Jérôme BERTHIER wrote: > When no cache is enabled on radius (eap.conf / cache / enable=no), > clients using NetworkManager are not able to re-negociate > authentification because they are always trying to resume their session.
Maybe I'm missing something... those clients worked with 2.0.5, didn't they? If you disable the session cache, then OpenSSL should tell the clients during SSL negotiation that sessions can't be resumed. FreeRADIUS sets the "no cache" flag in OpenSSL. But... that flag wasn't set in earlier versions of FreeRADIUS. So maybe setting it causes OpenSSL to *allow* session resumption? I don't know... OpenSSL is *weird*. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
