Hi,
I'm getting a segmentation fault when a user certificate is verified, OCSP is
switched on and OCSP responder does not set the next update.
Then in src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c
the OCSP_resp_find_status returns null for nextupd and
ASN1_GENERALIZEDTIME_print(bio_out, ne
W dniu 10-01-20 08:52, Alan DeKok pisze:
Maja Wolniewicz wrote:
A few changes in FreeRADIUS are needed to provide some configuration
variables to the hostap EAP library.
Could you send the changes as a patch? That way we can apply them to
the server, and make it easier for
W dniu 19.01.2010 15:06, Alan DeKok pisze:
> Stefan Winter wrote:
>> every now and then there's a mild interest on this list about enabling
>> EAP-FAST. In our eduroam R&D group, we are currently looking into
>> EAP-FAST, which naturally includes FreeRADIUS support. Is it worthwhile
>> posting our
After the upgrade from 2.1.6 to 2.1.7 my two servers died 3-4 times
daily with the following error:
Thu Sep 24 19:07:13 2009 : Error: Received conflicting packet from
client AP-8 port 32777 - ID: 240 due to unfinished request 2396. Giving
up on old request.
Thu Sep 24 19:07:13 2009 : Error: A
Alan DeKok pisze:
Maja Wolniewicz wrote:
Thanks. Now it works.
That's good to hear.
Yes, I want to add current realm to reply attribute
Chargeable-User-Identity which comes form LDAP.
When Chargeable-User-Identity attribute isn't present in request I want
to remove Charg
Alan DeKok pisze:
Maja Wolniewicz wrote:
I'm now running freeradius from CVS
FreeRADIUS Version 2.0.1-pre
in post-auth I have:
if ("%{FreeRADIUS-Proxied-To}" == "127.0.0.1") {
if ("%{Chargeable-User-Identity}") {
Please fix this. Putting double q
Alan DeKok pisze:
Maja Wolniewicz wrote:
According to RFC4372 CUI attribute in request can include a single NUL
character, then your test
if ("%{Chargeable-User-Identifier}") {
update reply {
Chargeable-User-Identifier =
}
}
evaluates to false.
I've fi
Alan DeKok pisze:
Stefan Winter wrote:
(2.1)
If a home RADIUS server that supports the CUI attribute receives an
Access-Request packet containing a CUI (set to nul or otherwise), it
MUST include the CUI attribute in the Access-Accept packet.
That can be done via policy logic in "unlan
8 matches
Mail list logo