freeradius won't start due to heartbleed
g8kbvdave at googlemail.com
Tue Jun 10 16:25:42 UTC 2014
> On 6/9/2014 at 9:32 PM Mark Tinka wrote:
> |On Monday, June 09, 2014 08:23:31 PM Mike. wrote:
> |> I'm sure I'm missing something obvious (again), but I've
> |> been staring at this too long, and the solution eludes
> |> me.
> |> Why does openssl still have the old version number? What
> |> do I do next, so that radiusd will start up?
> |Go to "radiusd.conf", look for the "# SECURITY
> |CONFIGURATION" section and set:
> | allow_vulnerable_openssl = yes
> Thanks, that did the trick.
'scuse my ignorance.
But though I understand how that proves the point, surely the correct fix now
would be to replace the openssl libs' to a version without the vulnerability, and
reset that configuration option to "no"
AFIK, FBSD 10.0 was released before the HeartBleed bug was found, so unles
you know you've updated it to a fixed version, there could be trouble ahead.
Dave B. (I run '9.2 release' at home, that never had the trouble, AFIK.)
Rock, back under going.
More information about the freebsd-questions