Regarding backport fix of to 3.0.x branches.

Alan DeKok aland at
Tue Jun 6 06:01:53 UTC 2023

On Jun 6, 2023, at 7:57 AM, saurabha badhai <saurabha.badhai at> wrote:
> Yes got it, so in TLS connection, TCP connect can be used as non-Blocking
> mode now with the PR #5013 without any issue, Could you please  confirm ?

  If you read the code, you'll see that bare TCP cannot be used in non-blocking mode.

  The non-blocking code uses the internal TLS buffers to write data when the TCP connection is blocked.  Those TLS buffers don't exist for RADIUS/TCP.  So they're not used.

  In short: don't use RADIUS/TCP.  It's insecure.  It offers no value over RADIUS/UDP, or RADIUS/TLS.

  Just use RADIUS/TLS.

  Alan DeKok.

More information about the Freeradius-Devel mailing list