9 Feb
2012
9 Feb
'12
10:42 a.m.
Matthew Newton wrote:
If the tls config HAS to be called common_tls, inside the eap module, then there's no need for the "tls=" entry any more - which could be another way of doing it, albeit slightly less flexible.
There may be use-cases where multiple virtual servers can share the same TLS configuration. Permitting a layer of indirection doesn't cost much, and is useful.
The HARD thing about this is now the TLS configuration will be loaded multiple times. Once each for EAP-TLS, TTLS, and PEAP. Finding a way to avoid that would be good.
Agreed.
I have a simple way. :) Get me a patch as suggested, and fixing the "loading certs twice" problem is another ~5 lines of code. Alan DeKok.