diff options
| -rw-r--r-- | radsecproxy.c | 6 | ||||
| -rw-r--r-- | radsecproxy.h | 1 |
2 files changed, 6 insertions, 1 deletions
diff --git a/radsecproxy.c b/radsecproxy.c index 7a8b5e2..c058ac7 100644 --- a/radsecproxy.c +++ b/radsecproxy.c @@ -1492,7 +1492,9 @@ int radsrv(struct request *rq) { goto exit; } - if (options.loopprevention && !strcmp(from->conf->name, to->conf->name)) { + if ((to->conf->loopprevention == 1 + || (to->conf->loopprevention == UCHAR_MAX && options.loopprevention == 1)) + && !strcmp(from->conf->name, to->conf->name)) { debug(DBG_INFO, "radsrv: Loop prevented, not forwarding request from client %s (%s) to server %s, discarding", from->conf->name, addr2string(from->addr), to->conf->name); goto exit; @@ -2759,6 +2761,7 @@ int confserver_cb(struct gconffile **cf, void *arg, char *block, char *opt, char return 0; } memset(conf, 0, sizeof(struct clsrvconf)); + conf->loopprevention = UCHAR_MAX; /* Uninitialized. */ resconf = (struct clsrvconf *)arg; if (resconf) { conf->statusserver = resconf->statusserver; @@ -2784,6 +2787,7 @@ int confserver_cb(struct gconffile **cf, void *arg, char *block, char *opt, char "RetryInterval", CONF_LINT, &retryinterval, "RetryCount", CONF_LINT, &retrycount, "DynamicLookupCommand", CONF_STR, &conf->dynamiclookupcommand, + "LoopPrevention", CONF_BLN, &conf->loopprevention, NULL )) { debug(DBG_ERR, "configuration error"); diff --git a/radsecproxy.h b/radsecproxy.h index 4601259..7528f7f 100644 --- a/radsecproxy.h +++ b/radsecproxy.h @@ -98,6 +98,7 @@ struct clsrvconf { uint8_t dupinterval; uint8_t certnamecheck; uint8_t addttl; + uint8_t loopprevention; struct rewrite *rewritein; struct rewrite *rewriteout; pthread_mutex_t *lock; /* only used for updating clients so far */ |