Stefan.Paetow at jisc.ac.uk
Mon Apr 2 17:22:48 CEST 2018
Do you have a location where this alternative can be downloaded (at least we can document this, right?)
That way we can point at the Wiki when this question pops up again. :-)
Consultant, Trust and Identity
t: +44 (0)1235 822 125
xmpp: stefanp at jabber.dev.ja.net
Jisc is a registered charity (number 1149740) and a company limited by guarantee which is registered in England under Company No. 5747339, VAT No. GB 197 0632 86. Jisc’s registered office is: One Castlepark, Tower Hill, Bristol, BS2 0JA. T 0203 697 5800.
On 30/03/2018, 18:28, "Freeradius-Users on behalf of Alan DeKok" <freeradius-users-bounces+stefan.paetow=jisc.ac.uk at lists.freeradius.org on behalf of aland at deployingradius.com> wrote:
On Mar 30, 2018, at 1:22 PM, Stefan Paetow <Stefan.Paetow at jisc.ac.uk> wrote:
> Arran, Alan, thumbs-up to a v3.0.17. Can you just make sure that when you build the official packages, that you don't build against packages that are not available in either CentOS/RHEL 7 or EPEL 7 repos? I had hoped to deploy the official 3.0.16 package but it wanted a package that doesn't exist in any of the repos in question.
The main issue is that RH has decided to move from OpenSSL to NSS. They've *partially* done the port. So libldap links to NSS, but other applications such as FreeRADIUS don't.
Trying to use libldap+NSS with FreeRADIUS+OpenSSL is a recipe for disaster. NSS has an OpenSSL wrapper / compatibility layer. So that layer ends up "stealing" the OpenSSL functions from FreeRADIUS, and then everything crashes.
As a result, we need to have FR link to a version of libldap that uses OpenSSL. Which RH doesn't distribute.
If you're not using LDAP, this is mostly moot.
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users