2011/10/25 Fred <fred.maison@gmail.com>:
Phil, Yes, I am sure, but I don't have traces on hand... I will try to get some radiusd -X on 2.1.11 ASAP, as I can't do it now because I try to find a solution as I have to restart production in the next few hours ... Anyway, Thank a lot for your kind help attempts. Fred
2011/10/25 Phil Mayers <p.mayers@imperial.ac.uk>:
On 25/10/11 16:10, Fred wrote:
cache { enable = no lifetime = 6 max_entries = 8192 name = "A" } } rlm_eap: SSL error error:140DB111:SSL routines:SSL_CTX_set_session_id_context:ssl session id context too long
I don't know why this isn't working. The un-patched 2.1.12 code builds the "session id context" as:
"FreeRADIUS EAP-TLS %s" eap->tls->cache->name
If "name" is a one-char string, that should be <32 characters which is the value of SSL_MAX_SSL_SESSION_ID_LENGTH (on my system).
Sorry. Can't help. Try the patch and see if it works.
Maybe this isn't your problem; are you SURE it works using the EXACT same config under 2.1.11? - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html