[RADIATOR] RADSEC error after upgrade from Radiator 4.3.1 to Radiator 4.4
Patrick Renkens
p.renkens at uci.ru.nl
Wed Sep 9 09:25:30 CDT 2009
Hi Heikki,
Thanks for your quick response.
I used the latest patch-file, downloaded it today.
Kind regards,
Patrick Renkens
Centre for Information Services (UCI)
Radboud University Nijmegen, Netherlands
Heikki Vatiainen schreef:
> Patrick Renkens wrote:
>
>> Today I upgraded Radiator from 4.3.1 to 4.4 on a SUN Solaris 5.9 system.
>> After the upgrade the RADSEC connection over IPv6 did not work properly
>> any more. See a piece of the logging below.
>> No changes were made to the config files.
>> I know that Net_SSLeay.pm is a module that can be a pain in the neck, we
>> use version 1.30.
>
> Do you have the latest patch set for 4.4 applied?
>
> I was working on RadSec configuration on june-july and noticed also some
> problems with 4.4 that was not patched. One of the problem was with
> certificate verification.
>
> From the debug it looks like you have at least some of the patches
> installed (looks familiar :), but the interesting parts have been cut away.
>
> If you are patched to the latest, please see TLS_ExpectedPeerName for
> both Server and AuthBy RADSEC. On one it is unspecified, and on the
> other it defaults to .+, i.e., allow any.
>
> In summary my advice is to check the above keywords and check the
> "Certificate verification" chapters for both Server and AuthBy RADSEC.
> The verification works a bit differently between them, but with the
> latest patches it should work as documented.
>
>> I had to revert to 4.3.1 to make things work again (without changing
>> config files).
>>
>> Any help is appreciated.
>
> I hope this helps!
>
More information about the radiator
mailing list