Hi Artur:
Thanks for your suggestions. I heartly appreciate
them.
The problem with SSL_set_msg_callback seems to be
fixed now. I installed the latest Beta version of the
openssl and /usr/local/lib/ldd rlm_eap_tls-0.7-pre.so
seems to give me libraries from this version of
openssl. I tried again with FreeRADIUS-0.7 and I get a
segmentation fault when it tries to process the TLS
request: (NOTE: PLEASE READ BELOW THE FOLLOWING LOG AS
WELL)
====================================================
Listening on IP address *, ports 1812/udp and
1813/udp, with proxy on 1814/udp.
Ready to process requests.
rad_recv: Access-Request packet from host
192.168.11.20:1047, id=23, length=122
User-Name = "adam-ctl"
NAS-IP-Address = 192.168.11.20
Called-Station-Id = "004096577e54"
Calling-Station-Id = "000809000097"
NAS-Identifier = "AP350"
NAS-Port = 29
Framed-MTU = 1400
NAS-Port-Type = Wireless-802.11
EAP-Message = "\002\035\000\r\001adam-ctl"
Message-Authenticator =
0x09cf6a42badba94b8978e30247cdd626
modcall: entering group authorize
modcall[authorize]: module "preprocess" returns ok
modcall[authorize]: module "eap" returns updated
rlm_realm: Looking up realm NULL for User-Name =
"adam-ctl"
rlm_realm: No such realm NULL
modcall[authorize]: module "suffix" returns noop
users: Matched adam-ctl at 97
modcall[authorize]: module "files" returns ok
modcall: group authorize returns updated
rad_check_password: Found Auth-Type EAP
auth: type "EAP"
modcall: entering group authenticate
rlm_eap: processing type tls
Segmentation fault
======================================================
I understand that there are a lot of bug-fixes within
FreeRadius 0.8 release and I should UPGRADE to the
same level. I tried to install freeradius-0.8 and it
gives me a parse error in unistd.h
===================================================
gmake[6]: Entering directory
`/tmp/freeradius-0.8/src/modules/rlm_unix'
/tmp/freeradius-0.8/libtool --mode=link
ld \
-module -static -g -O2 -D_REENTRANT
-D_POSIX_PTHREAD_SEMANTICS -Wall -D_GNU_SOURCE -g
-Wshadow -Wpointer-arith -Wcast-qual -Wcast-align
-Wwrite-strings -Wstrict-prototypes
-Wmissing-prototypes -Wmissing-declarations
-Wnested-externs -I../../include rlm_unix.o cache.o
compat.o -o rlm_unix.a
ar cru rlm_unix.a rlm_unix.o cache.o compat.o
ranlib rlm_unix.a
gmake[6]: Leaving directory
`/tmp/freeradius-snapshot-20021122/src/modules/rlm_unix'
Making static dynamic in rlm_x99_token...
gmake[6]: Entering directory
`/tmp/freeradius-snapshot-20021122/src/modules/rlm_x99_token'
gcc -g -O2 -D_REENTRANT -D_POSIX_PTHREAD_SEMANTICS
-Wall -D_GNU_SOURCE -g -Wshadow -Wpointer-arith
-Wcast-qual -Wcast-align -Wwrite-strings
-Wstrict-prototypes -Wmissing-prototypes
-Wmissing-declarations -Wnested-externs
-I../../include -DX99_MODULE_NAME=\"rlm_x99_token\"
-DFREERADIUS -c x99_site.c -o x99_site.o
In file included from ../../include/radiusd.h:19,
from x99_rad.h:25,
from x99.h:201,
from x99_site.c:37:
/usr/include/unistd.h:945: parse error before `('
/usr/include/unistd.h:945: parse error before
`__const'
gmake[6]: *** [x99_site.o] Error 1
gmake[6]: Leaving directory
`/tmp/freeradius-0.8/src/modules/rlm_x99_token'
gmake[5]: *** [common] Error 1
gmake[5]: Leaving directory
`/tmp/freeradius-0.8/src/modules'
gmake[4]: *** [all] Error 2
gmake[4]: Leaving directory
`/tmp/freeradius-0.8/src/modules'
gmake[3]: *** [common] Error 1
gmake[3]: Leaving directory
`/tmp/freeradius-0.8/src'
gmake[2]: *** [all] Error 2
gmake[2]: Leaving directory
`/tmp/freeradius-0.8/src'
gmake[1]: *** [common] Error 1
gmake[1]: Leaving directory
`/tmp/freeradius-0.8'
make: *** [all] Error 2
=================================================
--- Artur Hecker <[EMAIL PROTECTED]> wrote:
> nikhil:
>
>
> as i already said to you:
> - upgrade to the newest version, why do you still
> use the 0.7.1?
> - assure that the "old" openssl is not involved into
> the compilation
>
> your problem is evidently that the rlm_eap_tls used
> by freeradius is
> compiled to use the old openssl OR it uses this for
> unclear reasons.
> resolve it, don't wait for _the_ solution, simply
> try, play with your
> settings (after having upgraded), with your gcc
> config, your system
> config, etc.
>
> the old lib doesn't have this function, only the new
> beta versions have
> (for as far as i know). yours evidently don't.
> upgrade & recompile it.
>
> i'm sorry but it's a little bit hard to see what the
> exact problem is
> and to give you the sequence of commands which will
> result in correct
> behaviour, be administrator. you could write small
> test programs in C
> and compile those (simply a SSL_init() and then a
> call to this
> SSL_set_msg_callback() function). once your C test
> compiles correctly
> and executes without linker complaining (although
> the program can
> segfault completely, you don't care) you will
> probably know what's wrong
> now.
>
>
> ciao
> artur
>
>
> Nikhil Chauhan wrote:
> > Hi:
> >
> > Any more pointers on the same subject(please look
> at
> > the email thread) would be highly appreciated. My
> > radius log looks like this:
> >
> > root@tstpc11:/usr/sbin > run_radius -X -A >
> radius_log
> > + LD_LIBRARY_PATH=/usr/local/openssl/lib
> > + LD_PRELOAD=/usr/local/openssl/lib/libcrypto.so
> > + export LD_LIBRARY_PATH LD_PRELOAD
> > + /usr/local/sbin/radiusd -X -A
>
> ...
>
> > /usr/local/sbin/radiusd: error while loading
> shared
> > libraries: /usr/local/lib/rlm_eap_tls-0.7.1.so:
> > undefined symbol: SSL_set_msg_callback
>
>
> --
> Artur Hecker Groupe Acc�s et Mobilit�
> hecker[at]enst[dot]fr D�partement Informatique et
> R�seaux
> +33 1 45 81 7507 46, rue Barrault 75634 Paris cedex
> 13
> http://www.infres.enst.fr ENST Paris
>
>
> -
> List info/subscribe/unsubscribe? See
http://www.freeradius.org/list/users.html
__________________________________________________
Do you Yahoo!?
Yahoo! Mail Plus - Powerful. Affordable. Sign up now.
http://mailplus.yahoo.com
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
