17 Mar
2015
17 Mar
'15
4:21 p.m.
Hi. So, as we've discussed previously, setting use_tunneled_reply is really kind of undesirable with methods like mschapv2 that generate their own keys. Also, it tends to do undesirable things and expose the channel binding messages to the outer reply. based on the documentation it sounds like I ought to be able to use the session-state list to move attributes between the inner tunnel and outer tunnel. however, in inner-tunnel's post auth section update session-state { session-state:User-Name = &Request:User-Name } returns noop. First, should session-state work for this purpose? If so, what am I doing wrong?