Date: Wed, 7 Jun 2017 17:19:05 +0800 From: Jov <amutu@amutu.com> To: Olivier <Olivier.Nicole@cs.ait.ac.th> Cc: FreeBSD questions <questions@freebsd.org> Subject: Re: FreeRadius3 on FreeBSD 10.3 Message-ID: <CADyrUxM9G9U5KhE7zhQYn_pfES-rQagv_dLx4%2B1duSPB_jkeKQ@mail.gmail.com> In-Reply-To: <wu74lvsw7xn.fsf@banyan.cs.ait.ac.th> References: <wu74lvsw7xn.fsf@banyan.cs.ait.ac.th>
next in thread | previous in thread | raw e-mail | index | archive | help
I have this in my radiusd.conf: security { ... allow_vulnerable_openssl = 'CVE-2016-6304' } 2017-06-07 15:52 GMT+08:00 Olivier <Olivier.Nicole@cs.ait.ac.th>: > Hi, > > Anybody has succeeded to run FreeRadius3 on FreeBSD 10.3-RELEASE? > > It is complaining that the version of OpenSSL contains bug, but OpenSSl > comes with FreeBSD system and i am prety sure I have applied all > security patches (last patch regarding OpenSSL is p17, SA published in > february this year). > > FreeBSD ldap.cs.ait.ac.th 10.3-RELEASE-p17 FreeBSD 10.3-RELEASE-p17 #5 > r314483: Thu Mar 2 13:04:10 ICT 2017 root@ldap.cs.ait.ac.th:/usr/obj/usr/src/sys/GENERIC > i386 > > freeradius3-3.0.14 compiled from the ports > > The error message is: > > Error: Refusing to start with libssl version OpenSSL 1.0.1s-freebsd 1 Mar > 2016 0x1000113f (1.0.1s release) (in range 1.0.1 release - 1.0.1t rele) > Error: Security advisory CVE-2016-6304 (OCSP status request extension) > > This error was corrected in FreeBSD-SA-16:26.openssl > > Obviously FreeRadius is only comparing the version number of OpenSSL and > does not do a good job at checking the fact that the error has been > corrected or not. > > So how do you run FreeRadius3 on FreeBSD 10.3-RELEASE? > > Thanks in advance. > > Olivier > > > -- > _______________________________________________ > freebsd-questions@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions- > unsubscribe@freebsd.org" >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CADyrUxM9G9U5KhE7zhQYn_pfES-rQagv_dLx4%2B1duSPB_jkeKQ>