New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Request for OpenBSD Patch - to fix LibreSSL Support in FreeRADIUS 3.0.x/4.0.x #2012

Closed
reubenfarrelly opened this Issue Jun 29, 2017 · 2 comments

Comments

Projects
None yet
2 participants
@reubenfarrelly

reubenfarrelly commented Jun 29, 2017

FreeRADIUS 3.0.14 does not currently build with LibreSSL 2.5.4. The build fails to compile on Gentoo x86_64 - however I don't think this is a Gentoo specific problem.

Executing: /bin/sh -c x86_64-pc-linux-gnu-gcc -c -MD -I. -Isrc -include src/freeradius-devel/autoconf.h -include src/freeradius-devel/build.h -include src/freeradius-devel/features.h -include src/freeradius-devel/radpaths.h -fno-strict-aliasing -O2 -pipe -march=native -mtune=native -Wall -std=c99 -D_GNU_SOURCE -D_REENTRANT -D_POSIX_PTHREAD_SEMANTICS -DOPENSSL_NO_KRB5 -DNDEBUG -DIS_MODULE=1 -DBUILT_WITH_CPPFLAGS="" -DBUILT_WITH_CFLAGS="-I.\ -Isrc\ -include\ src/freeradius-devel/autoconf.h\ -include\ src/freeradius-devel/build.h\ -include\ src/freeradius-devel/features.h\ -include\ src/freeradius-devel/radpaths.h\ -fno-strict-aliasing\ -O2\ -pipe\ -march=native\ -mtune=native\ -Wall\ -std=c99\ -D_GNU_SOURCE\ -D_REENTRANT\ -D_POSIX_PTHREAD_SEMANTICS\ -DOPENSSL_NO_KRB5\ -DNDEBUG\ -DIS_MODULE=1" -DBUILT_WITH_LDFLAGS="\ -Wl,-O1\ -Wl,--as-needed" -DBUILT_WITH_LIBS="-lcrypto\ -lssl\ -ltalloc\ -lpcre\ -lcap\ -lnsl\ -lresolv\ -ldl\ -lpthread\ -lreadline" src/main/conffile.c -fPIC -o build/objs/src/main/conffile.o
src/main/tls.c: In function ‘tls_init_ctx’:
src/main/tls.c:3046:9: warning: implicit declaration of function ‘RAND_load_fil ’; did you mean ‘CONF_load_bio’? [-Wimplicit-function-declaration]
if (!(RAND_load_file(conf->random_file, 1024*10))) {
^~~~~~~~~~~~~~
CONF_load_bio
src/main/tls.c: In function ‘tls_server_conf_parse’:
src/main/tls.c:3172:10: error: ‘fr_tls_server_conf_t {aka struct fr_tls_server_conf_t}’ has no member named ‘psk_identity’
if (conf->psk_identity) {
^~
make: *** [scripts/boiler.mk:635: build/objs/src/main/tls.lo] Error 1

The OpenBSD ports tree contains a patch to fix this problem on OpenBSD but it applies and resolves the problem on Linux too. The URL for this patch is:

https://raw.githubusercontent.com/openbsd/ports/master/net/freeradius3/patches/patch-src_main_tls_c

The FreeRADIUS 4.0.x tree fails to compile in the same way so the patch should be applied there as well.
There are probably some other patches that could/should be integrated from ports:

https://github.com/openbsd/ports/tree/master/net/freeradius3/patches

Can the OpenBSD LibreSSL patch please be pulled in by upstream so that LibreSSL can once again be used to build FreeRADIUS?

I have tested this patch myself and it resolves the problem - and I now have a working and stable FreeRADIUS service up and running.

@alandekok alandekok added the v4.0.x label Jun 29, 2017

@alandekok

This comment has been minimized.

Show comment
Hide comment
@alandekok

alandekok Jun 29, 2017

Member

I've pulled the patches over for 3.0.x. I'll do the v4 changes in a bit.

Member

alandekok commented Jun 29, 2017

I've pulled the patches over for 3.0.x. I'll do the v4 changes in a bit.

@alandekok

This comment has been minimized.

Show comment
Hide comment
@alandekok

alandekok Nov 3, 2017

Member

Fixed in v3.0.x, in commit 2093dc4, among others.

Member

alandekok commented Nov 3, 2017

Fixed in v3.0.x, in commit 2093dc4, among others.

@alandekok alandekok closed this Nov 3, 2017

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment