If so, I'll clarify my understanding of what needs to happen. In eap.c/eap_start, I can return EAP_OK instead of EAP_NOOP for the proxy case. I dont see any other cases where EAP_OK is returned now. Then in rlm_eap.c/eap_authorize, in the switch statement for the eap_start return code, I can add an EAP_OK case that will return RLM_MODULE_OK. I can also add a config note in doc/rlm_eap.
Dave
Alan DeKok wrote:
Dave Mason <[EMAIL PROTECTED]> wrote:
Along the way, I noticed that in the 1.0 server code, rlm_eap returns NOOP both for Access-Requests with an EAP-Message to be proxied and for Access-Requests with no EAP at all. It would be useful for me to write a configurable failover block in the authorize section of radiusd.conf that distinguishes between the two.
Ok...
Maybe it could return HANDLED in that case?
No. That return code means there's a RADIUS reply packet ready to be sent to the client. Maybe RLM_MODULE_NOOP for no EAP-Message, and RLM_MODULE_OK for an EAP-Message which will be proxied.
This should also be documented in the "man" page for rlm_eap.
Alan DeKok.
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
