----- Original Message -----
From: "野村 建" <[EMAIL PROTECTED]>
> I want my freeradius to send Access-Reject packet with Reply-Message in
it,
>
> so that NAS can alert user in some fancy way when authentication fails.
> But, it's not working so far.
> When authentication succeeds, my freeradius sends Access-Accept packet
> with Reply-Message in it, but this is not the way I want it to be.
>
> According to RFC, Access-Reject packet MAY contain Reply-Message.
> I have searched this ML, and found out that freeradius normally contain
> Reply-Message in Access-Reject packet if Reply-Message is configured.
>
> So my question is:
> Why my freeradius doesn't put Reply-Message into Access-Reject packet,
and
> how can I fix this problem?
>
> I have attached some logs below.
> I really need help.
> Any information would be greatly appreciated.
I have sent a patch for this, but probably it wasn't accepted.
Maybe you now a better way to patch, so that it's accepted?
Here's my patch, which works fine for my needs:
--- src/main/auth.c.orig 2003-08-27 15:57:17.000000000 +0200
+++ src/main/auth.c 2003-08-27 16:02:34.000000000 +0200
@@ -805,15 +805,18 @@
* had a non-zero exit status.
*/
if (umsg[0] == '\0') {
- user_msg = "\r\nAccess denied (external check failed).";
+ /* Don't tell NAS that auth failed by external check */
+ user_msg = NULL;
} else {
user_msg = &umsg[0];
}
request->reply->code = PW_AUTHENTICATION_REJECT;
- tmp = pairmake("Reply-Message", user_msg, T_OP_SET);
-
- pairadd(&request->reply->vps, tmp);
+ /* Only add reply-message when one is available */
+ if (user_msg != NULL) {
+ tmp = pairmake("Reply-Message", user_msg, T_OP_SET);
+ pairadd(&request->reply->vps, tmp);
+ }
rad_authlog("Login incorrect (external check failed)",
request, 0);
Thor.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
