Backporting TLS fixes to Fedora and RHEL

Matthew Newton mcn at freeradius.org
Fri Oct 15 17:32:27 CEST 2021


On 15/10/2021 16:16, Antonio Torres wrote:
> Tried updating to 3.0.23 and the issue seems to be fixed. However due
> to the updates policy we can't do a full upgrade, so we have to
> backport fixes to 3.0.21. I am having issues finding the commit(s)
> that fix this issue, so any help would be appreciated.

Nice try. RedHat are *paid* to look after their distribution, and you're 
asking us to investigate an an issue for free, in an obsolete version.

Not sure that's going to go down too well.

If 3.0.23 works, then great, upgrade to that instead. Or even 3.0.25, 
rather than yet another obsolete version.

> I'm not sure this is related, but we are hitting an error with the
> same error message as this one but using MSCHAPv2. Here's the report:
> https://bugzilla.redhat.com/show_bug.cgi?id=2014525
> This is still valid in the latest FreeRADIUS release (3.0.25).

Try it with a non-bleeding edge version of OpenSSL? I don't know if 
anyone's even looked at that yet.

-- 
Matthew


More information about the Freeradius-Users mailing list