Hi Stefan, Thanks for your advice, it's works now. thanks alf On Wed, Jun 18, 2014 at 4:19 PM, Stefan Paetow <Stefan.Paetow@ja.net> wrote:
the result of freeradius -X is Refusing to start with libssl version OpenSSL 1.0.1 14 Mar 2012 (in range 1.0.1 - 1.0.1f). Security advisory CVE-2014-0160 (Heartbleed)
how can I change the libssl then? what's the command?
Hi, you don’t need to change libssl. The above is a safety measure introduced after Heartbleed.
What you *do* need to do is modify radiusd.conf and change the "allow_vulnerable_openssl" setting to "yes", since this is a Debian system and the Debian maintainers chose to patch their OpenSSL package instead of moving to the fixed version (1.0.1g).
Stefan
Janet(UK) is a trading name of Jisc Collections and Janet Limited, a not-for-profit company which is registered in England under No. 2881024 and whose Registered Office is at Lumen House, Library Avenue, Harwell Oxford, Didcot, Oxfordshire. OX11 0SG. VAT No. 614944238