char *hexbuf = NULL;
DH *aaa_server_dh;
- tls = talloc_zero( hs, fr_tls_server_conf_t);
+ tls = fr_tls_server_conf_alloc(hs);
if (!tls) return NULL;
aaa_server_dh = tid_srvr_get_dh(server);
hs->secret = talloc_strdup(hs, "radsec");
hs->response_window.tv_sec = 30;
hs->last_packet_recv = time(NULL);
-
+ /*
+ * We want sockets using these servers to close as soon as possible,
+ * to make sure that whenever a pool is replaced, sockets using old ones
+ * will not last long (hopefully less than 300s).
+ */
+ hs->limit.idle_timeout = 5;
hs->tls = construct_tls(inst, hs, blk);
if (!hs->tls) goto error;