Version 3.0.14 has been released
Brian Julin
BJulin at clarku.edu
Mon Jun 5 22:57:13 CEST 2017
Alan DeKok wrote:
> I try not to do releases on a Friday, but this one may be useful.
> https://freeradius.org/press/index.html#3.0.14
> This release fixes a crash in session resumption seen by a few people. It also fixes an issue where it was possible to convince the server to do session resumption, even if the underlying session
> had not finished authentication.
> Everyone should either upgrade, or set "enable = no" in the EAP "cache" section.
Worth pointing out in case anyone forgets to read the above release notes
carefully:
You will have to set up a persist_dir to get fast reauth working again,
as the in-server cache is now disabled. Read the new comments in
mods-available/eap near the tls-common/cache subsection.
Note for SELinux systems, the default for persist_dir in mods-available/eap
is currently: "${logdir}/tlscache"
It might make sense to change this to:
persist_dir = "${db_dir}/tlscache"
...where ${db_dir} is usually /var/lib/radiusd
...and then set the tlscache directory up under /var/lib/radiusd/ rather
than /var/log/radiusd, because radiusd_var_lib_t policy is already the way
you want it.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list