*** proxy.c.orig	Mon Apr 10 20:50:49 2000
--- proxy.c	Tue Apr 11 10:33:30 2000
***************
*** 230,236 ****
   */
  int proxy_send(AUTH_REQ *authreq, int activefd)
  {
! 	VALUE_PAIR		*namepair;
  	VALUE_PAIR		*vp, *pp;
  	AUTH_HDR		*auth;
  	char			*secret_key;
--- 230,236 ----
   */
  int proxy_send(AUTH_REQ *authreq, int activefd)
  {
! 	VALUE_PAIR		*namepair, *realmpair;
  	VALUE_PAIR		*vp, *pp;
  	AUTH_HDR		*auth;
  	char			*secret_key;
***************
*** 265,281 ****
  	strcpy(saved_username, namepair->strvalue);
  
  	/*
! 	 *	Find the realm from the _end_ so that we can
! 	 *	cascade realms: user@realm1@realm2.
! 	 *	A NULL realm is OK.
! 	 *	If not found, we treat it as usual).
  	 */
! 	ptr = authreq->username[0] ?
! 		(char *)authreq->username : namepair->strvalue;
! 	if ((realmname = strrchr(ptr, '@')) != NULL)
! 		realmname++;
! 	if ((realm = realm_find(realmname ? realmname : "NULL")) == NULL)
  		return 0;
  
  	/*
  	 *	If "hints" was not set, we have to use the original
--- 265,303 ----
  	strcpy(saved_username, namepair->strvalue);
  
  	/*
! 	 *	Look up realm from attribute or username
  	 */
! 
! 	if ((realmpair = pairfind(authreq->request, PW_REALM)) != NULL) {
! 
! 		realmname = realmpair->strvalue;
! 
! 	} else {
! 
! 		/*
! 		 *	Find the realm from the _end_ so that we can
! 		 *	cascade realms: user@realm1@realm2.
! 		 *	A NULL realm is OK.
! 		 *	If not found, we treat it as usual).
! 		 */
! 
! 		ptr = authreq->username[0] ?
! 			(char *)authreq->username : namepair->strvalue;
! 		if ((realmname = strrchr(ptr, '@')) != NULL)
! 			realmname++;
! 	}
! 
! #if 0 /*DEBUG*/
! 	printf("realm is %s\n", realmname);
! #endif
! 
! 	if (((realm = realm_find(realmname ? realmname : "NULL")) == NULL)
! 		&& (realmname == NULL))
  		return 0;
+ 	if ((realmname) && (realm == NULL)) {
+ 		/* fix me.  should return failure */
+ 		return -1;
+ 	}
  
  	/*
  	 *	If "hints" was not set, we have to use the original
*** radius.h.orig	Mon Apr 10 13:37:57 2000
--- radius.h	Mon Apr 10 17:51:13 2000
***************
*** 134,139 ****
--- 134,140 ----
  #define PW_HINT				1040
  #define PAM_AUTH_ATTR			1041
  #define PW_LOGIN_TIME			1042
+ #define PW_REALM			1043
  
  /*
   *	INTEGER TRANSLATIONS
*** dictionary.old      Mon Apr 10 12:41:04 2000
--- /etc/raddb/dictionary       Mon Apr 10 17:50:50 2000
***************
*** 119,124 ****
--- 119,125 ----
  ATTRIBUTE     Hint                    1040    string
  ATTRIBUTE     Pam-Auth                1041    string
  ATTRIBUTE     Login-Time              1042    string
+ ATTRIBUTE     Realm                   1043    string

  #
  #     Non-Protocol Attributes