From bddd2be844d8f485ef41145c6384b7cacb74a944 Mon Sep 17 00:00:00 2001
From: jim-p <jimp@pfsense.org>
Date: Wed, 13 Feb 2013 15:54:27 -0500
Subject: Add a knob in the GUI to set the RADIUS authentication timeout.
 Previous default was 3s, new is 5s. When using two-factor auth via external
 (e.g. phone), this needs to be set much higher, 60-120.

---
 etc/inc/auth.inc | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

(limited to 'etc/inc/auth.inc')

diff --git a/etc/inc/auth.inc b/etc/inc/auth.inc
index 56a55eb..d59ee70 100644
--- a/etc/inc/auth.inc
+++ b/etc/inc/auth.inc
@@ -1146,12 +1146,15 @@ function radius_backed($username, $passwd, $authcfg, &$attributes = array()) {
 		$radiusservers[0]['ipaddr'] = $authcfg['host'];
 		$radiusservers[0]['port'] = $authcfg['radius_auth_port'];
 		$radiusservers[0]['sharedsecret'] = $authcfg['radius_secret'];
+		$radiusservers[0]['timeout'] = $authcfg['radius_timeout'];
 	} else
 		return false;
 
 	/* Add a new servers to our instance */
-	foreach ($radiusservers as $radsrv)
-		$rauth->addServer($radsrv['ipaddr'], $radsrv['port'], $radsrv['sharedsecret']);
+	foreach ($radiusservers as $radsrv) {
+		$timeout = (is_numeric($radsrv['timeout'])) ? $radsrv['timeout'] : 5;
+		$rauth->addServer($radsrv['ipaddr'], $radsrv['port'], $radsrv['sharedsecret'], $timeout);
+	}
 
 	if (PEAR::isError($rauth->start())) {
 		$retvalue['auth_val'] = 1;
-- 
cgit v1.1