Description of problem: Freeradius before 1.1.4 sends empty ACKs to clients when using EAP_TLS (and things layerd on that). Most clients don't mind but apparently Vista does. Version-Release number of selected component (if applicable): 1.1.3 How reproducible: Apparently 100%... Steps to Reproduce: 1. connect to something authenticated by freeradius using PEAP from a Windows Vista client 2. 3. Actual results: Fails to authenticate Expected results: Authenticate corectly. Additional info: The one line patch was included in freeradius-1.1.4 and appears to fix the problem so e.g. upgrading to the newer version would also fix it. The URL above contains the patch, or you can look at: http://lists.cistron.nl/pipermail/freeradius-users/2006-November/thread.html#58500 for the thread if you prefer that view.
transferred from Thomas Woerner to John Dennis, requested by Steve Grubb.
This request was evaluated by Red Hat Product Management for inclusion in a Red Hat Enterprise Linux maintenance release. Product Management has requested further review of this request by Red Hat Engineering, for potential inclusion in a Red Hat Enterprise Linux Update release for currently deployed products. This request is not yet committed for inclusion in an Update release.
Ping. Jonathan, if we provided you an updated test rpm, would you be able to test it to verify the fix it correctly in place?
Not easily at the moment. The only freeradius servers we have are currently either very much older than this running on EL3 (yes I know), or built from more recent source to avoid this particular issue and include a couple of other bug fixes which looked reasonably important. I must admit that I'd assumed it just wasn't going to be fixed until RHEL-6 or whenever freeradius was next updated to a new version... -- Jon
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHBA-2008-0845.html