Re: [Nufw-devel] Problem with ip

nufw-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Nufw-devel] Problem with ip_authentification

From:	Eric Leblond
Subject:	Re: [Nufw-devel] Problem with ip_authentification
Date:	Fri, 13 Jun 2008 08:34:06 +0200
User-agent:	Mutt/1.5.17+20080114 (2008-01-14)

Hello,

On Monday, 2008 June  9 at 13:49:08 +0000, Remy Gottschalk wrote:
> I am currently working on a module doing fallback ip authentication.
> My module is based on ipauth_guest and export only ip_auth. For now I am
> using plaintext user check and ldap acl checking.
> What I ultimatly what to do is to have me ipauth module filling more
> than just the username (ie. uid, groups and user's OS) without getting
> in the way of the normal authentication scheme. 
> Does it seems feasible to you and how should it be done ?

You've got two choices:

1. Modify plugin structure:
It requires a complete change of the prototype of ip_auth function. Main
issue is to propagate this in ip_auth.c: the external_ip_auth will have
to be modified to correctly fill the fields. This is the hard way...

2. Code functions for other hooks:
You can simply developp group and id fetching function. This will give
you the capability to add uid and groups information (look at system
module code). To add OS information, you can use the finalize_packet
hook.

BR,
-- 
Eric Leblond <address@hidden>
NuFW, Now User Filtering Works : http://www.nufw.org

signature.asc
Description: Digital signature

[Prev in Thread]

Current Thread

[Next in Thread]

[Nufw-devel] Problem with ip_authentification, Remy Gottschalk, 2008/06/12
- Re: [Nufw-devel] Problem with ip_authentification, Eric Leblond <=

Prev by Date: [Nufw-devel] Problem with ip_authentification
Previous by thread: [Nufw-devel] Problem with ip_authentification
Index(es):
- Date
- Thread