17 Apr
2014
17 Apr
'14
9:59 a.m.
I agree entirely with what Phil says. Is this not a layering violation? As much as you think you might be helping in this belt-and-braces way, I don't think it should be the concern of FreeRADIUS to care about this - and how far do you take it? I am also curious who might actually tangibly benefit. Isn't the reality that a version of FreeRADIUS that contains these checks will only ever get packaged by the distributions with a non-vulnerable version of OpenSSL going forward anyway in a new major release that they make? Nick