Code review - alternative autz scheme for control sockets
Inviting comments from the community on this one too: https://github.com/FreeRADIUS/freeradius-server/pull/892 Arran Cudbard-Bell <a.cudbardb@freeradius.org> FreeRADIUS development team FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2
Hi,
Inviting comments from the community on this one too:
just wondering why control-socket cant have a network port with eg TLS/auth'd access so you can do what it does remotely rather than locally? :-) would need a dedicated 'client; to interact with it..unless it was a 'virtual machine' that you could actually 'ssh into' alan
On Jan 26, 2015, at 2:23 PM, A.L.M.Buxey@lboro.ac.uk wrote:
just wondering why control-socket cant have a network port with eg TLS/auth'd access so you can do what it does remotely rather than locally? :-)
Because OpenSSL is crap. One of the things Arran and I are working on is an IO abstraction layer. Right now it’s fairly hard to glue SSL into the control socket. With an IO layer, it will be trivial.
would need a dedicated 'client; to interact with it..unless it was a 'virtual machine' that you could actually 'ssh into'
You could use “telnet” and “ssltunnel”. Alan DeKok.
participants (3)
-
A.L.M.Buxey@lboro.ac.uk -
Alan DeKok -
Arran Cudbard-Bell