radiusd: symbol lookup error: /usr/lib/rlm_eap_tls-2.1.3.so: undefined symbol

Alan DeKok aland at deployingradius.com
Mon Mar 16 08:37:07 CET 2009


Peter Param wrote:
> I did that and the SSL_CTX_ERROR message is now gone and radiusd runs
> successfully.   However it won't accept encrypted authentication requests:

  No... it can't set the right TLS settings to talk to LDAP.  There are
no "encrypted authenticated requests".

> rlm_ldap: (re)connect to secureldapcentral.stvincents.com.au:636, authentication
> 0
> rlm_ldap: setting TLS mode to 1
> rlm_ldap: could not set LDAP_OPT_X_TLS option Success
> rlm_ldap: setting TLS CACert File to certs/SVMHS_CA_SSL_Server.pem
> rlm_ldap: could not set LDAP_OPT_X_TLS_CACERTFILE option to
> certs/SVMHS_CA_SSL_Server.pem
> rlm_ldap: setting TLS Require Cert to never

  Hmm... I suspect there's an OpenSSL compatibility issue here.  i.e.
Since it worked with the default OpenSSL libraries on your system, the
obvious conclusion is that changing libraries broke it.  The obvious fix
is to not change libraries.

> I can authenticate to the ldap backend with an ldap client using port 636 but not
> with freeradius.

  <shrug> It has probably been statically linked to OpenSSL.

  Alan DeKok.



More information about the Freeradius-Users mailing list