On 14/04/11 12:07, Phil Mayers wrote:
On 13/04/11 16:22, Alan DeKok wrote:Phil Mayers wrote:Actually, I was just testing this and proxying the inner EAP-MSCHAPv2 as plain MS-CHAPv2 seems to be broken, at least in my testing. It doesn't crash the server, but equally it doesn't pass the S=XXX success back correctly either, so the client does a PEAP reject.Hmm... OK.Ok; the problem seems to be that mschap_postproxy is never run, because the "eap" module in the inner-tunnel is returning NOOP. AFAICT this can only happen if "request->proxy_reply == NULL", but I don't see how that can be.
The attached patch seems to fix it.
proxy-mschap.patch.gz
Description: GNU Zip compressed data
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html