Ldap searches don't seem to honour connect_timeout

Alan DeKok aland at deployingradius.com
Wed May 11 17:43:22 CEST 2016


On May 11, 2016, at 11:31 AM, Franks Andy (IT Technical Architecture Manager) <Andy.Franks at sath.nhs.uk> wrote:
> 
> Just for reference, it seems ubuntu have taken a decision to use GnuTLS for tls encryption over openSSL due to licensing worries - see the top paragraph of this:
> https://help.ubuntu.com/community/GnuTLS

  Ugh.  The problem is that they're just not compatible.

> so.. anyone seeking to compile Freeradius from scratch and using ldap will be using some bits compiled with GnuTLS intead of openSSL. For me this seems to be some lack of support for certain freeradius ldap options in the configuration, and lack of debugging options working.

  Ubuntu is welcome to submit patches which allow FreeRADIUS to build with GnuTLS.  Until then, FreeRADIUS will be broken on their platform, because they broke it.

  Alan DeKok.




More information about the Freeradius-Users mailing list