new parameter max_challenge limits number of Access-Challenges

Force authentication failure when a certain amount of challenges has been reached. This is a workaround for buggy servers that keep issueing challenges, when they should really send Access-Reject. The limit is configurable through parameter "max_challenge". The default is 0, which means the workaround is disabled. An invalid or negative value also disables this workaround.
author: Walter de Jong <walter.dejong@surfsara.nl> 2014-08-29 12:06:46 +0200
committer: Walter de Jong <walter.dejong@surfsara.nl> 2014-08-29 12:06:46 +0200
commit: fabeb81842796838035b64734e53a28463df50f6 (patch)
tree: e66f59f8ed00196d26288d4e765038822f45e8a7 /src/pam_radius_auth.h
parent: 11f7b466de43f62e6850997887d2f52a12a005ec (diff)
download: libpam-radius-auth-fabeb81842796838035b64734e53a28463df50f6.tar.gz
libpam-radius-auth-fabeb81842796838035b64734e53a28463df50f6.zip
1 files changed, 1 insertions, 0 deletions
diff --git a/src/pam_radius_auth.h b/src/pam_radius_auth.h
index b1ade51..74450e2 100644
--- a/src/pam_radius_auth.h
+++ b/src/pam_radius_auth.h
@@ -70,6 +70,7 @@ typedef struct radius_conf_t {
 	int localifdown;
 	char *client_id;
 	int accounting_bug;
+	int max_challenge;
 	int sockfd;
 	int debug;
 	char prompt[MAXPROMPT];
author	Walter de Jong <walter.dejong@surfsara.nl>	2014-08-29 12:06:46 +0200
committer	Walter de Jong <walter.dejong@surfsara.nl>	2014-08-29 12:06:46 +0200
commit	fabeb81842796838035b64734e53a28463df50f6 (patch)
tree	e66f59f8ed00196d26288d4e765038822f45e8a7 /src/pam_radius_auth.h
parent	11f7b466de43f62e6850997887d2f52a12a005ec (diff)
download	libpam-radius-auth-fabeb81842796838035b64734e53a28463df50f6.tar.gz libpam-radius-auth-fabeb81842796838035b64734e53a28463df50f6.zip