Code review - alternative autz scheme for control sockets
Alan DeKok
aland at deployingradius.com
Mon Jan 26 20:42:22 CET 2015
On Jan 26, 2015, at 2:23 PM, A.L.M.Buxey at lboro.ac.uk wrote:
>
> just wondering why control-socket cant have a network port with eg TLS/auth'd access
> so you can do what it does remotely rather than locally? :-)
Because OpenSSL is crap.
One of the things Arran and I are working on is an IO abstraction layer. Right now it’s fairly hard to glue SSL into the control socket. With an IO layer, it will be trivial.
> would need a dedicated 'client; to interact with it..unless it was a 'virtual machine'
> that you could actually 'ssh into'
You could use “telnet” and “ssltunnel”.
Alan DeKok.
More information about the Freeradius-Devel
mailing list