From owner-freebsd-current@FreeBSD.ORG Thu Mar 18 00:51:19 2004 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id F408B16A4CE for ; Thu, 18 Mar 2004 00:51:18 -0800 (PST) Received: from mail.a-quadrat.at (mail.a-quadrat.at [81.223.141.10]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6240943D45 for ; Thu, 18 Mar 2004 00:51:18 -0800 (PST) (envelope-from mbretter@a-quadrat.at) Received: from localhost (localhost.a-quadrat.at [127.0.0.1]) by files.a-quadrat.at (Postfix) with ESMTP id 8765F5CE8F for ; Thu, 18 Mar 2004 09:51:16 +0100 (CET) Received: from mail.a-quadrat.at ([127.0.0.1]) by localhost (files.a-quadrat.at [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 07975-07 for ; Thu, 18 Mar 2004 09:51:06 +0100 (CET) Received: from BRUTUS.a-quadrat.at (brutus.a-quadrat.at [192.168.90.60]) by files.a-quadrat.at (Postfix) with ESMTP id 405765CB7F for ; Thu, 18 Mar 2004 09:51:06 +0100 (CET) Date: Thu, 18 Mar 2004 09:51:01 +0100 (=?ISO-8859-15?Q?Westeurop=E4ische_Normalzeit?=) From: Michael Bretterklieber To: current@freebsd.org Message-ID: X-X-Sender: mbretter@files.a-quadrat.at MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Virus-Scanned: by amavisd-new at a-quadrat.at Subject: libradius, EAP, Message-Authenticator - patches X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 18 Mar 2004 08:51:19 -0000 Hi, I had to modify libradius to be able to proxy EAP requests between Mpd and the RADIUS server. If the EAP-Message attribute is present in a request, then also the Message-Authenticator must be present, othwerwise the RADIUS server drops the request. (The Message-Authenticator is an HMAC-MD5 Hash of the whole request packet). I'm using openssl for calculating the HMAC, and got rid of -lmd, but it looks like, that this causes problems when doing a buildworld, because ssl is build after libradius (output from 4-Stable): > ===> lib/libradius > rm -f .depend > mkdep -f .depend -a /compile/src/lib/libradius/radlib.c > echo libradius.so.2: /usr/obj/compile/src/i386/usr/lib/libmd.a >> .depend > cc -O -pipe -Wall -c /compile/src/lib/libradius/radlib.c -o radlib.o > building static radius library > ranlib libradius.a > cc -pg -O -pipe -Wall -c /compile/src/lib/libradius/radlib.c -o > radlib.po > building profiled radius library > ranlib libradius_p.a > cc -fpic -DPIC -O -pipe -Wall -c /compile/src/lib/libradius/radlib.c -o > radlib.So > building shared library libradius.so.2 > /usr/obj/compile/src/i386/usr/libexec/elf/ld: cannot find -lssl > *** Error code 1 It looks like we have to change the order of the _prebuild_libs in src/Makefile.inc, but I'm not familiar with the build system, and I'm not aware of the side-effects of this change. The patches can be found here: http://www.bretterklieber.com/freebsd/libradius.diff (4-Stable) http://www.bretterklieber.com/freebsd/libradius5.diff (5-current) It would be great, if somone could give me some advices how to solve the problems above, thanx, bye, -- ------------------------------- ---------------------------------- Michael Bretterklieber - http://www.bretterklieber.com A-Quadrat Automation GmbH - http://www.a-quadrat.at Tel: ++43-(0)3172-41679 - GSM: ++43-(0)699 12861847 ------------------------------- ---------------------------------- "...the number of UNIX installations has grown to 10, with more expected..." - Dennis Ritchie and Ken Thompson, June 1972