Well... I can see on the source code (auth.c) that FR send the reply.
static int check_expiration(REQUEST *request)
{
VALUE_PAIR *check_item;
VALUE_PAIR *vp;
check_item = pairfind(request->config_items, PW_EXPIRATION);
if (!check_item) return 0;
/*
* Has this user's password expired?
*
* If so, remove ALL reply attributes,
* and add our own Reply-Message, saying
* why they're being rejected.
*/
if (((time_t) check_item->lvalue) <= request->timestamp) {
vp = pairmake("Reply-Message",
"Password Has Expired\r\n",
T_OP_ADD);
pairfree(&request->reply->vps);
request->reply->vps = vp;
return -1;
}
Or... should I check another file ?
CMIIW
PD
On 3/14/2007, "Alan DeKok" <[EMAIL PROTECTED]> wrote:
>PD wrote:
>> I think the same too... cause expiration is not the new attribute.
>>
>> The expiration attribute itself working fine, the only problem is no
>> explanation to user when the system reject him/her.
>
> You can edit the code to produce the message, or run the CVS head.
>
> Alan DeKok.
>--
> http://deployingradius.com - The web site of the book
> http://deployingradius.com/blog/ - The blog
>-
>List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>
>
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
