Hi, I just noticed something unintuitive when trying to enforce the presence of Message-Authenticator on a server which has FreeRADIUS 2.2.0 as a proxying client.
In proxy.conf, home_server section, there is very strong wording that require_message_authenticator is good; and the default as spelt out in the config file is =yes. My config simply omits the keyword entirely. With all those nice words about how good it is I was somewhat expecting it to default to yes in the code as well and set require = yes on the clients.conf on the receiving end. If omitted, the code sets it to NULL though, which seems to be a "no". Of course I'm fixing my config by making the yes explicit - but maybe adapting the defaults in realms.c might be a little more consistent behaviour. Greetings, Stefan Winter -- Stefan WINTER Ingenieur de Recherche Fondation RESTENA - Réseau Téléinformatique de l'Education Nationale et de la Recherche 6, rue Richard Coudenhove-Kalergi L-1359 Luxembourg Tel: +352 424409 1 Fax: +352 422473
signature.asc
Description: OpenPGP digital signature
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html