On 09/10/13 16:36, Arran Cudbard-Bell wrote:
On 9 Oct 2013, at 15:47, Alan DeKok <[email protected]> wrote:
Adam Bishop wrote:
It appears the debugging switches don't work quite as I'd expect in FreeRADIUS
3 when RadSec is configured.
Yes. Because of OpenSSL limitations, the server MUST have multiple
threads when using radsec.
Isn't it required for doing any RADIUS over TCP?
Perhaps architecturally, but not inherently; you could, at least in theory:
1. Receive 4-byte length
2. Sanity-check the length
3. Allocate buffer
4. Read on TCP socket non-blocking in normal select loop until you've
filled the buffer
5. Parse packet from buffer, dispatch packet
SSL presents the slight (ahem) complication of having to route the
read/write via a memory BIO and check for the "want read" / "want write"
state (same way EAP does).
So... it's almost certainly *easier* and more sanity-preserving from a
development PoV to use threads ;o)
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
