Hi,
Have a look at following code:
if (exec_program && exec_wait) {
r = radius_exec_program(exec_program, request,
exec_wait,
umsg, sizeof(umsg),
request->packet->vps, &tmp);
free(exec_program);
exec_program = NULL;
/*
* Always add the value-pairs to the reply.
*/
pairmove(&request->reply->vps, &tmp);
pairfree(&tmp);
The value pairs have been added to the reply (my script outputs
Reply-Message = "Your account has expired."
if (r != 0) {
/*
* Error. radius_exec_program() returns -1 on
* fork/exec errors, or >0 if the exec'ed
program
* had a non-zero exit status.
*/
Not sure why this is indicated as an error. If the script decides to rejects
a user, it returns 1, but that's no error.
if (umsg[0] == '\0') {
user_msg = "\r\nAccess denied (external
check failed).";
} else {
user_msg = &umsg[0];
}
I can understand this, there's no umsg, so provide a default Reply-Message.
request->reply->code = PW_AUTHENTICATION_REJECT;
tmp = pairmake("Reply-Message", user_msg, T_OP_SET);
pairadd(&request->reply->vps, tmp);
Shouldn't this only be added when there's not already a Reply-Message
attribute in &request->reply->vps ?!?
rad_authlog("Login incorrect (external check
failed)",
request, 0);
return RLM_MODULE_REJECT;
}
}
Thanx,
Thor Spruyt
System Engineer
Mobile: +32 (0)475 67 22 65
Email: [EMAIL PROTECTED]
Loose those wires ! www.sinfilo.com
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
