From 442bb6750bff5b6d1eaceb03aabc695fb8ca1e62 Mon Sep 17 00:00:00 2001
From: phpipam <miha.petkovsek@telemach.si>
Date: Thu, 21 Dec 2023 09:48:42 +0100
Subject: [PATCH] Added protocol selection for radius auth
---
.../authentication-methods/edit-Radius.php | 21 ++++++++++++++++++-
app/admin/authentication-methods/index.php | 6 ++++++
functions/classes/class.User.php | 15 ++++++-------
3 files changed, 32 insertions(+), 10 deletions(-)
diff --git a/app/admin/authentication-methods/edit-Radius.php b/app/admin/authentication-methods/edit-Radius.php
index 7865e4cd..13a5a98a 100644
--- a/app/admin/authentication-methods/edit-Radius.php
+++ b/app/admin/authentication-methods/edit-Radius.php
@@ -103,11 +103,30 @@ $delete = $_POST['action']=="delete" ? "disabled" : "";
</td>
</tr>
+ <!-- protocol -->
+ <tr>
+ <td><?php print _('Protocol'); ?></td>
+ <td>
+ <select name="authProtocol" class="form-control input-sm input-w-auto">
+ <?php
+ $values = ["pap","chap","mschapv1"];
+ foreach($values as $v) {
+ if($v==@$method_settings->params->authProtocol) { print "<option value='$v' selected=selected>$v</option>"; }
+ else { print "<option value='$v' >$v</option>"; }
+ }
+ ?>
+ </select>
+ </td>
+ <td class="base_dn info2">
+ <?php print _('Set timeout in seconds'); ?>
+ </td>
+ </tr>
+
<!-- timeout -->
<tr>
<td><?php print _('Timeout'); ?></td>
<td>
- <select name="timeout" class="form-control input-w-auto">
+ <select name="timeout" class="form-control input-sm input-w-auto">
<?php
$values = array(1,2,3,5,10);
foreach($values as $v) {
diff --git a/app/admin/authentication-methods/index.php b/app/admin/authentication-methods/index.php
index 9091ed09..9882c468 100644
--- a/app/admin/authentication-methods/index.php
+++ b/app/admin/authentication-methods/index.php
@@ -78,6 +78,12 @@ foreach($all_methods as $method) {
else {
print _("no parameters");
}
+ // radius - composer validation
+ if($method->type=="Radius") {
+ if($User->composer_has_errors(["dapphp/radius"])) {
+ $Result->show("danger", $User->composer_err, false);
+ }
+ }
print " </span>";
print " </td>";
print " <td class='$protected_class'>$user_num</td>";
diff --git a/functions/classes/class.User.php b/functions/classes/class.User.php
index 532b92bc..9b9fd309 100644
--- a/functions/classes/class.User.php
+++ b/functions/classes/class.User.php
@@ -1244,8 +1244,8 @@ class User extends Common_functions {
$params = pf_json_decode($this->authmethodparams);
# Valdate composer
- if($this->composer_has_errors(["dapphp/radius"])) {
- $this->Result->show("danger", $this->composer_err, true);
+ if($this->composer_has_errors(["dapphp/radius1"])) {
+ $this->Result->show("danger", _("Error in authentication method. Please contact administrator").".", true);
}
# Composer
@@ -1267,25 +1267,22 @@ class User extends Common_functions {
if($this->debugging)
$client->setDebug(true);
- // fake type for testing
- $params->authType = "chap";
-
// pap
- if(!isset($params->authType) || @$params->authType=="pap") {
+ if(!isset($params->authProtocol) || @$params->authProtocol=="pap") {
$authenticated = $client->accessRequest($username, $password);
}
// chap-md5
- elseif ($params->authType == "chap") {
+ elseif ($params->authProtocol == "chap") {
$client->setChapPassword($password);
$authenticated = $client->accessRequest($username);
}
// mschapv1
- elseif ($params->authType == "mschapv1") {
+ elseif ($params->authProtocol == "mschapv1") {
$client->setMSChapPassword($password);
$authenticated = $client->accessRequest($username);
}
// mschapv2
- elseif($params->authType == "mschapv2") {
+ elseif($params->authProtocol == "mschapv2") {
$authenticated = $client->accessRequestEapMsChapV2($username, $password);
}
// fault
--
GitLab