Access-Reject in a php script
Alan DeKok
aland at deployingradius.com
Tue Oct 30 15:10:14 CET 2007
Patric wrote:
> Alan DeKok wrote:
> Is that src/main/exec.c or src/main/auth.c?
Sorry, src/main/auth.c
> If I look at src/main/auth.c I see the following :
>
> int rad_authenticate(REQUEST *request)
> {
> ...
> /* Get the user's authorization information from the database */
> autz_redo:
> result = module_authorize(autz_type, request);
> switch (result) {
> case RLM_MODULE_NOOP:
> case RLM_MODULE_NOTFOUND:
> case RLM_MODULE_OK:
> case RLM_MODULE_UPDATED:
> break;
> case RLM_MODULE_FAIL:
Delete this line.
> case RLM_MODULE_HANDLED:
> return result;
> case RLM_MODULE_INVALID:
Put a copy of that line here.
> case RLM_MODULE_REJECT:
> case RLM_MODULE_USERLOCK:
> default:
> ...
>
> Is this the code you are referring to? Should RLM_MODULE_FAIL go in with
> the last few that drop into the default case?
Yes.
> Makes sense, because the default case returns a reject...
> Alan you are a genius!
Sometimes. If you look at who wrote that code in the first place...
> Is this even considered a bug? Can we expect this to be changed in the
> future?
Yes.
> Thanks a stack for all the time Alan!
You're welcome.
Alan DeKok.
More information about the Freeradius-Users
mailing list