Brings up a good Question. Does anybody have a list or know where to locate a list of what Windows will respond to the customer when recieveing a message other than Access denied?
It'd sure be nice to send msg back to windows user saying "You have exceeded your time limit". Or "Your account is suspended, contact xxx-xxx-xxxx" At 06:38 PM 11/20/2001 +0500, you wrote: >Hello! > >Today I update my radiusd (01/09/18) to latest snapshot. > >It's good feature to use Exec-Program-Wait output as additional AV-pair or as >Reply-Message. AV-pair transmitted ok. >Reply-Message is not. > >in doc/README: >------------------------------ > For backwards compatibility, if the output doesn't look like valid > radius A/V pairs, the output is taken as a message and added to the > reply sent to the NAS as Port-Message. >------------------------------ > > >What's on practice: >------------------------------ >Ready to process requests. >rad_recv: Access-Request packet from host x.x.x.x:1749, id=248, length=162 > User-Name = "mmike" > Password = "\0240\242\351>\320i\034\027\257\315\035}\233\274\257" > NAS-IP-Address = x.x.x.x > NAS-Port = 20109 > NAS-Port-Type = Async > Service-Type = Login-User > Calling-Station-Id = "00000000" > Ascend-Calling-Id-Type-Of-Num = Unknown > Ascend-Calling-Id-Number-Plan = ISDN-Telephony > Ascend-Calling-Id-Presentatn = Allowed > Ascend-Calling-Id-Screening = User-Not-Screened > Acct-Session-Id = "367234457" > Ascend-Data-Rate = 33600 > Ascend-Xmit-Rate = 31200 >Exec-Program: /etc/ppp/radauth >Exec-Program-Wait: value-pairs: Limit exceeded >Exec-Program: returned: 1 >Login incorrect (external check failed): [mmike] (from nas local port >20109 cli >00000000) >Sending Access-Reject of id 248 to x.x.x.x:1749 > Reply-Message = "\r\nAccess denied (external check failed)." >------------------------------ > >i.e. >Exec-Program: /etc/ppp/radauth >Exec-Program-Wait: value-pairs: Limit exceeded <--------+ >Exec-Program: returned: 1 | > my NAS had to receive this string as Reply-Message ----+ > >but it got >Reply-Message = "\r\nAccess denied (external check failed)." >instead > >bug was is near userparse(). >old (v0.2) code: >----------------------- >... > do { > previous_token = last_token; > if ((vp = pairread(&p, &last_token)) == NULL) { > return -1; > } > pairadd(first_pair, vp); >... >----------------------- > > >new one: >----------------------- >... > do { > previous_token = last_token; > if ((vp = pairread(&p, &last_token)) == NULL) { > return T_INVALID; > } > pairadd(first_pair, vp); > } while (*p && (last_token == T_COMMA)); >... >----------------------- > >Difference is: 'return -1;' and 'return T_INVALID;' >T_INVALID declared as 'T_INVALID = 0,' in src/include/token.h > > >in radius_exec_program() fragment >---------------------------------------------------- > vp = NULL; > n = userparse(answer, &vp); > if (vp) > pairfree(&vp); > > if (n < 0) { > radlog(L_DBG, "Exec-Program-Wait: plaintext: %s", > answer); >----------------------------------------------------- > >'(n < 0)' always FALSE. > > >I think, LRAD_TOKEN must be expanded with "-1" value. >I'll try change 'if (n < 0) {' in radius_exec_program() >to 'if (n == T_INVALID)'. "AVP"-like responses becomes "Reply-Message". >:( > >I'll try change 'return T_INVALID;' to 'return -1' in 'userparse()' - >it's not working good too (possible type mismatch). > > >Mike. > > > >- >List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html ------ Nathan Miller - [EMAIL PROTECTED] VISP Technologies - "Building Better ISPs" - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html