Additional EAP-TLS Logging Option

David Bird david at
Sat Aug 28 07:25:17 CEST 2010

On Fri, 2010-08-27 at 21:51 +0200, Alan DeKok wrote:
> Ross, Michael wrote:
> > Are there any thoughts about adding the patch from the 8/16 email to the FreeRADIUS baseline? 
>   Sorry for not responding earlier.  A variant of the patch has been
> added.  See the v2.1.x branch on
>   The patch creates client/server attributes from the certificate
> fields.  These attributes can be used for anything: policies, *or* logging.
>   This makes it slightly more complex to set up logging like it was in
> your patch.  But IMHO, it's a more correct approach.  The TLS module
> should do minimal logging, but it should enable you to do any logging
> you want.  The code in git does that.

Awesome! So, it followed more my suggestions :) I think this solution
will be more flexible for sure. 


More information about the Freeradius-Devel mailing list