24 Sep
2015
24 Sep
'15
8:15 a.m.
I saw you raising the TLS support for 2.x... Is there a similar ticket for v3 in Bugtraq? ;-)
The difference there was that Red Hat had already rebased to 2.2.6 in RHEL 6.7 so they were in the position where TLS 1.2 would be negotiated and there'd subsequently be invalid MPPE keys in the Access-Accept rather than just TLS 1.0 being negotiated, clear bug territory. With 3.0.4, with no TLS 1.2 support being present, TLS 1.0 will be negotiated by the EAP client so there's technically no bug to fix. I doubt they'll consider rebasing 3.0.4 to 3.0.10 or later, buy they ought to IMO with the next point release of RHEL 7. Nick