Tunnel-Password length not multiple of 16

McWilliams, Rhys rhys.mcwilliams at cdk.com
Thu Apr 21 13:29:39 CEST 2016


> Yup, or build manually and install to /opt/freeradius on another server, then just copy all of /opt/freeradius over - saves messing with the installed RPM for a temporary check.

Okay, so I found a server running the same OS that had some of the dev tools and just had to install a few others that configure stopped for.
I compiled and installed to /opt/freeradius as suggested and then copied the folder to one of my new RADIUS servers and got all hopeful...

I ran "/opt/freeradius/sbin/radiusd -Xxx" and got a message about refusing to run with openssl ver 1.0.1e due to the heartbleed bug.
Again, openssl was installed from the RPM managed repository so can't upgrade it, but this server is not accessible from the public Internet so we don't really care about the heartbleed bug.
I did notice the output also showed to set "security.allow_vulnerable_openssl = 'CVE-2014-0160'" which I did and it then did not complain again about our version of openssl, thank you for including the option...

However, when I now run "/opt/freeradius/sbin/radiusd -Xxx" it errors with the following

Thu Apr 21 11:59:56 2016 : Debug: Loading rlm_digest with path: /usr/lib64/freeradius/rlm_digest.so
Thu Apr 21 11:59:56 2016 : Debug: Loading rlm_digest failed: /usr/lib64/freeradius/rlm_digest.so: undefined symbol: debug_flag - No access errors
Thu Apr 21 11:59:56 2016 : Debug: Loading library using linker search path(s)
Thu Apr 21 11:59:56 2016 : Debug: Defaults         : /lib:/usr/lib
Thu Apr 21 11:59:56 2016 : Debug: Loaded rlm_digest, checking if it's valid
Thu Apr 21 11:59:56 2016 : Debug:   # Loaded module rlm_digest
Thu Apr 21 11:59:56 2016 : Debug:   # Loading module "digest" from file /etc/raddb/mods-enabled/digest
Thu Apr 21 11:59:56 2016 : Debug: Loading rlm_dynamic_clients with path: /usr/lib64/freeradius/rlm_dynamic_clients.so
Thu Apr 21 11:59:56 2016 : Debug: Loaded rlm_dynamic_clients, checking if it's valid
Thu Apr 21 11:59:56 2016 : Error: /etc/raddb/mods-enabled/dynamic_clients[30]: Failed loading module rlm_dynamic_clients from file /usr/lib64/freeradius/rlm_dynamic_clients.so
Thu Apr 21 11:59:56 2016 : Error: /etc/raddb/mods-enabled/dynamic_clients[30]: Application and rlm_dynamic_clients magic number (version) mismatch.  application: 30011 module: 30004

I gather that's because it's looking in /usr/lib64/freeradius for the libraries instead of 3.11 verions in /opt/freeradius/lib
Is there an easy temporary way to get this verion to use /opt/freeradius/lib or should I just rename /usr/lib64/freeradius and then create a link to /opt/freeradius/lib ?

Rhys McWilliams





----------------------------------------------------------------------
This message and any attachments are intended only for the use of the addressee and may contain information that is privileged and confidential. If the reader of the message is not the intended recipient or an authorized representative of the intended recipient, you are hereby notified that any dissemination of this communication is strictly prohibited. If you have received this communication in error, notify the sender immediately by return email and delete the message and any attachments from your system.



More information about the Freeradius-Users mailing list