FreeRADIUS failing to build the rlm_eap_tls modules
joe
joe at joe-lewis.com
Thu Jan 25 05:00:46 UTC 2007
Hello, folks! (Thanks SO much David Wood! I owe you!)
I already have the solution, as assisted by the port maintainer
(David). However, I'm posting to this list to get the solution into the
archives so that if anyone else runs into this situation, there IS
something in the archives on it.
Situation:
I had a 5.1-RELEASE server that was upgraded to a 5.3-RELEASE, and then
to 6.2-RELEASE this past weekend (and also used cvsup to update the
ports collection). At that point, I tried installing a new port (not an
upgrade) of FreeRADIUS 1.1.4. The port successfully built, and
started. But when I tried to configure and use EAP-TLS, I got errors
about the rlm_eap_tls.so extension not being found. I rebuilt the port
by patching the source by hand, and running the configure line from the
config.log file. In the process of the ./configure script, there were
many lines such as :
configure: WARNING: silently not building rlm_eap_peap.
configure: WARNING: FAILURE: rlm_eap_peap requires: OpenSSL.
and
configure: WARNING: silently not building rlm_eap_tls.
configure: WARNING: FAILURE: rlm_eap_tls requires: OpenSSL.
That obviously is going to not compile the extensions that I needed. As
per the maintainer's suggestion, I ran a portsnap, which brought the
port revision to 1.1.4_1 for FreeRADIUS. This exhibited the same situation.
Solution:
I ended up removing the openssl-0.9.7d package (I don't know if it was
from the 5.1 or 5.3 systems as a carry over), and installing the
security/openssl port. At that point, the FreeRADIUS package built
perfectly fine.
Notes:
If anyone finds that the rlm_eap_?tls or rlm_eap_peap modules are not
building, make sure your OpenSSL port is up-to-date!
Joe
More information about the freebsd-questions
mailing list