Jason Haar <[EMAIL PROTECTED]> wrote: > ..a bit off topic - but "large" certificates in general seem to be a problem > with all sorts of SSL apps.
I'm not surprised. I've run FreeRADIUS under 'valgrind', to catch buffer overflows, and reading uninitialized memory. Without any SSL code, it's fine. With OpenSSL (EAP-TLS, etc), there are tens of thousands of error messages. And when compiling FreeRADIUS against OpenSSL, there are large amounts of warnings about the broken SSL headers. I'm amazed that the SSL code works at *all*. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html