*** empty log message ***

Author: ralfluebben

AcctScheduler.cpp

@@ -208,7 +208,6 @@ void AcctScheduler::parseStatusFile(PluginContext *context, uint64_t *bytesin, u
 		do
 		{
 			file.getline(line, 512);
-			cerr << getTime() << "TEST: RADIUS-PLUGIN: BACKGROUND ACCT: " << line << endl;
 
 		}
 		while (line!=NULL && strncmp(line,key.c_str(),key.length())!=0 && strcmp(line,"ROUTING TABLE")!=0 && file.eof()==false);

AuthenticationProcess.cpp

@@ -79,14 +79,14 @@ void AuthenticationProcess::Authentication(PluginContext * context)
 				// framed-ip is an @IP if we're renegotiating, "" otherwise
 			    user->setFramedIp(context->authsocketforegr.recvStr());
 
-		 		if (DEBUG (context->getVerbosity()) && (user->getFramedIp().compare("") == 0))
-		    		cerr << getTime() << "RADIUS-PLUGIN: BACKGROUND  AUTH: New user auth: username: " << user->getUsername() << ", password: *****, calling station: " << user->getCallingStationId() << ", commonname: " << user->getCommonname() << ".\n";
+			    if (DEBUG (context->getVerbosity()) && (user->getFramedIp().compare("") == 0))
+			    cerr << getTime() << "RADIUS-PLUGIN: BACKGROUND  AUTH: New user auth: username: " << user->getUsername() << ", password: *****, calling station: " << user->getCallingStationId() << ", commonname: " << user->getCommonname() << ".\n";
 
-		 		if (DEBUG (context->getVerbosity()) && (user->getFramedIp().compare("") !=0 ))
-		    		cerr << getTime() << "RADIUS-PLUGIN: BACKGROUND  AUTH: Old user ReAuth: username: " << user->getUsername() << ", password: *****, calling station: " << user->getCallingStationId() << ", commonname: " << user->getCommonname() << ".\n";
-				
-				//send the AcceptRequestPacket
-				if (user->sendAcceptRequestPacket(context)==0) /* Succeeded */
+			    if (DEBUG (context->getVerbosity()) && (user->getFramedIp().compare("") !=0 ))
+			    cerr << getTime() << "RADIUS-PLUGIN: BACKGROUND  AUTH: Old user ReAuth: username: " << user->getUsername() << ", password: *****, calling station: " << user->getCallingStationId() << ", commonname: " << user->getCommonname() << ".\n";
+			    
+			    //send the AcceptRequestPacket
+			    if (user->sendAcceptRequestPacket(context)==0) /* Succeeded */
 			    {
 			     	//if the authentication succeeded
 			     	//create the user configuration file

RadiusClass/RadiusPacket.cpp

@@ -496,13 +496,12 @@ int RadiusPacket::radiusReceive(list<RadiusServer> *serverlist)
 	    while (retries<=server->getRetry())
 	    {
 		    // wait for the specified time for a response
-			tv.tv_sec = server->getWait();  
+		    tv.tv_sec = server->getWait();  
 		    tv.tv_usec = 0;
 		    FD_ZERO(&set);				// clear out the set 
 		    FD_SET(this->sock, &set);	// wait only for the RADIUS UDP socket 
 			result = select(FD_SETSIZE, &set, NULL, NULL, &tv);
-			
-					
+				
 			if (result>0)
 			{
 

UserAuth.cpp

@@ -158,7 +158,8 @@ int UserAuth::sendAcceptRequestPacket(PluginContext * context)
 		cerr << getTime() << "RADIUS-PLUGIN: Packet was not sent.\n";
 	}
 	//receive the packet
-	if (packet.radiusReceive(serverlist)==0)
+	int rc=packet.radiusReceive(serverlist);
+	if (rc==0)
 	{
 		//is it a accept?
 		if(packet.getCode()==ACCESS_ACCEPT)
@@ -190,7 +191,7 @@ int UserAuth::sendAcceptRequestPacket(PluginContext * context)
 	}
 	else
 	{
-		cerr << getTime() << "RADIUS-PLUGIN: Got no response from radius server.\n";
+		cerr << getTime() << "RADIUS-PLUGIN: Got no response from radius server, return code:" << rc << endl;
 	}
 
 	return 1;

radiusplugin.cnf

@@ -36,6 +36,8 @@ subnet=255.255.255.0
 overwriteccfiles=true
 
 # Allows the plugin to use auth control files if OpenVPN (>= 2.1 rc8) provides them.
+# The plugin needs write permission to the folder, by default it is the OpenVPN directory (e.g. /etc/openvpm)
+# The OpenVPN option tmp-dir changes the directory.
 # default is false
 # useauthcontrolfile=false
 

radiusplugin.cpp

@@ -1054,7 +1054,6 @@ void  * auth_user_pass_verify(void * c)
                     context->setResult(OPENVPN_PLUGIN_FUNC_ERROR);
                     pthread_cond_signal( context->getCondRecv( ));
                     pthread_mutex_unlock (context->getMutexRecv());
-
                 }
                 delete newuser;
             }
@@ -1172,16 +1171,18 @@ void get_user_env(PluginContext * context,const int type,const char * envp[], Us
         user->setUsername ( get_env ( "common_name", envp ) );
     if ( get_env ( "password", envp ) !=NULL )
         user->setPassword ( get_env ( "password", envp ) );
-    //rewrite the username if OpenVPN use the option username-as-comon-name
+    
+    if ( get_env ( "common_name", envp ) !=NULL )
+    {
+        user->setCommonname ( get_env ( "common_name", envp ) );
+    }
+    
+    //rewrite the commonname if OpenVPN use the option username-as-comon-name
     if ( context->conf.getUsernameAsCommonname() == true )
     {
         if ( DEBUG ( context->getVerbosity() ) ) cerr << getTime() << "RADIUS-PLUGIN: FOREGROUND: Commonname set to Username\n";
         user->setCommonname ( get_env ( "username", envp ) );
     }
-    if ( get_env ( "common_name", envp ) !=NULL )
-    {
-        user->setCommonname ( get_env ( "common_name", envp ) );
-    }
 
     string untrusted_ip;
     // it's ipv4
@@ -1198,7 +1199,10 @@ void get_user_env(PluginContext * context,const int type,const char * envp[], Us
     //for OpenVPN option client cert not required, common_name is "UNDEF", see status.log
 
     user->setUntrustedPort ( get_env ( "untrusted_port", envp ) );
+    
+    
     user->setStatusFileKey(user->getCommonname() + string ( "," ) + untrusted_ip + string ( ":" ) + get_env ( "untrusted_port", envp ) );
+    if ( DEBUG ( context->getVerbosity() ) ) cerr << getTime() << "RADIUS-PLUGIN: FOREGROUND: StatusFileKey: " << user->getStatusFileKey() << endl;
     user->setKey(untrusted_ip + string ( ":" ) + get_env ( "untrusted_port", envp ) );
     if ( DEBUG ( context->getVerbosity() ) ) cerr << getTime() << "RADIUS-PLUGIN: FOREGROUND: Key: " << user->getKey() << ".\n";
 }