Hi,

I found  a new man-in-the-middle attack with SSL.  http://www.sslshopper.com/article-ssl-and-tls-renegotiation-vulnerability-discovered.html

 

I am afraid if freeRADIUS use SSL renegotiation?  The freeRADIUS version is 1.1.6. We use EAP-TLS and the backend OpenLDAP server with TLS connection. 

Does  freeRADIUS use SSL renegotiation ?

 

Thanks.

John



好玩贺卡等你发,邮箱贺卡全新上线!