Custom handling of EAP module reject

Thu Apr 6 14:30:49 CEST 2017

Hello Alan,

2017-04-06 14:14 GMT+02:00 Alan DeKok <aland at deployingradius.com>:

> On Apr 6, 2017, at 7:29 AM, Alberto Martínez via Freeradius-Users <
> freeradius-users at lists.freeradius.org> wrote:
> > I want to make a SQL call whenever the EAP module fails in authorize. I
> > have tried with a redundant block but the SQL call is not a module and
> was
> > ignored.
>
>   What does that mean?
>
>   Please post EXACTLY what you did.  Saying "I tried things and it didn't
> work" is unhelpful.
>

I mean this:

server rogue-inner-tunnel {
...
authorize {
        ....
        redundant {
                eap_rogue
                "%{sql_custom:<redacted>}"
        }
        ....
}
...
}

>
> > How can I intercept the reject action?
> > And, even better: How can I access from unlang to the "TLS Alert
> > read:fatal:unknown CA" string?
>
>   In v3, you can't.
>

Oh, ok :(
Where could I? Was it in v1 or v2 Or will be in v4?

Thank you!