CaROS/meta-openembedded
3
1
Fork 0
mirror of git://git.openembedded.org/meta-openembedded synced 2026-01-01 13:58:06 +00:00
Code Issues Packages Projects Releases Wiki Activity

freeradius: Fix service start error

Browse Source 
Following error occurred while starting this service.
 Error: tls: (TLS) Failed reading certificate file "/etc/raddb/certs/server.pem"
 Error: tls: (TLS) error:03000072:digital envelope routines::decode error
 Error: tls: (TLS) error:0A00018F:SSL routines::ee key too small
 Error: rlm_eap_tls: Failed initializing SSL context
 Error: rlm_eap (EAP): Failed to initialise rlm_eap_tls
 Error: /etc/raddb/mods-enabled/eap[14]: Instantiation failed for module "eap"

Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This commit is contained in:
Liu Yiding 2025-09-22 11:58:02 +08:00 committed by Khem Raj
parent 4c9349f0fd
commit 97376e916e
No known key found for this signature in database
GPG Key ID: BB053355919D3314
2 changed files with 34 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
meta-networking/recipes-connectivity/freeradius/files/0018-Fix-Service-start-error.patch Normal file
View File

@ -0,0 +1,33 @@
From e97ffc1f820beff12bb8084e6337168a1cd27540 Mon Sep 17 00:00:00 2001
From: Liu Yiding <liuyd.fnst@fujitsu.com>
Date: Sat, 20 Sep 2025 06:50:17 +0000
Subject: [PATCH] Fix Service start error
change "fips=no" to "-fips"
based on discussions with the OpenSSL developers in
https://github.com/FreeRADIUS/freeradius-server/issues/5631
Upstream-Status: Backport
https://github.com/FreeRADIUS/freeradius-server/commit/59e262f1134fef8d53d15ae963885a08c9ea8315
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
---
src/main/tls.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/main/tls.c b/src/main/tls.c
index 2a348eb9bb..02a4c24f70 100644
--- a/src/main/tls.c
+++ b/src/main/tls.c
@@ -3644,7 +3644,7 @@ int tls_global_init(TLS_UNUSED bool spawn_flag, TLS_UNUSED bool check)
CONF_modules_load_file(NULL, NULL, 0);
#if OPENSSL_VERSION_NUMBER >= 0x30000000L
- EVP_set_default_properties(NULL, "fips=no");
+ EVP_set_default_properties(NULL, "-fips");
#endif
/*
--
2.43.0

1
meta-networking/recipes-connectivity/freeradius/freeradius_3.2.7.bb
View File

@ -35,6 +35,7 @@ SRC_URI = "git://github.com/FreeRADIUS/freeradius-server.git;branch=v3.2.x;lfs=0
file://0015-bootstrap-check-commands-of-openssl-exist.patch \
file://0016-version.c-don-t-print-build-flags.patch \
file://0017-Add-acinclude.m4-to-include-required-macros.patch \
file://0018-Fix-Service-start-error.patch \
"
raddbdir = "${sysconfdir}/${MLPREFIX}raddb"