From: Arran Cudbard-Bell Date: Thu, 4 Jun 2015 16:27:36 +0000 (-0600) Subject: print the string version of the return code from eaptls_process X-Git-Tag: release_3_0_9~271 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=08252cbad98ae5454c08e706738b61c82419a925;p=thirdparty%2Ffreeradius-server.git print the string version of the return code from eaptls_process --- diff --git a/src/modules/rlm_eap/types/rlm_eap_peap/rlm_eap_peap.c b/src/modules/rlm_eap/types/rlm_eap_peap/rlm_eap_peap.c index 33f7fab5045..e56b54402ea 100644 --- a/src/modules/rlm_eap/types/rlm_eap_peap/rlm_eap_peap.c +++ b/src/modules/rlm_eap/types/rlm_eap_peap/rlm_eap_peap.c @@ -237,47 +237,48 @@ static int mod_process(void *arg, eap_handler_t *handler) } status = eaptls_process(handler); - RDEBUG2("eaptls_process returned %d\n", status); + if ((status == FR_TLS_INVALID) || (status == FR_TLS_FAIL)) { + REDEBUG("eaptls_process returned \"%s\"", fr_int2str(fr_tls_status_table, status, "")); + } else { + RDEBUG2("eaptls_process returned \"%s\"", fr_int2str(fr_tls_status_table, status, "")); + } + switch (status) { - /* - * EAP-TLS handshake was successful, tell the - * client to keep talking. - * - * If this was EAP-TLS, we would just return - * an EAP-TLS-Success packet here. - */ + /* + * EAP-TLS handshake was successful, tell the + * client to keep talking. + * + * If this was EAP-TLS, we would just return + * an EAP-TLS-Success packet here. + */ case FR_TLS_SUCCESS: - RDEBUG2("FR_TLS_SUCCESS"); peap->status = PEAP_STATUS_TUNNEL_ESTABLISHED; break; + /* + * The TLS code is still working on the TLS + * exchange, and it's a valid TLS request. + * do nothing. + */ + case FR_TLS_HANDLED: /* - * The TLS code is still working on the TLS - * exchange, and it's a valid TLS request. - * do nothing. + * FIXME: If the SSL session is established, grab the state + * and EAP id from the inner tunnel, and update it with + * the expected EAP id! */ - case FR_TLS_HANDLED: - /* - * FIXME: If the SSL session is established, grab the state - * and EAP id from the inner tunnel, and update it with - * the expected EAP id! - */ - RDEBUG2("FR_TLS_HANDLED"); return 1; - /* - * Handshake is done, proceed with decoding tunneled - * data. - */ + /* + * Handshake is done, proceed with decoding tunneled + * data. + */ case FR_TLS_OK: - RDEBUG2("FR_TLS_OK"); break; /* * Anything else: fail. */ default: - RDEBUG2("FR_TLS_OTHERS"); return 0; } diff --git a/src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c b/src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c index 5c5193c74e7..3a76be845b5 100644 --- a/src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c +++ b/src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c @@ -139,15 +139,20 @@ static int CC_HINT(nonnull) mod_process(void *type_arg, eap_handler_t *handler) RDEBUG2("Authenticate"); status = eaptls_process(handler); - RDEBUG2("eaptls_process returned %d\n", status); + if ((status == FR_TLS_INVALID) || (status == FR_TLS_FAIL)) { + REDEBUG("eaptls_process returned \"%s\"", fr_int2str(fr_tls_status_table, status, "")); + } else { + RDEBUG2("eaptls_process returned \"%s\"", fr_int2str(fr_tls_status_table, status, "")); + } + switch (status) { - /* - * EAP-TLS handshake was successful, return an - * EAP-TLS-Success packet here. - * - * If a virtual server was configured, check that - * it accepts the certificates, too. - */ + /* + * EAP-TLS handshake was successful, return an + * EAP-TLS-Success packet here. + * + * If a virtual server was configured, check that + * it accepts the certificates, too. + */ case FR_TLS_SUCCESS: if (inst->virtual_server) { VALUE_PAIR *vp; diff --git a/src/modules/rlm_eap/types/rlm_eap_ttls/rlm_eap_ttls.c b/src/modules/rlm_eap/types/rlm_eap_ttls/rlm_eap_ttls.c index 1b6b0e54210..2915a891617 100644 --- a/src/modules/rlm_eap/types/rlm_eap_ttls/rlm_eap_ttls.c +++ b/src/modules/rlm_eap/types/rlm_eap_ttls/rlm_eap_ttls.c @@ -228,7 +228,12 @@ static int mod_process(void *arg, eap_handler_t *handler) * Process TLS layer until done. */ status = eaptls_process(handler); - RDEBUG2("eaptls_process returned %d\n", status); + if ((status == FR_TLS_INVALID) || (status == FR_TLS_FAIL)) { + REDEBUG("eaptls_process returned \"%s\"", fr_int2str(fr_tls_status_table, status, "")); + } else { + RDEBUG2("eaptls_process returned \"%s\"", fr_int2str(fr_tls_status_table, status, "")); + } + switch (status) { /* * EAP-TLS handshake was successful, tell the