rcode = RLM_MODULE_OK;
/*
+ * Delete MPPE keys & encryption policy. We don't
+ * want these here.
+ */
+ pairdelete(&reply->vps, ((311 << 16) | 7));
+ pairdelete(&reply->vps, ((311 << 16) | 8));
+ pairdelete(&reply->vps, ((311 << 16) | 16));
+ pairdelete(&reply->vps, ((311 << 16) | 17));
+
+ /*
* MS-CHAP2-Success means that we do NOT return
* an Access-Accept, but instead tunnel that
* attribute to the client, and keep going with
t->authenticated = TRUE;
/*
- * Delete MPPE keys & encryption policy. We don't
- * want these here.
- */
- pairdelete(&reply->vps, ((311 << 16) | 7));
- pairdelete(&reply->vps, ((311 << 16) | 8));
- pairdelete(&reply->vps, ((311 << 16) | 16));
- pairdelete(&reply->vps, ((311 << 16) | 17));
-
- /*
* Use the tunneled reply, but not now.
*/
if (t->use_tunneled_reply) {
} else { /* no MS-CHAP2-Success */
/*
* Can only have EAP-Message if there's
- * no MS-CHAP2-Success. (FIXME: EAP-MSCHAP?)
+ * no MS-CHAP2-Success.
*
* We also do NOT tunnel the EAP-Success
* attribute back to the client, as the client