OpenSSL 1.1.0 support
Matthew Newton
mcn4 at leicester.ac.uk
Tue Apr 19 14:29:21 CEST 2016
On Sat, Apr 02, 2016 at 09:39:20PM -0400, Arran Cudbard-Bell wrote:
>
> > On 1 Apr 2016, at 14:01, Matthew Newton <mcn4 at leicester.ac.uk> wrote:
> >
> > On Fri, Apr 01, 2016 at 10:34:51AM -0600, Arran Cudbard-Bell wrote:
> >> There's now support for OpenSSL 1.1.0-pre4 in v3.1.x.
> >
> > Nice.
> >
> >> Our basic EAP test suite passes, but it would be useful if those
> >> who rely heavily on TLS could test this out in their lab
> >> environment.
> >
> > I'll try and check it out here in the next couple of weeks if I
> > get a spare 10 minutes.
>
> Thanks Alan B/Matthew!
Took a while, sorry. Recommendation is to not get ill... :(
openssl 1.1.0-pre5-dev (34da11b39d24)
freeradius v3.1.x (dc43c5913064)
The clients are Windows 7, and use PEAP/EAP-TLS. (Which I guess is
fairly unusual in itself.) PEAP seems to come up fine, and SoH
data is retrieved. Then inner-tunnel does EAP-TLS which looks like
it's all there, but the client then goes silent on an
Access-Challenge.
Haven't yet tested with same FreeRADIUS and openssl 1.0.x, so I
don't know if this is due to the new openssl code or if it's the
previous EAP fragment issue.
Assuming it's something to do with openssl code, to debug much
further I'll need to see if I can get hold of a laptop to test
with, though they're like hen's teeth around here.
Cheers,
Matthew
--
Matthew Newton, Ph.D. <mcn4 at le.ac.uk>
Systems Specialist, Infrastructure Services,
I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom
For IT help contact helpdesk extn. 2253, <ithelp at le.ac.uk>
More information about the Freeradius-Users
mailing list