On 13/05/2011 10:05, "Alan DeKok" <[log in to unmask]> wrote:
> I've pushed changes to the git "master" branch which enable RadSec to
>work.
>
> So far, all I've done is to test the server proxying to itself. i.e.
>opening an outgoing radsec connection, then accepting it, and doing TLS.
>
> Please download && test it.
>
> For now, it only accepts one type of packet on a RadSec socket, so
>doing "auth+acct" is not possible. That can be fixed later.
>
> I *believe* that the code is stable. 90% of it is the pre-existing
>rlm_eap_tls code, which has been moved to the server core. The rest is
>a bit of "glue" code to tie the TLS code into the sockets.
>
> The result is that the TLS configuration is *identical* in EAP-TLS and
>in RadSec. Even better, all of the features of EAP-TLS, like
>certificate checking, OCSP, etc. are automatically features of RadSec.
>
> Alan DeKok.
>-
>List info/subscribe/unsubscribe? See
>http://www.freeradius.org/list/devel.html
JANET(UK) is a trading name of The JNT Association, a company limited
by guarantee which is registered in England under No. 2881024
and whose Registered Office is at Lumen House, Library Avenue,
Harwell Oxford, Didcot, Oxfordshire. OX11 0SG
|