]> git.ipfire.org Git - thirdparty/freeradius-server.git/commitdiff
projects / thirdparty / freeradius-server.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 283ba67)
set flag indicating that authentication succeeded.
authorAlan T. DeKok <aland@freeradius.org>
Wed, 3 Mar 2021 12:26:27 +0000 (07:26 -0500)
committerAlan T. DeKok <aland@freeradius.org>
Wed, 3 Mar 2021 12:26:27 +0000 (07:26 -0500)
not used much for now, but will do in the future.

src/include/tls-h patch | blob | blame | history
src/modules/rlm_eap/types/rlm_eap_fast/eap_fast.c patch | blob | blame | history
src/modules/rlm_eap/types/rlm_eap_peap/peap.c patch | blob | blame | history
src/modules/rlm_eap/types/rlm_eap_ttls/ttls.c patch | blob | blame | history

diff --git a/src/include/tls-h b/src/include/tls-h
index f9429dce3471b5f24fb647a5e085ab748f5c99d1..ee22c0683e6f5531a8cedf9244ca83a42984a768 100644 (file)
--- a/src/include/tls-h
+++ b/src/include/tls-h
@@ -140,6 +140,7 @@ typedef struct _tls_session_t {
        bool            connected;                      //!< whether the outgoing socket is connected
        bool            is_init_finished;               //!< whether or not init is finished
        bool            client_cert_ok;                 //!< whether or not we validated the client certificate
+       bool            authentication_success;         //!< whether or not the user was authenticated (cert or PW)
 
        /*
         *      Framed-MTU attribute in RADIUS, if present, can also be used to set this
diff --git a/src/modules/rlm_eap/types/rlm_eap_fast/eap_fast.c b/src/modules/rlm_eap/types/rlm_eap_fast/eap_fast.c
index cdfc7bf8f18d0e2253846942acd06a6adbaa4184..fa2d6ff1eb60bfaa021bfc4dc27e50691e3c45c0 100644 (file)
--- a/src/modules/rlm_eap/types/rlm_eap_fast/eap_fast.c
+++ b/src/modules/rlm_eap/types/rlm_eap_fast/eap_fast.c
@@ -780,6 +780,7 @@ static rlm_rcode_t CC_HINT(nonnull) process_reply( eap_handler_t *eap_session,
        switch (reply->code) {
        case PW_CODE_ACCESS_ACCEPT:
                RDEBUG("Got tunneled Access-Accept");
+               tls_session->authentication_success = true;
                rcode = RLM_MODULE_OK;
 
                for (vp = fr_cursor_init(&cursor, &reply->vps); vp; vp = fr_cursor_next(&cursor)) {
diff --git a/src/modules/rlm_eap/types/rlm_eap_peap/peap.c b/src/modules/rlm_eap/types/rlm_eap_peap/peap.c
index 647163ba1f73425b6f44e9a2a1e523d17e5769d8..371ee8e4ecd2db6e4550da965d11e5a4a3f77564 100644 (file)
--- a/src/modules/rlm_eap/types/rlm_eap_peap/peap.c
+++ b/src/modules/rlm_eap/types/rlm_eap_peap/peap.c
@@ -442,6 +442,7 @@ static rlm_rcode_t CC_HINT(nonnull) process_reply(eap_handler_t *handler, tls_se
        switch (reply->code) {
        case PW_CODE_ACCESS_ACCEPT:
                RDEBUG2("Tunneled authentication was successful");
+               tls_session->authentication_success = true;
                t->status = PEAP_STATUS_SENT_TLV_SUCCESS;
                eappeap_success(handler, tls_session);
                rcode = RLM_MODULE_HANDLED;
diff --git a/src/modules/rlm_eap/types/rlm_eap_ttls/ttls.c b/src/modules/rlm_eap/types/rlm_eap_ttls/ttls.c
index 40d398a9be8b10f945b31ab16c41652db955f731..4e01134af5a37ca6f4e1b7b4605cbf09a5123f67 100644 (file)
--- a/src/modules/rlm_eap/types/rlm_eap_ttls/ttls.c
+++ b/src/modules/rlm_eap/types/rlm_eap_ttls/ttls.c
@@ -647,6 +647,7 @@ static rlm_rcode_t CC_HINT(nonnull) process_reply(eap_handler_t *handler, tls_se
         */
        switch (reply->code) {
        case PW_CODE_ACCESS_ACCEPT:
+               tls_session->authentication_success = true;
                RDEBUG("Got tunneled Access-Accept");
 
                rcode = RLM_MODULE_OK;
Mirror of https://github.com/FreeRADIUS/freeradius-server.git