new parameter max_challenge limits number of Access-Challenges

Force authentication failure when a certain amount of challenges has been reached. This is a workaround for buggy servers that keep issueing challenges, when they should really send Access-Reject. The limit is configurable through parameter "max_challenge". The default is 0, which means the workaround is disabled. An invalid or negative value also disables this workaround.
author: Walter de Jong <walter.dejong@surfsara.nl> 2014-08-29 12:06:46 +0200
committer: Walter de Jong <walter.dejong@surfsara.nl> 2014-08-29 12:06:46 +0200
commit: fabeb81842796838035b64734e53a28463df50f6 (patch)
tree: e66f59f8ed00196d26288d4e765038822f45e8a7 /USAGE
parent: 11f7b466de43f62e6850997887d2f52a12a005ec (diff)
download: libpam-radius-auth-fabeb81842796838035b64734e53a28463df50f6.tar.gz
libpam-radius-auth-fabeb81842796838035b64734e53a28463df50f6.zip
1 files changed, 4 insertions, 0 deletions
diff --git a/USAGE b/USAGE
index 48f49b4..d2694f3 100644
--- a/USAGE
+++ b/USAGE
@@ -91,5 +91,9 @@ prompt=string  - Specifies the prompt, without the ': ', that PAM should
                  relevant string different from Password) in this
                  situation.
 
+max_challenge=# - configure maximum number of challenges that a server
+                  may request. This is a workaround for broken servers
+                  and disabled by default.
+
 ---------------------------------------------------------------------------
author	Walter de Jong <walter.dejong@surfsara.nl>	2014-08-29 12:06:46 +0200
committer	Walter de Jong <walter.dejong@surfsara.nl>	2014-08-29 12:06:46 +0200
commit	fabeb81842796838035b64734e53a28463df50f6 (patch)
tree	e66f59f8ed00196d26288d4e765038822f45e8a7 /USAGE
parent	11f7b466de43f62e6850997887d2f52a12a005ec (diff)
download	libpam-radius-auth-fabeb81842796838035b64734e53a28463df50f6.tar.gz libpam-radius-auth-fabeb81842796838035b64734e53a28463df50f6.zip