Linux, FreeBSD, Juniper, Cisco / Network security articles and troubleshooting guides :: ipsec-tools-0.8.2 with radius support from source on CentOS 6.5 32bit

# wget http://portal-to-web.de/tacacs/libmd.tar.gz
# tar zxvf libmd.tar.gz
# cd libmd
# make
# make install
# mkdir -p /usr/local/man/man3
# make install

# cd
# wget http://portal-to-web.de/tacacs/libradius-linux-20040827.tar.gz
# tar zxvf libradius-linux-20040827.tar.gz
# cd libradius-linux
# make
# make install
# cd

# ln -sf /usr/local/lib/libradius.so /usr/lib/

# wget "http://downloads.sourceforge.net/project/ipsec-tools/ipsec-tools/0.8.2/ipsec-tools-0.8.2.tar.gz?r=http%3A%2F%2Fsourceforge.net%2Fprojects%2Fipsec-tools%2Ffiles%2Fipsec-tools%2F0.8.2%2F&ts=1419528064&use_mirror=heanet"

# mv ipsec-tools-0.8.2.tar.gz\?r\=http\:%2F%0A%0A%2Fsourceforge.net%2Fprojects%2Fipsec-tools%2Ffiles%2Fipsec-tools%2F0.8.2%2F\&ts\=1419528064\&use_mirror\=heanet ipsec-tools-0.8.2.tar.gz

# tar zxvf ipsec-tools-0.8.2.tar.gz
# cd ipsec-tools-0.8.2

# ./configure --enable-stats --enable-hybrid --enable-shared --enable-frag --enable-adminport --enable-dpd --prefix=/usr --enable-security-context=no --with-kernel-headers=/usr/include --enable-natt=yes --with-libradius=/usr/ --with-flexlib=/usr/lib/libfl.a --enable-gssapi CFLAGS=-fno-strict-aliasing

checking kernel Security Context support... yes
checking selinux/selinux.h usability... yes
checking selinux/selinux.h presence... yes
checking for selinux/selinux.h... yes
checking for avc_init in -lselinux... yes
checking whether to support Security Context... no
checking for rt containing clock_gettime... -lrt
checking for monotonic system clock... yes
checking that generated files are newer than configure... done
configure: creating ./config.status
config.status: creating Makefile
config.status: creating package_version.h
config.status: creating src/Makefile
config.status: creating src/include-glibc/Makefile
config.status: creating src/libipsec/Makefile
config.status: creating src/setkey/Makefile
config.status: creating src/racoon/Makefile
config.status: creating src/racoon/samples/psk.txt
config.status: creating src/racoon/samples/racoon.conf
config.status: creating rpm/Makefile
config.status: creating rpm/suse/Makefile
config.status: creating rpm/suse/ipsec-tools.spec
config.status: creating config.h
config.status: executing depfiles commands
config.status: executing libtool commands

# make
..
/bin/sh ../../libtool --tag=CC --mode=link gcc -D_GNU_SOURCE -include ../../src/include-glibc/glibc-bugs.h -I../../src/include-glibc -I../../src/include-glibc -DSYSCONFDIR=\"/usr/etc\" -DADMINPORTDIR=\"/usr/var/racoon\" -fno-strict-aliasing -Wall -Werror -Wno-unused -lcrypto -o plainrsa-gen plainrsa-gen.o plog.o crypto_openssl.o logger.o vmbuf.o misc.o -lrt -lradius -lutil -lcrypto -lresolv /usr/lib/libfl.a -lcrypt -lcrypt -L/usr//lib -R/usr//lib -lradius -lgssapi_krb5 -lkrb5 -lk5crypto -lcom_err
libtool: link: gcc -D_GNU_SOURCE -include ../../src/include-glibc/glibc-bugs.h -I../../src/include-glibc -I../../src/include-glibc

-DSYSCONFDIR=\"/usr/etc\" -DADMINPORTDIR=\"/usr/var/racoon\" -fno-strict-aliasing -Wall -Werror -Wno-unused -o plainrsa-gen

plainrsa-gen.o plog.o crypto_openssl.o logger.o vmbuf.o misc.o -lrt -lutil -lcrypto -lresolv /usr/lib/libfl.a -lcrypt -L/usr//lib

-lradius -lgssapi_krb5 -lkrb5 -lk5crypto -lcom_err -Wl,-rpath -Wl,/usr//lib
make[4]: Leaving directory `/root/ipsec-tools-0.8.2/src/racoon'
make[3]: Leaving directory `/root/ipsec-tools-0.8.2/src/racoon'
make[3]: Entering directory `/root/ipsec-tools-0.8.2/src'
make[3]: Nothing to be done for `all-am'.
make[3]: Leaving directory `/root/ipsec-tools-0.8.2/src'
make[2]: Leaving directory `/root/ipsec-tools-0.8.2/src'
Making all in rpm
make[2]: Entering directory `/root/ipsec-tools-0.8.2/rpm'
Making all in suse
make[3]: Entering directory `/root/ipsec-tools-0.8.2/rpm/suse'
make[3]: Nothing to be done for `all'.
make[3]: Leaving directory `/root/ipsec-tools-0.8.2/rpm/suse'
make[3]: Entering directory `/root/ipsec-tools-0.8.2/rpm'
rm -f ipsec-tools.spec.tmp
sed < ipsec-tools.spec.in > ipsec-tools.spec.tmp \
-e 's:@-VERSION-@:0.8.2:'
mv ipsec-tools.spec.tmp ipsec-tools.spec
make[3]: Leaving directory `/root/ipsec-tools-0.8.2/rpm'
make[2]: Leaving directory `/root/ipsec-tools-0.8.2/rpm'
make[2]: Entering directory `/root/ipsec-tools-0.8.2'
make[2]: Leaving directory `/root/ipsec-tools-0.8.2'
make[1]: Leaving directory `/root/ipsec-tools-0.8.2'
# echo $?
0

# make install
make[1]: Leaving directory `/root/ipsec-tools-0.8.2/src'
Making install in rpm
make[1]: Entering directory `/root/ipsec-tools-0.8.2/rpm'
Making install in suse
make[2]: Entering directory `/root/ipsec-tools-0.8.2/rpm/suse'
make[3]: Entering directory `/root/ipsec-tools-0.8.2/rpm/suse'
make[3]: Nothing to be done for `install-exec-am'.
make[3]: Nothing to be done for `install-data-am'.
make[3]: Leaving directory `/root/ipsec-tools-0.8.2/rpm/suse'
make[2]: Leaving directory `/root/ipsec-tools-0.8.2/rpm/suse'
make[2]: Entering directory `/root/ipsec-tools-0.8.2/rpm'
make[3]: Entering directory `/root/ipsec-tools-0.8.2/rpm'
make[3]: Nothing to be done for `install-exec-am'.
make[3]: Nothing to be done for `install-data-am'.
make[3]: Leaving directory `/root/ipsec-tools-0.8.2/rpm'
make[2]: Leaving directory `/root/ipsec-tools-0.8.2/rpm'
make[1]: Leaving directory `/root/ipsec-tools-0.8.2/rpm'
make[1]: Entering directory `/root/ipsec-tools-0.8.2'
make[2]: Entering directory `/root/ipsec-tools-0.8.2'
make[2]: Nothing to be done for `install-exec-am'.
make[2]: Nothing to be done for `install-data-am'.
make[2]: Leaving directory `/root/ipsec-tools-0.8.2'
make[1]: Leaving directory `/root/ipsec-tools-0.8.2'
# echo $?
0

# racoon -V
@(#)ipsec-tools 0.8.2 (http://ipsec-tools.sourceforge.net)

Compiled with:
- OpenSSL 1.0.1e-fips 11 Feb 2013 (http://www.openssl.org/)
- IPv6 support
- Dead Peer Detection
- IKE fragmentation
- Hybrid authentication
- NAT Traversal
- Timing statistics
- Admin port
- Monotonic clock

Author:	mandrei99 [ Sun Dec 28, 2014 6:14 pm ]
Post subject:	ipsec-tools-0.8.2 with radius support from source on CentOS 6.5 32bit
ipsec-tools-0.8.2 with radius support from source on CentOS 6.5 32bit Installing the latest Ipsec-tools package from source on CentOS is not an easy task. After few attempts, I managed to get it running on the 32bit version of Centos 6.5. To avoid some of the ugly configure / make errors below, I will list all necessary steps needed for a base CentOS install: Code: configure: error: Broken getaddrinfo() is no longer supported. Aborting. Code: ./conftest: error while loading shared libraries: libradius.so: cannot open shared object file: No such file or directory configure:14577: $? = 127 configure: program exited with status 127 Code: configure:14477: checking getaddrinfo bug configure:14577: gcc -o conftest -Wall -O2 -D_GNU_SOURCE -include ./src/include-glibc/glibc-bugs.h -I./src/include-glibc - I./src/include-glibc -I/usr/include conftest.c -lradius -lutil -lcrypto -lresolv /usr/lib/libfl.a -lcrypt -lcrypt -L/usr//lib - R/usr//lib -lradius >&5 gcc: unrecognized option '-R/usr//lib' configure:14577: $? = 0 configure:14577: ./conftest ./conftest: error while loading shared libraries: libradius.so: cannot open shared object file: No such file or directory configure:14577: $? = 127 configure: program exited with status 127 Code: gcc -DHAVE_CONFIG_H -I. -I../.. -I./../libipsec -D_GNU_SOURCE -include ./src/include-glibc/glibc-bugs.h -I./src/include-glibc - I./src/include-glibc -I../../src/racoon/missing -I/usr//include -D_GNU_SOURCE -include ../../src/include-glibc/glibc-bugs.h - I../../src/include-glibc -I../../src/include-glibc -DSYSCONFDIR=\"/usr/etc\" -DADMINPORTDIR=\"/usr/var/racoon\" -g -O2 -Wall - Werror -Wno-unused -MT isakmp_quick.o -MD -MP -MF .deps/isakmp_quick.Tpo -c -o isakmp_quick.o isakmp_quick.c cc1: warnings being treated as errors isakmp_quick.c: In function ‘quick_r1recv’: isakmp_quick.c:2182: error: dereferencing pointer ‘saddr.155’ does break strict-aliasing rules isakmp_quick.c:2182: note: initialized from here make[4]: * [isakmp_quick.o] Error 1 make[4]: Leaving directory `/root/ipsec-tools-0.8.2/src/racoon' make[3]: * [all] Error 2 make[3]: Leaving directory `/root/ipsec-tools-0.8.2/src/racoon' make[2]: * [all-recursive] Error 1 make[2]: Leaving directory `/root/ipsec-tools-0.8.2/src' make[1]: * [all-recursive] Error 1 make[1]: Leaving directory `/root/ipsec-tools-0.8.2' make: * [all] Error 2 1. Installing necessary packages required for compilation. Code: # yum install wget tcpdump lsof flex flex-devel # yum groupinstall 'Development Tools' # yum groupinstall "Server Platform Development" 2. Installing libmd, libradius and ipsectools and creating a symlink for libradius.so, configure and compile ipsec-tools. Code:** # wget http://portal-to-web.de/tacacs/libmd.tar.gz # tar zxvf libmd.tar.gz # cd libmd # make # make install # mkdir -p /usr/local/man/man3 # make install # cd # wget http://portal-to-web.de/tacacs/libradius-linux-20040827.tar.gz # tar zxvf libradius-linux-20040827.tar.gz # cd libradius-linux # make # make install # cd # ln -sf /usr/local/lib/libradius.so /usr/lib/ # wget "http://downloads.sourceforge.net/project/ipsec-tools/ipsec-tools/0.8.2/ipsec-tools-0.8.2.tar.gz?r=http%3A%2F%2Fsourceforge.net%2Fprojects%2Fipsec-tools%2Ffiles%2Fipsec-tools%2F0.8.2%2F&ts=1419528064&use_mirror=heanet" # mv ipsec-tools-0.8.2.tar.gz\?r\=http\:%2F%0A%0A%2Fsourceforge.net%2Fprojects%2Fipsec-tools%2Ffiles%2Fipsec-tools%2F0.8.2%2F\&ts\=1419528064\&use_mirror\=heanet ipsec-tools-0.8.2.tar.gz # tar zxvf ipsec-tools-0.8.2.tar.gz # cd ipsec-tools-0.8.2 # ./configure --enable-stats --enable-hybrid --enable-shared --enable-frag --enable-adminport --enable-dpd --prefix=/usr --enable-security-context=no --with-kernel-headers=/usr/include --enable-natt=yes --with-libradius=/usr/ --with-flexlib=/usr/lib/libfl.a --enable-gssapi CFLAGS=-fno-strict-aliasing checking kernel Security Context support... yes checking selinux/selinux.h usability... yes checking selinux/selinux.h presence... yes checking for selinux/selinux.h... yes checking for avc_init in -lselinux... yes checking whether to support Security Context... no checking for rt containing clock_gettime... -lrt checking for monotonic system clock... yes checking that generated files are newer than configure... done configure: creating ./config.status config.status: creating Makefile config.status: creating package_version.h config.status: creating src/Makefile config.status: creating src/include-glibc/Makefile config.status: creating src/libipsec/Makefile config.status: creating src/setkey/Makefile config.status: creating src/racoon/Makefile config.status: creating src/racoon/samples/psk.txt config.status: creating src/racoon/samples/racoon.conf config.status: creating rpm/Makefile config.status: creating rpm/suse/Makefile config.status: creating rpm/suse/ipsec-tools.spec config.status: creating config.h config.status: executing depfiles commands config.status: executing libtool commands # make .. /bin/sh ../../libtool --tag=CC --mode=link gcc -D_GNU_SOURCE -include ../../src/include-glibc/glibc-bugs.h -I../../src/include-glibc -I../../src/include-glibc -DSYSCONFDIR=\"/usr/etc\" -DADMINPORTDIR=\"/usr/var/racoon\" -fno-strict-aliasing -Wall -Werror -Wno-unused -lcrypto -o plainrsa-gen plainrsa-gen.o plog.o crypto_openssl.o logger.o vmbuf.o misc.o -lrt -lradius -lutil -lcrypto -lresolv /usr/lib/libfl.a -lcrypt -lcrypt -L/usr//lib -R/usr//lib -lradius -lgssapi_krb5 -lkrb5 -lk5crypto -lcom_err libtool: link: gcc -D_GNU_SOURCE -include ../../src/include-glibc/glibc-bugs.h -I../../src/include-glibc -I../../src/include-glibc -DSYSCONFDIR=\"/usr/etc\" -DADMINPORTDIR=\"/usr/var/racoon\" -fno-strict-aliasing -Wall -Werror -Wno-unused -o plainrsa-gen plainrsa-gen.o plog.o crypto_openssl.o logger.o vmbuf.o misc.o -lrt -lutil -lcrypto -lresolv /usr/lib/libfl.a -lcrypt -L/usr//lib -lradius -lgssapi_krb5 -lkrb5 -lk5crypto -lcom_err -Wl,-rpath -Wl,/usr//lib make[4]: Leaving directory `/root/ipsec-tools-0.8.2/src/racoon' make[3]: Leaving directory `/root/ipsec-tools-0.8.2/src/racoon' make[3]: Entering directory `/root/ipsec-tools-0.8.2/src' make[3]: Nothing to be done for `all-am'. make[3]: Leaving directory `/root/ipsec-tools-0.8.2/src' make[2]: Leaving directory `/root/ipsec-tools-0.8.2/src' Making all in rpm make[2]: Entering directory `/root/ipsec-tools-0.8.2/rpm' Making all in suse make[3]: Entering directory `/root/ipsec-tools-0.8.2/rpm/suse' make[3]: Nothing to be done for `all'. make[3]: Leaving directory `/root/ipsec-tools-0.8.2/rpm/suse' make[3]: Entering directory `/root/ipsec-tools-0.8.2/rpm' rm -f ipsec-tools.spec.tmp sed < ipsec-tools.spec.in > ipsec-tools.spec.tmp \ -e 's:@-VERSION-@:0.8.2:' mv ipsec-tools.spec.tmp ipsec-tools.spec make[3]: Leaving directory `/root/ipsec-tools-0.8.2/rpm' make[2]: Leaving directory `/root/ipsec-tools-0.8.2/rpm' make[2]: Entering directory `/root/ipsec-tools-0.8.2' make[2]: Leaving directory `/root/ipsec-tools-0.8.2' make[1]: Leaving directory `/root/ipsec-tools-0.8.2' # echo $? 0 # make install make[1]: Leaving directory `/root/ipsec-tools-0.8.2/src' Making install in rpm make[1]: Entering directory `/root/ipsec-tools-0.8.2/rpm' Making install in suse make[2]: Entering directory `/root/ipsec-tools-0.8.2/rpm/suse' make[3]: Entering directory `/root/ipsec-tools-0.8.2/rpm/suse' make[3]: Nothing to be done for `install-exec-am'. make[3]: Nothing to be done for `install-data-am'. make[3]: Leaving directory `/root/ipsec-tools-0.8.2/rpm/suse' make[2]: Leaving directory `/root/ipsec-tools-0.8.2/rpm/suse' make[2]: Entering directory `/root/ipsec-tools-0.8.2/rpm' make[3]: Entering directory `/root/ipsec-tools-0.8.2/rpm' make[3]: Nothing to be done for `install-exec-am'. make[3]: Nothing to be done for `install-data-am'. make[3]: Leaving directory `/root/ipsec-tools-0.8.2/rpm' make[2]: Leaving directory `/root/ipsec-tools-0.8.2/rpm' make[1]: Leaving directory `/root/ipsec-tools-0.8.2/rpm' make[1]: Entering directory `/root/ipsec-tools-0.8.2' make[2]: Entering directory `/root/ipsec-tools-0.8.2' make[2]: Nothing to be done for `install-exec-am'. make[2]: Nothing to be done for `install-data-am'. make[2]: Leaving directory `/root/ipsec-tools-0.8.2' make[1]: Leaving directory `/root/ipsec-tools-0.8.2' # echo $? 0 # racoon -V @(#)ipsec-tools 0.8.2 (http://ipsec-tools.sourceforge.net) Compiled with: - OpenSSL 1.0.1e-fips 11 Feb 2013 (http://www.openssl.org/) - IPv6 support - Dead Peer Detection - IKE fragmentation - Hybrid authentication - NAT Traversal - Timing statistics - Admin port - Monotonic clock

Linux, FreeBSD, Juniper, Cisco / Network security articles and troubleshooting guides https://forum.ivorde.com/

ipsec-tools-0.8.2 with radius support from source on CentOS 6.5 32bit https://forum.ivorde.com/ipsec-tools-0-8-2-with-radius-support-from-source-on-centos-6-5-32bit-t19341.html	Page 1 of 1

Page 1 of 1	All times are UTC - 5 hours [ DST ]
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group http://www.phpbb.com/