Commit Graph

6 Commits

Author SHA1 Message Date
Antonio Torres
5e110dfcd8
Comment out unneeded options from mods-available/eap
These options are lefotvers from before the OpenSSL3 support backport.
They do not harm FreeRADIUS functioning but print warnings on server
startup.

Resolves: RHEL-30830
Signed-off-by: Antonio Torres <antorres@redhat.com>
2024-04-01 14:20:35 +02:00
Antonio Torres
15c420485a
Fix crash when verifying client certificate
A crash would occur when verifying a client certificate when a
certificate chain with two or more intermediate certificates is used.

Resolves: #2183447
Signed-off-by: Antonio Torres <antorres@redhat.com>
2023-05-22 13:37:46 +02:00
Antonio Torres
a9061bf663
Add WITH_FIPS macro to CFLAGS
We need this flag added to CFLAGS in order for FreeRADIUS to run under a
system in FIPS mode.

Resolves: 2083699
Signed-off-by: Antonio Torres <antorres@redhat.com>
2022-05-30 18:58:12 +02:00
Antonio Torres
d83b583a42
Fix segfault when trying to access MD4 and MD5 in a FIPS system
This updates the OpenSSL 3.0 backport patch to current 3.0.x branch
state, which includes fixes for accessing MD4 and MD5 algorithms when
the system is in FIPS mode.

Resolves: #2083699
Signed-off-by: Antonio Torres <antorres@redhat.com>
2022-05-24 13:00:27 +02:00
Antonio Torres
39a61df66f Avoid segfault when trying to use MD4 with legacy provider disabled
OpenSSL legacy provider should be enabled in order to use MD4 algorithm.

Related: #1978216
Signed-off-by: Antonio Torres <antorres@redhat.com>
2022-01-13 14:08:53 +01:00
Antonio Torres
76fc6be83c Backport OpenSSL3 fixes
Backport TLS and OpenSSL3 fixes that will be included in FR 3.0.26.

Resolves: #1978216
Signed-off-by: Antonio Torres <antorres@redhat.com>
2022-01-11 19:56:28 +01:00