--- orig/mod_auth_radius.c	2003-03-25 23:05:00.000000000 +0100
+++ mod_auth_radius.c	2004-06-03 17:55:43.000000000 +0200
@@ -1,6 +1,10 @@
 /* ====================================================================
  * Copyright (c) 1997-2002 The Apache Group.  All rights reserved.
  *
+ *
+ * Changed 2004 by Folke Ashberg <folke@ashberg.de>
+ *   Added per-directory parameter nasname
+ *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
  * are met:
@@ -302,7 +306,7 @@
 #define DPRINTF printf
 #else
 #define DPRINTF
-#endif DEBUG_RADIUS
+#endif /* DEBUG_RADIUS */
 
 /*
   RFC 2138 says that this port number is wrong, but everyone's using it.
@@ -438,6 +442,7 @@
   int active;                   /* Are we doing RADIUS in this dir? */
   int authoritative;		/* is RADIUS authentication authoritative? */
   int timeout;			/* cookie time valid */
+  char *nasname;		/* nasname sent to radius */
 } radius_dir_config_rec;
 
 /* Per-dir configuration create */
@@ -451,6 +456,7 @@
   rec->active = 1;              /* active by default */  
   rec->authoritative = 1;	/* authoritative by default */
   rec->timeout = 0;		/* let the server config decide timeouts */
+  rec->nasname = NULL;		/* set nasname to NULL */
   return rec;
 }
 
@@ -561,6 +567,11 @@
     OR_AUTHCFG, FLAG,
     "per-directory toggle the use of RADIUS authentication." },
 
+  { "AuthRadiusNasName", set_string_slot,
+    (void*)XtOffsetOf(radius_dir_config_rec, nasname),
+    OR_AUTHCFG, TAKE1,
+    "per-directory nas name sent to radius server." },
+
   { NULL }
 };
 
@@ -674,7 +685,7 @@
    * benefit here.
    */  
   ap_snprintf(one, COOKIE_SIZE, "%s%s%s%s%s%08x", scr->secret,
-	      c->user, passwd, c->remote_ip, hostname, expires);
+	      c->user, passwd, c->remote_ip, hostname, (unsigned int)expires);
 
   /* if you're REALLY worried about what's going on */
 #if 0
@@ -690,10 +701,10 @@
   ap_snprintf(two, COOKIE_SIZE, "%s%s", scr->secret, ap_md5(r->pool, one));
   if (string == NULL) {
     ap_snprintf(cookie, COOKIE_SIZE, "%s%08x",
-		ap_md5(r->pool, two), expires);
+		ap_md5(r->pool, two), (unsigned int)expires);
   } else {
     ap_snprintf(cookie, COOKIE_SIZE, "%s%08x%s",
-		ap_md5(r->pool, two), expires, string);
+		ap_md5(r->pool, two), (unsigned int)expires, string);
   }
   return cookie;
 }
@@ -772,7 +783,8 @@
 
 /* There's a lot of parameters to this function, but it does a lot of work */
 static int
-radius_authenticate(request_rec *r, radius_server_config_rec *scr, 
+radius_authenticate(request_rec *r, radius_server_config_rec *scr,
+		    radius_dir_config_rec *rec,
 		    int sockfd, int code, char *recv_buffer,
 		    const char *user, const char *passwd_in, const char *state, 
 		    unsigned char *vector, char *errstr)
@@ -783,7 +795,7 @@
   fd_set set;
   int retries = scr->retries;
   struct timeval tv;
-  int rcode;
+  int rcode = -1;
   struct in_addr *ip_addr;
   
   unsigned char misc[RADIUS_RANDOM_VECTOR_LEN];
@@ -850,8 +862,8 @@
   
   /* ************************************************************ */
   /* Tell the RADIUS server which virtual server we're coming from */
-  add_attribute(packet, RADIUS_NAS_IDENTIFIER, r->server->server_hostname,
-		strlen(r->server->server_hostname));
+  add_attribute(packet, RADIUS_NAS_IDENTIFIER, rec->nasname,
+		strlen(rec->nasname));
 
   /* ************************************************************ */
   /* Tell the RADIUS server which IP address we're coming from */
@@ -977,7 +989,7 @@
 
 /* authentication module utility functions */
 static int
-check_pw(request_rec *r, radius_server_config_rec *scr, const char *user, const char *passwd_in, const char *state, char *message, char *errstr)
+check_pw(request_rec *r, radius_server_config_rec *scr, radius_dir_config_rec *rec, const char *user, const char *passwd_in, const char *state, char *message, char *errstr)
 {
   struct sockaddr_in *sin;
   struct sockaddr salocal;
@@ -1014,7 +1026,7 @@
     return FALSE;
   }
 
-  rcode = radius_authenticate(r, scr, sockfd, RADIUS_ACCESS_REQUEST, recv_buffer, user, passwd_in, state, vector, errstr);
+  rcode = radius_authenticate(r, scr, rec, sockfd, RADIUS_ACCESS_REQUEST, recv_buffer, user, passwd_in, state, vector, errstr);
 
   close(sockfd);		/* we're done with it */
 
@@ -1139,7 +1151,12 @@
   
   if (!rec->active || !scr->radius_ip)	/*  not active here, or no radius */
     return DECLINED;                    /*  server declared, decline      */
-  
+  if (!rec->nasname){
+      errstr[0]='\0';
+      ap_snprintf(errstr, MAX_STRING_LEN-1, "AuthRadiusNasName not set!");
+      log_reason (errstr, r->uri, r);
+      return HTTP_INTERNAL_SERVER_ERROR;
+  }
   if ((res = get_basic_auth_pw(r, &sent_pw)))
     return res;
 
@@ -1191,7 +1208,7 @@
   }
 
   /* Check the password, and fill in the error string if an error happens */
-  if (!(check_pw(r, scr, c->user, sent_pw, state, message, errstr))) {
+  if (!(check_pw(r, scr, rec, c->user, sent_pw, state, message, errstr))) {
     DPRINTF("RADIUS authentication for user=%s password=%s failed\n",
 	    c->user, sent_pw);
     if (!(rec->authoritative)) {