Configuring PEAP

Nick Lowe nick.lowe at gmail.com
Thu Sep 24 14:15:57 CEST 2015


> I saw you raising the TLS support for 2.x... Is there a similar ticket for
> v3 in Bugtraq? ;-)

The difference there was that Red Hat had already rebased to 2.2.6 in
RHEL 6.7 so they were in the position where TLS 1.2 would be
negotiated and there'd subsequently be invalid MPPE keys in the
Access-Accept rather than just TLS 1.0 being negotiated, clear bug
territory.

With 3.0.4, with no TLS 1.2 support being present, TLS 1.0 will be
negotiated by the EAP client so there's technically no bug to fix.

I doubt they'll consider rebasing 3.0.4 to 3.0.10 or later, buy they
ought to IMO with the next point release of RHEL 7.

Nick


More information about the Freeradius-Users mailing list