I tried it using packages from sid, but that wouldn't compile on my system (with dpkg-buildpackage). So initially I gave up, but currently Buster is on the same OpenSSL version as Sid (1.1.0f-5), so I did the same thing with the packages downloaded from apt source. They built fine and I think my change in OpenSSL worked. I can successfully connect using TLS1.0 (tested with openssl s_client -connect google.com:443 -tls1). I should note that I haven't tested this *before* (with the 'unmodded' OpenSSL) though, but I assume that the above test would have failed. However it did not have any effect on FreeRADIUS, I'm getting the same error as before. Of course I did restart my FreeRADIUS service. How can I check what libssl FreeRADIUS is using? I noticed that there are two libssl versions installed on my system: libssl1.0.2 and libssl1.1. I only made the change in libssl1.1. Could it be that FreeRADIUS is using the former instead? Thanks, Lars On 02/09/2017 18:24, Sven Hartge wrote:
On 02.09.2017 17:56, Lars Veldscholte wrote:
So I tried your advice, but there doesn't seem to be a patch with that name.
Ah, Testing, right. I am on Sid, where OpenSSL is one Debian release newer. Get the source from Sid and use that to recompile it.
Grüße, Sven.
- List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html