On 24.1.2017 14.58, Hartmaier Alexander wrote:
On 2017-01-24 12:57, Heikki Vatiainen wrote:
I think we'll need to think about an interface for this. This
discussion has been useful to understanding the custom use cases, so
rather than moving it, I' say it's better to provide a documented call
or similar to do this.
That would be great! Can you name a timeframe how soon you would have a
patch for us to decide if we implement the current solution or wait for
the documented one?
Getting back to this: The current Radiator 4.17 patch set includes
eaptls_resume_post_auth_hook.pl in goodies that shows how to customise
authentication results. What the sample hook shows should be more simple
and better way to do what we discussed earlier. It also does away the
need to know about how internals that could change in the future.
The example shows how to work with non-resumed and resumed TLS sessions.
There's no need to call any of the Net::SSLeay methods since the context
now has the necessary information about how and if the resumption was done.
Thanks,
Heikki
--
Heikki Vatiainen <h...@open.com.au>
Radiator: the most portable, flexible and configurable RADIUS server
anywhere. SQL, proxy, DBM, files, LDAP, NIS+, password, NT, Emerald,
Platypus, Freeside, TACACS+, PAM, external, Active Directory, EAP, TLS,
TTLS, PEAP, TNC, WiMAX, RSA, Vasco, Yubikey, MOTP, HOTP, TOTP,
DIAMETER etc. Full source on Unix, Windows, MacOSX, Solaris, VMS,
NetWare etc.
_______________________________________________
radiator mailing list
radiator@lists.open.com.au
http://lists.open.com.au/mailman/listinfo/radiator
