rlm_ldap & TCP KeepAlive
jdennis at redhat.com
Fri Apr 30 15:59:21 CEST 2010
On 04/30/2010 09:26 AM, Alan DeKok wrote:
> Fred MAISON wrote:
>> I am interested with John's patches.
>> Where are they available ?
> fedorasource CVS.
It the file called "freeradius-1.1.7-ipa.patch"
So here are some caveats:
It was never deployed, thus it's only had minimal testing.
I took a quick look at the patch yesterday and I see it has both sasl
and krb5 support I don't recall the reasoning why.
The krb5 code should be reviewed by our kerberos guru because using krb5
is not always intuitive and it's easy to make a mistake, that review has
not been done yet.
The code to load the NAS client list is independent of authentication
support in the same patch, however I seem to recall it was tied pretty
closely to the NAS client code in 1.1.7, that might need to be
reexamined for the 2.x code base, also I think some of the code in
rlm_ldap has changed in 2.x.
I'd like to port the patch to 2.x and get it reviewed internally, I just
don't have the cycles at the moment.
John Dennis <jdennis at redhat.com>
Looking to carve out IT costs?
More information about the Freeradius-Devel