Connection issues with Android Marshmallow
Arran Cudbard-Bell
a.cudbardb at freeradius.org
Thu Oct 15 23:39:31 CEST 2015
> On Oct 15, 2015, at 5:09 PM, Nick Lowe <nick.lowe at gmail.com> wrote:
>
> Arran,
>
> For all our sanity, can you not just mandate OpenSSL 1.0.1 or later
> for FreeRADIUS builds?
>
> Explicitly break the build if it's older.
We *HAD* sanity checks to *PREVENT* the server from starting if the build time OpenSSL was a different version to the runtime SSL.
But these were removed by commit 767c67fc4f2f673a44f89794a3531158dcb7b1ec. This patch was not developed internally, but was contributed by RedHat. We agreed to disable the vulnerability checks to help RHEL with patching OpenSSL vulnerabilities, we did NOT agree to disable the version sanity checks FOR PRECISELY THIS REASON.
-Arran
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 842 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20151015/5567c3fa/attachment.sig>
More information about the Freeradius-Users
mailing list