Patric wrote:
Alan DeKok wrote: Is that src/main/exec.c or src/main/auth.c?
Sorry, src/main/auth.c
If I look at src/main/auth.c I see the following :
int rad_authenticate(REQUEST *request) { ... /* Get the user's authorization information from the database */ autz_redo: result = module_authorize(autz_type, request); switch (result) { case RLM_MODULE_NOOP: case RLM_MODULE_NOTFOUND: case RLM_MODULE_OK: case RLM_MODULE_UPDATED: break; case RLM_MODULE_FAIL:
Delete this line.
case RLM_MODULE_HANDLED: return result; case RLM_MODULE_INVALID:
Put a copy of that line here.
case RLM_MODULE_REJECT: case RLM_MODULE_USERLOCK: default: ...
Is this the code you are referring to? Should RLM_MODULE_FAIL go in with the last few that drop into the default case?
Yes.
Makes sense, because the default case returns a reject... Alan you are a genius!
Sometimes. If you look at who wrote that code in the first place...
Is this even considered a bug? Can we expect this to be changed in the future?
Yes.
Thanks a stack for all the time Alan!
You're welcome. Alan DeKok.