Inheritance of eap.conf settings
Arran Cudbard-Bell
a.cudbardb at freeradius.org
Wed Feb 12 17:51:36 CET 2014
On 12 Feb 2014, at 16:07, Jonathan Gazeley <jonathan.gazeley at bristol.ac.uk> wrote:
> Hi list,
>
> I'm neatening up my sprawling FreeRADIUS config and I've noticed something strange.
>
> Nothing uses the default eap.conf (and the default virtual server is disabled) but my understanding is that instantiations of the eap module, called like:
>
> eap eduroameap {}
>
> ... should inherit settings from eap.conf. In my eap.conf I've set:
Nope. Not at all.
>
> dh_file = /etc/raddb/certs/dh
> random_file = /dev/urandom
>
> And in my numerous EAP modules for various virtual servers, I've removed dh_file and random_file. Nothing complained about random_file being missing but apparently the dh_file being missing is an issue:
>
> rlm_eap_tls: Unable to open DH file - (null)
> rlm_eap: Failed to initialize type tls
> /etc/raddb/modules/rainboweap[17]: Instantiation failed for module "rainboweap"
> /etc/raddb/sites-enabled/rainbow-inner[17]: Failed to find "rainboweap" in the "modules" section.
> /etc/raddb/sites-enabled/rainbow-inner[13]: Errors parsing authenticate section.
>
Yes, fixed that already.
> How come random_file was inherited while dh_file wasn't? Or have I misunderstood how this works,
You have.
> inerheritance doesn't exist, and it's just that random_file has a default value if undefined while dh_file doesn't?
Yep.
-Arran
Arran Cudbard-Bell <a.cudbardb at freeradius.org>
FreeRADIUS Development Team
FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 881 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20140212/87ccd577/attachment-0001.pgp>
More information about the Freeradius-Users
mailing list