From 901e6e6135d5cc853fd1ba0a61df89a2f99bebb6 Mon Sep 17 00:00:00 2001
From: Stefan Paetow <spaetow@users.noreply.github.com>
Date: Fri, 6 Nov 2015 16:21:17 +0000
Subject: [PATCH] Update abfab-tr-idp

Add the 'new' tunneled attribute stuff to the ABFAB server too!
---
 raddb/sites-available/abfab-tr-idp | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/raddb/sites-available/abfab-tr-idp b/raddb/sites-available/abfab-tr-idp
index d4e53a9b4e..30a671f924 100644
--- a/raddb/sites-available/abfab-tr-idp
+++ b/raddb/sites-available/abfab-tr-idp
@@ -52,6 +52,19 @@ authenticate {
 #  Once we KNOW that the user has been authenticated, there are
 #  additional steps we can take.
 post-auth {
+	#
+	#  For EAP-TTLS and PEAP, add the cached attributes to the reply.
+	#  The "session-state" attributes are automatically cached when
+	#  an Access-Challenge is sent, and automatically retrieved
+	#  when an Access-Request is received.
+	#
+	#  The session-state attributes are automatically deleted after
+	#  an Access-Reject or Access-Accept is sent.
+	#
+	update {
+		&reply: += &session-state:
+	}
+
 	#  Create the CUI value and add the attribute to Access-Accept.
 	#  Uncomment the line below if *returning* the CUI.
 #	cui
-- 
2.47.2