X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=src%2Fmodules%2Frlm_mschap%2Frlm_mschap.c;h=584f0a09d4163d2075c372f9b9d88dcb36f87e36;hb=f828d8972effb854cee6617eb4e54c47e0261b29;hp=16f7d59013517921547e8ccae0a377106a0b3003;hpb=8e8f7ed07f1e3418a73404e25d5c9200f7c19c84;p=freeradius.git

diff --git a/src/modules/rlm_mschap/rlm_mschap.c b/src/modules/rlm_mschap/rlm_mschap.c
index 16f7d59..584f0a0 100644
--- a/src/modules/rlm_mschap/rlm_mschap.c
+++ b/src/modules/rlm_mschap/rlm_mschap.c
@@ -234,7 +234,7 @@ static size_t mschap_xlat(void *instance, REQUEST *request,
 			 *	We prefer this to the User-Name in the
 			 *	packet.
 			 */
-			response_name = pairfind(request->packet->vps, PW_MS_CHAP_USER_NAME);
+			response_name = pairfind(request->packet->vps, PW_MS_CHAP_USER_NAME, 0);
 			if (response_name) {
 				name_attr = response_name;
 			} else {
@@ -704,7 +704,24 @@ static int do_mschap(rlm_mschap_t *inst,
 					     buffer, sizeof(buffer),
 					     NULL, NULL, 1);
 		if (result != 0) {
+			char *p;
+			VALUE_PAIR *vp = NULL;
+
 			RDEBUG2("External script failed.");
+
+			vp = pairmake("Module-Failure-Message", "", T_OP_EQ);
+			if (!vp) {
+				radlog_request(L_ERR, 0, request, "No memory to allocate Module-Failure-Message");
+				return RLM_MODULE_FAIL;
+			}
+
+			p = strchr(buffer, '\n');
+			if (p) *p = '\0';
+			snprintf(vp->vp_strvalue, sizeof(vp->vp_strvalue),
+				"%s: External script says %s",
+				 inst->xlat_name, buffer);
+			vp->length = strlen(vp->vp_strvalue);
+			pairadd(&request->reply->vps, vp);
 			return -1;
 		}
 
@@ -893,7 +910,7 @@ static int mschap_authorize(void * instance, REQUEST *request)
 	}
 
 	if (pairfind(request->config_items, PW_AUTH_TYPE, 0)) {
-		RDEBUG2("Found existing Auth-Type.  Not changing it.");
+		RDEBUG2("WARNING: Auth-Type already set.  Not setting to MS-CHAP");
 		return RLM_MODULE_NOOP;
 	}
 
@@ -1069,7 +1086,7 @@ static int mschap_authenticate(void * instance, REQUEST *request)
 			     PW_MSCHAP_CHALLENGE,
 			     VENDORPEC_MICROSOFT);
 	if (!challenge) {
-		RDEBUG2("No MS-CHAP-Challenge in the request");
+		RDEBUG("ERROR: You set 'Auth-Type = MS-CHAP' for a request that does not contain any MS-CHAP attributes!");
 		return RLM_MODULE_REJECT;
 	}
 
@@ -1169,7 +1186,7 @@ static int mschap_authenticate(void * instance, REQUEST *request)
 		 *	We prefer this to the User-Name in the
 		 *	packet.
 		 */
-		response_name = pairfind(request->packet->vps, PW_MS_CHAP_USER_NAME);
+		response_name = pairfind(request->packet->vps, PW_MS_CHAP_USER_NAME, 0);
 		if (response_name) {
 			name_attr = response_name;
 		} else {
@@ -1252,7 +1269,7 @@ static int mschap_authenticate(void * instance, REQUEST *request)
 		chap = 2;
 
 	} else {		/* Neither CHAPv1 or CHAPv2 response: die */
-		radlog_request(L_AUTH, 0, request, "No MS-CHAP response found");
+		RDEBUG("ERROR: You set 'Auth-Type = MS-CHAP' for a request that does not contain any MS-CHAP attributes!");
 		return RLM_MODULE_INVALID;
 	}