Brings up a good Question.
Does anybody have a list or know where to locate a list of what Windows
will respond to the customer when recieveing a message other than Access
denied?
It'd sure be nice to send msg back to windows user saying "You have
exceeded your time limit". Or "Your account is suspended, contact
xxx-xxx-xxxx"
At 06:38 PM 11/20/2001 +0500, you wrote:
>Hello!
>
>Today I update my radiusd (01/09/18) to latest snapshot.
>
>It's good feature to use Exec-Program-Wait output as additional AV-pair or as
>Reply-Message. AV-pair transmitted ok.
>Reply-Message is not.
>
>in doc/README:
>------------------------------
> For backwards compatibility, if the output doesn't look like valid
> radius A/V pairs, the output is taken as a message and added to the
> reply sent to the NAS as Port-Message.
>------------------------------
>
>
>What's on practice:
>------------------------------
>Ready to process requests.
>rad_recv: Access-Request packet from host x.x.x.x:1749, id=248, length=162
> User-Name = "mmike"
> Password = "\0240\242\351>\320i\034\027\257\315\035}\233\274\257"
> NAS-IP-Address = x.x.x.x
> NAS-Port = 20109
> NAS-Port-Type = Async
> Service-Type = Login-User
> Calling-Station-Id = "00000000"
> Ascend-Calling-Id-Type-Of-Num = Unknown
> Ascend-Calling-Id-Number-Plan = ISDN-Telephony
> Ascend-Calling-Id-Presentatn = Allowed
> Ascend-Calling-Id-Screening = User-Not-Screened
> Acct-Session-Id = "367234457"
> Ascend-Data-Rate = 33600
> Ascend-Xmit-Rate = 31200
>Exec-Program: /etc/ppp/radauth
>Exec-Program-Wait: value-pairs: Limit exceeded
>Exec-Program: returned: 1
>Login incorrect (external check failed): [mmike] (from nas local port
>20109 cli
>00000000)
>Sending Access-Reject of id 248 to x.x.x.x:1749
> Reply-Message = "\r\nAccess denied (external check failed)."
>------------------------------
>
>i.e.
>Exec-Program: /etc/ppp/radauth
>Exec-Program-Wait: value-pairs: Limit exceeded <--------+
>Exec-Program: returned: 1 |
> my NAS had to receive this string as Reply-Message ----+
>
>but it got
>Reply-Message = "\r\nAccess denied (external check failed)."
>instead
>
>bug was is near userparse().
>old (v0.2) code:
>-----------------------
>...
> do {
> previous_token = last_token;
> if ((vp = pairread(&p, &last_token)) == NULL) {
> return -1;
> }
> pairadd(first_pair, vp);
>...
>-----------------------
>
>
>new one:
>-----------------------
>...
> do {
> previous_token = last_token;
> if ((vp = pairread(&p, &last_token)) == NULL) {
> return T_INVALID;
> }
> pairadd(first_pair, vp);
> } while (*p && (last_token == T_COMMA));
>...
>-----------------------
>
>Difference is: 'return -1;' and 'return T_INVALID;'
>T_INVALID declared as 'T_INVALID = 0,' in src/include/token.h
>
>
>in radius_exec_program() fragment
>----------------------------------------------------
> vp = NULL;
> n = userparse(answer, &vp);
> if (vp)
> pairfree(&vp);
>
> if (n < 0) {
> radlog(L_DBG, "Exec-Program-Wait: plaintext: %s",
> answer);
>-----------------------------------------------------
>
>'(n < 0)' always FALSE.
>
>
>I think, LRAD_TOKEN must be expanded with "-1" value.
>I'll try change 'if (n < 0) {' in radius_exec_program()
>to 'if (n == T_INVALID)'. "AVP"-like responses becomes "Reply-Message".
>:(
>
>I'll try change 'return T_INVALID;' to 'return -1' in 'userparse()' -
>it's not working good too (possible type mismatch).
>
>
>Mike.
>
>
>
>-
>List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
------
Nathan Miller - [EMAIL PROTECTED]
VISP Technologies - "Building Better ISPs"
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
