(originally recorded as RADSECPROXY-23)
The server block option dynamicLookupCommand makes radsecproxy invoke an executable and treat its output as part of the configuration. This is slightly scary from a security point of view.
We should add an option dynamicLookup which does what tools/radsec-dynsrv.sh does, namely resolving SRV _radsec._tcp.REALM (optionally via a NAPTR lookup) and puts the resulting names in a server block, but does it natively through the resolver.
It should probably take two arguments -- the name and type of the server block.
See RFC 2915 for info on the NAPTR RR.