Well... I can see on the source code (auth.c) that FR send the reply.

static int check_expiration(REQUEST *request)
        VALUE_PAIR *check_item;
        VALUE_PAIR *vp;

        check_item = pairfind(request->config_items, PW_EXPIRATION);

        if (!check_item)  return 0;

         *      Has this user's password expired?
         *      If so, remove ALL reply attributes,
         *      and add our own Reply-Message, saying
         *      why they're being rejected.
        if (((time_t) check_item->lvalue) <= request->timestamp) {
                vp = pairmake("Reply-Message",
                              "Password Has Expired\r\n",
                request->reply->vps = vp;
                return -1;

Or... should I check another file ?


On 3/14/2007, "Alan DeKok" <[EMAIL PROTECTED]> wrote:

>PD wrote:
>> I think the same too... cause expiration is not the new attribute.
>> The expiration attribute itself working fine, the only problem is no
>> explanation to user when the system reject him/her.
>  You can edit the code to produce the message, or run the CVS head.
>  Alan DeKok.
>  http://deployingradius.com       - The web site of the book
>  http://deployingradius.com/blog/ - The blog
>List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Reply via email to