Alan DeKok <aland@deployingradius.com> wrote:
Another patch that Alan will no doubt neglect, others might find it useful though.
Already in 2.1.10, via another patch. This functionality is having enough demand that it's worth doing.
The Little Tin God known as 'Efficiency' is displeased with your patch... *Two* if() statements and two additional pointers, -3 to wisdom. :) Although I do now ponder why I bothered doing an 'upper' function in my patch. Now, if you could rewrite all your calls to the OpenSSL library code to use EVP functions instead I would be able to use my crypto-accelerators, then I say you are ready for a point release. On a serious note would that be a case of me having to do this if I wanted it? The reason I ask is that I have put FreeRADIUS on an OpenRD[1] (replacing the old 600W Dull boxen we have with a £200 7W nicety) and although regular non-EAP requests are fast I think the EAP ones are alot more expensive CPU wise due to the SSL overhead. Of course I have not profiled anything yet (do you have any profiling data supporting this or do I need to generate my own?) so could be wrong. Anyway, as with most ARM/MIPS SoC's they come with lots of goodies, including hardware crypto. I got OpenSSL using it which is nice, however I then discovered the hard way that FreeRADIUS does not use the EVP functions in OpenSSL and so offload engines cannot be used. Would you accept a change like this, or would I be wasting my time trying to submit this sort of thing? Cheers [1] http://www.marvell.com/platforms/open_rd.html -- Alexander Clouter .sigmonster says: Don't look back, the lemmings are gaining on you.