Linux, FreeBSD, Juniper, Cisco / Network security articles and troubleshooting guides

FAQ
It is currently Sat Aug 19, 2017 2:44 am


FreeBSD ports and pkg, Linux rpm yum and apt, AIX lpp discussions

Author Message
mandrei99
Post  Post subject: ipsec-tools-0.8.2 with radius support from source on CentOS 6.5 32bit  |  Posted: Sun Dec 28, 2014 6:14 pm

Joined: Tue Aug 04, 2009 9:16 am
Posts: 245

Offline
 

ipsec-tools-0.8.2 with radius support from source on CentOS 6.5 32bit

ipsec-tools-0.8.2 with radius support from source on CentOS 6.5 32bit

Installing the latest Ipsec-tools package from source on CentOS is not an easy task. After few attempts, I managed to get it

running on the 32bit version of Centos 6.5.

To avoid some of the ugly configure / make errors below, I will list all necessary steps needed for a base CentOS install:
Code:
configure: error: Broken getaddrinfo() is no longer supported. Aborting.

Code:
./conftest: error while loading shared libraries: libradius.so: cannot open shared object file: No such file or directory
configure:14577: $? = 127
configure: program exited with status 127

Code:
configure:14477: checking getaddrinfo bug
configure:14577: gcc -o conftest -Wall -O2 -D_GNU_SOURCE -include ./src/include-glibc/glibc-bugs.h -I./src/include-glibc -

I./src/include-glibc -I/usr/include   conftest.c -lradius -lutil -lcrypto  -lresolv /usr/lib/libfl.a -lcrypt -lcrypt -L/usr//lib -

R/usr//lib -lradius >&5
gcc: unrecognized option '-R/usr//lib'
configure:14577: $? = 0
configure:14577: ./conftest
./conftest: error while loading shared libraries: libradius.so: cannot open shared object file: No such file or directory
configure:14577: $? = 127
configure: program exited with status 127



Code:
gcc -DHAVE_CONFIG_H -I. -I../.. -I./../libipsec   -D_GNU_SOURCE -include ./src/include-glibc/glibc-bugs.h -I./src/include-glibc -

I./src/include-glibc  -I../../src/racoon/missing -I/usr//include -D_GNU_SOURCE -include ../../src/include-glibc/glibc-bugs.h -

I../../src/include-glibc -I../../src/include-glibc -DSYSCONFDIR=\"/usr/etc\" -DADMINPORTDIR=\"/usr/var/racoon\" -g -O2  -Wall -

Werror -Wno-unused -MT isakmp_quick.o -MD -MP -MF .deps/isakmp_quick.Tpo -c -o isakmp_quick.o isakmp_quick.c
cc1: warnings being treated as errors
isakmp_quick.c: In function ‘quick_r1recv’:
isakmp_quick.c:2182: error: dereferencing pointer ‘saddr.155’ does break strict-aliasing rules
isakmp_quick.c:2182: note: initialized from here
make[4]: *** [isakmp_quick.o] Error 1
make[4]: Leaving directory `/root/ipsec-tools-0.8.2/src/racoon'
make[3]: *** [all] Error 2
make[3]: Leaving directory `/root/ipsec-tools-0.8.2/src/racoon'
make[2]: *** [all-recursive] Error 1
make[2]: Leaving directory `/root/ipsec-tools-0.8.2/src'
make[1]: *** [all-recursive] Error 1
make[1]: Leaving directory `/root/ipsec-tools-0.8.2'
make: *** [all] Error 2


1. Installing necessary packages required for compilation.
Code:
# yum install wget tcpdump lsof flex flex-devel
# yum groupinstall 'Development Tools'
# yum groupinstall "Server Platform Development"


2. Installing libmd, libradius and ipsectools and creating a symlink for libradius.so, configure and compile ipsec-tools.
Code:
# wget http://portal-to-web.de/tacacs/libmd.tar.gz
# tar zxvf libmd.tar.gz
# cd libmd
# make
# make install
# mkdir -p /usr/local/man/man3
# make install

# cd
# wget http://portal-to-web.de/tacacs/libradius-linux-20040827.tar.gz
# tar zxvf libradius-linux-20040827.tar.gz
# cd libradius-linux
# make
# make install
# cd


# ln -sf /usr/local/lib/libradius.so /usr/lib/

# wget "http://downloads.sourceforge.net/project/ipsec-tools/ipsec-tools/0.8.2/ipsec-tools-0.8.2.tar.gz?r=http%3A%2F%2Fsourceforge.net%2Fprojects%2Fipsec-tools%2Ffiles%2Fipsec-tools%2F0.8.2%2F&ts=1419528064&use_mirror=heanet"

# mv ipsec-tools-0.8.2.tar.gz\?r\=http\:%2F%0A%0A%2Fsourceforge.net%2Fprojects%2Fipsec-tools%2Ffiles%2Fipsec-tools%2F0.8.2%2F\&ts\=1419528064\&use_mirror\=heanet ipsec-tools-0.8.2.tar.gz

# tar zxvf ipsec-tools-0.8.2.tar.gz
# cd ipsec-tools-0.8.2

# ./configure --enable-stats --enable-hybrid --enable-shared --enable-frag --enable-adminport  --enable-dpd --prefix=/usr --enable-security-context=no --with-kernel-headers=/usr/include --enable-natt=yes  --with-libradius=/usr/ --with-flexlib=/usr/lib/libfl.a --enable-gssapi  CFLAGS=-fno-strict-aliasing


checking kernel Security Context support... yes
checking selinux/selinux.h usability... yes
checking selinux/selinux.h presence... yes
checking for selinux/selinux.h... yes
checking for avc_init in -lselinux... yes
checking whether to support Security Context... no
checking for rt containing clock_gettime... -lrt
checking for monotonic system clock... yes
checking that generated files are newer than configure... done
configure: creating ./config.status
config.status: creating Makefile
config.status: creating package_version.h
config.status: creating src/Makefile
config.status: creating src/include-glibc/Makefile
config.status: creating src/libipsec/Makefile
config.status: creating src/setkey/Makefile
config.status: creating src/racoon/Makefile
config.status: creating src/racoon/samples/psk.txt
config.status: creating src/racoon/samples/racoon.conf
config.status: creating rpm/Makefile
config.status: creating rpm/suse/Makefile
config.status: creating rpm/suse/ipsec-tools.spec
config.status: creating config.h
config.status: executing depfiles commands
config.status: executing libtool commands



# make
..
/bin/sh ../../libtool  --tag=CC   --mode=link gcc -D_GNU_SOURCE -include ../../src/include-glibc/glibc-bugs.h -I../../src/include-glibc -I../../src/include-glibc -DSYSCONFDIR=\"/usr/etc\" -DADMINPORTDIR=\"/usr/var/racoon\" -fno-strict-aliasing  -Wall -Werror -Wno-unused -lcrypto  -o plainrsa-gen plainrsa-gen.o plog.o crypto_openssl.o logger.o  vmbuf.o misc.o -lrt -lradius -lutil -lcrypto  -lresolv /usr/lib/libfl.a -lcrypt -lcrypt -L/usr//lib -R/usr//lib -lradius -lgssapi_krb5 -lkrb5 -lk5crypto -lcom_err
libtool: link: gcc -D_GNU_SOURCE -include ../../src/include-glibc/glibc-bugs.h -I../../src/include-glibc -I../../src/include-glibc

-DSYSCONFDIR=\"/usr/etc\" -DADMINPORTDIR=\"/usr/var/racoon\" -fno-strict-aliasing -Wall -Werror -Wno-unused -o plainrsa-gen

plainrsa-gen.o plog.o crypto_openssl.o logger.o vmbuf.o misc.o  -lrt -lutil -lcrypto -lresolv /usr/lib/libfl.a -lcrypt -L/usr//lib

-lradius -lgssapi_krb5 -lkrb5 -lk5crypto -lcom_err -Wl,-rpath -Wl,/usr//lib
make[4]: Leaving directory `/root/ipsec-tools-0.8.2/src/racoon'
make[3]: Leaving directory `/root/ipsec-tools-0.8.2/src/racoon'
make[3]: Entering directory `/root/ipsec-tools-0.8.2/src'
make[3]: Nothing to be done for `all-am'.
make[3]: Leaving directory `/root/ipsec-tools-0.8.2/src'
make[2]: Leaving directory `/root/ipsec-tools-0.8.2/src'
Making all in rpm
make[2]: Entering directory `/root/ipsec-tools-0.8.2/rpm'
Making all in suse
make[3]: Entering directory `/root/ipsec-tools-0.8.2/rpm/suse'
make[3]: Nothing to be done for `all'.
make[3]: Leaving directory `/root/ipsec-tools-0.8.2/rpm/suse'
make[3]: Entering directory `/root/ipsec-tools-0.8.2/rpm'
rm -f ipsec-tools.spec.tmp
sed < ipsec-tools.spec.in > ipsec-tools.spec.tmp \
            -e 's:@-VERSION-@:0.8.2:'
mv ipsec-tools.spec.tmp ipsec-tools.spec
make[3]: Leaving directory `/root/ipsec-tools-0.8.2/rpm'
make[2]: Leaving directory `/root/ipsec-tools-0.8.2/rpm'
make[2]: Entering directory `/root/ipsec-tools-0.8.2'
make[2]: Leaving directory `/root/ipsec-tools-0.8.2'
make[1]: Leaving directory `/root/ipsec-tools-0.8.2'
# echo $?
0

# make install
make[1]: Leaving directory `/root/ipsec-tools-0.8.2/src'
Making install in rpm
make[1]: Entering directory `/root/ipsec-tools-0.8.2/rpm'
Making install in suse
make[2]: Entering directory `/root/ipsec-tools-0.8.2/rpm/suse'
make[3]: Entering directory `/root/ipsec-tools-0.8.2/rpm/suse'
make[3]: Nothing to be done for `install-exec-am'.
make[3]: Nothing to be done for `install-data-am'.
make[3]: Leaving directory `/root/ipsec-tools-0.8.2/rpm/suse'
make[2]: Leaving directory `/root/ipsec-tools-0.8.2/rpm/suse'
make[2]: Entering directory `/root/ipsec-tools-0.8.2/rpm'
make[3]: Entering directory `/root/ipsec-tools-0.8.2/rpm'
make[3]: Nothing to be done for `install-exec-am'.
make[3]: Nothing to be done for `install-data-am'.
make[3]: Leaving directory `/root/ipsec-tools-0.8.2/rpm'
make[2]: Leaving directory `/root/ipsec-tools-0.8.2/rpm'
make[1]: Leaving directory `/root/ipsec-tools-0.8.2/rpm'
make[1]: Entering directory `/root/ipsec-tools-0.8.2'
make[2]: Entering directory `/root/ipsec-tools-0.8.2'
make[2]: Nothing to be done for `install-exec-am'.
make[2]: Nothing to be done for `install-data-am'.
make[2]: Leaving directory `/root/ipsec-tools-0.8.2'
make[1]: Leaving directory `/root/ipsec-tools-0.8.2'
# echo $?
0



# racoon -V
@(#)ipsec-tools 0.8.2 (http://ipsec-tools.sourceforge.net)

Compiled with:
- OpenSSL 1.0.1e-fips 11 Feb 2013 (http://www.openssl.org/)
- IPv6 support
- Dead Peer Detection
- IKE fragmentation
- Hybrid authentication
- NAT Traversal
- Timing statistics
- Admin port
- Monotonic clock





Top
Display posts from previous:  Sort by  
E-mail friendPrint view

Topics related to - "ipsec-tools-0.8.2 with radius support from source on CentOS 6.5 32bit"
 Topics   Author   Replies   Views   Last post 
There are no new unread posts for this topic. /usr/bin/ld: cannot find -lltdl PHP Compiling fails on Centos/Red Hat

mandrei99

0

1214

Mon Feb 22, 2010 7:08 am

mandrei99 View the latest post

There are no new unread posts for this topic. PHP-FPM 5.6 from source \w Suhosin & xcache in Debian Linux

mandrei99

0

1050

Wed Jan 14, 2015 8:44 am

mandrei99 View the latest post

 

Who is online
Users browsing this forum: No registered users and 0 guests
You can post new topics in this forum
You can reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum
Jump to:  
News News Site map Site map SitemapIndex SitemapIndex RSS Feed RSS Feed Channel list Channel list


Delete all board cookies | The team | All times are UTC - 5 hours [ DST ]



phpBB SEO