If "load Cookie" returns a failure code change reply packet type

diff --git a/share/dictionary/ldap/dictionary.freeradius.internal b/share/dictionary/ldap/dictionary.freeradius.internal
index c5d0c00c76decea359156e1f2ffd69cd2170b452..056823029d9d85832e57d9c6513721bb61e32a09 100644 (file)
--- a/share/dictionary/ldap/dictionary.freeradius.internal
+++ b/share/dictionary/ldap/dictionary.freeradius.internal
@@ -22,8 +22,9 @@ VALUE Packet-Type                     Delete                  4
 VALUE  Packet-Type                     Response                5
 VALUE  Packet-Type                     Cookie-Load             6
 VALUE  Packet-Type                     Cookie-Load-Response    7
-VALUE  Packet-Type                     Cookie-Store            8
-VALUE  Packet-Type                     Cookie-Store-Response   9
+VALUE  Packet-Type                     Cookie-Load-Fail        8
+VALUE  Packet-Type                     Cookie-Store            9
+VALUE  Packet-Type                     Cookie-Store-Response   10
 VALUE  Packet-Type                     Do-Not-Respond          255
 
 ATTRIBUTE      Sync-Packet-ID                          1001    integer

diff --git a/src/lib/ldap/sync.h b/src/lib/ldap/sync.h
index a5ff07d2e28582ae779b50e60fb60d179dcd357d..e4e2327a548c5f87d13df73709c62642e38f7eaa 100644 (file)
--- a/src/lib/ldap/sync.h
+++ b/src/lib/ldap/sync.h
@@ -45,6 +45,8 @@ typedef enum {
                                                        //!< Before the sync starts, request any previously stored cookie.
        FR_LDAP_SYNC_CODE_COOKIE_LOAD_RESPONSE  = FR_PACKET_TYPE_VALUE_COOKIE_LOAD_RESPONSE,
                                                        //!< Response with the returned cookie.
+       FR_LDAP_SYNC_CODE_COOKIE_LOAD_FAIL      = FR_PACKET_TYPE_VALUE_COOKIE_LOAD_FAIL,
+                                                       //!< Response when coolie load fails
        FR_LDAP_SYNC_CODE_COOKIE_STORE          = FR_PACKET_TYPE_VALUE_COOKIE_STORE,
                                                        //!< The server has sent a new cookie.
        FR_LDAP_SYNC_CODE_COOKIE_STORE_RESPONSE = FR_PACKET_TYPE_VALUE_COOKIE_STORE_RESPONSE,

diff --git a/src/process/ldap_sync/base.c b/src/process/ldap_sync/base.c
index 117b5a431b993883861528a373d5d570e7ecece4..d185c16bae6d92e50dcf8d7fb7531bacc79c53f0 100644 (file)
--- a/src/process/ldap_sync/base.c
+++ b/src/process/ldap_sync/base.c
@@ -157,6 +157,12 @@ static fr_process_state_t const process_state[] = {
                .resume = resume_send_generic,
        },
        [ FR_LDAP_SYNC_CODE_COOKIE_LOAD ] = {
+               .packet_type = {
+                       [RLM_MODULE_FAIL]     = FR_LDAP_SYNC_CODE_COOKIE_LOAD_FAIL,
+                       [RLM_MODULE_INVALID]  = FR_LDAP_SYNC_CODE_COOKIE_LOAD_FAIL,
+                       [RLM_MODULE_REJECT]   = FR_LDAP_SYNC_CODE_COOKIE_LOAD_FAIL,
+                       [RLM_MODULE_DISALLOW] = FR_LDAP_SYNC_CODE_COOKIE_LOAD_FAIL
+               },
                .default_reply = FR_LDAP_SYNC_CODE_COOKIE_LOAD_RESPONSE,
                .rcode = RLM_MODULE_NOOP,
                .recv = recv_generic,
@@ -168,6 +174,11 @@ static fr_process_state_t const process_state[] = {
                .send = send_generic,
                .resume = resume_send_generic,
        },
+       [ FR_LDAP_SYNC_CODE_COOKIE_LOAD_FAIL ] = {
+               .rcode = RLM_MODULE_NOOP,
+               .send = send_generic,
+               .resume = resume_send_generic
+       },
        [ FR_LDAP_SYNC_CODE_COOKIE_STORE ] = {
                .default_reply = FR_LDAP_SYNC_CODE_COOKIE_STORE_RESPONSE,
                .rcode = RLM_MODULE_NOOP,