TLS failover behaviour and a backtrace if want it.
aland at deployingradius.com
Wed Nov 20 14:32:31 CET 2019
On Nov 20, 2019, at 8:21 AM, FRANKS, Andy (SHREWSBURY AND TELFORD HOSPITAL NHS TRUST) via Freeradius-Users <freeradius-users at lists.freeradius.org> wrote:
> That worked fine.
Good to hear.
> Please say if you need the full pre-crash output, I've chopped it to what I thought was needed.
No, that's OK.
> The crash happens when you get to the "no more servers available", be that the only 1 server in the pool that's down, or 2 that are both down etc. Hopefully unlikely in production anyway!
I happens. *Anything* can happen with RADIUS :(
> Using radsec exclusively for forwarding, just in case it's relevant, no tried with udp/tcp.
> By the way, not worth another mail I don't think; I noticed something else tiny in the output that might need sorting, a typo really:
> In the warning message about not setting the tls version to 1.2 for radsec, it says :
> Please set: min_tls_version = "1.2"
? The code is:
$ git grep 'Please set'
src/main/tls.c: WARN("Please set: tls_min_version = \"1.2\"");
So that seems OK.
> Anyway the crash, hope it's more use this time..
Yes. I've pushed a fix.
More information about the Freeradius-Users