Unverified Commit 90109c9c authored by Jonathan's avatar Jonathan Committed by GitHub
Browse files

Merge pull request #215 from camptocamp/allow_vuln_ssl

improvment: add a new parameter to allow the use of vulnerable SSL/TLS
parents 0ddb4d14 3b91c4d3
Loading
Loading
Loading
Loading
+3 −0
Original line number Diff line number Diff line
@@ -138,6 +138,9 @@ Add a syslog rule (using the `saz/rsyslog` module). Default: `false`.
##### `log_auth`
Log authentication requests (yes/no). Default: `no`.

##### `allow_vulnerable_openssl`
Allow the server to start with versions of OpenSSL known to have critical vulnerabilities. (yes/no). Default: `yes`.

##### `package_ensure`
Choose whether the package is just installed and left (`installed`), or updated every Puppet run (`latest`). Default: `installed`

+1 −0
Original line number Diff line number Diff line
@@ -17,6 +17,7 @@ class freeradius (
  Boolean $syslog                                              = false,
  String $syslog_facility                                      = 'daemon',
  Freeradius::Boolean $log_auth                                = 'no',
  Freeradius::Boolean $allow_vulnerable_ssl                    = 'yes',
  Boolean $preserve_mods                                       = true,
  Boolean $correct_escapes                                     = true,
  Boolean $manage_logpath                                      = true,
+1 −1
Original line number Diff line number Diff line
@@ -574,7 +574,7 @@ security {
	#  and may not reflect patches applied to libssl by
	#  distribution maintainers.
	#
	allow_vulnerable_openssl = yes
  allow_vulnerable_openssl = <%= @allow_vulnerable_openssl%>
}

# PROXY CONFIGURATION