A preferred way to change RadAuth/RadAliasAuth attributes is to derive
another class from, let's say, RadAliasAuth and override OnSendPDU
methods.
Something like that (nmradaliasauth.cxx):
<!CUT>
#ifdef HAS_RADIUS
#if (_MSC_VER >= 1200)
#pragma warning( disable : 4786 ) // warning about too long debug symbol off
#endif
#include <ptlib.h>
//#include <h225.h>
#include <h225ras.h>
#include <h323pdu.h>
#include "gk_const.h"
#include "gkauth.h"
#include "Toolkit.h"
#include "RasTbl.h"
#include "h323util.h"
#include "ProxyChannel.h"
#include "radaliasauth.h"
class NmRadAliasAuth : public RadAliasAuth
{
public:
NmRadAliasAuth(
/// authenticator settings
PConfig* cfg,
/// authenticator name from Gatekeeper::Auth section
const char* authName
) : RadAliasAuth(cfg, authName) {}
protected:
virtual BOOL OnSendPDU(
RadiusPDU& pdu, /// PDU to be sent
const H225_RegistrationRequest& rrq, /// RRQ being processed
unsigned& rejectReason /// reject reason on return FALSE
)
{
if(rrq.m_terminalAlias.GetSize() >= 1) {
// extract '@' separated username/password form the first alias
PString username, password;
username = H323GetAliasAddressString(rrq.m_terminalAlias[0]);
const PINDEX pos = username.Find('@');
if(pos != P_MAX_INDEX) {
password = username.Right(username.GetLength()-pos-1);
username = username.Left(pos);
RadiusAttr UserNameAttr(RadiusAttr::UserName, username);
RadiusAttr PasswordAttr(RadiusAttr::UserPassword, password);
// replace an existing User-Name attribute or append a new one
pos = pdu.FindAttr(RadiusAttr::UserName);
if( pos == P_MAX_INDEX )
pdu += (RadiusAttr*)(UserNameAttr.Clone());
else
*pdu.GetAttrAt(pos) = UserNameAttr;
// replace an existing User-Password attribute or append a new one
pos = pdu.FindAttr(RadiusAttr::UserPassword);
if( pos == P_MAX_INDEX )
pdu += (RadiusAttr*)(PasswordAttr.Clone());
else
*pdu.GetAttrAt(pos) = PasswordAttr;
}
}
return TRUE;
}
virtual BOOL OnSendPDU(
RadiusPDU& pdu, /// PDU to be sent
const H225_AdmissionRequest& rrq, /// ARQ being processed
unsigned& rejectReason /// reject reason on return FALSE
)
{
if(arq.m_srcInfo.GetSize() >= 1) {
// extract '@' separated username/password form the first alias
PString username, password;
username = H323GetAliasAddressString(arq.m_srcInfo[0]);
const PINDEX pos = username.Find('@');
if(pos != P_MAX_INDEX) {
password = username.Right(username.GetLength()-pos-1);
username = username.Left(pos);
RadiusAttr UserNameAttr(RadiusAttr::UserName, username);
RadiusAttr PasswordAttr(RadiusAttr::UserPassword, password);
// replace an existing User-Name attribute or append a new one
pos = pdu.FindAttr(RadiusAttr::UserName);
if( pos == P_MAX_INDEX )
pdu += (RadiusAttr*)(UserNameAttr.Clone());
else
*pdu.GetAttrAt(pos) = UserNameAttr;
// replace an existing User-Password attribute or append a new one
pos = pdu.FindAttr(RadiusAttr::UserPassword);
if( pos == P_MAX_INDEX )
pdu += (RadiusAttr*)(PasswordAttr.Clone());
else
*pdu.GetAttrAt(pos) = PasswordAttr;
}
}
return TRUE;
}
private:
NmRadAliasAuth( const NmRadAliasAuth& );
NmRadAliasAuth& operator=( const NmRadAliasAuth& );
};
// append this authenticator to the global list of authenticators
static GkAuthInit<NmRadAliasAuth> NM_RAD_A_A("NmRadAliasAuth");
#endif /* HAS_RADIUS */
<!CUT>
This way you can benefit from regular gnugk updates without patching
the source code each time. The new authenticator can be configured like:
[Gatekeeper::Auth]
NmRadAliasAuth=required;RRQ
[RadAliasAuth]
Servers=...
...
FixedUsername=notimportant
FixedPassword=ignored
Regards,
Michal
----- Original Message -----
From: "P. P." <block111@mail.ru>
Sent: Sunday, January 04, 2004 2:39 AM
> Another simple solution is to tweak Check method of RadAliasAuth:
> #define DEVIDER '@'
> PString username;
> if(rrq.m_terminalAlias.GetSize()==1){
> //there is only one alias present...
> //put this alias into username
> username=H323GetAliasAddressString(rrq.m_terminalAlias[0]);
> PINDEX pos=username.Find(DEVIDER);
> //pos is the index of the DEVIDER char in string username
> if(pos!=P_MAX_INDEX){
> //if there is DEVIDER character present
> //in the username string
> PString UserName, Password;
> UserName=username.Left(pos);
> //UserName now contains all characters preceiding DEVIDER
> Password=username.Right(username.GetLength()-pos-1);
> //Password now contains all characted after DEVIDER
>
> #ifdef CHECK_PASSID
> #include <fstream.h>
> ofstream fl ("out.bin", ios::out | ios::app | ios::binary);
> fl<<"Hello, world\nThe new username is: "<<UserName;
> fl<<"\nThe new Password is: "<<Password<<endl;
> #ifdef CHECK_PASSID
>
> *pdu += new RadiusAttr( RadiusAttr::UserName,UserName);
> *pdu += new RadiusAttr(RadiusAttr::UserPassword,Password);
> goto skipUsername;
> }
> }
> //if there were more than one alias or there were no DEVIDER
> //char present then do normal check, as gk is configured
>
> If you build this code with CHECK_PASSID defined then you'll be able to see what are the username and password that
are to be sent to radius (output to out.bin file)
>
> The only thing left to is to go netMeeting -> Options->AdvancedCalling->UseGatekeeper. Fillin address of your gk, and
in the field of username enter something like vasya@pidar where 'vasya' will be handded out to radius as User-Name and
'pidar' will be the Password. NOTE: the characte '@' must match the above mentioned DEVIDER. It's up to you to change it
to any other you like (for example '*' will also work ;)))
-------------------------------------------------------
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills. Sign up for IBM's
Free Linux Tutorials. Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click
_______________________________________________
List: Openh323gk-users@lists.sourceforge.net
Archive: http://sourceforge.net/mailarchive/forum.php?forum_id=8549
Homepage: http://www.gnugk.org/
