]> git.ipfire.org Git - thirdparty/freeradius-server.git/commitdiff
projects / thirdparty / freeradius-server.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 28c6309)
Document disable tls 1.2 because of OpenSSL breakage
authorAlan T. DeKok <aland@freeradius.org>
Tue, 8 Dec 2015 16:20:04 +0000 (11:20 -0500)
committerAlan T. DeKok <aland@freeradius.org>
Tue, 8 Dec 2015 16:20:04 +0000 (11:20 -0500)
raddb/mods-available/eap patch | blob | blame | history

diff --git a/raddb/mods-available/eap b/raddb/mods-available/eap
index ed742852cc65e00b112e41faf48d92355cd9d2d2..1b69550d28293a76de7c6aa7389ad318696b8509 100644 (file)
--- a/raddb/mods-available/eap
+++ b/raddb/mods-available/eap
@@ -322,6 +322,12 @@ eap {
                # in "man 1 ciphers".
                cipher_list = "DEFAULT"
 
+               # Work-arounds for OpenSSL nonsense
+               # OpenSSL 1.0.1f and 1.0.1g do not calculate
+               # the EAP keys correctly.  The fix is to upgrade
+               # OpenSSL, or disable TLS 1.2 here. 
+#              disable_tlsv1_2 = no
+
                #
 
                #
Mirror of https://github.com/FreeRADIUS/freeradius-server.git