]> git.ipfire.org Git - thirdparty/freeradius-server.git/commitdiff
projects / thirdparty / freeradius-server.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 54e7b45)
configuration to allow empty identities for TEAP
authorAlan T. DeKok <aland@freeradius.org>
Fri, 7 Jul 2023 14:32:46 +0000 (10:32 -0400)
committerAlan T. DeKok <aland@freeradius.org>
Fri, 7 Jul 2023 14:32:46 +0000 (10:32 -0400)
src/modules/rlm_eap/eap.c patch | blob | blame | history
src/modules/rlm_eap/rlm_eap.c patch | blob | blame | history
src/modules/rlm_eap/rlm_eap.h patch | blob | blame | history

diff --git a/src/modules/rlm_eap/eap.c b/src/modules/rlm_eap/eap.c
index 14b1c756fc550c7cfaa95366a4395b4da030128a..b355d8c2562efd22084cb11e6af69d62dbe2bee7 100644 (file)
--- a/src/modules/rlm_eap/eap.c
+++ b/src/modules/rlm_eap/eap.c
@@ -1226,10 +1226,14 @@ eap_handler_t *eap_handler(rlm_eap_t *inst, eap_packet_raw_t **eap_packet_p,
                 */
                handler->identity = eap_identity(request, handler, eap_packet);
                if (!handler->identity) {
-                       RDEBUG("Identity Unknown, authentication failed");
-               error2:
-                       talloc_free(handler);
-                       goto error;
+                       if (!inst->allow_empty_identities) {
+                               RDEBUG("Identity Unknown, authentication failed");
+                       error2:
+                               talloc_free(handler);
+                               goto error;
+                       }
+
+                       handler->identity = "";
                }
 
               vp = fr_pair_find_by_num(request->packet->vps, PW_USER_NAME, 0, TAG_ANY);
diff --git a/src/modules/rlm_eap/rlm_eap.c b/src/modules/rlm_eap/rlm_eap.c
index 25601cce44efc58e12bee360311fb76e7163e04d..fbd75e9dbaae2bea224497174a3529587ce90bc1 100644 (file)
--- a/src/modules/rlm_eap/rlm_eap.c
+++ b/src/modules/rlm_eap/rlm_eap.c
@@ -38,6 +38,7 @@ static const CONF_PARSER module_config[] = {
        { "max_eap_type", FR_CONF_OFFSET(PW_TYPE_INTEGER, rlm_eap_t, max_eap_type), "52" },
        { "ignore_unknown_eap_types", FR_CONF_OFFSET(PW_TYPE_BOOLEAN, rlm_eap_t, ignore_unknown_types), "no" },
        { "cisco_accounting_username_bug", FR_CONF_OFFSET(PW_TYPE_BOOLEAN, rlm_eap_t, mod_accounting_username_bug), "no" },
+       { "allow_empty_identities", FR_CONF_OFFSET(PW_TYPE_BOOLEAN, rlm_eap_t, allow_empty_identities), NULL },
        { "max_sessions", FR_CONF_OFFSET(PW_TYPE_INTEGER, rlm_eap_t, max_sessions), "2048" },
        CONF_PARSER_TERMINATOR
 };
diff --git a/src/modules/rlm_eap/rlm_eap.h b/src/modules/rlm_eap/rlm_eap.h
index 0b9311cd83a32ea741b51cb656017179772b3f73..930b763b6a653233e027289425aceb4a5a74b28f 100644 (file)
--- a/src/modules/rlm_eap/rlm_eap.h
+++ b/src/modules/rlm_eap/rlm_eap.h
@@ -63,6 +63,7 @@ typedef struct rlm_eap {
 
        bool            ignore_unknown_types;
        bool            mod_accounting_username_bug;
+       bool            allow_empty_identities;
 
        uint32_t        max_sessions;
 
Mirror of https://github.com/FreeRADIUS/freeradius-server.git