Building from Source

Alan DeKok aland at
Mon Oct 12 15:02:22 CEST 2015

On Oct 12, 2015, at 5:29 AM, Herwin Weststrate <herwin at> wrote:
> To be honest, these are the kinds of bugs where I trust my distro to
> have a fixed version before I've had the chance of compiling a new
> FreeRADIUS, just to discover that it won't start because it thinks the
> OpenSSL version is vulnerable.

  FreeRADIUS thinks OpenSSL may be vulnerable because we want to err on the side of security.  Anything else is bad practice.

> The OpenSSL version check might be useful for installations where you
> have a manual installation of OpenSSL, but as long as you're using
> OpenSSL from a supported distro (like Debian or Ubuntu), I don't think
> the checks in FreeRADIUS have any added value.

  Which is why you can do:

./configure --disable-openssl-version-check

  Alan DeKok.

More information about the Freeradius-Users mailing list