3.0.x: persistent TLS session cache
Stefan Winter
stefan.winter at restena.lu
Mon Feb 3 15:04:10 CET 2014
Hi,
now on 3.0.x to follow the die on exit code fixes... and found something
else:
I've configured TLS session caches in mods-enabled/eap. The directory to
cache sessions in exists, and with the user radiusd on the shell I can
touch files in that directory. And yet:
(3) eap_peap : TLS_accept: SSLv3 write finished A
(3) eap_peap : TLS_accept: SSLv3 flush data
SSL: adding session
9b8b9b86357428cced36cd4aac564d9b17a6258cd84cf070b38a974eb563f62c to cache
SSL: could not open session file
%{logdir}/tlscache-eduroam-users/9b8b9b86357428cced36cd4aac564d9b17a6258cd84cf070b38a974eb563f62c.asn1:
(3) eap_peap : (other): SSL negotiation finished successfully
SSL Connection Established
Well, I used %{logdir} in my persist_dir setting in the config alright,
but... looking at the code, this debug message prints exactly what's
being used for the open() call - so %{logdir} should have been expanded
to the literal path, right?
Is there some xlat() missing here?
Greetings,
Stefan Winter
--
Stefan WINTER
Ingenieur de Recherche
Fondation RESTENA - Réseau Téléinformatique de l'Education Nationale et
de la Recherche
6, rue Richard Coudenhove-Kalergi
L-1359 Luxembourg
Tel: +352 424409 1
Fax: +352 422473
PGP key updated to 4096 Bit RSA - I will encrypt all mails if the
recipient's key is known to me
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xC0DE6A358A39DC66
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0x8A39DC66.asc
Type: application/pgp-keys
Size: 3243 bytes
Desc: not available
URL: <http://lists.freeradius.org/pipermail/freeradius-devel/attachments/20140203/9e8585f5/attachment-0001.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 901 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freeradius.org/pipermail/freeradius-devel/attachments/20140203/9e8585f5/attachment-0001.pgp>
More information about the Freeradius-Devel
mailing list