Comment out unneeded options from mods-available/eap
These options are lefotvers from before the OpenSSL3 support backport. They do not harm FreeRADIUS functioning but print warnings on server startup. Resolves: RHEL-30830 Signed-off-by: Antonio Torres <antorres@redhat.com>
This commit is contained in:
Antonio Torres
parent
90f6cd6efb
commit
5e110dfcd8
@ -11,7 +11,9 @@ Signed-off-by: Antonio Torres <antorres@redhat.com>
|
||||
to work on top of OpenSSL 3.0 when the system is in FIPS mode. We enable this macro on the specfile.
|
||||
[antorres@redhat.com]: backported tls.c, tls-h changes from 3.2.x branch.
|
||||
[antorres@redhat.com]: the sites-available/tls file has been modified to add the fix_cert_order option.
|
||||
[antorres@redhat.com]: mods-available/eap has been modified to comment out 'disable_tlsv1' and 'dh_file' options.
|
||||
---
|
||||
raddb/mods-available/eap | 6 +-
|
||||
raddb/sites-available/tls | 8 +
|
||||
share/dictionary.freeradius.internal | 54 +-
|
||||
src/include/build.h | 25 +-
|
||||
@ -68,8 +70,32 @@ to work on top of OpenSSL 3.0 when the system is in FIPS mode. We enable this ma
|
||||
src/modules/rlm_wimax/milenage.h | 128 ++
|
||||
src/modules/rlm_wimax/rlm_wimax.c | 429 ++++-
|
||||
src/tests/keywords/md4 | 58 +
|
||||
56 files changed, 6029 insertions(+), 1196 deletions(-)
|
||||
57 files changed, 6032 insertions(+), 1199 deletions(-)
|
||||
|
||||
diff --git a/raddb/mods-available/eap b/raddb/mods-available/eap
|
||||
index a89a783663..bf73485e3c 100644
|
||||
--- a/raddb/mods-available/eap
|
||||
+++ b/raddb/mods-available/eap
|
||||
@@ -281,7 +281,7 @@ eap {
|
||||
#
|
||||
# openssl dhparam -out certs/dh 2048
|
||||
#
|
||||
- dh_file = ${certdir}/dh
|
||||
+ # dh_file = ${certdir}/dh
|
||||
|
||||
# If your system doesn't have /dev/urandom,
|
||||
# you will need to create this file, and
|
||||
@@ -392,8 +392,8 @@ eap {
|
||||
# tls_max_version.
|
||||
#
|
||||
# disable_tlsv1_2 = no
|
||||
- disable_tlsv1_1 = yes
|
||||
- disable_tlsv1 = yes
|
||||
+ # disable_tlsv1_1 = yes
|
||||
+ # disable_tlsv1 = yes
|
||||
|
||||
# Set min / max TLS version. Mainly for Debian
|
||||
# "trusty", which disables older versions of TLS, and
|
||||
diff --git a/raddb/sites-available/tls b/raddb/sites-available/tls
|
||||
index e2a3b080ca..25a10b6364 100644
|
||||
--- a/raddb/sites-available/tls
|
||||
|
||||
@ -1,7 +1,7 @@
|
||||
Summary: High-performance and highly configurable free RADIUS server
|
||||
Name: freeradius
|
||||
Version: 3.0.21
|
||||
Release: 39%{?dist}
|
||||
Release: 40%{?dist}
|
||||
License: GPLv2+ and LGPLv2+
|
||||
URL: http://www.freeradius.org/
|
||||
|
||||
@ -864,6 +864,10 @@ EOF
|
||||
%attr(640,root,radiusd) %config(noreplace) /etc/raddb/mods-available/rest
|
||||
|
||||
%changelog
|
||||
* Mon Apr 01 2024 Antonio Torres <antorres@redhat.com> - 3.0.21-40
|
||||
- Comment out unneeded options from mods-available/eap
|
||||
Resolves: RHEL-30830
|
||||
|
||||
* Mon Nov 06 2023 Antonio Torres <antorres@redhat.com> - 3.0.21-39
|
||||
- Fix Python3.8+ library name suffix
|
||||
Resolves: #15503
|
||||
|
||||
Loading…
Reference in New Issue
Block a user