Did you try RE-BUILDING the server when you only had one version of
OpenSSL installed?
I did that and the SSL_CTX_ERROR message is now gone and radiusd runs
successfully. However it won't accept encrypted authentication requests:
rlm_ldap: ldap_get_conn: Checking Id: 0
rlm_ldap: ldap_get_conn:
You have two different versions of OpenSSL installed.
I'm really stumped by this. I'm replaced the default debian openssl libraries
(as per... ldconfig -v | grep ssl) with openssl 0.9.8.j and am still getting the
pesky error, radiusd: symbol lookup error: /usr/lib/rlm_eap_tls-2.1.3.so:
You have two different versions of OpenSSL installed.
Thanks for that Alan.
I've blown everything away and started from scratch and installed openssl 0.98j
and used the following freeradius configuration:
./configure --bindir=/usr/bin \
--sbindir=/usr/sbin \
--sysconfdir=/etc \
This is a new installation using openssl0.98j and freeradius 2.1.3.
I get this error when running in debug mode: radiusd: symbol lookup error:
/usr/lib/rlm_eap_tls-2.1.3.so: undefined symbol: SSL_CTX_set_info_callback
prior to running in debug mode, I ran ./bootstrap under freeradius/certs
Thanks, i've got it working. Does it work by comparing the generated hash with
the hash in the ldap backend?
t...@kalik.net 23/02/2009 9:02 pm
Does freeradius support SHA hashed passwords (on ldap backend)?
Yes. This is documented in doc/rlm_ldap included with the server.
Ivan Kalik
Kalik
Does freeradius support SHA hashed passwords (on ldap backend)?
danhaw...@googlemail.com 20/02/2009 10:36 pm
Cool, thanks for the info Ivan. Will give it a go and report back
Thanks again
Dan
2009/2/20 t...@kalik.net:
# Can freeradius talk to the ldap box using TLS/SSL (ldaps)
Yes. See
Peter
thibault.lem...@supelec.fr 12/02/2009 9:04 pm
Peter Param a écrit :
Hi all,
I'm trying to authenticate to a LDAPS backend but failing. Any suggestions?
Is it an LDAP server answering on LDAPS connections (LDAP+SSL on port
636) or an LDAP server answering on LDAP connections
use start_tls=no fails also,
Maybe but keep it to no
did that, still fails with the same message
it seems to have a problem with the cert and/or cert directory:
rlm_ldap: attempting LDAP reconnection
rlm_ldap: (re)connect to ldap1.stvincents.com.au:636, authentication 0
rlm_ldap: setting
Hi all,
I'm trying to authenticate to a LDAPS backend but failing. Any suggestions?
My freeradius version:
—
radiusd: FreeRADIUS Version 2.1.1, for host i686-pc-linux-gnu, built on Nov 21
2008 at 07:54:33
My ldap module settings:
—---
ldap
Hi All,
I have been trying, unsuccessfully, to get a windows supplicant (as
shipped with Vista) to authenticate via freeradius/ldap. The
freeradius/ldap combo works well with the existing VPN authen/auth that
we have here on campus but not with EAP. I'm not sure what or where to
go from here
}/certs/random
#fragment_size = 1024
#include_length = yes
#check_crl = yes
#check_cert_cn = %{User-Name}
}
cheers
Peter
[EMAIL PROTECTED] 12/04/06 4:08 PM
Peter Param wrote:
dpkg
Hi all,
I'm using Linux debian 2.6.8-2-386 and I am unable to compile with
openssl libraries even tho openssl has been installed (separately).
configure: WARNING: silently not building rlm_eap_peap.
configure: WARNING: FAILURE: rlm_eap_peap requires: OpenSSL.
I downloaded the source for
Debian licensing prohibits the installation of openssl as part of its
packaging and hence why i downloaded the individual tarballs to work
around this issue.
[EMAIL PROTECTED] 12/04/06 11:12 AM
On Mon, Dec 04, 2006 at 10:50:42AM +1100, Peter Param said:
Hi all,
I'm using Linux debian
Thanks for clarifying the GPL vs Openssl license issue.
I did an apt-get install openssl but still no joy.
Stephen Gran [EMAIL PROTECTED] 12/04/06 11:30 AM
On Mon, Dec 04, 2006 at 11:19:24AM +1100, Peter Param said:
Debian licensing prohibits the installation of openssl as part of its
is this from the orginal 1.1.3 freeradius tarball or do you mean I
should apt-get freeradius as well?
./configure [no parameters] output as follows:
checking for gcc... gcc
checking for C compiler default output file name... a.out
checking whether the C compiler works... yes
checking whether
oops my mail client truncated the text! Attached is the output of
configure.
cheers
Pete
Stephen Gran [EMAIL PROTECTED] 12/04/06 12:04 PM
On Mon, Dec 04, 2006 at 11:44:56AM +1100, Peter Param said:
Thanks for clarifying the GPL vs Openssl license issue.
I did an apt-get install openssl
what configure flags should I pass to allow for rlm_eap ...i thought
the defaults should work?
Stephen Gran [EMAIL PROTECTED] 12/04/06 1:17 PM
On Mon, Dec 04, 2006 at 12:13:59PM +1100, Peter Param said:
is this from the orginal 1.1.3 freeradius tarball or do you mean I
should apt-get
libsasl2-dev libiodbc2-dev libkrb5-dev snmp
libsnmp9-dev | libsnmp5-dev | libsnmp4.2-dev libpq-dev | postgresql-dev
libssl-dev
dpkg-buildpackage: Build dependencies/conflicts unsatisfied; aborting.
dpkg-buildpackage: (Use -d flag to override.)
cheers
Peter
[EMAIL PROTECTED] 12/04/06 1:27 PM
Peter
The following hasn't worked for me either:
./configure --with-openssl-includes=/usr/local/ssl/include/
--with-openssl-libraries=/usr/local/ssl/lib/
cheers
Peter
Stephen Gran [EMAIL PROTECTED] 12/04/06 1:42 PM
On Mon, Dec 04, 2006 at 01:22:56PM +1100, Peter Param said:
what configure flags
no good. when I configure with:
./configure --with-openssl-includes=/usr/local/ssl
--with-openssl-libraries=/usr/local/ssl
cheers
Peter
Stephen Gran [EMAIL PROTECTED] 12/04/06 1:42 PM
On Mon, Dec 04, 2006 at 01:22:56PM +1100, Peter Param said:
what configure flags should I pass to allow
hi all,
I'm trying to install FR onto a new box but am getting errors during
make. I using Linux debian 2.6.8-2-386.
./configure --with-openssl-libraries=/usr/local/ssl/include/openssl/
--with-rlm-perl-lib-dir=/usr/lib/perl/ --with-snmp=no
errors during make:
*** Warning: Linking the shared
ah yes. Thanks it worked.
[EMAIL PROTECTED] 12/01/06 11:21 AM
On Fri, Dec 01, 2006 at 10:06:07AM +1100, Peter Param said:
hi all,
I'm trying to install FR onto a new box but am getting errors during
make. I using Linux debian 2.6.8-2-386.
./configure --with-openssl-libraries=/usr
hi all,
is it possible to have multiple ldap servers for lookup for redundancy
purposes in a similar way below?
ldap {
server = ldap1.myorg.com, ldap2.myorg.com,
ldap3.myorg.com
login= cn=admin,o=myorg,c=au
password = mypass
}
hey all,
I would like to have multiple search contexts to get around ambiguous
search results due to duplicate object names found in branches under the
same basedn = ou=darlinghurst,ou=nsw,o=myorg,c=au
For instance, I would like to search
ou=people,ou=darlinghurst,ou=nsw,o=myorg,c=au
multiple 'ldap { }' in radiusd.conf?
cheers
Peter
[EMAIL PROTECTED] 11/13/06 11:49 AM
Peter Param wrote:
hey all,
I would like to have multiple search contexts to get around ambiguous
search results due to duplicate object names found in branches under
the
same basedn = ou=darlinghurst
hey,
I've got Cisco-AVPair for an ldap.attrmap entry and it works ...but
unfortunately only for the first occurence of that attribute from the
LDAP schema (it will pick the first in the schema). How do I map and
return four Cisco-AVPair entries? Is there a particular multiline
separator that I
26 matches
Mail list logo