Commit c5c8004e authored by Jonathan Gazeley's avatar Jonathan Gazeley
Browse files

Manage parameter `allow_expired_crl`. Fixes #90

parent cc8b29e1
Loading
Loading
Loading
Loading
+3 −0
Original line number Diff line number Diff line
@@ -978,6 +978,9 @@ Check the certificate revocation list. Default: `undef`.
###### `tls_check_all_crl`
Check if intermediate CAs have been revoked. Default: `undef`.

###### `tls_allow_expired_crl`
Allow use of an expired CRL. Default: `undef`.

###### `tls_ca_path`
Path to the CA file. Default: `${cadir}`.

+1 −0
Original line number Diff line number Diff line
@@ -30,6 +30,7 @@ define freeradius::module::eap (
  Optional[Freeradius::Boolean] $tls_include_length                 = undef,
  Optional[Freeradius::Boolean] $tls_check_crl                      = undef,
  Optional[Freeradius::Boolean] $tls_check_all_crl                  = undef,
  Optional[Freeradius::Boolean] $tls_allow_expired_crl              = undef,
  String $tls_ca_path                                               = "\${cadir}",
  Optional[String] $tls_check_cert_issuer                           = undef,
  Optional[String] $tls_check_cert_cn                               = undef,
+5 −0
Original line number Diff line number Diff line
@@ -332,6 +332,11 @@ eap {
    check_all_crl = <%= @tls_check_all_crl %>
<%- end -%>

    # Allow use of expired CRLs
<%- if @tls_allow_expired_crl -%>
    allow_expired_crl = <%= @tls_allow_expired_crl %>
<%- end -%>

    ca_path = <%= @tls_ca_path %>

    #