> Achim Friedland wrote:
>
> > I configured my iBook for the airport the same way like for
> the CISCO
> > AP, so I don't think it's a problem at the client. I'm using
> > freeradius-1.0.2 on debian unstable from tarball because of the
> > strange tls-bindings in the offical debian package...
I haven't checked this out on the one in testing, but this might be
your problem.
I just re-read your question. You state your using the Tarball, so I'm
pretty sure the rest of my message doesn't apply( it applies to
binaries). But just in case... I'll post it anyways.
NOTE: I'm cut/pasting someone else's BugLog. I am not the person who's
signature is at the bottom.
>From the Debian Freeradius Changelog
* Deleted RFCs: 2243 2289 2433 2548 2618 2616 2620 2621
2719 2759 2809 2865 2866 2867 2868 2869 2882 2924 3162
from source tarball due to non-DFSG-free copyright.
* Disabled PostgreSQL, x.99 token, EAP/TLS, Kerberos, LDAP
and SNMP agent support due to OpenSSL/GPL conflict.
>From Bug Reports:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=266229
> There is no freeradius package available with the eap/tls module.
That's correct, since the EAP/TLS module depends on OpenSSL but is
released under the GPL. As such, Debian cannot distribute this EAP
module in a binary form.
You may build yourself a copy from the upstream sources, if you so
wish.
> Why the hell nowhere at freeradius.org is this mentioned ?
The FreeRADIUS website does not distribute binaries, so it's not an
issue for them. And of course, if they did, they own the copyright on
the GPL'd code, so they are free to distribute a binary in any fashion
they see fit, should it come to it.
I'll leave this bug open, for the record's sake, and tag it 'help' in
case someone feels like making a gnuTLS patch for FreeRADIUS...
Just to reiterate, I'm looking for help converting (or even a useful
guide to doing so... Google was singularly unhelpful last time I looked)
the eap/TLS (or eap/Peap for that matter) module to use GnuTLS.
Given the code changes, I can massage them to not break the usage of
OpenSSL in the configure scripts if needed. I just found the GnuTLS
instructions really hard to read.
--
Paul "TBBle" Hampson, [EMAIL PROTECTED]
7th year CompSci/Asian Studies student, ANU
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
