Releasing 3.0.17?

Alan DeKok aland at
Fri Mar 30 19:27:32 CEST 2018

On Mar 30, 2018, at 1:22 PM, Stefan Paetow <Stefan.Paetow at> wrote:
> Arran, Alan, thumbs-up to a v3.0.17. Can you just make sure that when you build the official packages, that you don't build against packages that are not available in either CentOS/RHEL 7 or EPEL 7 repos? I had hoped to deploy the official 3.0.16 package but it wanted a package that doesn't exist in any of the repos in question.

  The main issue is that RH has decided to move from OpenSSL to NSS.  They've *partially* done the port.  So libldap links to NSS, but other applications such as FreeRADIUS don't.

  Trying to use libldap+NSS with FreeRADIUS+OpenSSL is a recipe for disaster.  NSS has an OpenSSL wrapper / compatibility layer.  So that layer ends up "stealing" the OpenSSL functions from FreeRADIUS, and then everything crashes.

  As a result, we need to have FR link to a version of libldap that uses OpenSSL.  Which RH doesn't distribute.

  If you're not using LDAP, this is mostly moot.

  Alan DeKok.

More information about the Freeradius-Users mailing list