[EXT] FR 3.0 radsec : dynamic home server discovery status

Brian Julin BJulin at clarku.edu
Fri Mar 13 20:23:07 CET 2020

Alan DeKok wrote:
>  The code in that branch looks pretty good.  If it still works, it would be good to add it to v3.

I think if I understood correctly the problem is that the subsequent mods to rlm_unbound
to more correctly integrate it into the event loop use an alternate pathway through the
unbound API which cannot take advantage of unbound's parser for NAPTR records.  But
at this point I've probably forgotten more about all that than I learned in the first place :-)

BTW, as far as why I stopped working on that... I'm at a SP/IDP not a federation, and
it looked like the prospects of DDDS were dimming at least here in the USA -- since even
using TCP/TLS was experimental with the federation servers and was discontinued
during an upgrade.  The workings of the federation servers were pretty opaque
from where I was standing so it looked like another standard that was going to get about
as much market share as DNSSec... which is to say even less used than IPv6.

List info/subscribe/unsubscribe? See https://nam10.safelinks.protection.outlook.com/?url=http%3A%2F%2Fwww.freeradius.org%2Flist%2Fusers.html&data=02%7C01%7Cbjulin%40clarku.edu%7Caf2e814795294d7810ff08d7c781adb0%7Cb5b2263d68aa453eb972aa1421410f80%7C1%7C0%7C637197232094454443&sdata=yrgwUsBt2DXPyjagnPKam%2BNqZLeX8CaNAFspzP7E1%2Bw%3D&reserved=0

More information about the Freeradius-Users mailing list