Inheritance of eap.conf settings

Arran Cudbard-Bell a.cudbardb at freeradius.org
Wed Feb 12 17:51:36 CET 2014


On 12 Feb 2014, at 16:07, Jonathan Gazeley <jonathan.gazeley at bristol.ac.uk> wrote:

> Hi list,
> 
> I'm neatening up my sprawling FreeRADIUS config and I've noticed something strange.
> 
> Nothing uses the default eap.conf (and the default virtual server is disabled) but my understanding is that instantiations of the eap module, called like:
> 
> eap eduroameap {}
> 
> ... should inherit settings from eap.conf. In my eap.conf I've set:

Nope. Not at all.

> 
> dh_file = /etc/raddb/certs/dh
> random_file = /dev/urandom
> 
> And in my numerous EAP modules for various virtual servers, I've removed dh_file and random_file. Nothing complained about random_file being missing but apparently the dh_file being missing is an issue:
> 
> rlm_eap_tls: Unable to open DH file - (null)
> rlm_eap: Failed to initialize type tls
> /etc/raddb/modules/rainboweap[17]: Instantiation failed for module "rainboweap"
> /etc/raddb/sites-enabled/rainbow-inner[17]: Failed to find "rainboweap" in the "modules" section.
> /etc/raddb/sites-enabled/rainbow-inner[13]: Errors parsing authenticate section.
> 

Yes, fixed that already.

> How come random_file was inherited while dh_file wasn't? Or have I misunderstood how this works,

You have.

> inerheritance doesn't exist, and it's just that random_file has a default value if undefined while dh_file doesn't?

Yep.

-Arran

Arran Cudbard-Bell <a.cudbardb at freeradius.org>
FreeRADIUS Development Team

FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 881 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140212/87ccd577/attachment-0001.pgp>


More information about the Freeradius-Users mailing list