From: Nick Porter <nick@portercomputing.co.uk>
Date: Mon, 13 Jan 2025 11:26:47 +0000 (+0000)
Subject: No need to warn about short shared secret for RadSec connections
X-Git-Tag: release_3_2_7~30
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=68111064554e650ce26ea29db368eb4ea77a993f;p=thirdparty%2Ffreeradius-server.git

No need to warn about short shared secret for RadSec connections
---

diff --git a/src/main/client.c b/src/main/client.c
index b7a8a4573a..2c3581b2c7 100644
--- a/src/main/client.c
+++ b/src/main/client.c
@@ -1219,7 +1219,11 @@ done_coa:
 	/*
 	 *	Be annoying to people, but it's about security.
 	 */
+#ifdef WITH_TLS
+	if (!c->tls_required && (strlen(c->secret) < 12)) {
+#else
 	if (strlen(c->secret) < 12) {
+#endif
 		WARN("Shared secret for client %s is short, and likely can be broken by an attacker.",
 		     c->shortname);
 	}