10 Oct
2015
10 Oct
'15
1:01 p.m.
On 10 Oct 2015, at 12:40, Alan Buxey <A.L.M.Buxey@lboro.ac.uk> wrote:
Just to ensure the loop is complete, this openssl 1.0.2 issue...... what versions of code are affected...is this something that came in with 3.0.10 related to tls 1.2 updates/fixes or is it older than that eg anything before 3.0.6 or 2.2.6?
All of v2.x.x all of v3.x.x. Blame for main/cb.c (where the tls callbacks live) shows commits from 2002. I don't know if a different mechanism was used before then. If not, then this would likely affect all versions of the server that support EAP-TLS. This is unrelated to the fixes for TLS 1.2. Arran Cudbard-Bell <a.cudbardb@freeradius.org> FreeRADIUS development team FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2