3.0.x: persistent TLS session cache
Alan DeKok
aland at deployingradius.com
Mon Feb 3 16:23:19 CET 2014
Stefan Winter wrote:
> 9b8b9b86357428cced36cd4aac564d9b17a6258cd84cf070b38a974eb563f62c to cache
> SSL: could not open session file
> %{logdir}/tlscache-eduroam-users/9b8b9b86357428cced36cd4aac564d9b17a6258cd84cf070b38a974eb563f62c.asn1:
That filename isn't dynamically expanded. You need to use ${logdir}
> Well, I used %{logdir} in my persist_dir setting in the config alright,
It's probably wrong.
> but... looking at the code, this debug message prints exactly what's
> being used for the open() call - so %{logdir} should have been expanded
> to the literal path, right?
>
> Is there some xlat() missing here?
Maybe.
You also need to separate *configuration* variables from *request*
variables. The configuration variables are static, and read from the
config files. They're ${foo}. The request variables are dynamic, and
change with every request. They're all %{foo}
%{logdir} is wrong. It's interpreted as a request attribute. But the
'logdir' attribute doesn't exist, so it expands to nothing.
%{User-Name} is very different from ${logdir}.
Alan DeKok.
More information about the Freeradius-Devel
mailing list