Use session[s].opened consistently when checking for in-use sessions (rather than...

[l2tpns.git] / radius.c

diff --git a/radius.c b/radius.c
index 76c8a2e..1bbb65a 100644 (file)
--- a/radius.c
+++ b/radius.c
@@ -1,6 +1,6 @@
 // L2TPNS Radius Stuff
 
-char const *cvs_id_radius = "$Id: radius.c,v 1.20 2004/12/16 08:49:53 bodea Exp $";
+char const *cvs_id_radius = "$Id: radius.c,v 1.20.2.1 2005/02/14 05:56:38 bodea Exp $";
 
 #include <time.h>
 #include <stdio.h>
@@ -480,6 +480,9 @@ void processrad(uint8_t *buf, int len, char socket_index)
                                                session[s].ip_pool_index = -1;
                                                LOG(3, s, session[s].tunnel, "   Radius reply contains IP address %s\n",
                                                        fmtaddr(htonl(session[s].ip), 0));
+
+                                               if (session[s].ip == 0xFFFFFFFE)
+                                                       session[s].ip = 0; // assign from pool
                                        }
                                        else if (*p == 135)
                                        {
@@ -633,8 +636,8 @@ void processrad(uint8_t *buf, int len, char socket_index)
                        }
                        else if (*buf == 3)
                        {
-                               LOG(2, s, session[s].tunnel, "   Authentication denied for %s\n", session[s].user);
-//FIXME: We should tear down the session here!
+                               LOG(2, s, session[s].tunnel, "   Authentication rejected for %s\n", session[s].user);
+                               sessionkill(s, "Authentication rejected");
                                break;
                        }
 
@@ -675,6 +678,7 @@ void radiusretry(uint16_t r)
 
        if (s)
                t = session[s].tunnel;
+
        radius[r].retry = backoff(radius[r].try + 1);
        switch (radius[r].state)
        {