rlm_ldap & TCP KeepAlive

John Dennis jdennis at redhat.com
Fri Apr 30 15:59:21 CEST 2010

On 04/30/2010 09:26 AM, Alan DeKok wrote:
> Fred MAISON wrote:
>> I am interested with John's patches.
>> Where are they available ?
>    fedorasource CVS.

It the file called "freeradius-1.1.7-ipa.patch"

So here are some caveats:

It was never deployed, thus it's only had minimal testing.

I took a quick look at the patch yesterday and I see it has both sasl 
and krb5 support I don't recall the reasoning why.

The krb5 code should be reviewed by our kerberos guru because using krb5 
is not always intuitive and it's easy to make a mistake, that review has 
not been done yet.

The code to load the NAS client list is independent of authentication 
support in the same patch, however I seem to recall it was tied pretty 
closely to the NAS client code in 1.1.7, that might need to be 
reexamined for the 2.x code base, also I think some of the code in 
rlm_ldap has changed in 2.x.

I'd like to port the patch to 2.x and get it reviewed internally, I just 
don't have the cycles at the moment.

John Dennis <jdennis at redhat.com>

Looking to carve out IT costs?

More information about the Freeradius-Devel mailing list