On 29/02/16 15:22, Alan DeKok wrote:
On Feb 29, 2016, at 10:09 AM, Jonathan Gazeley <Jonathan.Gazeley@bristol.ac.uk> wrote:
cache cache_tls_session { driver = "rlm_cache_rbtree" key = &TLS-Session-Id
Which is the *outer* TLS-Sesson-Id.
Thanks - hadn't realised this.
i.e. you can't use the module inside of the TLS tunnel, because the TLS-Session-Id doesn't exist. That's why the module is failing.
So... you've got to copy it:
I added code as you suggested. It seems to be unable to copy the TLS-Session-Id attribute. The following was executed in inner post-auth section, but also choked with the same result when being executed in the inner authorize section. (8) update request { (8) TLS-Session-Id skipped: No values available (8) } # update request (noop) (8) cache_tls_session (fail) Any suggestions? Thanks, Jonathan