memcached and TLS resumption
Alan DeKok
aland at deployingradius.com
Thu Mar 28 11:01:21 UTC 2024
On Mar 28, 2024, at 5:12 AM, James Potter via Freeradius-Users <freeradius-users at lists.freeradius.org> wrote:
> I’m trying to use memcached to do TLS session resumption. (FreeRad 3.2.1, Debian 11)
Unfortunately, v3.2 doesn't support that.
> What works:
>
> * eap-tls authentication (with OCSP)
> * tls session resumption works with a local cache – entries are created and then referenced correctly (if I define persist_dir in eap/cache)
> * I see an connections to (local) memcached daemon initialising at FreeRad startup
>
> But nothing gets written to Memcached. I’ve tried adding driver = “rlm_cache_memcached” to eap/cache (freeradius -Xxx says its unused).
Generally if it's not documented as working, then it doesn't work.
> It looks to me like the standard rlm_cache and the eap/cache are unrelated – is this correct?
Yes,
> (and then there is cache_eap…). Any pointers as to what I am missing here would be great.
We're making the EAP cache generic in v4, and it will support any method for caching the EAP data. But v4 is still at least a few weeks off :(
Alan DeKok.
More information about the Freeradius-Users
mailing list