Re: 1.1.4 - TTLS - missing attributes

To: FreeRadius users mailing list <freeradius-users@lists.freeradius.org>
Subject: Re: 1.1.4 - TTLS - missing attributes
From: Alan DeKok <aland@deployingradius.com>
Date: Fri, 16 Feb 2007 09:35:00 +0100
In-reply-to: <45D484F3.4000209@hardarson.se>
References: <45D484F3.4000209@hardarson.se>
Reply-to: FreeRadius users mailing list <freeradius-users@lists.freeradius.org>
User-agent: Thunderbird 1.5.0.9 (Windows/20061207)

Bjarni Hardarson wrote:
> Hi list!
> 
> Recently upgraded from 1.1.3 to 1.1.4 to support EAP-PEAP for Windows 
> Vista clients. That works fine but now I got problems with missing reply 
> attributes for Mac OSX clients using EAP-TTLS.
> 
> FreeRADIUS sends an Access-Challenge with the correct attributes but 
> they are missing from the final Access-Accept.

  Please try the attached patch.  If it works, I'll add it to 1.1.5.

  Alan DeKok.
--
  http://deployingradius.com       - The web site of the book
  http://deployingradius.com/blog/ - The blog

? src/modules/rlm_eap/radeapclient
Index: src/modules/rlm_eap/types/rlm_eap_ttls/eap_ttls.h
===================================================================
RCS file: /source/radiusd/src/modules/rlm_eap/types/rlm_eap_ttls/eap_ttls.h,v
retrieving revision 1.5.4.1
diff -u -r1.5.4.1 eap_ttls.h
--- src/modules/rlm_eap/types/rlm_eap_ttls/eap_ttls.h	6 Feb 2006 16:23:57 -0000	1.5.4.1
+++ src/modules/rlm_eap/types/rlm_eap_ttls/eap_ttls.h	16 Feb 2007 08:33:25 -0000
@@ -27,6 +27,7 @@
 typedef struct ttls_tunnel_t {
 	VALUE_PAIR	*username;
 	VALUE_PAIR	*state;
+	VALUE_PAIR	*reply;
 	int		authenticated;
 	int		default_eap_type;
 	int		copy_request_to_tunnel;
Index: src/modules/rlm_eap/types/rlm_eap_ttls/ttls.c
===================================================================
RCS file: /source/radiusd/src/modules/rlm_eap/types/rlm_eap_ttls/ttls.c,v
retrieving revision 1.17.2.2.2.3
diff -u -r1.17.2.2.2.3 ttls.c
--- src/modules/rlm_eap/types/rlm_eap_ttls/ttls.c	18 Oct 2006 21:49:47 -0000	1.17.2.2.2.3
+++ src/modules/rlm_eap/types/rlm_eap_ttls/ttls.c	16 Feb 2007 08:33:25 -0000
@@ -611,6 +611,9 @@
 			DEBUG2("  TTLS: Got MS-CHAP2-Success, tunneling it to the client in a challenge.");
 			rcode = RLM_MODULE_HANDLED;
 			t->authenticated = TRUE;
+			
+			t->reply = reply->vps;
+			reply->vps = NULL;
 		} else { /* no MS-CHAP2-Success */
 			/*
 			 *	Can only have EAP-Message if there's
@@ -643,8 +646,13 @@
 		 */
 		if (t->use_tunneled_reply) {
 			pairdelete(&reply->vps, PW_PROXY_STATE);
-			pairadd(&request->reply->vps, reply->vps);
-			reply->vps = NULL;
+
+			if (!t->reply) {
+				pairadd(&request->reply->vps, reply->vps);
+				reply->vps = NULL;
+			} else {
+				pairadd(&request->reply->vps, reply->vps);
+			}
 		}
 		break;

Follow-Ups:
- Re: 1.1.4 - TTLS - missing attributes
  - From: Alan DeKok <aland@deployingradius.com>

References:
- 1.1.4 - TTLS - missing attributes
  - From: Bjarni Hardarson <freeradius@hardarson.se>

Previous by Date: Re: [unclas] Configure FreeRadius to generate new accounting file by hour
Next by Date: Re: 1.1.4 - TTLS - missing attributes
Previous by Thread: Re: 1.1.4 - TTLS - missing attributes
Next by Thread: Re: 1.1.4 - TTLS - missing attributes
Freeradius-Users February 2007 archives indexes sorted by: [ thread ] [ subject ] [ author ] [ date ]
Freeradius-Users list archive Table of Contents
More information about the Freeradius-Users mailing list

This archive was generated by a fusion of Pipermail (Mailman edition) and MHonArc.