8 Feb
2008
8 Feb
'08
4:58 a.m.
Arran Cudbard-Bell wrote:
But it appears the eap module releases the tunneled reply into the current reply list, then everything skips to post-auth.
Hmm... yes. The intent of the "authenticate" section was to run *one* module, not to do more than that. The comments in raddb/sites-enabled/default explain that "unlang" rules *should* be run in the post-auth section, not the authenticate section.
# # Allow EAP authentication. Auth-Type EAP { eap
I suppost that the rule of "call one thing" in the authenticate section could be extended to allow unlang inside of an Auth-Type section.
Is this intentional ?
Yes. Alan DeKok.