EAP-TLS extend logged lines
Alexey D. Filimonov
alexey at filimonic.net
Wed Feb 19 19:56:36 UTC 2025
Thanks.
Is this `msg_goodpass` is a value of some attribute in some list? Can I
change it somewhere in post-auth or somewhere else?
I thought about placing here some kind of session:Tmp-String-1, and
filing Tmp-String-1 in post-auth,but this does not look good to me if
there is a shorter way.
On 2025-02-19 19:18, Alan DeKok wrote:
> On Feb 19, 2025, at 11:11 AM, Alexey D. Filimonov<alexey at filimonic.net> wrote:
>> Currently I have EAP-TLS auth.
>> On successfull auth, it logs
>>
>> ```
>> Wed Feb 19 15:23:13 2025 : Auth: (9) Login OK: [anonymous-xxx] (from client name_of_client1 port 8 cli ee:ee:ee:ed:ae:ee)
>> ```
>>
>>
>> I'd like to extend or replace this line with UPN from certiificate and other attributes.
>>
>> Where should I start from ?
> Edit radiusd.conf to edit the message. Look for msg_goodpass. You can edit to add any TLS certificate information you want.
>
> You can run the server in debug mode to see which TLS attributes are available, and what their names are.
>
> Alan DeKok.
>
> -
> List info/subscribe/unsubscribe? Seehttp://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list