[RADIATOR] RADSEC error after upgrade from Radiator 4.3.1 to Radiator 4.4

Patrick Renkens p.renkens at uci.ru.nl
Wed Sep 9 09:25:30 CDT 2009


Hi Heikki,

Thanks for your quick response.
I used the latest patch-file, downloaded it today.

Kind regards,
Patrick Renkens
  Centre for Information Services (UCI)
  Radboud University Nijmegen, Netherlands


Heikki Vatiainen schreef:
> Patrick Renkens wrote:
> 
>> Today I upgraded Radiator from 4.3.1 to 4.4 on a SUN Solaris 5.9 system.
>> After the upgrade the RADSEC connection over IPv6 did not work properly
>> any more. See a piece of the logging below.
>> No changes were made to the config files.
>> I know that Net_SSLeay.pm is a module that can be a pain in the neck, we
>> use version 1.30.
> 
> Do you have the latest patch set for 4.4 applied?
> 
> I was working on RadSec configuration on june-july and noticed also some
> problems with 4.4 that was not patched. One of the problem was with
> certificate verification.
> 
> From the debug it looks like you have at least some of the patches
> installed (looks familiar :), but the interesting parts have been cut away.
> 
> If you are patched to the latest, please see TLS_ExpectedPeerName for
> both Server and AuthBy RADSEC. On one it is unspecified, and on the
> other it defaults to .+, i.e., allow any.
> 
> In summary my advice is to check the above keywords and check the
> "Certificate verification" chapters for both Server and AuthBy RADSEC.
> The verification works a bit differently between them, but with the
> latest patches it should work as documented.
> 
>> I had to revert to 4.3.1 to make things work again (without changing
>> config files).
>>
>> Any help is appreciated.
> 
> I hope this helps!
> 





More information about the radiator mailing list