# wimax
# update reply {
# &Reply-Message += "%{session-state.TLS-Cert-Serial}"
-# &Reply-Message += "%{session-state.TLS-Cert-Expiration}"
+# &Reply-Message += "%{session-state.TLS-Cert-Not-After}"
# &Reply-Message += "%{session-state.TLS-Cert-Subject}"
# &Reply-Message += "%{session-state.TLS-Cert-Issuer}"
# &Reply-Message += "%{session-state.TLS-Cert-Common-Name}"
# &Reply-Message += "%{session-state.TLS-Cert-Subject-Alt-Name-Email}"
-# &Reply-Message += "%{session-state.TLS-Client-Cert-Serial}"
-# &Reply-Message += "%{session-state.TLS-Client-Cert-Expiration}"
-# &Reply-Message += "%{session-state.TLS-Client-Cert-Subject}"
-# &Reply-Message += "%{session-state.TLS-Client-Cert-Issuer}"
-# &Reply-Message += "%{session-state.TLS-Client-Cert-Common-Name}"
-# &Reply-Message += "%{session-state.TLS-Client-Cert-Subject-Alt-Name-Email}"
# }
# insert_acct_class
# if (&reply.EAP-Session-Id) {
== Default Configuration
```
-# TLS-Cert-Serial
-# TLS-Cert-Expiration
-# TLS-Cert-Subject
-# TLS-Cert-Issuer
-# TLS-Cert-Common-Name
-# TLS-Cert-Subject-Alt-Name-Email
-# TLS-Client-Cert-Serial
-# TLS-Client-Cert-Expiration
-# TLS-Client-Cert-Subject
-# TLS-Client-Cert-Issuer
-# TLS-Client-Cert-Common-Name
-# TLS-Client-Cert-Subject-Alt-Name-Email
+# TLS-Cert.Serial
+# TLS-Cert.Expiration
+# TLS-Cert.Subject
+# TLS-Cert.Issuer
+# TLS-Cert.Common-Name
+# TLS-Cert.Subject-Alt-Name-Email
server tls-cache {
namespace = tls_cache
load tls-session {
# available).
#
# update reply {
-# &Reply-Message += "%{session-state.TLS-Cert-Serial}"
-# &Reply-Message += "%{session-state.TLS-Cert-Expiration}"
-# &Reply-Message += "%{session-state.TLS-Cert-Subject}"
-# &Reply-Message += "%{session-state.TLS-Cert-Issuer}"
-# &Reply-Message += "%{session-state.TLS-Cert-Common-Name}"
-# &Reply-Message += "%{session-state.TLS-Cert-Subject-Alt-Name-Email}"
-#
-# &Reply-Message += "%{session-state.TLS-Client-Cert-Serial}"
-# &Reply-Message += "%{session-state.TLS-Client-Cert-Expiration}"
-# &Reply-Message += "%{session-state.TLS-Client-Cert-Subject}"
-# &Reply-Message += "%{session-state.TLS-Client-Cert-Issuer}"
-# &Reply-Message += "%{session-state.TLS-Client-Cert-Common-Name}"
-# &Reply-Message += "%{session-state.TLS-Client-Cert-Subject-Alt-Name-Email}"
+# &Reply-Message += "%{session-state.TLS-Cert.Serial}"
+# &Reply-Message += "%{session-state.TLS-Cert.Not-After}"
+# &Reply-Message += "%{session-state.TLS-Cert.Subject}"
+# &Reply-Message += "%{session-state.TLS-Cert.Issuer}"
+# &Reply-Message += "%{session-state.TLS-Cert.Common-Name}"
+# &Reply-Message += "%{session-state.TLS-Cert.Subject-Alt-Name-Email}"
# }
#
reject
}
-if (&request.TLS-Cert-Issuer =~ /@example\.org/) {
+if (&request.TLS-Cert.Issuer =~ /@example\.org/) {
test_pass
} else {
test_fail
reject
}
-if (&request.TLS-Cert-Issuer =~ /@example\.org/) {
+if (&request.TLS-Cert.Issuer =~ /@example\.org/) {
test_pass
} else {
test_fail
reject
}
-if (&request.TLS-Cert-Issuer =~ /@example\.org/) {
+if (&request.TLS-Cert.Issuer =~ /@example\.org/) {
test_pass
} else {
test_fail
reject
}
-if (&request.TLS-Cert-Issuer =~ /@example\.org/) {
+if (&request.TLS-Cert.Issuer =~ /@example\.org/) {
test_pass
} else {
test_fail
reject
}
-if (&request.TLS-Cert-Issuer =~ /@example\.org/) {
+if (&request.TLS-Cert.Issuer =~ /@example\.org/) {
test_pass
} else {
test_fail