InnerAttributes not escaped when transmitted to outter
Alan DeKok
aland at deployingradius.com
Tue Jun 2 13:30:35 CEST 2009
Arran Cudbard-Bell wrote:
> Currently attributes in outer.reply are not inserted if:
>
> 1) You're doing EAP-TTLS-MSCHAPv2
I set "use_tunneled_reply = yes", and I get the reply attributes
copied from the inner tunnel to the outer tunnel.
And if I do "update outer.reply" with an attribute, it works for me
with EAP-TTLS-MSCHAPv2.
> 2) The inner sever issued a reject
Yes... that may be easy to fix. See ttls.c, look for 'case
PW_AUTHENTICATION_REJECT:'. And copy the lines above 'if
(t->use_tunneled_reply)...' to that 'case' statement.
That should work...
> These two cases need to be fixed for predictable behaviour.
>
> Did you get a chance to look at that patch I sent ?
Later today.
Alan DeKok.
More information about the Freeradius-Users
mailing list