Certificate Properties.

Andrew Olson anolson at gmail.com
Fri May 2 20:23:54 CEST 2008


So, I managed to find the place where the certificate gets taken
apart.  I added some code to parse out the serialNumber and put it
back onto the request.  I'd like to be able to do some processing
later with Perl.  However, it appears that appears that my Perl module
isn't getting called where I want it to.

SSL Connection Established
  eaptls_process returned 13
++[eap] returns handled
        EAP-Message =
0x010900350d800000002b14030100010116030100202bb95c025a504e497064ffa66b4138307aa4cc22c4b46b5da74712ad8553ce74
        Message-Authenticator = 0x00000000000000000000000000000000
        State = 0xbe08af5fb801a2c65b78155ec5f3f1cf
Finished request 7.

I would like to have my Perl authenticate method called after
eaptls_process is done.  I gather that since eap returns "handled"
that no more processing is done.  I'm pretty sure that I have Perl
configured correctly, since it gets called on other requests.  Am I
missing something?  If I ever get this working, I'll post the patch.

Thanks,
Andrew Olson


On Tue, Apr 29, 2008 at 3:50 AM, Alan DeKok <aland at deployingradius.com> wrote:
>
> Andrew Olson wrote:
>  > Are there attributes available to get at properties of a certificate.
>  > I want to look at properties like Subject DN, Serial number, etc.
>  >
>  > So, somewhere in the FR config, I could do something like
>  > '%{cert-serial-number} == blah'.
>
>   No.  As always, patches are welcome.
>
>   Alan DeKok.
>  -
>  List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
>



More information about the Freeradius-Users mailing list