(RADIATOR) Patch: Multiple AuthAttrDef for a single LDAP attribute in AuthLDAPSDK

Wed, 14 Mar 2001 09:01:07 -0800 


Hi,

Attached is the patch (in diff format) for AuthLDAPSDK.pm that allows to
perform multiple AuthAttrDef mapping on a single LDAP attribute in
AuthLDAPSDK.

Reasoning:
        It is perfectly reasonable to want to send contents of one ldap
        attribute to a NAS twice (in different radius attributes), and
        then use it as a check item.
        Alternative approach of chaining multiple AuthLDAP modules exists,
        I expect it to be far too slow.
        Alternative approach of using 'GENERIC' is not compatible with
        many existing LDAP server schemas.

Example:
        AuthAttrDef radiusSimultaneousUse,Simultaneous-Use, check
        AuthAttrDef radiusSimultaneousUse, Port-Limit, reply
        AuthAttrDef radiusSimultaneousUse, Ascend-Maximum-Channels, reply


If someone wants to use this, he does not have to break the old
AuthAttrDef functionality (not that anyone would actually want to rely on
it's hash'y behavor). The new AuthAttrDef directive can be givven a
different name (something like MultiAuthAttrDef maybe).


Details on the patch:

Original AuthLDAPSDK treats '$self->{AuthAttrDef}{$ldapname}' as a hash
using ldap attribute name as key and [radius attribute name, type]
as value.

The patched version will treat $self->{AuthAttrDef}{$ldapname} as array
with pointers to anonyomous arrays containing [ldap attribute name, radius
attribute name, type].



        Enjoy,

        Valentin


+---------------------------->
| Valentin Tumarkin
| Xpert Trusted Systems Ltd.
| E-Mail: [EMAIL PROTECTED]
| Office: +972-9-9522380
| Mobile: +972-53-544887
+---------------------------->



1c1
< # AuthLDAPSDK.pm
---
> # AuthLDAPSDKx.pm
13c13
< package Radius::AuthLDAPSDK;
---
> package Radius::AuthLDAPSDKx;
88c88
<       $self->{AuthAttrDef}{$ldapname} = [$attrib, $type];
---
>       push @{$self->{AuthAttrDef}}, [$ldapname,$attrib, $type];
230,231c230,236
<       my $ldapname;
<       foreach $ldapname (keys %{$self->{AuthAttrDef}})
---
> 
>       # Patched for multiple mapping on a single LDAP attribute
>       # by Valentin Tumarkin/Xpert
> 
>       my ($ldapname,$attrib,$type);
>       my $authattrdef_set;
>       foreach $authattrdef_set (@{$self->{AuthAttrDef}})
232a238,239
>           ($ldapname,$attrib,$type) = @{$authattrdef_set};
> 
238d244
<               my ($attrib, $type) = @{$self->{AuthAttrDef}{$ldapname}};

Reply via email to