FreeRADIUS SSL version check

Alan DeKok aland at
Wed Jan 7 20:00:01 CET 2015

On Jan 7, 2015, at 1:54 PM, Michael Richardson <mcr at> wrote:
> Could static linking libssl in be made easier?

  Systems ship with static libraries?

> I haven't tried recently, but often it's really hard with autoconf.

  Which is why v3 no longer uses libtool, libltdl.  In a modern system, they make life *worse*.

> Sure, this means updating freeradius when/if openssl has another security
> issue, but it also isolates freeradius from system updates.

  That’s why it’s configurable.

> Being able to build on one machine and deploy to another machine such that
> one doesn't have to install a compiler is a big win to me.

  Then be sure that both systems have the same version of OpenSSL. 

  Or, do:

$ ./configure --disable-openssl-version-check

  And don’t complain if the server crashes inside of OpenSSL.

  Alan DeKok.

More information about the Freeradius-Devel mailing list