add and document hostname=... Fixes #104

FreeRADIUS · Jan 2, 2025 · 5e04385 · 5e04385
1 parent c898ed1
commit 5e04385
Show file tree

Hide file tree

Showing 3 changed files with 24 additions and 2 deletions.
diff --git a/USAGE b/USAGE
@@ -62,6 +62,11 @@ client_id=bar  - send a NAS-Identifier RADIUS attribute with string
                  This feature may be disabled by using 'client_id='.
                  i.e. A blank client ID.
 
+hostname=foo   - use the given value for the host name instead of the
+	         value returned by gethostname().
+		 This value is used to do a DNS lookup to set
+		 NAS-IP-Address and/or the NAS-IPv6-Address.
+
 retry=#        - How many times to re-send a packet if there is no
                  response.  Once the retry count has been reached,
                  the module fails, and PAM continues to the next module.

diff --git a/src/pam_radius_auth.c b/src/pam_radius_auth.c
@@ -163,6 +163,18 @@ static int _pam_parse(int argc, CONST char **argv, radius_conf_t *conf)
 			ctrl |= PAM_DEBUG_ARG;
 			conf->debug = TRUE;
 
+		} else if (!strncmp(arg, "hostname=", 9)) {
+			if (conf->hostname[0] != '\0') {
+				_pam_log(LOG_WARNING, "ignoring duplicate '%s'", arg);
+			} else {
+				/* truncate excessive hostnames to MAXHOSTNAMELEN length */
+				if (strlen(arg + 9) > MAXHOSTNAMELEN) {
+					*(arg + 9 + MAXHOSTNAMELEN) = '\0';
+				}
+				/* set the new hostname */
+				strcpy(conf->hostname, arg + 9);
+			}
+
 		} else if (!strncmp(arg, "prompt=", 7)) {
 			if (!strncmp(conf->prompt, (arg+7), MAXPROMPT)) {
 				_pam_log(LOG_WARNING, "ignoring duplicate '%s'", arg);
@@ -957,10 +969,14 @@ static int initialize(radius_conf_t *conf, int accounting)
  */
 static void build_radius_packet(AUTH_HDR *request, CONST char *user, CONST char *password, radius_conf_t *conf)
 {
-	char hostname[256];
+	char hostname[MAXHOSTNAMELEN + 1];
 
 	hostname[0] = '\0';
-	gethostname(hostname, sizeof(hostname) - 1);
+	if (conf->hostname[0] != '\0') {
+		strcpy(hostname, conf->hostname);
+	} else {
+		gethostname(hostname, sizeof(hostname) - 1);
+	}
 
 	/*
 	 *	For Access-Request, create a random authentication

diff --git a/src/pam_radius_auth.h b/src/pam_radius_auth.h
@@ -190,6 +190,7 @@ typedef struct radius_conf_t {
 	int privilege_level;
 	int require_message_authenticator;
 	uint8_t *message_authenticator;
+	char hostname[MAXHOSTNAMELEN + 1];
 } radius_conf_t;
 
 #endif /* PAM_RADIUS_H */