Re: Certificate patches for EAP TLS module

I think I understand the concern as to part 2 of Michael's patch proposal, but would that apply to incorporating part 1, extending the "check_cert_cn" functionality? Would it be useful rework and submit a patch that just addressed that? A first step? 

-Keith

On May 18, 2007, at 1:17 PM, Alan DeKok wrote:


Keith Moores wrote:

In trying to come up with a our own solution to the same problem I
discovered the following previous patch proposal by Michael Joosten
from 2005.

Incorporating this functionality would be greatly appreciated:

...

I couldn't find any comments on this (other than another person
interested in seeing it adopted), any chance this could make it into
a future version? 2.0?
I had some discussion with him off-list at the time. My main concern 
is that it always adds these attributes, even if they're not needed.

  I would prefer that the patch register dynamic callbacks for these
attributes, so that they cost nothing if they're not used.

  Alan DeKok.
--
  http://deployingradius.com       - The web site of the book
  http://deployingradius.com/blog/ - The blog
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/ users.html
This archive was generated by a fusion of Pipermail (Mailman edition) and MHonArc.