OCSP

2012-07-30 Thread Maja Wolniewicz
Hi, I'm getting a segmentation fault when a user certificate is verified, OCSP is switched on and OCSP responder does not set the next update. Then in src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c the OCSP_resp_find_status returns null for nextupd and ASN1_GENERALIZEDTIME_print(bio_out, ne

Re: EAP-FAST

2010-01-20 Thread Maja Wolniewicz
W dniu 10-01-20 08:52, Alan DeKok pisze: Maja Wolniewicz wrote: A few changes in FreeRADIUS are needed to provide some configuration variables to the hostap EAP library. Could you send the changes as a patch? That way we can apply them to the server, and make it easier for

Re: EAP-FAST

2010-01-19 Thread Maja Wolniewicz
W dniu 19.01.2010 15:06, Alan DeKok pisze: > Stefan Winter wrote: >> every now and then there's a mild interest on this list about enabling >> EAP-FAST. In our eduroam R&D group, we are currently looking into >> EAP-FAST, which naturally includes FreeRADIUS support. Is it worthwhile >> posting our

ASSERT FAILED event.c in 2.1.7

2009-09-25 Thread Maja Wolniewicz
After the upgrade from 2.1.6 to 2.1.7 my two servers died 3-4 times daily with the following error: Thu Sep 24 19:07:13 2009 : Error: Received conflicting packet from client AP-8 port 32777 - ID: 240 due to unfinished request 2396. Giving up on old request. Thu Sep 24 19:07:13 2009 : Error: A

Re: Support for RFC4372 (Chargeable User Identity)

2008-01-21 Thread Maja Wolniewicz
Alan DeKok pisze: Maja Wolniewicz wrote: Thanks. Now it works. That's good to hear. Yes, I want to add current realm to reply attribute Chargeable-User-Identity which comes form LDAP. When Chargeable-User-Identity attribute isn't present in request I want to remove Charg

Re: Support for RFC4372 (Chargeable User Identity)

2008-01-21 Thread Maja Wolniewicz
Alan DeKok pisze: Maja Wolniewicz wrote: I'm now running freeradius from CVS FreeRADIUS Version 2.0.1-pre in post-auth I have: if ("%{FreeRADIUS-Proxied-To}" == "127.0.0.1") { if ("%{Chargeable-User-Identity}") { Please fix this. Putting double q

Re: Support for RFC4372 (Chargeable User Identity)

2008-01-21 Thread Maja Wolniewicz
Alan DeKok pisze: Maja Wolniewicz wrote: According to RFC4372 CUI attribute in request can include a single NUL character, then your test if ("%{Chargeable-User-Identifier}") { update reply { Chargeable-User-Identifier = } } evaluates to false. I've fi

Re: Support for RFC4372 (Chargeable User Identity)

2008-01-15 Thread Maja Wolniewicz
Alan DeKok pisze: Stefan Winter wrote: (2.1) If a home RADIUS server that supports the CUI attribute receives an Access-Request packet containing a CUI (set to nul or otherwise), it MUST include the CUI attribute in the Access-Accept packet. That can be done via policy logic in "unlan