require_message_authenticator when sending
Stefan Winter
stefan.winter at restena.lu
Tue Mar 19 11:18:20 CET 2013
Hi,
I just noticed something unintuitive when trying to enforce the presence of
Message-Authenticator on a server which has FreeRADIUS 2.2.0 as a proxying
client.
In proxy.conf, home_server section, there is very strong wording that
require_message_authenticator is good; and the default as spelt out in the
config file is =yes.
My config simply omits the keyword entirely. With all those nice words about
how good it is I was somewhat expecting it to default to yes in the code as
well and set require = yes on the clients.conf on the receiving end.
If omitted, the code sets it to NULL though, which seems to be a "no".
Of course I'm fixing my config by making the yes explicit - but maybe adapting
the defaults in realms.c might be a little more consistent behaviour.
Greetings,
Stefan Winter
--
Stefan WINTER
Ingenieur de Recherche
Fondation RESTENA - Réseau Téléinformatique de l'Education Nationale et de la Recherche
6, rue Richard Coudenhove-Kalergi
L-1359 Luxembourg
Tel: +352 424409 1
Fax: +352 422473
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 263 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20130319/767cfd80/attachment.pgp>
More information about the Freeradius-Users
mailing list