]> git.ipfire.org Git - thirdparty/freeradius-server.git/commitdiff
projects / thirdparty / freeradius-server.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: e9a9951)
save all attributes in the Access-Accept when proxying EAP-MSCHAPv2 as plain MSCHAP...
authorPhil Mayers <p.mayers@imperial.ac.uk>
Thu, 7 Jul 2011 15:39:11 +0000 (16:39 +0100)
committerAlan T. DeKok <aland@freeradius.org>
Sat, 9 Jul 2011 11:52:28 +0000 (13:52 +0200)
src/modules/rlm_eap/types/rlm_eap_mschapv2/eap_mschapv2.h patch | blob | blame | history
src/modules/rlm_eap/types/rlm_eap_mschapv2/rlm_eap_mschapv2.c patch | blob | blame | history

diff --git a/src/modules/rlm_eap/types/rlm_eap_mschapv2/eap_mschapv2.h b/src/modules/rlm_eap/types/rlm_eap_mschapv2/eap_mschapv2.h
index 96cba416f6f8ceaca2ab7a7c9ed6a7a8914708c2..cc027bd846d73177644c4e74ca063dcfabecdcdb 100644 (file)
--- a/src/modules/rlm_eap/types/rlm_eap_mschapv2/eap_mschapv2.h
+++ b/src/modules/rlm_eap/types/rlm_eap_mschapv2/eap_mschapv2.h
@@ -45,6 +45,7 @@ typedef struct mschapv2_opaque_t {
        int             code;
        uint8_t         challenge[MSCHAPV2_CHALLENGE_LEN];
        VALUE_PAIR      *mppe_keys;
+       VALUE_PAIR      *reply;
 } mschapv2_opaque_t;
 
 #endif /*_EAP_MSCHAPV2_H*/
diff --git a/src/modules/rlm_eap/types/rlm_eap_mschapv2/rlm_eap_mschapv2.c b/src/modules/rlm_eap/types/rlm_eap_mschapv2/rlm_eap_mschapv2.c
index b217db916b344cc2cc68de801e9ebab69d81898c..94819cb64ea0acab96f2a4f5dd97b5e324b5e55f 100644 (file)
--- a/src/modules/rlm_eap/types/rlm_eap_mschapv2/rlm_eap_mschapv2.c
+++ b/src/modules/rlm_eap/types/rlm_eap_mschapv2/rlm_eap_mschapv2.c
@@ -62,6 +62,7 @@ static void free_data(void *ptr)
        mschapv2_opaque_t *data = ptr;
 
        pairfree(&data->mppe_keys);
+       pairfree(&data->reply);
        free(data);
 }
 
@@ -271,6 +272,7 @@ static int mschapv2_initiate(void *type_data, EAP_HANDLER *handler)
        data->code = PW_EAP_MSCHAPV2_CHALLENGE;
        memcpy(data->challenge, challenge->vp_strvalue, MSCHAPV2_CHALLENGE_LEN);
        data->mppe_keys = NULL;
+       data->reply = NULL;
 
        handler->opaque = data;
        handler->free_opaque = free_data;
@@ -366,6 +368,13 @@ static int mschap_postproxy(EAP_HANDLER *handler, void *tunnel_data)
         */
        fix_mppe_keys(handler, data);
 
+       /*
+        * save any other attributes for re-use in the final
+        * access-accept e.g. vlan, etc. This lets the PEAP
+        * use_tunneled_reply code work
+        */
+       data->reply = paircopy(handler->request->reply->vps);
+
        /*
         *      And we need to challenge the user, not ack/reject them,
         *      so we re-write the ACK to a challenge.  Yuck.
@@ -486,6 +495,8 @@ static int mschapv2_authenticate(void *arg, EAP_HANDLER *handler)
                 */
                handler->request->options &= ~RAD_REQUEST_OPTION_PROXY_EAP;
 #endif
+               pairadd(&handler->request->reply->vps, data->reply);
+               data->reply = NULL;
 
                eap_ds->request->code = PW_EAP_SUCCESS;
 
Mirror of https://github.com/FreeRADIUS/freeradius-server.git