"",
"identity",
"notification",
- "nak",
+ "nak", /* NAK */
"md5",
"otp",
"gtc",
"14",
"15",
"16",
- "leap" /* 17 */
+ "leap", /* 17 */
+ "18",
+ "19",
+ "20",
+ "ttls", /* 21 */
+ "22",
+ "23",
+ "24",
+ "peap" /* 25 */
};
/*
eaptype = &handler->eap_ds->response->type;
switch(eaptype->type) {
case PW_EAP_IDENTITY:
+ DEBUG2(" rlm_eap: EAP Identity");
if (eaptype_call(type, INITIATE, type_list, handler) == 0)
return EAP_INVALID;
break;
case PW_EAP_NAK:
+ DEBUG2(" rlm_eap: EAP NAK");
/*
* It is invalid to request identity, notification & nak in nak
*/
(eaptype->data[0] < PW_EAP_MD5)) {
return EAP_INVALID;
}
+
+ /*
+ * The one byte of NAK data is the preferred EAP type
+ * of the client.
+ */
switch (eaptype->data[0]) {
case PW_EAP_MD5:
case PW_EAP_TLS:
+ case PW_EAP_LEAP:
/*
* eap-type specified in typdata is supported
*/
return EAP_INVALID;
break;
default :
+ DEBUG2(" rlm_eap: Unknown EAP type %d, reverting to default_eap_type",
+ eaptype->data[0]);
/*
* Unsupported type, default to configured one.
* or rather reject it
* to match this EAP-Message to an ongoing conversation.
*/
if (eap_msg->length != EAP_START) {
+ DEBUG2(" rlm_eap: EAP Start not found");
return EAP_NOTFOUND;
}
DEBUG2(" rlm_eap: Got EAP_START message");
if ((eapstart = eap_ds_alloc()) == NULL) {
+ DEBUG2(" rlm_eap: EAP Start failed in allocation");
return EAP_FAIL;
}