eap-ttls/mschapv2 versus eap-peap/mschapv2 behaviour

Phil Mayers p.mayers at imperial.ac.uk
Thu Jul 18 13:15:15 CEST 2013


On 18/07/13 12:02, Olivier Beytrison wrote:

> Sure we don't want that. But we could imagine a form of integration of
> rlm_cache within eap. One of the benefit would be that we could save
> attribute present in other lists (like control in my case). That way we
> could work on those attributes in post-auth.
>
> Actually I need to put them in reply (in order for them to be saved),
> and in post-auth I need to remove them (or through attr_filters).

So just write a suitable cache config and wrap it in a policy, then 
submit a patch?

I could probably do it, but I don't have the time right now.

At minimum the effect of "ok = return" should probably be documented in 
comments in the default configs; at least it won't be as surprising then.


More information about the Freeradius-Devel mailing list