Radsec Regression Alpine 3.14
Josef Vybíhal
josef.vybihal at gmail.com
Tue Sep 14 14:23:13 CEST 2021
Just a guess. Does the other side support TLSv1.2?
https://github.com/FreeRADIUS/freeradius-server/blob/v3.0.x/raddb/sites-available/tls#L306
P.
On Tue, Sep 14, 2021 at 2:12 PM Emile Swarts <emile.swarts123 at gmail.com>
wrote:
> I recently upgraded Alpine from v3.12 to v3.14.
>
> Noticed that Radsec stopped working, and the only error message I get in
> the server logs is "(0) FAILED in TLS handshake receive". Switching back to
> v3.12 fixes the issue and the AP is able to establish the Radsec tunnel and
> do the authentication.
>
> I'm currently looking through all the dependencies that upgraded as part of
> the OS upgrade but it's difficult to pinpoint which one broke Radsec. Noted
> that openssl has stayed on the same version.
>
> FreeRadius versions went from:
> freeradius-lib-3.0.21-r3
> freeradius-3.0.21-r3
> freeradius-eap-3.0.21-r3
>
> To:
> freeradius-lib-3.0.23-r0
> freeradius-3.0.23-r0
> freeradius-eap-3.0.23-r0
>
> The rest of the package upgrades can be found here:
> https://gist.github.com/emileswarts/fd7d46556eacac096d318170aea7a19d
>
> Does anyone have any pointers on how to narrow down this bug?
>
> Thanks,
> Emile
> -
> List info/subscribe/unsubscribe? See
> http://www.freeradius.org/list/users.html
More information about the Freeradius-Users
mailing list