
}
|
||||
}
|
||||
$pwmatch_result = $self->match_with_ldap($password, $username);
|
||||
}
|
||||
elsif ($user->raidus) {
|
||||
$pwmatch_result = $self->match_with_radius($password, $username);
|
||||
}
|
||||
else {
|
||||
$pwmatch_result = $self->match_with_local_pass($password, $user);
|
||||
}
|
||||
|
||||
return $pwmatch_result;
|
||||
}
|
||||
|
||||
sub match_with_local_pass {
|
||||
@@ -230,21 +226,27 @@ sub _ldap_search {
|
||||
|
||||
return undef;
|
||||
}
|
||||
|
||||
sub match_with_radius {
|
||||
my($self, $pass, $user) = @_;
|
||||
return unless setting('radius') and ref {} eq ref setting('radius');
|
||||
my $conf = setting('radius');
|
||||
my $radius = new Authen::Radius(Host => $conf->{server}, Secret => $conf->{secret});
|
||||
Authen::Radius->load_dictionary();
|
||||
$radius->add_attributes(
|
||||
{ Name=> 'User-Name', Value => $user },
|
||||
{ Name=> 'User-Password', Value => $pass },
|
||||
{ Name => 'h323-return-code', Value => '0' }, # Cisco AV pair
|
||||
{ Name => 'Digest-Attributes', Value => { Method => 'REGISTER' } }
|
||||
);
|
||||
$radius->send_packet(ACCESS_REQUEST);
|
||||
my $type = $radius->recv_packet();
|
||||
my $radius_return = ($type eq ACCESS_ACCEPT)?1:0;
|
||||
return $radius_return;
|
||||
my($self, $pass, $user) = @_;
|
||||
return unless setting('radius') and ref {} eq ref setting('radius');
|
||||
|
||||
my $conf = setting('radius');
|
||||
my $radius = Authen::Radius->new(Host => $conf->{server}, Secret => $conf->{secret});
|
||||
Authen::Radius->load_dictionary();
|
||||
|
||||
$radius->add_attributes(
|
||||
{ Name => 'User-Name', Value => $user },
|
||||
{ Name => 'User-Password', Value => $pass },
|
||||
{ Name => 'h323-return-code', Value => '0' }, # Cisco AV pair
|
||||
{ Name => 'Digest-Attributes', Value => { Method => 'REGISTER' } }
|
||||
);
|
||||
$radius->send_packet(ACCESS_REQUEST);
|
||||
|
||||
my $type = $radius->recv_packet();
|
||||
my $radius_return = ($type eq ACCESS_ACCEPT) ? 1 : 0;
|
||||
|
||||
return $radius_return;
|
||||
}
|
||||
|
||||
1;
|
||||
|
||||
Reference in New Issue
Block a user