diff options
author | jim-p <jimp@pfsense.org> | 2013-02-13 15:54:27 -0500 |
---|---|---|
committer | jim-p <jimp@pfsense.org> | 2013-02-13 15:55:55 -0500 |
commit | bddd2be844d8f485ef41145c6384b7cacb74a944 (patch) | |
tree | dce329c6884c29aa7d7a7826826e1cd9fcb76032 /etc/inc/auth.inc | |
parent | bcb165e66b703bbfa273b7d6317ad952ac07b7e1 (diff) | |
download | pfsense-bddd2be844d8f485ef41145c6384b7cacb74a944.zip pfsense-bddd2be844d8f485ef41145c6384b7cacb74a944.tar.gz |
Add a knob in the GUI to set the RADIUS authentication timeout. Previous default was 3s, new is 5s. When using two-factor auth via external (e.g. phone), this needs to be set much higher, 60-120.
Diffstat (limited to 'etc/inc/auth.inc')
-rw-r--r-- | etc/inc/auth.inc | 7 |
1 files changed, 5 insertions, 2 deletions
diff --git a/etc/inc/auth.inc b/etc/inc/auth.inc index 56a55eb..d59ee70 100644 --- a/etc/inc/auth.inc +++ b/etc/inc/auth.inc @@ -1146,12 +1146,15 @@ function radius_backed($username, $passwd, $authcfg, &$attributes = array()) { $radiusservers[0]['ipaddr'] = $authcfg['host']; $radiusservers[0]['port'] = $authcfg['radius_auth_port']; $radiusservers[0]['sharedsecret'] = $authcfg['radius_secret']; + $radiusservers[0]['timeout'] = $authcfg['radius_timeout']; } else return false; /* Add a new servers to our instance */ - foreach ($radiusservers as $radsrv) - $rauth->addServer($radsrv['ipaddr'], $radsrv['port'], $radsrv['sharedsecret']); + foreach ($radiusservers as $radsrv) { + $timeout = (is_numeric($radsrv['timeout'])) ? $radsrv['timeout'] : 5; + $rauth->addServer($radsrv['ipaddr'], $radsrv['port'], $radsrv['sharedsecret'], $timeout); + } if (PEAR::isError($rauth->start())) { $retvalue['auth_val'] = 1; |