print the string version of the return code from eaptls_process

diff --git a/src/modules/rlm_eap/types/rlm_eap_peap/rlm_eap_peap.c b/src/modules/rlm_eap/types/rlm_eap_peap/rlm_eap_peap.c
index 33f7fab5045721f847f6fe58625bfae205c91412..e56b54402ea536b37245f66869b49ea7c6ae3125 100644 (file)
--- a/src/modules/rlm_eap/types/rlm_eap_peap/rlm_eap_peap.c
+++ b/src/modules/rlm_eap/types/rlm_eap_peap/rlm_eap_peap.c
@@ -237,47 +237,48 @@ static int mod_process(void *arg, eap_handler_t *handler)
        }
 
        status = eaptls_process(handler);
-       RDEBUG2("eaptls_process returned %d\n", status);
+       if ((status == FR_TLS_INVALID) || (status == FR_TLS_FAIL)) {
+               REDEBUG("eaptls_process returned \"%s\"", fr_int2str(fr_tls_status_table, status, "<INVALID>"));
+       } else {
+               RDEBUG2("eaptls_process returned \"%s\"", fr_int2str(fr_tls_status_table, status, "<INVALID>"));
+       }
+
        switch (status) {
-               /*
-                *      EAP-TLS handshake was successful, tell the
-                *      client to keep talking.
-                *
-                *      If this was EAP-TLS, we would just return
-                *      an EAP-TLS-Success packet here.
-                */
+       /*
+        *      EAP-TLS handshake was successful, tell the
+        *      client to keep talking.
+        *
+        *      If this was EAP-TLS, we would just return
+        *      an EAP-TLS-Success packet here.
+        */
        case FR_TLS_SUCCESS:
-               RDEBUG2("FR_TLS_SUCCESS");
                peap->status = PEAP_STATUS_TUNNEL_ESTABLISHED;
                break;
 
+       /*
+        *      The TLS code is still working on the TLS
+        *      exchange, and it's a valid TLS request.
+        *      do nothing.
+        */
+       case FR_TLS_HANDLED:
                /*
-                *      The TLS code is still working on the TLS
-                *      exchange, and it's a valid TLS request.
-                *      do nothing.
+                *      FIXME: If the SSL session is established, grab the state
+                *      and EAP id from the inner tunnel, and update it with
+                *      the expected EAP id!
                 */
-       case FR_TLS_HANDLED:
-         /*
-          *    FIXME: If the SSL session is established, grab the state
-          *    and EAP id from the inner tunnel, and update it with
-          *    the expected EAP id!
-          */
-               RDEBUG2("FR_TLS_HANDLED");
                return 1;
 
-               /*
-                *      Handshake is done, proceed with decoding tunneled
-                *      data.
-                */
+       /*
+        *      Handshake is done, proceed with decoding tunneled
+        *      data.
+        */
        case FR_TLS_OK:
-               RDEBUG2("FR_TLS_OK");
                break;
 
                /*
                 *      Anything else: fail.
                 */
        default:
-               RDEBUG2("FR_TLS_OTHERS");
                return 0;
        }
 

diff --git a/src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c b/src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c
index 5c5193c74e7dfddc2dcbcf38eede510d2d1fc217..3a76be845b5abde4975896c3091b6e637c8f0d71 100644 (file)
--- a/src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c
+++ b/src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c
@@ -139,15 +139,20 @@ static int CC_HINT(nonnull) mod_process(void *type_arg, eap_handler_t *handler)
        RDEBUG2("Authenticate");
 
        status = eaptls_process(handler);
-       RDEBUG2("eaptls_process returned %d\n", status);
+       if ((status == FR_TLS_INVALID) || (status == FR_TLS_FAIL)) {
+               REDEBUG("eaptls_process returned \"%s\"", fr_int2str(fr_tls_status_table, status, "<INVALID>"));
+       } else {
+               RDEBUG2("eaptls_process returned \"%s\"", fr_int2str(fr_tls_status_table, status, "<INVALID>"));
+       }
+
        switch (status) {
-               /*
-                *      EAP-TLS handshake was successful, return an
-                *      EAP-TLS-Success packet here.
-                *
-                *      If a virtual server was configured, check that
-                *      it accepts the certificates, too.
-                */
+       /*
+        *      EAP-TLS handshake was successful, return an
+        *      EAP-TLS-Success packet here.
+        *
+        *      If a virtual server was configured, check that
+        *      it accepts the certificates, too.
+        */
        case FR_TLS_SUCCESS:
                if (inst->virtual_server) {
                        VALUE_PAIR *vp;

diff --git a/src/modules/rlm_eap/types/rlm_eap_ttls/rlm_eap_ttls.c b/src/modules/rlm_eap/types/rlm_eap_ttls/rlm_eap_ttls.c
index 1b6b0e542102004a1c9b00605d2054909f4dcab5..2915a8916177deb3aaa68e27b90cb896bd200005 100644 (file)
--- a/src/modules/rlm_eap/types/rlm_eap_ttls/rlm_eap_ttls.c
+++ b/src/modules/rlm_eap/types/rlm_eap_ttls/rlm_eap_ttls.c
@@ -228,7 +228,12 @@ static int mod_process(void *arg, eap_handler_t *handler)
         *      Process TLS layer until done.
         */
        status = eaptls_process(handler);
-       RDEBUG2("eaptls_process returned %d\n", status);
+       if ((status == FR_TLS_INVALID) || (status == FR_TLS_FAIL)) {
+               REDEBUG("eaptls_process returned \"%s\"", fr_int2str(fr_tls_status_table, status, "<INVALID>"));
+       } else {
+               RDEBUG2("eaptls_process returned \"%s\"", fr_int2str(fr_tls_status_table, status, "<INVALID>"));
+       }
+
        switch (status) {
        /*
         *      EAP-TLS handshake was successful, tell the