Warning about OpenSSL 1.0.2

Arran Cudbard-Bell a.cudbardb at freeradius.org
Sun Oct 11 18:01:08 CEST 2015

> On 11 Oct 2015, at 09:01, Alan DeKok <aland at deployingradius.com> wrote:
> On Oct 10, 2015, at 2:40 PM, Michael Ströder <michael at stroeder.com> wrote:
>> Which exact version of OpenSSL 1.0.2?
>  I'm not sure... I haven't seen people posting which version of OpenSSL they're using.

As I said previously, tests were with OpenSSL 1.0.2d.  That's likely to be the ones everyone is using, because, as I said previously, the main exposure to OpenSSL 1.0.2 is through homebrew, and people building it themselves.

>> I'm asking because I'm running FreeRADIUS 3.0.10 (formerly 3.0.9) on openSUSE
>> Tumbleweed (x86_64 and armv6l) with package openssl-1.0.2d-1.1 using
>> EAP-TTLS/PAP without issue.
>> Maybe you're hitting the HMAC ABI incompatibility?
>> It was fixed in 1.0.2c:
>> https://www.openssl.org/news/changelog.html#x2
>  I don't think so.  But who knows...

As I said previously, OpenSSL 1.0.2d does not fix the problem.

You might want to read what I wrote before contributing to the dialogue?


Arran Cudbard-Bell <a.cudbardb at freeradius.org>
FreeRADIUS development team

FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 872 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20151011/597e9e91/attachment.sig>

More information about the Freeradius-Users mailing list