eap-ttls/mschapv2 versus eap-peap/mschapv2 behaviour
Phil Mayers
p.mayers at imperial.ac.uk
Thu Jul 18 13:15:15 CEST 2013
On 18/07/13 12:02, Olivier Beytrison wrote:
> Sure we don't want that. But we could imagine a form of integration of
> rlm_cache within eap. One of the benefit would be that we could save
> attribute present in other lists (like control in my case). That way we
> could work on those attributes in post-auth.
>
> Actually I need to put them in reply (in order for them to be saved),
> and in post-auth I need to remove them (or through attr_filters).
So just write a suitable cache config and wrap it in a policy, then
submit a patch?
I could probably do it, but I don't have the time right now.
At minimum the effect of "ok = return" should probably be documented in
comments in the default configs; at least it won't be as surprising then.
More information about the Freeradius-Devel
mailing list