radiusd -X solaris eap error

Thu May 14 01:09:24 CEST 2009

Hello again
I finally got the freeradius build 2.1.5 to initialize under SunOS 5.10
Generic_138889-02 i86pc i386 i86pc.
Here is the data

1.  Got mysql from blastwave via pkg-get
2.  Got openssl from blastwave via pk-get install openssl
3.  downloaded freeradius-server-2.1.4.tar.gz from freeradius.org
4.  tar -xvfz freeradius-server-2.1.4.tar.gz
5.  mv freeradius-server-2.1.4 /usr/src/freeradius
6.  cd /usr/src/freeradius
7.  ./configure --with-openssl-includes=/opt/csw/include/openssl
--with-openssl-libraries=/opt/csw/lib
8. gmake
9. gmake install
10. cd /usr/local/etc/raddb/certs

created the following openssl script from the Makefile

11. vi radss.sh

#!/bin/bash

#
# Diffie-Hellman parameters
#
openssl dhparam -out dh 1024

#
# Create a new self-signed CA certificate
#
openssl req -new -x509 -keyout ca.key -out ca.pem -days 3660 -config
./ca.cnf

openssl x509 -inform PEM -outform DER -in ca.pem -out ca.der

openssl req -new  -out server.csr -keyout server.key -config ./server.cnf

openssl ca -batch -keyfile ca.key -cert ca.pem -in server.csr  -key whatever
-out server.crt -extensions xpserver_ext -extfile xpextensions -config
./server.cnf

openssl pkcs12 -export -in server.crt -inkey server.key -out server.p12
-passin pass:whatever -passout pass:whatever

openssl pkcs12 -in server.p12 -out server.pem -passin pass:whatever -passout
pass:whatever

#
#Verify Server Certificate
#
openssl verify -CAfile ca.pem server.pem

#
#
#  Create a new client certificate, signed by the the above server
#  certificate.
#
#
openssl req -new  -out client.csr -keyout client.key -config ./client.cnf

openssl ca -batch -keyfile server.key -cert server.crt -in client.csr  -key
whatever -out client.crt -extensions xpclient_ext -extfile xpextensions
-config ./client.cnf

openssl pkcs12 -export -in client.crt -inkey client.key -out client.p12
-passin pass:whatever -passout pass:whatever

openssl pkcs12 -in client.p12 -out client.pem -passin pass:whatever -passout
pass:whatever

cp client.pem urugn at support.com.pem

12. chmod +x radssl
13 ./radssl

manually executed the following command thats included in the Makefile

14. date > ./random;

Finally ran radiusd -X

15. radiusd -X

Lots of debug with the following output

Listening on authentication address * port 1812
Listening on accounting address * port 1813
Listening on command file /usr/local/var/run/radiusd/radiusd.sock
Listening on proxy address * port 1814
Ready to process requests.

Well i think under solaris the auto build process is not finished hopefully
this will be fixed in the 2.1.6 release.
Next i will be interested in solaris router to act as the radius client.

One thing very confusing is solaris router a NAS/RAS and how can i get it to
authenticate LAN subnets to the radius?
Any info or links will be appreciated.

Thanks in advance.

On Wed, May 13, 2009 at 10:27 AM, Urugn <urugn.tony at gmail.com> wrote:

> Thanks Alan
>
> debud mode would be radiusd -x or radiusd -xx or the extendd debug mode
> radiusd -X
>
> i have tried radiusd -xx and still got the following error and the server
> does not start
>
> /usr/local/etc/raddb/certs/bootstrap: make: not found
> /usr/local/etc/raddb/certs/bootstrap: test: unknown operator ==
>
>
>
> On Tue, May 12, 2009 at 3:09 PM, Alan DeKok <aland at deployingradius.com>wrote:
>
>> tony at urugn.com wrote:
>> > Errors initializing modules
>> > I thot may be ad trace the problem and directly executed
>> > /usr/local/etc/raddb/certs/bootstrap Here is the output
>> > sh: test: argument expected
>> > *** Error code 1
>> > The following command caused the error:
>> > if [ -e /dev/urandom ] ; then \
>> >         dd if=/dev/urandom of=./random count=10 >/dev/null 2>&1; \ else
>> \
>> >         date > ./random; \
>> > fi
>> > make: Fatal error: Command failed for target `random'
>> > ./bootstrap: test: unknown operator ==
>>
>>   Just re-run the server in debug mode.  There's a typo in the script
>> that will be fixed in 2.1.6.
>>
>>  Alan DeKok.
>> -
>> List info/subscribe/unsubscribe? See
>> http://www.freeradius.org/list/users.html
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20090514/42f004eb/attachment.html>