Building from Source
Alan DeKok
aland at deployingradius.com
Mon Oct 12 15:02:22 CEST 2015
On Oct 12, 2015, at 5:29 AM, Herwin Weststrate <herwin at quarantainenet.nl> wrote:
> To be honest, these are the kinds of bugs where I trust my distro to
> have a fixed version before I've had the chance of compiling a new
> FreeRADIUS, just to discover that it won't start because it thinks the
> OpenSSL version is vulnerable.
FreeRADIUS thinks OpenSSL may be vulnerable because we want to err on the side of security. Anything else is bad practice.
> The OpenSSL version check might be useful for installations where you
> have a manual installation of OpenSSL, but as long as you're using
> OpenSSL from a supported distro (like Debian or Ubuntu), I don't think
> the checks in FreeRADIUS have any added value.
Which is why you can do:
./configure --disable-openssl-version-check
Alan DeKok.
More information about the Freeradius-Users
mailing list