> From: McKay, Raymond > Sent: Monday, October 28, 2002 6:53 PM > > Lars, one more quick question for you. Adam's EAP/TLS howto > specified a > requirement to build two versions of openssl one stable, the other a > development snapshot for the rlm_eap module. Is that still > the case. If so > or if not, what version of openSSL sould I use to compile?
I think Adam's guide is a bit unclear about OpenSSL requirements. An openssl from the 0.9.7 series (currently in beta) or the development series is needed for the EAP/TLS support in freeradius. As far as I know the same openssl version can be used for the rest of your system too (including freeradius). Note that we haven't verified this, there are some API changes between 0.9.6 and 0.9.7 that could possibly be an issue but IMHO they are unlikely to be a problem for freeradius. The reason for not wanting to run a beta (or development series) openssl on a (production) system is obviously that it is potential security risk. Changing openssl version to one not sanctioned by the OS vendor is also typically non- trivial on most linux distributions; many critical packages in e.g. RedHat seem to have an openssl dependency. Best regards, Henrik -- Henrik Eriksson Senior Software Engineer Embedded Applications Axis Communications ABh - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
