Migrating to a new server from 2.x to 3.0.4 CentOS 7

Thu Jul 2 04:58:42 CEST 2015

I think i’m still missing some OpenSSL Library?

Hmmm ok now getting the following: 

./configure --with-openssl-lib-dir=/usr/local/ssl/lib/ --with-openssl-include-dir=/usr/local/ssl/include/openssl/

[root at freeradius freeradius-server-3.0.8]# ls /usr/local/ssl/lib/
engines  libcrypto.a  libssl.a  pkgconfig
[root at freeradius freeradius-server-3.0.8]# ls /usr/local/ssl/include/openssl/
aes.h       blowfish.h  cmac.h      crypto.h   dso.h     ec.h      hmac.h      md4.h      obj_mac.h      pem2.h    rand.h    safestack.h  ssl23.h  symhacks.h   ui.h
asn1.h      bn.h        cms.h       des.h      dtls1.h   engine.h  idea.h      md5.h      ocsp.h         pem.h     rc2.h     seed.h       ssl2.h   tls1.h       whrlpool.h
asn1_mac.h  buffer.h    comp.h      des_old.h  ebcdic.h  e_os2.h   krb5_asn.h  mdc2.h     opensslconf.h  pkcs12.h  rc4.h     sha.h        ssl3.h   ts.h         x509.h
asn1t.h     camellia.h  conf_api.h  dh.h       ecdh.h    err.h     kssl.h      modes.h    opensslv.h     pkcs7.h   ripemd.h  srp.h        ssl.h    txt_db.h     x509v3.h
bio.h       cast.h      conf.h      dsa.h      ecdsa.h   evp.h     lhash.h     objects.h  ossl_typ.h     pqueue.h  rsa.h     srtp.h       stack.h  ui_compat.h  x509_vfy.h
[root at freeradius freeradius-server-3.0.8]#

CC src/modules/rlm_eap/libeap/eap_tls.c
In file included from src/modules/rlm_eap/libeap/eap_tls.c:46:0:
src/modules/rlm_eap/libeap/eap_tls.h:58:1: error: unknown type name ‘fr_tls_status_t’
 fr_tls_status_t eaptls_process(eap_handler_t *handler);
 ^
src/modules/rlm_eap/libeap/eap_tls.h:62:36: error: unknown type name ‘tls_session_t’
 int eaptls_request(EAP_DS *eap_ds, tls_session_t *ssn) CC_HINT(nonnull);
                                    ^
src/modules/rlm_eap/libeap/eap_tls.h:66:45: error: unknown type name ‘SSL’
 void eaptls_gen_mppe_keys(REQUEST *request, SSL *s, char const *prf_label);
                                             ^
src/modules/rlm_eap/libeap/eap_tls.h:67:28: error: unknown type name ‘SSL’
 void eapttls_gen_challenge(SSL *s, uint8_t *buffer, size_t size);
                            ^
src/modules/rlm_eap/libeap/eap_tls.h:68:48: error: unknown type name ‘SSL’
 void eaptls_gen_eap_key(RADIUS_PACKET *packet, SSL *s, uint32_t header);
                                                ^
src/modules/rlm_eap/libeap/eap_tls.h:102:1: error: unknown type name ‘tls_session_t’
 tls_session_t *eaptls_session(eap_handler_t *handler, fr_tls_server_conf_t *tls_conf, bool client_cert);
 ^
src/modules/rlm_eap/libeap/eap_tls.h:102:55: error: unknown type name ‘fr_tls_server_conf_t’
 tls_session_t *eaptls_session(eap_handler_t *handler, fr_tls_server_conf_t *tls_conf, bool client_cert);
                                                       ^
src/modules/rlm_eap/libeap/eap_tls.h:106:1: error: unknown type name ‘fr_tls_server_conf_t’
 fr_tls_server_conf_t *eaptls_conf_parse(CONF_SECTION *cs, char const *key);
 ^
src/modules/rlm_eap/libeap/eap_tls.c:64:1: error: unknown type name ‘tls_session_t’
 tls_session_t *eaptls_session(eap_handler_t *handler, fr_tls_server_conf_t *tls_conf, bool client_cert)
 ^
src/modules/rlm_eap/libeap/eap_tls.c:64:55: error: unknown type name ‘fr_tls_server_conf_t’
 tls_session_t *eaptls_session(eap_handler_t *handler, fr_tls_server_conf_t *tls_conf, bool client_cert)
                                                       ^
src/modules/rlm_eap/libeap/eap_tls.c: In function ‘eaptls_start’:
src/modules/rlm_eap/libeap/eap_tls.c:125:15: error: ‘FR_TLS_START’ undeclared (first use in this function)
  reply.code = FR_TLS_START;
               ^
src/modules/rlm_eap/libeap/eap_tls.c:125:15: note: each undeclared identifier is reported only once for each function it appears in
src/modules/rlm_eap/libeap/eap_tls.c:129:2: warning: implicit declaration of function ‘SET_START’ [-Wimplicit-function-declaration]
  reply.flags = SET_START(reply.flags);
  ^
src/modules/rlm_eap/libeap/eap_tls.c: In function ‘eaptls_success’:
src/modules/rlm_eap/libeap/eap_tls.c:143:2: error: unknown type name ‘tls_session_t’
  tls_session_t *tls_session = handler->opaque;
  ^
src/modules/rlm_eap/libeap/eap_tls.c:146:15: error: ‘FR_TLS_SUCCESS’ undeclared (first use in this function)
  reply.code = FR_TLS_SUCCESS;
               ^
src/modules/rlm_eap/libeap/eap_tls.c:152:2: warning: implicit declaration of function ‘tls_success’ [-Wimplicit-function-declaration]
  tls_success(tls_session, request);
  ^
src/modules/rlm_eap/libeap/eap_tls.c:162:17: error: request for member ‘prf_label’ in something not a structure or union
  if (tls_session->prf_label) {
                 ^
src/modules/rlm_eap/libeap/eap_tls.c:163:3: warning: implicit declaration of function ‘eaptls_gen_mppe_keys’ [-Wimplicit-function-declaration]
   eaptls_gen_mppe_keys(handler->request,
   ^
src/modules/rlm_eap/libeap/eap_tls.c:164:21: error: request for member ‘ssl’ in something not a structure or union
          tls_session->ssl, tls_session->prf_label);
                     ^
src/modules/rlm_eap/libeap/eap_tls.c:164:39: error: request for member ‘prf_label’ in something not a structure or union
          tls_session->ssl, tls_session->prf_label);
                                       ^
src/modules/rlm_eap/libeap/eap_tls.c:169:2: warning: implicit declaration of function ‘eaptls_gen_eap_key’ [-Wimplicit-function-declaration]
  eaptls_gen_eap_key(handler->request->reply, tls_session->ssl,
  ^
src/modules/rlm_eap/libeap/eap_tls.c:169:57: error: request for member ‘ssl’ in something not a structure or union
  eaptls_gen_eap_key(handler->request->reply, tls_session->ssl,
                                                         ^
src/modules/rlm_eap/libeap/eap_tls.c: In function ‘eaptls_fail’:
src/modules/rlm_eap/libeap/eap_tls.c:177:2: error: unknown type name ‘tls_session_t’
  tls_session_t *tls_session = handler->opaque;
  ^
src/modules/rlm_eap/libeap/eap_tls.c:180:15: error: ‘FR_TLS_FAIL’ undeclared (first use in this function)
  reply.code = FR_TLS_FAIL;
               ^
src/modules/rlm_eap/libeap/eap_tls.c:186:2: warning: implicit declaration of function ‘tls_fail’ [-Wimplicit-function-declaration]
  tls_fail(tls_session);
  ^
src/modules/rlm_eap/libeap/eap_tls.c: At top level:
src/modules/rlm_eap/libeap/eap_tls.c:205:36: error: unknown type name ‘tls_session_t’
 int eaptls_request(EAP_DS *eap_ds, tls_session_t *ssn)
                                    ^
src/modules/rlm_eap/libeap/eap_tls.c: In function ‘eaptls_send_ack’:
src/modules/rlm_eap/libeap/eap_tls.c:292:15: error: ‘FR_TLS_ACK’ undeclared (first use in this function)
  reply.code = FR_TLS_ACK;
               ^
src/modules/rlm_eap/libeap/eap_tls.c: At top level:
src/modules/rlm_eap/libeap/eap_tls.c:312:1: error: unknown type name ‘fr_tls_status_t’
 static fr_tls_status_t eaptls_verify(eap_handler_t *handler)
 ^
src/modules/rlm_eap/libeap/eap_tls.c: In function ‘eaptls_verify’:
src/modules/rlm_eap/libeap/eap_tls.c:355:4: warning: implicit declaration of function ‘tls_ack_handler’ [-Wimplicit-function-declaration]
    return tls_ack_handler(handler->opaque, request);
    ^
src/modules/rlm_eap/libeap/eap_tls.c:358:11: error: ‘FR_TLS_INVALID’ undeclared (first use in this function)
    return FR_TLS_INVALID;
           ^
src/modules/rlm_eap/libeap/eap_tls.c:365:2: warning: implicit declaration of function ‘TLS_START’ [-Wimplicit-function-declaration]
  if (TLS_START(eaptls_packet->flags)) {
  ^
src/modules/rlm_eap/libeap/eap_tls.c:383:2: warning: implicit declaration of function ‘TLS_LENGTH_INCLUDED’ [-Wimplicit-function-declaration]
  if (TLS_LENGTH_INCLUDED(eaptls_packet->flags)) {
  ^
src/modules/rlm_eap/libeap/eap_tls.c:386:3: warning: implicit declaration of function ‘TLS_MORE_FRAGMENTS’ [-Wimplicit-function-declaration]
   if (TLS_MORE_FRAGMENTS(eaptls_packet->flags)) {
   ^
src/modules/rlm_eap/libeap/eap_tls.c:399:12: error: ‘FR_TLS_FIRST_FRAGMENT’ undeclared (first use in this function)
     return FR_TLS_FIRST_FRAGMENT;
            ^
src/modules/rlm_eap/libeap/eap_tls.c:403:12: error: ‘FR_TLS_MORE_FRAGMENTS_WITH_LENGTH’ undeclared (first use in this function)
     return FR_TLS_MORE_FRAGMENTS_WITH_LENGTH;
            ^
src/modules/rlm_eap/libeap/eap_tls.c:407:11: error: ‘FR_TLS_LENGTH_INCLUDED’ undeclared (first use in this function)
    return FR_TLS_LENGTH_INCLUDED;
           ^
src/modules/rlm_eap/libeap/eap_tls.c:413:10: error: ‘FR_TLS_MORE_FRAGMENTS’ undeclared (first use in this function)
   return FR_TLS_MORE_FRAGMENTS;
          ^
src/modules/rlm_eap/libeap/eap_tls.c:420:9: error: ‘FR_TLS_OK’ undeclared (first use in this function)
  return FR_TLS_OK;
         ^
src/modules/rlm_eap/libeap/eap_tls.c: At top level:
src/modules/rlm_eap/libeap/eap_tls.c:457:72: error: unknown type name ‘fr_tls_status_t’
 static EAPTLS_PACKET *eaptls_extract(REQUEST *request, EAP_DS *eap_ds, fr_tls_status_t status)
                                                                        ^
src/modules/rlm_eap/libeap/eap_tls.c:628:1: error: unknown type name ‘fr_tls_status_t’
 static fr_tls_status_t eaptls_operation(fr_tls_status_t status,
 ^
src/modules/rlm_eap/libeap/eap_tls.c:628:41: error: unknown type name ‘fr_tls_status_t’
 static fr_tls_status_t eaptls_operation(fr_tls_status_t status,
                                         ^
src/modules/rlm_eap/libeap/eap_tls.c:724:1: error: unknown type name ‘fr_tls_status_t’
 fr_tls_status_t eaptls_process(eap_handler_t *handler)
 ^
src/modules/rlm_eap/libeap/eap_tls.c: In function ‘eaptls_process’:
src/modules/rlm_eap/libeap/eap_tls.c:726:2: error: unknown type name ‘tls_session_t’
  tls_session_t *tls_session = (tls_session_t *) handler->opaque;
  ^
src/modules/rlm_eap/libeap/eap_tls.c:726:32: error: ‘tls_session_t’ undeclared (first use in this function)
  tls_session_t *tls_session = (tls_session_t *) handler->opaque;
                                ^
src/modules/rlm_eap/libeap/eap_tls.c:726:47: error: expected expression before ‘)’ token
  tls_session_t *tls_session = (tls_session_t *) handler->opaque;
                                               ^
src/modules/rlm_eap/libeap/eap_tls.c:728:2: error: unknown type name ‘fr_tls_status_t’
  fr_tls_status_t status;
  ^
src/modules/rlm_eap/libeap/eap_tls.c:731:23: error: ‘FR_TLS_FAIL’ undeclared (first use in this function)
  if (!request) return FR_TLS_FAIL;
                       ^
src/modules/rlm_eap/libeap/eap_tls.c:734:2: warning: implicit declaration of function ‘SSL_set_ex_data’ [-Wimplicit-function-declaration]
  SSL_set_ex_data(tls_session->ssl, FR_TLS_EX_INDEX_REQUEST, request);
  ^
src/modules/rlm_eap/libeap/eap_tls.c:734:29: error: request for member ‘ssl’ in something not a structure or union
  SSL_set_ex_data(tls_session->ssl, FR_TLS_EX_INDEX_REQUEST, request);
                             ^
src/modules/rlm_eap/libeap/eap_tls.c:734:36: error: ‘FR_TLS_EX_INDEX_REQUEST’ undeclared (first use in this function)
  SSL_set_ex_data(tls_session->ssl, FR_TLS_EX_INDEX_REQUEST, request);
                                    ^
src/modules/rlm_eap/libeap/eap_tls.c:747:7: error: ‘FR_TLS_INVALID’ undeclared (first use in this function)
  case FR_TLS_INVALID:
       ^
src/modules/rlm_eap/libeap/eap_tls.c:756:7: error: ‘FR_TLS_SUCCESS’ undeclared (first use in this function)
  case FR_TLS_SUCCESS:
       ^
src/modules/rlm_eap/libeap/eap_tls.c:763:7: error: ‘FR_TLS_REQUEST’ undeclared (first use in this function)
  case FR_TLS_REQUEST:
       ^
src/modules/rlm_eap/libeap/eap_tls.c:764:3: warning: implicit declaration of function ‘eaptls_request’ [-Wimplicit-function-declaration]
   eaptls_request(handler->eap_ds, tls_session);
   ^
src/modules/rlm_eap/libeap/eap_tls.c:765:12: error: ‘FR_TLS_HANDLED’ undeclared (first use in this function)
   status = FR_TLS_HANDLED;
            ^
src/modules/rlm_eap/libeap/eap_tls.c:772:7: error: ‘FR_TLS_OK’ undeclared (first use in this function)
  case FR_TLS_OK:
       ^
src/modules/rlm_eap/libeap/eap_tls.c:778:7: error: ‘FR_TLS_FIRST_FRAGMENT’ undeclared (first use in this function)
  case FR_TLS_FIRST_FRAGMENT:
       ^
src/modules/rlm_eap/libeap/eap_tls.c:779:7: error: ‘FR_TLS_MORE_FRAGMENTS’ undeclared (first use in this function)
  case FR_TLS_MORE_FRAGMENTS:
       ^
src/modules/rlm_eap/libeap/eap_tls.c:780:7: error: ‘FR_TLS_LENGTH_INCLUDED’ undeclared (first use in this function)
  case FR_TLS_LENGTH_INCLUDED:
       ^
src/modules/rlm_eap/libeap/eap_tls.c:781:7: error: ‘FR_TLS_MORE_FRAGMENTS_WITH_LENGTH’ undeclared (first use in this function)
  case FR_TLS_MORE_FRAGMENTS_WITH_LENGTH:
       ^
src/modules/rlm_eap/libeap/eap_tls.c:788:2: warning: implicit declaration of function ‘eaptls_extract’ [-Wimplicit-function-declaration]
  if ((tlspacket = eaptls_extract(request, handler->eap_ds, status)) == NULL) {
  ^
src/modules/rlm_eap/libeap/eap_tls.c:788:17: warning: assignment makes pointer from integer without a cast [enabled by default]
  if ((tlspacket = eaptls_extract(request, handler->eap_ds, status)) == NULL) {
                 ^
src/modules/rlm_eap/libeap/eap_tls.c:804:18: error: request for member ‘record_plus’ in something not a structure or union
      (tls_session->record_plus)(&tls_session->dirty_in, tlspacket->data, tlspacket->dlen)) {
                  ^
src/modules/rlm_eap/libeap/eap_tls.c:804:45: error: request for member ‘dirty_in’ in something not a structure or union
      (tls_session->record_plus)(&tls_session->dirty_in, tlspacket->data, tlspacket->dlen)) {
                                             ^
src/modules/rlm_eap/libeap/eap_tls.c:821:2: warning: implicit declaration of function ‘SSL_is_init_finished’ [-Wimplicit-function-declaration]
  if (SSL_is_init_finished(tls_session->ssl)) {
  ^
src/modules/rlm_eap/libeap/eap_tls.c:821:38: error: request for member ‘ssl’ in something not a structure or union
  if (SSL_is_init_finished(tls_session->ssl)) {
                                      ^
src/modules/rlm_eap/libeap/eap_tls.c:835:17: error: request for member ‘peap_flag’ in something not a structure or union
      tls_session->peap_flag);
                 ^
src/modules/rlm_eap/libeap/eap_tls.c:841:3: warning: implicit declaration of function ‘tls_application_data’ [-Wimplicit-function-declaration]
   status = tls_application_data(tls_session, request);
   ^
src/modules/rlm_eap/libeap/eap_tls.c:848:2: warning: implicit declaration of function ‘eaptls_operation’ [-Wimplicit-function-declaration]
  status = eaptls_operation(status, handler);
  ^
src/modules/rlm_eap/libeap/eap_tls.c:851:29: error: request for member ‘ssl’ in something not a structure or union
  SSL_set_ex_data(tls_session->ssl, FR_TLS_EX_INDEX_REQUEST, NULL);
                             ^
src/modules/rlm_eap/libeap/eap_tls.c: In function ‘eaptls_compose’:
src/modules/rlm_eap/libeap/eap_tls.c:899:7: error: ‘FR_TLS_ACK’ undeclared (first use in this function)
  case FR_TLS_ACK:
       ^
src/modules/rlm_eap/libeap/eap_tls.c:900:7: error: ‘FR_TLS_START’ undeclared (first use in this function)
  case FR_TLS_START:
       ^
src/modules/rlm_eap/libeap/eap_tls.c:901:7: error: ‘FR_TLS_REQUEST’ undeclared (first use in this function)
  case FR_TLS_REQUEST:
       ^
src/modules/rlm_eap/libeap/eap_tls.c:904:7: error: ‘FR_TLS_SUCCESS’ undeclared (first use in this function)
  case FR_TLS_SUCCESS:
       ^
src/modules/rlm_eap/libeap/eap_tls.c:907:7: error: ‘FR_TLS_FAIL’ undeclared (first use in this function)
  case FR_TLS_FAIL:
       ^
src/modules/rlm_eap/libeap/eap_tls.c: At top level:
src/modules/rlm_eap/libeap/eap_tls.c:927:1: error: unknown type name ‘fr_tls_server_conf_t’
 fr_tls_server_conf_t *eaptls_conf_parse(CONF_SECTION *cs, char const *attr)
 ^
src/modules/rlm_eap/libeap/eap_tls.c: In function ‘eaptls_conf_parse’:
src/modules/rlm_eap/libeap/eap_tls.c:933:2: error: unknown type name ‘fr_tls_server_conf_t’
  fr_tls_server_conf_t *tls_conf;
  ^
src/modules/rlm_eap/libeap/eap_tls.c:968:2: warning: implicit declaration of function ‘tls_server_conf_parse’ [-Wimplicit-function-declaration]
  tls_conf = tls_server_conf_parse(tls_cs);
  ^
src/modules/rlm_eap/libeap/eap_tls.c:968:11: warning: assignment makes pointer from integer without a cast [enabled by default]
  tls_conf = tls_server_conf_parse(tls_cs);
           ^
src/modules/rlm_eap/libeap/eap_tls.c:976:14: error: request for member ‘fragment_size’ in something not a structure or union
  if (tls_conf->fragment_size < 100) {
              ^
src/modules/rlm_eap/libeap/eap_tls.c:987:14: error: request for member ‘fragment_size’ in something not a structure or union
  if (tls_conf->fragment_size > 4000) {
              ^
src/modules/rlm_eap/libeap/eap_tls.c:997:10: error: request for member ‘fragment_size’ in something not a structure or union
  tls_conf->fragment_size -= 10;
          ^
src/modules/rlm_eap/libeap/eap_tls.c: In function ‘eaptls_verify’:
src/modules/rlm_eap/libeap/eap_tls.c:421:1: warning: control reaches end of non-void function [-Wreturn-type]
 }
 ^
make: *** [build/objs/src/modules/rlm_eap/libeap/eap_tls.lo] Error 1
[root at freeradius freeradius-server-3.0.8]# ./configure --with-openssl-lib-dir=/usr/local/ssl/lib/ --with-openssl-include-dir=/usr/local/ssl/include/openssl/
> On Jul 1, 2015, at 6:44 PM, Kris Armstrong <kris.armstrong at me.com> wrote:
> 
> Looks like the 1.0.2c did not install the lib files?
> 
> root at freeradius /]# find -iname "openssl"
> ./etc/pki/ca-trust/extracted/openssl
> ./root/openssl
> ./usr/bin/openssl
> ./usr/lib64/openssl
> ./usr/local/ssl/bin/openssl
> ./usr/local/ssl/include/openssl
> ./usr/src/openssl-1.0.2c/apps/openssl
> ./usr/src/openssl-1.0.2c/include/openssl
> 
> 
>> On Jul 1, 2015, at 6:29 PM, Arran Cudbard-Bell <a.cudbardb at freeradius.org> wrote:
>> 
>> 
>>> On 1 Jul 2015, at 20:15, Kris Armstrong <kris.armstrong at me.com> wrote:
>>> 
>>> I’m not sure why its checking for openssl .0.9.7
>>> 
>>> Command Used
>>> /configure --with-openssl-lib-dir=/usr/src/openssl-1.0.2c/ --with-openssl-include-dir=/usr/src/openssl-1.0.2c/
>> 
>> Those would usually have lib/ and include/ on the end.
>> 
>> -Arran
>> 
>> Arran Cudbard-Bell <a.cudbardb at freeradius.org>
>> FreeRADIUS development team
>> 
>> FD31 3077 42EC 7FCD 32FE 5EE2 56CF 27F9 30A8 CAA2
>> 
>> -
>> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
> 
> 
> -
> List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html