Hi Alan
We did the following changes in code
1. File:
src/modules/rlm_eap/types/rlm_eap_gtc/rlm_eap_gtc.c
In function gtc_initiate(void *type_data, EAP_HANDLER *handler)
Added following lines with reference to the
src/modules/rlm_eap/types/rlm_eap_mschapv2/rlm_eap_mschapv2.c file
#ifdef WITH_PROXY
/*
* The EAP session doesn't have enough information to
* proxy the inside EAP protocol. Disable EAP proxying.
*/
handler-request-options = ~RAD_REQUEST_OPTION_PROXY_EAP;
#endif
2. We also added the following functions in rlm_eap_gtc file
static int gtc_postproxy(EAP_HANDLER *handler, void *tunnel_data)
3. If we try to add callback for post proxy in gtc_authenticate() function its
start crashing.
If we assign the callback function as NULL then we are able to set the
User-Password in Proxy EAP-PEAP_GTC.
But the access challenge thrown by Radius server is never sent back to
client.
The modified rlm_eap_gtc.c is attached for your reference.
We want to forward the access challenge thrown by server back to client.
Can someone help what more changes are required to achieve this?
Thanks n regards
Sankalp Dubey
-Original Message-
From: freeradius-users-bounces+sankalp_dubey=symantec@lists.freeradius.org
[mailto:freeradius-users-bounces+sankalp_dubey=symantec@lists.freeradius.org]
On Behalf Of Alan DeKok
Sent: Wednesday, May 08, 2013 6:53 PM
To: FreeRadius users mailing list
Subject: Re: Free radius as Proxy EAP-PEAP-GTC User-Password is never set
Sankalp Dubey wrote:
Can you please provide some pointers on where to carry out code change to
achieve this.
Well... looking at the EAP-GTC code would be a good start.
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
/*
* rlm_eap_gtc.cHandles that are called from eap
*
* Version: $Id$
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
*
* Copyright 2003,2006 The FreeRADIUS server project
*/
#include freeradius-devel/ident.h
RCSID($Id$)
#include freeradius-devel/autoconf.h
#include stdio.h
#include stdlib.h
#include eap.h
#include freeradius-devel/rad_assert.h
/*
* EAP-GTC is just ASCII data carried inside of the EAP session.
* The length of the data is indicated by the encapsulating EAP
* protocol.
*/
typedef struct rlm_eap_gtc_t {
const char *challenge;
const char *auth_type_name;
int auth_type;
} rlm_eap_gtc_t;
static CONF_PARSER module_config[] = {
{ challenge, PW_TYPE_STRING_PTR,
offsetof(rlm_eap_gtc_t, challenge), NULL, Password: },
{ auth_type, PW_TYPE_STRING_PTR,
offsetof(rlm_eap_gtc_t, auth_type_name), NULL, PAP },
{ NULL, -1, 0, NULL, NULL } /* end the list */
};
/*
* Detach the module.
*/
static int gtc_detach(void *arg)
{
rlm_eap_gtc_t *inst = (rlm_eap_gtc_t *) arg;
free(inst);
return 0;
}
/*
* Attach the module.
*/
static int gtc_attach(CONF_SECTION *cs, void **instance)
{
rlm_eap_gtc_t *inst;
DICT_VALUE *dval;
inst = malloc(sizeof(*inst));
if (!inst) {
radlog(L_ERR, rlm_eap_gtc: out of memory);
return -1;
}
memset(inst, 0, sizeof(*inst));
/*
* Parse the configuration attributes.
*/
if (cf_section_parse(cs, inst, module_config) 0) {
gtc_detach(inst);
return -1;
}
dval = dict_valbyname(PW_AUTH_TYPE, inst-auth_type_name);
if (!dval) {
radlog(L_ERR, rlm_eap_gtc: Unknown Auth-Type %s,
inst-auth_type_name);
gtc_detach(inst);
return -1;
}
inst-auth_type = dval-value;
*instance = inst;
return 0;
}
/*
* Initiate the EAP-GTC session by sending a challenge to the peer.
*/
static int gtc_initiate(void *type_data, EAP_HANDLER *handler)
{
char challenge_str[1024] = {0};
int length;
EAP_DS *eap_ds = handler-eap_ds;
rlm_eap_gtc_t *inst = (rlm_eap_gtc_t *) type_data;
if (!radius_xlat(challenge_str, sizeof
