subject:"\[awful patch\] Multiple levels of TLS nesting is invalid."

Re: [awful patch] "Multiple levels of TLS nesting is invalid."

2008-10-17 Thread Alan DeKok

Matt Bernstein wrote: > By this point we've correctly walked from default -> dcs -> dcs-inner. > But.. as dcs-inner invokes rlm_ldap, it's using the wrong ldap instance: ... > rlm_ldap: Entering ldap_groupcmp() > [dcs-inner-files] expand: dc=maths,dc=qmul,dc=ac,dc=uk -> > dc=maths,dc=qmul,dc=ac

Re: [awful patch] "Multiple levels of TLS nesting is invalid."

2008-10-17 Thread Matt Bernstein

At 14:19 +0200 Alan DeKok wrote: I have run into another bug: if I instantiate rlm_ldap in my servers "dcs-inner" and "maths-inner", it seems to use the base DN for "maths-inner" (instantiated second) for queries from "dcs-inner". As always, debug mode. By this point we've correctly walked

Re: [awful patch] "Multiple levels of TLS nesting is invalid."

2008-10-17 Thread Matt Bernstein

At 14:19 +0200 Alan DeKok wrote: Matt Bernstein wrote: We will have multiple server certificates; our departments are rather independent here. Ugh. There's not really any good reason for this. If the departmental certs are signed by a university CA, then you can still get away with one ser

Re: [awful patch] "Multiple levels of TLS nesting is invalid."

2008-10-17 Thread Alan DeKok

Matt Bernstein wrote: > We will have multiple server certificates; our departments are rather > independent here. Ugh. There's not really any good reason for this. If the departmental certs are signed by a university CA, then you can still get away with one server instance. >> update

Re: [awful patch] "Multiple levels of TLS nesting is invalid."

2008-10-17 Thread Matt Bernstein

On Oct 15 Alan DeKok wrote: Matt Bernstein wrote: So saith FreeRADIUS 2.1.1, but I wasn't trying to do multiple levels of TLS nesting. I'm trying to use virtual servers so that a single radiusd can terminate TTLS/PEAP for multiple subrealms, _and_ use the inner-tunnel trick, keeping the configs

Re: [awful patch] "Multiple levels of TLS nesting is invalid."

2008-10-15 Thread Alan DeKok

Matt Bernstein wrote: > So saith FreeRADIUS 2.1.1, but I wasn't trying to do multiple levels of > TLS nesting. I'm trying to use virtual servers so that a single radiusd > can terminate TTLS/PEAP for multiple subrealms, _and_ use the > inner-tunnel trick, keeping the configs completely independent

Re: [awful patch] "Multiple levels of TLS nesting is invalid."

2008-10-14 Thread A . L . M . Buxey

hi, hmmm, something about that process and flow doesnt sound right at all. alan - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

[awful patch] "Multiple levels of TLS nesting is invalid."

2008-10-14 Thread Matt Bernstein

So saith FreeRADIUS 2.1.1, but I wasn't trying to do multiple levels of TLS nesting. I'm trying to use virtual servers so that a single radiusd can terminate TTLS/PEAP for multiple subrealms, _and_ use the inner-tunnel trick, keeping the configs completely independent for each subrealm. This al

Re: [awful patch] "Multiple levels of TLS nesting is invalid."

Re: [awful patch] "Multiple levels of TLS nesting is invalid."

Re: [awful patch] "Multiple levels of TLS nesting is invalid."

Re: [awful patch] "Multiple levels of TLS nesting is invalid."

Re: [awful patch] "Multiple levels of TLS nesting is invalid."

Re: [awful patch] "Multiple levels of TLS nesting is invalid."

Re: [awful patch] "Multiple levels of TLS nesting is invalid."

[awful patch] "Multiple levels of TLS nesting is invalid."

8 matches

Site Navigation

Mail list logo

Footer information