try again. It's 'e'window because I am reserving twindow for
time synchronous modes.
+ radiusd.conf: x99_token must be listed in both the authorize and
+ authenticate stanzas. In the authorize code, x99_token will set
+ the Auth-Type to x99_token (ie, itself) if the Auth-Type attribute
+ isn't already present. You can use this to selectively authenticate
+ users via a token. Any examples I could give here would be poor,
+ and subject to other modules' [changing] operations, so it's probably
+ best to direct any questions to freeradius-users@lists.cistron.nl.
6. FILES
/*
* TODO: all requests (success or fail) should take ~ the same amount of time.
* TODO: x99_pwe: change add_vps to success_vps and fail_vps.
- * TODO: add Auth-Type config item if not present?
* TODO: support soft PIN? ???
* TODO: support other than ILP32 (for State)
*/
int i, rc;
x99_user_info_t user_info;
- int user_found, auth_type;
+ int user_found, auth_type_found;
int pwattr;
int32_t sflags = 0; /* flags for state */
VALUE_PAIR *vp;
- /* Early exit if Auth-Type == reject */
+ /* Early exit if Auth-Type != x99_token */
+ auth_type_found = 0;
if ((vp = pairfind(request->config_items, PW_AUTHTYPE)) != NULL) {
- auth_type = 1;
- if (!strcmp(vp->strvalue, "Reject")) {
+ auth_type_found = 1;
+ if (strcmp(vp->strvalue, "x99_token")) {
return RLM_MODULE_NOOP;
}
- } else {
- auth_type = 0;
}
/* The State attribute will be present if this is a response. */
}
pairadd(&request->config_items, vp);
DEBUG("rlm_x99_token: autz: using fast_sync");
+
+ if (!auth_type_found)
+ pairadd(&request->config_items,
+ pairmake("Auth-Type", "x99_token", T_OP_EQ));
return RLM_MODULE_OK;
}
request->reply->code = PW_ACCESS_CHALLENGE;
DEBUG("rlm_x99_token: Sending Access-Challenge.");
+ if (!auth_type_found)
+ pairadd(&request->config_items,
+ pairmake("Auth-Type", "x99_token", T_OP_EQ));
return RLM_MODULE_HANDLED;
}