Skip to content
Snippets Groups Projects
Commit 9cdadc08 authored by Olivier Le Monnier's avatar Olivier Le Monnier
Browse files

Freeradius 3.0.16 introduces two new EAP options

parent eb98707b
No related branches found
No related tags found
No related merge requests found
......@@ -36,6 +36,8 @@ define freeradius::module::eap (
Optional[String] $tls_check_cert_cn = undef,
String $tls_cipher_list = 'DEFAULT',
Optional[Freeradius::Boolean] $tls_disable_tlsv1_2 = undef,
Optional[String] $tls_min_version = undef,
Optional[String] $tls_max_version = undef,
String $tls_ecdh_curve = 'prime256v1',
Freeradius::Boolean $tls_cache_enable = 'yes',
Integer $tls_cache_lifetime = 24,
......
......@@ -381,7 +381,27 @@ eap {
disable_tlsv1_2 = <%= @tls_disable_tlsv1_2 %>
<%- end -%>
<%- if @tls_min_version or @tls_max_version -%>
# Set min / max TLS version. Mainly for Debian
# "trusty", which disables older versions of TLS, and
# requires the application to manually enable them.
#
# If you are running Debian trusty, you should set
# these options, otherwise older clients will not be
# able to connect.
#
# Allowed values are "1.0", "1.1", and "1.2".
#
# The values must be in quotes.
#
<%- end -%>
<%- if @tls_min_version -%>
tls_min_version = "<%= @tls_min_version -%>"
<%- end -%>
<%- if @tls_max_version -%>
tls_max_version = "<%= @tls_max_version -%>"
<%- end -%>
#
# Elliptical cryptography configuration
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment