- switch (vp->da->vendor) {
- case VENDORPEC_MICROSOFT:
- /* FIXME must be a better way to capture/re-derive this later for ISK */
- switch(vp->da->attr) {
- case PW_MSCHAP_MPPE_SEND_KEY:
- memcpy(t->isk.mppe_send, vp->vp_octets, CHAP_VALUE_LENGTH);
- break;
-
- case PW_MSCHAP_MPPE_RECV_KEY:
- memcpy(t->isk.mppe_recv, vp->vp_octets, CHAP_VALUE_LENGTH);
- break;
-
- case PW_MSCHAP2_SUCCESS:
- RDEBUG("Got %s, tunneling it to the client in a challenge", vp->da->name);
- rcode = RLM_MODULE_HANDLED;
- if (t->use_tunneled_reply) {
- t->authenticated = true;
- /*
- * Clean up the tunneled reply.
- */
- fr_pair_delete_by_num(&reply->vps, PW_PROXY_STATE, 0, TAG_ANY);
- fr_pair_delete_by_num(&reply->vps, PW_EAP_MESSAGE, 0, TAG_ANY);
- fr_pair_delete_by_num(&reply->vps, PW_MESSAGE_AUTHENTICATOR, 0, TAG_ANY);
-
- /*
- * Delete MPPE keys & encryption policy. We don't
- * want these here.
- */
- fr_pair_delete_by_num(&reply->vps, 7, VENDORPEC_MICROSOFT, TAG_ANY);
- fr_pair_delete_by_num(&reply->vps, 8, VENDORPEC_MICROSOFT, TAG_ANY);
- fr_pair_delete_by_num(&reply->vps, 16, VENDORPEC_MICROSOFT, TAG_ANY);
- fr_pair_delete_by_num(&reply->vps, 17, VENDORPEC_MICROSOFT, TAG_ANY);
-
- fr_pair_list_free(&t->accept_vps); /* for proxying MS-CHAP2 */
- fr_pair_list_mcopy_by_num(t, &t->accept_vps, &reply->vps, 0, 0, TAG_ANY);
- rad_assert(!reply->vps);
- }
- break;
-
- default:
- break;
- }