On 04/02/2014 09:49 PM, Heikki Vatiainen wrote:
> PostAuthHook sub { my $rp = ${$_[1]};
> $rp->changeUserName($rp->{inner_identity}); }
>
> PEAP and TTLS both export the inner EAP identity (or TTLS inner username
> when EAP is not used). The inner identity is exported to outer reply
> message and can be retrieved as above.
> Note: I noticed that if EAP, for example EAP-MSCHAP-V2, is used for
> inner TTLS, the export seems not to work currently. We'll need to check why.
This is now fixed in the latest patches for 4.12.1. The EAP identity or
User-Name from TTLS tunnelled message is now available with
$rp->{inner_identity}.
Thanks,
Heikki
--
Heikki Vatiainen <h...@open.com.au>
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
NetWare etc.
_______________________________________________
radiator mailing list
radiator@open.com.au
http://www.open.com.au/mailman/listinfo/radiator
