On 02/15/2012 05:18 PM, Alexander Hartmaier wrote:
Hello Alex,
> The inner TLS packet is matched by
> <Handler Client-Identifier="wlancontroller", TunnelledByPEAP=1>
> but in case we want to have multiple SSIDs using PEAP-something we can't
> distinguish the inner request because the Called-Station-Id isn't
> included in the inner request.
>
> Is there an option which attributes get copied to the inner request packet?
You can use PreHandlerHook. It is now documented in 4.9 ref.pdf too:
5.20.65 PreHandlerHook
For EAP types that carry inner requests (such as PEAP, TTLS, FAST
etc), specifies a Perl hook to be called before the inner request
is redispatched to a matching Realm or Handler.
In the outer Handler do something like this:
PreHandlerHook sub { \
my $tp = ${$_[0]}; \
$tp->add_attr('Called-Station-Id', \
$tp->{outerRequest}->get_attr('Called-Station-Id')); \
};
tp stands for tunnelled packet. It can be manipulated with
PreHandlerHook from the outer Handler.
Thanks!
Heikki
--
Heikki Vatiainen <[email protected]>
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
NetWare etc.
_______________________________________________
radiator mailing list
[email protected]
http://www.open.com.au/mailman/listinfo/radiator
