ClearBox Server v1.2 Developer's Guide |
IRADIUSProcessor::PostProcessPacketCalled by server after authentication response packet was formed to give extension chance to modify it. HRESULT PostProcessPacket( [in] long clientIPAdress, [in] long tag, [in,out] RADIUS_PACKET * retPacket, [out] VARIANT_BOOL * updatePacket); Parameters
Return ValuesIf extension returns error code, it is assumed that no packet was not processed by extension. Thread SafetyThis method is called in context of WORK thread. (See Server Threads Model for details.) You should synchronize data which is shared with other threads. Memory ManagementMemory for contents of retPacket is allocated and freed by server, extension may reallocate attributes field calling CoTaskMemRealloc. Extension must free memory for attributes which it may exclude from attributes field of retPacket. RemarksThis method is called for authentication packets only. It is not called for packets rejected by Auto-Reject name (used to check RADIUS server availability), packets returned by server immediately after call to IRADIUSProcessor::ProcessPacket, forwarded packets and for packets rejected after call to IRADIUSRealmStripping::RADIUSRealmStrip. Example CodeThis code changes response packet code from Access-Challenge to Access-Reject (all other types are not changed) and removes all Reply-Message attributes. STDMETHODIMP CTest::PostProcessPacket( long clientIPAdress, long tag, RADIUS_PACKET * retPacket, VARIANT_BOOL * updatePacket) { if (retPacket->packetCode!=11) // Access-Challenge code { *updatePacket=VARIANT_FALSE; return S_OK; } *updatePacket=VARIANT_TRUE; retPacket->packetCode=3; // Access-Reject code int replyMesFound=0; for (int i=0;i<retPacket->attrNum;i++) // "Reply-Message" attribute if (retPacket->attributes[i].type==18) replyMesFound++; if (replyMesFound==retPacket->attrNum) return S_OK; // Create new array RADIUS_ATTRIBUTE* pNewAttrs=reinterpret_cast<RADIUS_ATTRIBUTE>( CoTaskMemAlloc( sizeof(RADIUS_ATTRIBUTE)*(retPacket->attrNum-replyMesFound))); int y=0; for (int i=0;i<retPacket->attrNum;i++) { // remove attribute if (retPacket->attributes[i].type==18) { SysFreeString(retPacket->attributes[i].txtValue); continue; } //copy attribute pNewAttrs[y]=retPacket->attributes[i]; y++; } // Free old array CoTaskMemFree(retPacket->attributes); retPacket->attributes=pNewAttrs; return S_OK; } See AlsoIRADIUSProcessor, RADIUS concepts, RADIUS authentication packet processing © 2001-2003 XPerience Technologies. www.xperiencetech.com |
Created by chm2web html help conversion utility. |