This is a multi-part message in MIME format.
--------------050402000900070900090601
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: quoted-printable

TJ Saunders wrote:
> The fix unfortunately needs an API which was added to the code after 1.=

3.1
> was released. The easiest way might be to download the current proftpd
> sources from CVS:
>
> cvs -dserver:anonymous@proftp.cvs.sourceforge.net:2401/cvsroot/prof=

tp co proftpd
> cd proftpd/
> patch -p0 < tjpatch.txt
>
> Cheers,
> TJ

thanks TJ, works like a charm.

I=B4ve attached a patch from my colleague which adds the directive=20
"RadiusUserNames", we=B4re using it to
prevent proftp sending designated user logins to the Radiusserver at=20
all. Maybe you can take a look at it?

thanks again and greetings from Germay
,
Stefan




--------------050402000900070900090601
Content-Type: text/plain;
name="proftpd_radius_username_patch.txt"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
filename="proftpd_radius_username_patch.txt"

--- contrib/mod_radius.c 2007-02-15 18:01:19.000000000 +0100
+++ contrib/mod_radius_username.c 2007-08-08 21:49:06.000000000 +0200
@@ -2644,6 +2644,9 @@
unsigned char recvd_response = FALSE;
unsigned long service;
char *user;
+ char *usernames;
+ char *buf;
+ int match = 0;

/* Check to see whether RADIUS authentication should even be done. */
if (!radius_engine ||
@@ -2655,6 +2658,20 @@
radius_log("missing prerequisite USER command, declining to handle PASS");
pr_response_add_err(R_503, "Login with " C_USER " first");
return PR_ERROR(cmd);
+ } else {
+ /* Is username in UserNames? */
+ usernames = get_param_ptr(cmd->server->conf, "RadiusUserNames", FALSE);
+ if (usernames) {
+ buf = strtok(usernames, ",");
+ do {
+ if (! strcmp(buf, user))
+ match = 1;
+ } while (buf = strtok(NULL,","));
+ if (! match) {
+ radius_log("User \"%s\" not found in RadiusUserNames. Won't try radius auth.", user);
+ return PR_DECLINED(cmd);
+ }
+ }
}

/* Allocate a packet. */
@@ -2916,6 +2933,18 @@
return PR_HANDLED(cmd);
}

+/* usage: RadiusUserNames */
+MODRET set_radiususernames(cmd_rec *cmd) {
+ config_rec *c = NULL;
+
+ CHECK_ARGS(cmd, 1);
+ CHECK_CONF(cmd, CONF_ROOT|CONF_VIRTUAL|CONF_GLOBAL);
+
+ c = add_config_param_str(cmd->argv[0], 1, cmd->argv[1], NULL);
+
+ return PR_HANDLED(cmd);
+}
+
/* usage: RadiusGroupInfo primary-name addl-names add-ids */
MODRET set_radiusgroupinfo(cmd_rec *cmd) {
config_rec *c = NULL;
@@ -3374,6 +3403,7 @@
{ "RadiusRealm", set_radiusrealm, NULL },
{ "RadiusUserInfo", set_radiususerinfo, NULL },
{ "RadiusVendor", set_radiusvendor, NULL },
+ { "RadiusUserNames", set_radiususernames, NULL },
{ NULL }
};


--------------050402000900070900090601
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems? Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/
--------------050402000900070900090601
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

_______________________________________________
ProFTPD Users List
Unsubscribe problems?
http://www.proftpd.org/list-unsub.html
--------------050402000900070900090601--