From: ben_gal@libero.it
To: linux-ppp@vger.kernel.org
Subject: Re: Client requesting its authentication
Date: Sun, 27 Feb 2005 10:07:38 +0000 [thread overview]
Message-ID: <20050227100738.GA4752@ytsejam> (raw)
In-Reply-To: <20050224162619.GB5787@ytsejam>
On Thu, Feb 24, 2005 at 01:53:20PM -0500, James Carlson wrote:
> That said, I see the point now, and, no, there's no option that
> currently does that. You'll need to add one or, better yet, make pppd
> just do that by default when EAP TLS client side is configured.
I resolved with this code in auth.c , link_established():
if(need_peer_eap && !ao->neg_eap) {
warn("eap required to authenticate us but no suitable secrets");
lcp_close(unit, "couldn't negotiate eap");
status = EXIT_AUTH_TOPEER_FAILED;
return;
}
if (need_peer_eap && !ho->neg_eap){
warn("peer doesn't want to authenticate us with eap");
lcp_close(unit, "couldn't negotiate eap");
status = EXIT_PEER_AUTH_FAILED;
return;
}
So if the need_peer_eap option is used the eap authentication can't
be skipped.
I don't use LCP Configure-Nak because, as you noticed, if the peer
doesn't ask eap, probably won't accept the suggestion.
Hi.
prev parent reply other threads:[~2005-02-27 10:07 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-02-24 16:26 Client requesting its authentication ben_gal
2005-02-24 16:37 ` James Carlson
2005-02-24 17:30 ` ben_gal
2005-02-24 17:43 ` James Carlson
2005-02-24 17:43 ` Bill Unruh
2005-02-24 17:48 ` James Carlson
2005-02-24 18:08 ` ben_gal
2005-02-24 18:15 ` James Carlson
2005-02-24 18:35 ` ben_gal
2005-02-24 18:53 ` James Carlson
2005-02-24 19:02 ` ben_gal
2005-02-24 21:27 ` Bill Unruh
2005-02-24 21:33 ` Bill Unruh
2005-02-24 21:36 ` James Carlson
2005-02-24 22:04 ` ben_gal
2005-02-24 22:16 ` Bill Unruh
2005-02-24 22:18 ` Bill Unruh
2005-02-24 22:28 ` ben_gal
2005-02-24 22:36 ` James Carlson
2005-02-24 22:38 ` Bill Unruh
2005-02-24 22:48 ` Bill Unruh
2005-02-24 22:53 ` ben_gal
2005-02-24 23:00 ` Bill Unruh
2005-02-25 12:52 ` James Carlson
2005-02-27 10:07 ` ben_gal [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20050227100738.GA4752@ytsejam \
--to=ben_gal@libero.it \
--cc=linux-ppp@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).