On Sat, Apr 02, 2016 at 09:39:20PM -0400, Arran Cudbard-Bell wrote:
On 1 Apr 2016, at 14:01, Matthew Newton <mcn4@leicester.ac.uk> wrote:
On Fri, Apr 01, 2016 at 10:34:51AM -0600, Arran Cudbard-Bell wrote:
There's now support for OpenSSL 1.1.0-pre4 in v3.1.x.
Nice.
Our basic EAP test suite passes, but it would be useful if those who rely heavily on TLS could test this out in their lab environment.
I'll try and check it out here in the next couple of weeks if I get a spare 10 minutes.
Thanks Alan B/Matthew!
Took a while, sorry. Recommendation is to not get ill... :( openssl 1.1.0-pre5-dev (34da11b39d24) freeradius v3.1.x (dc43c5913064) The clients are Windows 7, and use PEAP/EAP-TLS. (Which I guess is fairly unusual in itself.) PEAP seems to come up fine, and SoH data is retrieved. Then inner-tunnel does EAP-TLS which looks like it's all there, but the client then goes silent on an Access-Challenge. Haven't yet tested with same FreeRADIUS and openssl 1.0.x, so I don't know if this is due to the new openssl code or if it's the previous EAP fragment issue. Assuming it's something to do with openssl code, to debug much further I'll need to see if I can get hold of a laptop to test with, though they're like hen's teeth around here. Cheers, Matthew -- Matthew Newton, Ph.D. <mcn4@le.ac.uk> Systems Specialist, Infrastructure Services, I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom For IT help contact helpdesk extn. 2253, <ithelp@le.ac.uk>