radius_server: clean up completed sessions sooner

radius_server_encapsulate_eap() resets sess->eap->if->eap{Success,Fail}
to FALSE, such that the completion condition is never true.

The net effect is that completed sessions would linger for
RADIUS_SESSION_TIMEOUT seconds.

Signed-off-by: Alex Badea <vamposdecampos@gmail.com>
Previously, the default settings allowed 100 sessions in 60 seconds.
With this fix, the default limit is now 100 sessions per 10 seconds.
[Bug 329]

diff --git a/src/radius/radius_server.c b/src/radius/radius_server.c
index f691752..1fb09c0 100644 (file)
--- a/src/radius/radius_server.c
+++ b/src/radius/radius_server.c
@@ -493,6 +493,7 @@ static int radius_server_request(struct radius_server_data *data,
        unsigned int state;
        struct radius_session *sess;
        struct radius_msg *reply;
+       int is_complete = 0;
 
        if (force_sess)
                sess = force_sess;
@@ -603,6 +604,9 @@ static int radius_server_request(struct radius_server_data *data,
                return -1;
        }
 
+       if (sess->eap_if->eapSuccess || sess->eap_if->eapFail)
+               is_complete = 1;
+
        reply = radius_server_encapsulate_eap(data, client, sess, msg);
 
        if (reply) {
@@ -644,7 +648,7 @@ static int radius_server_request(struct radius_server_data *data,
                client->counters.packets_dropped++;
        }
 
-       if (sess->eap_if->eapSuccess || sess->eap_if->eapFail) {
+       if (is_complete) {
                RADIUS_DEBUG("Removing completed session 0x%x after timeout",
                             sess->sess_id);
                eloop_cancel_timeout(radius_server_session_remove_timeout,