On Thu, Aug 29, 2013 at 02:12:35PM +0100, Phil Mayers wrote: > Otherwise, you could look at the "verify { }" stanza of the "tls { > }" block in eap.conf; this allows you to run an external script once > you've got the client cert, and there you can write any code you > want to access the various issuer/subject fields.
Thanks, I'm already using it for other purposes. But do I have the request data at hand to check for the requested SSID? Or is there a way to set variables in this script to check later in the authorize section's modules (with an exec script)? -- Axel.Thimm at ATrpms.net - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html