Access to the attributes lists in different sections

work vlpl thework.vlpl at
Fri Apr 27 20:27:54 CEST 2018

> On Fri, 27 Apr 2018 at 23:08, Alan DeKok <aland at>
> wrote:
>    Yes, I know.  The server automatically does this.

>    If you try the v3.0.x branch from github, it should now work for you.

Thank you for quick patch, but it is not helped.
Your patch indeed will fix the issue with the early removal of the session.
But I think my issue happens by other reason.
I believe, that rad_postauth() function is called after rad_authenticate().
And the last one has code, that handle proxy request.

Please look again at this line
I think this line, and  487 line, will delete session, when home server
return Access-Reject, or call to it failed.

I added more debug printf inctruction before 481 line

RDEBUG("request->parent cast to int %d", request->parent);

And this is output

(6) eap: Sending EAP Failure (code 4) ID 6 length 4
(6)     [eap] = reject
(6)   } # post-proxy = reject
(6) request->parent cast to int 0
(6) >>>>>>>>>>> DISCARDING SESSION-STATE <<<<<<<<<<
(6) Using Post-Auth-Type Reject

To fix this issue I would delete the lines 481 and 487. Because session
anyway will be cleared in rad_postauth(). But I am sure you more better
know freeradius code than me. And can decide is it safe to delete it or not.

More information about the Freeradius-Users mailing list