Re: [PacketFence-users] openssl wrong version in radiusd

Fri, 12 Sep 2014 05:44:18 -0700 

Hello,

Can you make sure you have the following line

allow_vulnerable_openssl = yes

Under the security context of the conf/radiusd/radiusd.conf file ?

Also, please note that this file is a template generating the one under raddb/ 
so once you’ll do the change, make sure to run /usr/local/pf/bin/pfcmd service 
radiusd restart to regenerate the file under raddb/. After then, feel free to 
stop the radius server and retry debugging mode.

Cheers!
dw.

—
Derek Wuelfrath
[email protected] :: www.inverse.ca
+1.514.447.4918 (x110) :: +1.866.353.6153 (x110)
Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence 
(www.packetfence.org)

On Sep 12, 2014, at 4:13, Алексей <[email protected]> wrote:

> Hi.
> Sorry for noobs questions. i am new to this system.
> I am running command via ssh: radius -X for test Radius and I got this output 
> error at the end:
> Refusing to start with libssl version OpenSSL 1.0.1e-fips 11 Feb 2013 (in 
> range 1.0.1 - 1.0.1f).  Security advisory CVE-2014-0160 (Heartbleed)
> For more information see http://heartbleed.com
> 
> Service packetfence status returns this output:
> [root@localhost ~]# service packetfence status
> service|shouldBeStarted|pid
> dhcpd|1|2943
> httpd.admin|1|2922
> httpd.portal|1|2952
> httpd.proxy|0|0
> httpd.webservices|1|3015
> iptables|1|-1
> memcached|1|2912
> pfbandwidthd|0|0
> pfdetect|0|0
> pfdhcplistener|1|3060 3059
> pfdns|1|3065
> pfmon|1|3069
> pfsetvlan|1|3076
> radiusd|1|3087
> snmptrapd|1|3072
> snort|0|0
> suricata|0|0  
> 
> But i have newest version of OpenSSL.
> [root@localhost ~]# openssl version
> OpenSSL 1.0.1g 7 Apr 2014
> 
> What I miss?
> ------------------------------------------------------------------------------
> Want excitement?
> Manually upgrade your production database.
> When you want reliability, choose Perforce
> Perforce version control. Predictably reliable.
> http://pubads.g.doubleclick.net/gampad/clk?id=157508191&iu=/4140/ostg.clktrk_______________________________________________
> PacketFence-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/packetfence-users


------------------------------------------------------------------------------
Want excitement?
Manually upgrade your production database.
When you want reliability, choose Perforce
Perforce version control. Predictably reliable.
http://pubads.g.doubleclick.net/gampad/clk?id=157508191&iu=/4140/ostg.clktrk
_______________________________________________
PacketFence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users

Reply via email to