[EXT] Re: query on freeradius-server ocsp function and rlm_unbound
SIMON BABY
simonkbaby at gmail.com
Wed Aug 19 21:12:39 CEST 2020
Thank you Julin
Regards
Simon
On Wed, Aug 19, 2020 at 12:06 PM Brian Julin <BJulin at clarku.edu> wrote:
>
> SIMON BABY <simonkbaby at gmail.com> wrote:
> > I was looking into the openssl code flow to understand how the DNS
> > resolution is handled inside OpenSSL. I see the API below but could not
> > find the final DNS resolution code. Could you please send me some part of
> > the code/APIs/files I can start looking into?
>
> It is almost certain that openSSL uses OS services to resolve. If your
> RADIUS server
> does not need to look up non-DNSSec hostnames, you could shortcut
> this whole problem by setting up the server to use unbound as its local
> DNS resolver and configuring it to secure-only lookups, or point it to an
> unbound
> resolver on another (securely connected) machine which is configured as
> such.
>
> You'd probably want to ask on an OpenSSL group for answers to those other
> questions.
>
>
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list