From 039c543ae7e98ff698818ea8887ec81d89253080 Mon Sep 17 00:00:00 2001 From: nickamon Date: Mon, 15 May 2017 14:10:21 -0400 Subject: [PATCH 1/2] Support for RADIUS Challenge with multiple servers The reception of a RADIUS challenge should not trigger RADIUS server failover. --- lib/buildreq.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/lib/buildreq.c b/lib/buildreq.c index fdcb2f4b..1a907393 100644 --- a/lib/buildreq.c +++ b/lib/buildreq.c @@ -117,7 +117,7 @@ int rc_aaa(rc_handle *rh, uint32_t client_port, VALUE_PAIR *send, VALUE_PAIR **r skip_count = 0; result = ERROR_RC; for (i=0; (i < aaaserver->max) && (result != OK_RC) && (result != REJECT_RC) - ; i++, now = rc_getctime()) + && (result != CHALLENGE_RC); i++, now = rc_getctime()) { if (aaaserver->deadtime_ends[i] != -1 && aaaserver->deadtime_ends[i] > start_time) { @@ -140,12 +140,12 @@ int rc_aaa(rc_handle *rh, uint32_t client_port, VALUE_PAIR *send, VALUE_PAIR **r if (result == TIMEOUT_RC && radius_deadtime > 0) aaaserver->deadtime_ends[i] = start_time + (double)radius_deadtime; } - if (result == OK_RC || result == REJECT_RC || skip_count == 0) + if (result == OK_RC || result == REJECT_RC || result == CHALLENGE_RC || skip_count == 0) goto exit; result = ERROR_RC; for (i=0; (i < aaaserver->max) && (result != OK_RC) && (result != REJECT_RC) - ; i++) + && (result != CHALLENGE_RC); i++) { if (aaaserver->deadtime_ends[i] == -1 || aaaserver->deadtime_ends[i] <= start_time) { From c6a0e29efa5f2a1a55e31a30f385e87150b64add Mon Sep 17 00:00:00 2001 From: nickamon Date: Mon, 15 May 2017 14:21:00 -0400 Subject: [PATCH 2/2] Declare a constant for a RADIUS challenge code --- include/freeradius-client.h | 1 + 1 file changed, 1 insertion(+) diff --git a/include/freeradius-client.h b/include/freeradius-client.h index 879de82b..2885c159 100644 --- a/include/freeradius-client.h +++ b/include/freeradius-client.h @@ -410,6 +410,7 @@ typedef struct value_pair #define OK_RC 0 #define TIMEOUT_RC 1 #define REJECT_RC 2 +#define CHALLENGE_RC 3 typedef struct send_data /* Used to pass information to sendserver() function */ {