Logging TLS versions for TTLS/EAP
Alan DeKok
aland at deployingradius.com
Sat Aug 12 18:43:28 CEST 2017
On Aug 12, 2017, at 2:56 PM, Sven Hartge <sven at svenhartge.de> wrote:
> To gather a deeper insight in what TLS versions are used by clients in
> our wireless network, I want to log what MAC address uses what TLS
> version (and maybe cipher algorithm, but that is secondary) during the
> PEAP or TTLS handshake.
>
> I guess a simple linelog would be sufficient for that task, but, I must
> confess, I am a bit lost on what attributes to use for the TLS version
> part, if there even *is* a way to log this information.
It's available in src/main/tls.c, see tls_session_information(). But it's not available as an attribute.
Alan DeKok.
More information about the Freeradius-Users
mailing list