Building from Source

Alan Buxey A.L.M.Buxey at lboro.ac.uk
Sat Oct 10 18:44:10 CEST 2015


> It will also fail to start because of openssl versioning :
	Put : 
	allow_vulnerable_openssl = yes
	under Security in /etc/freeradius/radius.conf

No.  Read the debug output and see what CVE code is worried about and put only that in the allow_vulnerable..... string otherwise your leaving yourself open to all kinds of future things if your openssl doesn't get patched.  That change certainly isn't going to be standard in the distro.  Blame openssl and the distros for their naming convention :/

alan


More information about the Freeradius-Users mailing list