Re: EAP subtype as authorization

Fri, 07 Nov 2003 02:55:18 -0800 

On Fri, 7 Nov 2003, Artur Hecker wrote:

> hi kostas
>
> > We clearly aren't understanding each other :-)
> > And you didn't read what i asked you to, because you would find out it's exactly
> > what you want. Evidently i _wasn't_ talking about Auth-Type but about EAP-Type.
> > So please read the dictionary file for the values for EAP-Type.
>
> ok, sorry, i will take a look.
>
>
> > That's exactly what the patch i sent will do (at least from my quick pass
> > through the rlm_eap module code).
>
> ahem... you've sent a patch? where? :)

Hmm, typical :-)
Ok included

>
>
> ciao & thanks,
> artur
>
>
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>

--
Kostas Kalevras         Network Operations Center
[EMAIL PROTECTED]       National Technical University of Athens, Greece
Work Phone:             +30 210 7721861
'Go back to the shadow' Gandalf
===================================================================
RCS file: /source/radiusd/src/modules/rlm_eap/eap.c,v
retrieving revision 1.41
diff -u -r1.41 eap.c
--- eap.c       3 Nov 2003 16:12:44 -0000       1.41
+++ eap.c       6 Nov 2003 14:58:17 -0000
@@ -261,6 +261,7 @@
                 */
                DEBUG2("  rlm_eap: EAP NAK");
 
+
                /*
                 *      Delete old data, if necessary.
                 */
@@ -295,6 +296,12 @@
                               eaptype_type2name(default_eap_type),
                               eaptype_type2name(default_eap_type));
                }
+
+               if (inst->enforce_eap_type == 1){
+                       radlog(L_AUTH, "rlm_eap: enforce_eap_type is set to 'yes'. 
Rejecting NAK packet.");
+                       return EAP_INVALID;
+               }
+
 
                goto do_initiate;
                break;
Index: rlm_eap.c
===================================================================
RCS file: /source/radiusd/src/modules/rlm_eap/rlm_eap.c,v
retrieving revision 1.20
diff -u -r1.20 rlm_eap.c
--- rlm_eap.c   3 Sep 2003 15:19:31 -0000       1.20
+++ rlm_eap.c   6 Nov 2003 14:58:17 -0000
@@ -35,6 +35,8 @@
          offsetof(rlm_eap_t, timer_limit), NULL, "60"},
        { "ignore_unknown_eap_types", PW_TYPE_BOOLEAN,
          offsetof(rlm_eap_t, ignore_unknown_eap_types), NULL, "no" },
+       { "enforce_eap_type", PW_TYPE_BOOLEAN,
+         offsetof(rlm_eap_t, enforce_eap_type), NULL, "no" },
        
        { NULL, -1, 0, NULL, NULL }           /* end the list */
 };
Index: rlm_eap.h
===================================================================
RCS file: /source/radiusd/src/modules/rlm_eap/rlm_eap.h,v
retrieving revision 1.12
diff -u -r1.12 rlm_eap.h
--- rlm_eap.h   1 Nov 2003 01:09:13 -0000       1.12
+++ rlm_eap.h   6 Nov 2003 14:58:17 -0000
@@ -57,6 +57,7 @@
        int             timer_limit;
        int             default_eap_type;
        int             ignore_unknown_eap_types;
+       int             enforce_eap_type;
 
 #ifdef HAVE_PTHREAD_H
        pthread_mutex_t session_mutex;

Reply via email to