Deprecated features (was: Any objection to deleting support for"clients"?)

Alan DeKok aland at ox.org
Wed Jul 27 19:32:36 CEST 2005


"Thor Spruyt" <thor.spruyt at telenet.be> wrote:
> > * post_proxy_authorize
...
> Huh... my current v1.0.1 production servers have this set to "yes" and
> probably a lot of other people still have this set to "yes", since that's
> the default.

  That's OK.

> Regularly the advice of "only change the defaults if needed" is given.
> Therfore, I wouldn't just delete this configuration parameter or
> funtionality, but just change the default, so that users don't use it
> anymore over time!

  I'd say change both.  I'd like to update the server core to allow
more configurable calling of sections.  So the "post-proxy-authorize"
can morph into "when receiving a reply from a home server, use section
foo, and call the modules authorize function for each module listed in
that section"

  That kind of flexibility also allows you to automagically do
different things based on packet reply code, in a more flexible way
that the current "post-auth-type REJECT".

  Alan DeKok.



More information about the Freeradius-Devel mailing list