Freeradius --with-udpfromto --disable-static on OS X 10.7

YJZ vollkommen at gmx.net
Mon Mar 5 00:39:12 CET 2012


Hello,

1. I have been compiling Freeradius 3.0.0 or Freeradius 2.x with the --with-udpfromto flag, until very recently always on Mac OS X 10.4.11. Now I find OS X 10.7 (Lion) "no longer defines SOL_IP for {get,set}sockopt()" as described at http://trac.macports.org/ticket/30403. Inserting the following diff into ./src/lib/udpfromto.c does the trick of getting Freeradius 3.x and 2.x to compile.

--- ./src/lib/udpfromto.c.orig	2012-03-03 00:02:11.000000000 -0800
+++ ./src/lib/udpfromto.c	2012-03-03 00:28:31.000000000 -0800
@@ -49,6 +49,14 @@ RCSID("$Id$")
 #include <fcntl.h>
 
 /*
+ * Does this platform define SOL_IP
+ * or only bsd-style IPPROTO_IP ?
+ */
+#ifndef SOL_IP
+#define SOL_IP IPPROTO_IP
+#endif
+
+/*
  * glibc 2.4 and uClibc 0.9.29 introduce IPV6_RECVPKTINFO etc. and
  * change IPV6_PKTINFO This is only supported in Linux kernel >=
  * 2.6.14

It appears Apple's Freeradius build ((http://opensource.apple.com/source/freeradius/freeradius-32/Makefile) doesn't use --with-udpfromto, so it doesn't need this workaround.


2. After adopting some of ./configure flags Apple used in its Makefile, I notice the --disable-static one makes Freeradius compile without spitting out the huge number of deprecation warnings concerning OpenSSL, OpenDirectory, and UTMP pasted below. The OpenSSL deprecation was discussed at http://stackoverflow.com/questions/7406946/why-is-apple-depricating-openssl-in-macos-10-7-lion and http://ludovicrousseau.blogspot.com/2011/08/mac-os-x-lion-and-openssl.html, apparently because Apple is moving to replace it with its own Common Crypto framework. 

I'm wondering if the Freeradius components utilizing those functions really get built successlly, with or without --disable-static, given the numerous deprecation warnings:

CC eap_tls.c
eap_tls.c: In function 'eaptls_operation':
eap_tls.c:642: warning: 'SSL_state' is deprecated (declared at /usr/include/openssl/ssl.h:1581)
eap_tls.c: In function 'eaptls_process':
eap_tls.c:696: warning: 'SSL_set_ex_data' is deprecated (declared at /usr/include/openssl/ssl.h:1586)
eap_tls.c:783: warning: 'SSL_state' is deprecated (declared at /usr/include/openssl/ssl.h:1581)
eap_tls.c:813: warning: 'SSL_set_ex_data' is deprecated (declared at /usr/include/openssl/ssl.h:1586)
CC mppe_keys.c
mppe_keys.c: In function 'P_hash':
mppe_keys.c:63: warning: 'HMAC_CTX_init' is deprecated (declared at /usr/include/openssl/hmac.h:90)
mppe_keys.c:64: warning: 'HMAC_CTX_init' is deprecated (declared at /usr/include/openssl/hmac.h:90)
<snipped>
mppe_keys.c:98: warning: 'HMAC_CTX_cleanup' is deprecated (declared at /usr/include/openssl/hmac.h:91)
mppe_keys.c:99: warning: 'HMAC_CTX_cleanup' is deprecated (declared at /usr/include/openssl/hmac.h:91)
mppe_keys.c: In function 'PRF':
mppe_keys.c:112: warning: 'EVP_md5' is deprecated (declared at /usr/include/openssl/evp.h:662)
mppe_keys.c:113: warning: 'EVP_sha1' is deprecated (declared at /usr/include/openssl/evp.h:666)


CC rlm_eap_tls.c
rlm_eap_tls.c: In function 'eaptls_initiate':
rlm_eap_tls.c:177: warning: 'SSL_set_verify' is deprecated (declared at /usr/include/openssl/ssl.h:1385)
rlm_eap_tls.c:187: warning: 'SSL_set_ex_data' is deprecated (declared at /usr/include/openssl/ssl.h:1586)
rlm_eap_tls.c:188: warning: 'SSL_set_ex_data' is deprecated (declared at /usr/include/openssl/ssl.h:1586)
rlm_eap_tls.c:189: warning: 'SSL_set_ex_data' is deprecated (declared at /usr/include/openssl/ssl.h:1586)
rlm_eap_tls.c:190: warning: 'SSL_set_ex_data' is deprecated (declared at /usr/include/openssl/ssl.h:1586)
rlm_eap_tls.c:192: warning: 'SSL_set_ex_data' is deprecated (declared at /usr/include/openssl/ssl.h:1586)
rlm_eap_tls.c: In function 'eaptls_authenticate':
rlm_eap_tls.c:277: warning: 'SSL_get_ex_data' is deprecated (declared at /usr/include/openssl/ssl.h:1587)
LINK rlm_eap_tls.la rlm_eap_tls.lo rlm_eap_tls.c

peap.c: In function 'eappeap_process':
peap.c:768: warning: 'SSL_ctrl' is deprecated (declared at /usr/include/openssl/ssl.h:1496)
LINK rlm_eap_peap.la rlm_eap_peap.lo peap.lo rlm_eap_peap.c peap.c

CC rlm_eap_pwd.c
rlm_eap_pwd.c: In function 'eap_pwd_detach':
rlm_eap_pwd.c:95: warning: 'BN_CTX_free' is deprecated (declared at /usr/include/openssl/bn.h:407)
rlm_eap_pwd.c: In function 'eap_pwd_attach':
rlm_eap_pwd.c:124: warning: 'BN_CTX_new' is deprecated (declared at /usr/include/openssl/bn.h:403)
rlm_eap_pwd.c: In function 'free_session':
rlm_eap_pwd.c:143: warning: 'BN_free' is deprecated (declared at /usr/include/openssl/bn.h:468)
rlm_eap_pwd.c:144: warning: 'BN_free' is deprecated (declared at /usr/include/openssl/bn.h:468)
<snipped>
rlm_eap_pwd.c:553: warning: 'BN_num_bits' is deprecated (declared at /usr/include/openssl/bn.h:415)
rlm_eap_pwd.c:554: warning: 'BN_bn2bin' is deprecated (declared at /usr/include/openssl/bn.h:423)
CC eap_pwd.c
CC eap_pwd.c
eap_pwd.c: In function 'H_Init':
eap_pwd.c:68: warning: 'HMAC_Init' is deprecated (declared at /usr/include/openssl/hmac.h:96)
eap_pwd.c:68: warning: 'EVP_sha256' is deprecated (declared at /usr/include/openssl/evp.h:673)
eap_pwd.c: In function 'H_Update':
eap_pwd.c:74: warning: 'HMAC_Update' is deprecated (declared at /usr/include/openssl/hmac.h:99)
eap_pwd.c: In function 'H_Final':
eap_pwd.c:82: warning: 'HMAC_Final' is deprecated (declared at /usr/include/openssl/hmac.h:100)
eap_pwd.c:83: warning: 'HMAC_CTX_cleanup' is deprecated (declared at /usr/include/openssl/hmac.h:91)
<snipped>
eap_pwd.c:117: warning: 'HMAC_CTX_cleanup' is deprecated (declared at /usr/include/openssl/hmac.h:91)
eap_pwd.c: In function 'compute_password_element':
eap_pwd.c:164: warning: 'EC_GROUP_new_by_curve_name' is deprecated (declared at /usr/include/openssl/ec.h:189)
eap_pwd.c:169: warning: 'BN_new' is deprecated (declared at /usr/include/openssl/bn.h:417)
<snipped>
eap_pwd.c:301: warning: 'BN_free' is deprecated (declared at /usr/include/openssl/bn.h:468)
eap_pwd.c:302: warning: 'BN_free' is deprecated (declared at /usr/include/openssl/bn.h:468)
eap_pwd.c: In function 'compute_scalar_element':
eap_pwd.c:316: warning: 'BN_new' is deprecated (declared at /usr/include/openssl/bn.h:417)
eap_pwd.c:317: warning: 'EC_POINT_new' is deprecated (declared at /usr/include/openssl/ec.h:204)
<snipped>
eap_pwd.c:330: warning: 'EC_POINT_mul' is deprecated (declared at /usr/include/openssl/ec.h:259)
eap_pwd.c:336: warning: 'EC_POINT_invert' is deprecated (declared at /usr/include/openssl/ec.h:248)
eap_pwd.c:343: warning: 'BN_free' is deprecated (declared at /usr/include/openssl/bn.h:468)
eap_pwd.c: In function 'process_peer_commit':
eap_pwd.c:356: warning: 'BN_new' is deprecated (declared at /usr/include/openssl/bn.h:417)
eap_pwd.c:357: warning: 'BN_new' is deprecated (declared at /usr/include/openssl/bn.h:417)
<snipped>
eap_pwd.c:441: warning: 'BN_free' is deprecated (declared at /usr/include/openssl/bn.h:468)
eap_pwd.c:442: warning: 'BN_free' is deprecated (declared at /usr/include/openssl/bn.h:468)
eap_pwd.c: In function 'compute_server_confirm':
eap_pwd.c:458: warning: 'BN_num_bits' is deprecated (declared at /usr/include/openssl/bn.h:415)
eap_pwd.c:459: warning: 'BN_new' is deprecated (declared at /usr/include/openssl/bn.h:417)
<snipped>
eap_pwd.c: In function 'compute_peer_confirm':
eap_pwd.c:593: warning: 'BN_num_bits' is deprecated (declared at /usr/include/openssl/bn.h:415)
eap_pwd.c:594: warning: 'BN_new' is deprecated (declared at /usr/include/openssl/bn.h:417)
<snipped>
eap_pwd.c:708: warning: 'BN_free' is deprecated (declared at /usr/include/openssl/bn.h:468)
eap_pwd.c:709: warning: 'BN_free' is deprecated (declared at /usr/include/openssl/bn.h:468)
eap_pwd.c: In function 'compute_keys':
eap_pwd.c:724: warning: 'BN_num_bits' is deprecated (declared at /usr/include/openssl/bn.h:415)
eap_pwd.c:735: warning: 'BN_num_bits' is deprecated (declared at /usr/include/openssl/bn.h:415)
<snipped>
eap_pwd.c:750: warning: 'BN_bn2bin' is deprecated (declared at /usr/include/openssl/bn.h:423)
eap_pwd.c:751: warning: 'BN_num_bits' is deprecated (declared at /usr/include/openssl/bn.h:415)
eap_pwd.c:762: warning: pointer targets in passing argument 3 of 'eap_pwd_kdf' differ in signedness
LINK rlm_eap_pwd.la rlm_eap_pwd.lo eap_pwd.lo rlm_eap_pwd.c eap_pwd.c

CC rlm_eap_ttls.c
rlm_eap_ttls.c: In function 'eapttls_authenticate':
rlm_eap_ttls.c:208: warning: 'SSL_ctrl' is deprecated (declared at /usr/include/openssl/ssl.h:1496)

CC rlm_mschap.c
rlm_mschap.c:651: warning: no previous prototype for 'mschap_add_reply'
rlm_mschap.c: In function 'do_mschap_cpw':
rlm_mschap.c:899: warning: 'RC4_set_key' is deprecated (declared at /usr/include/openssl/rc4.h:84)
rlm_mschap.c:900: warning: 'RC4' is deprecated (declared at /usr/include/openssl/rc4.h:86)

CC opendir.c
opendir.c: In function 'getUserNodeRef':
opendir.c:65: warning: 'dsDataBufferAllocate' is deprecated (declared at /System/Library/Frameworks/DirectoryService.framework/Headers/DirServicesUtils.h:46)
opendir.c:73: warning: 'dsFindDirNodes' is deprecated (declared at /System/Library/Frameworks/DirectoryService.framework/Headers/DirServices.h:195)
<snipped>
opendir.c:390: warning: 'dsCloseDirNode' is deprecated (declared at /System/Library/Frameworks/DirectoryService.framework/Headers/DirServices.h:235)
opendir.c:392: warning: 'dsCloseDirService' is deprecated (declared at /System/Library/Frameworks/DirectoryService.framework/Headers/DirServices.h:92)
LINK rlm_mschap.la rlm_mschap.lo mschap.lo smbdes.lo opendir.lo rlm_mschap.c mschap.c smbdes.c opendir.c

rlm_unix.c: In function 'unix_accounting':
rlm_unix.c:417: warning: 'utmp' is deprecated (declared at /usr/include/utmp.h:96)

CC threads.c
threads.c: In function 'setup_ssl_mutexes':
threads.c:251: warning: 'OPENSSL_add_all_algorithms_noconf' is deprecated (declared at /usr/include/openssl/evp.h:828)
threads.c:254: warning: 'CRYPTO_num_locks' is deprecated (declared at /usr/include/openssl/crypto.h:415)
threads.c:260: warning: 'CRYPTO_num_locks' is deprecated (declared at /usr/include/openssl/crypto.h:415)
threads.c:264: warning: 'CRYPTO_set_id_callback' is deprecated (declared at /usr/include/openssl/crypto.h:425)
threads.c:265: warning: 'CRYPTO_set_locking_callback' is deprecated (declared at /usr/include/openssl/crypto.h:418)
threads.c: In function 'request_handler_thread':
threads.c:586: warning: 'ERR_clear_error' is deprecated (declared at /usr/include/openssl/err.h:278)
threads.c:648: warning: 'ERR_remove_state' is deprecated (declared at /usr/include/openssl/err.h:299)

CC cb.c
cb.c: In function 'cbtls_info':
cb.c:36: warning: 'SSL_get_ex_data' is deprecated (declared at /usr/include/openssl/ssl.h:1587)
cb.c:44: warning: 'SSL_state_string_long' is deprecated (declared at /usr/include/openssl/ssl.h:1419)
cb.c:57: warning: 'SSL_alert_type_string_long' is deprecated (declared at /usr/include/openssl/ssl.h:1536)
cb.c:57: warning: 'SSL_alert_desc_string_long' is deprecated (declared at /usr/include/openssl/ssl.h:1538)
cb.c:67: warning: 'SSL_want' is deprecated (declared at /usr/include/openssl/ssl.h:1352)
CC tls.c
tls.c: In function 'tls_new_client_session':
tls.c:108: warning: 'SSL_new' is deprecated (declared at /usr/include/openssl/ssl.h:1481)
tls.c:115: warning: 'SSL_set_msg_callback' is deprecated (declared at /usr/include/openssl/ssl.h:602)
<snipped>
tls.c:2377: warning: 'SSL_read' is deprecated (declared at /usr/include/openssl/ssl.h:1493)
tls.c:2385: warning: 'SSL_get_error' is deprecated (declared at /usr/include/openssl/ssl.h:1501)
CC tls_listen.c
tls_listen.c: In function 'tls_socket_recv':
tls_listen.c:191: warning: 'SSL_set_ex_data' is deprecated (declared at /usr/include/openssl/ssl.h:1586)
<snipped>
/usr/include/openssl/err.h:266)
tls_listen.c:614: warning: 'ERR_error_string' is deprecated (declared at /usr/include/openssl/err.h:279)



Best Regards,

Y.J. Zhang
-- 
Empfehlen Sie GMX DSL Ihren Freunden und Bekannten und wir
belohnen Sie mit bis zu 50,- Euro! https://freundschaftswerbung.gmx.de


More information about the Freeradius-Users mailing list