Reporting from logs - patch
Alan DeKok
aland at deployingradius.com
Wed Sep 26 10:33:11 CEST 2012
Matthew Newton wrote:
> There are three small commits -
It looks good. Send a pull request and I'll add it in.
> I've tested it with successes and failures for PAP, EAP-TLS
> (check-eap-tls), PEAP and EAP-TTLS (inner-tunnel), and all work as
> expected.
What about proxying the inner-tunnel stuff? That probably still
works, too.
> The only thing I'm slightly unsure about is (1) - it seems to
> behave as expected, and seems the right place to put it, but I'm
> not 100%. On why rad_postauth was previously removed from
> rad_authenticate for rejects, my guess would be that there are so
> many places that rad_authenticate return for a reject, it would be
> called from several places. It's just tidier to do an if() and
> call it once after rad_authenticate has returned. rad_postauth is
> called immediately on failure, so reject_delay doesn't seem the
> right reason. But that's just my guess.
I don't recall. The server is getting a bit complicated.
Part of the design goal of the new process.c state machine was to
simplify it. I think I've been partially successful, but more work is
required.
Alan DeKok.
More information about the Freeradius-Devel
mailing list