Backporting TLS fixes to Fedora and RHEL

Alan DeKok aland at deployingradius.com
Fri Oct 15 17:55:31 CEST 2021


On Oct 15, 2021, at 11:44 AM, Antonio Torres <antorres at redhat.com> wrote:
> I am sorry my message gave that impression. I'm not asking for anyone
> to do my job, I'm just asking for some pointers to identify this fix,

$ git log

> since the release notes don't mention commit hashes or PR numbers.
> Rest assured that we have dedicated a considerable amount of time to
> test and investigate before asking for help.

  And if I may ask... why can OpenSSL go through a MAJOR version upgrade, but FreeRADIUS isn't allowed a MINOR version upgrade?

  OpenSSL 3.0.0 has other bugs, too.  Some things simply don't work.

  I am rather surprised that there's any expectation that the system could do a major version upgrade on OpenSSL, and have everything work.  I would pretty much expect random breakages in random applications.

  It's a very bad idea.  But I guess it's driven by "corporate policies", so you're stuck trying to debug a complex problem created by those policies.

  Alan DeKok.




More information about the Freeradius-Users mailing list