Sent with Proton Mail secure email.
------- Original Message -------
On Thursday, October 5th, 2023 at 8:51 AM, Stuart Henderson
<s...@spacehopper.org> wrote:
> On 2023/10/05 13:09, haywirrr wrote:
>
> > oports# ldconfig -r | head
> > /var/run/ld.so.hints:
> > search directories: /usr/lib
> > 0:-lexecinfo.3.0 => /usr/lib/libexecinfo.so.3.0
> > 1:-lfido2.7.0 => /usr/lib/libfido2.so.7.0
> > 2:-lcbor.2.0 => /usr/lib/libcbor.so.2.0
> > 3:-lform.6.0 => /usr/lib/libform.so.6.0
> > 4:-lformw.6.0 => /usr/lib/libformw.so.6.0
> > 5:-lagentx.1.1 => /usr/lib/libagentx.so.1.1
> > 6:-liberty.12.0 => /usr/lib/libiberty.so.12.0
> > 7:-lm.10.1 => /usr/lib/libm.so.10.1
>
>
> Something about your installation is nonstandard because /etc/rc should
> be adding /usr/local/lib and /usr/X11R6/lib to the search path (see
> around line 617), that is responsible for wpa_supplicant not finding
> libpcsclite, and will break most other packages too.
Hi Stuart,
This installation is indeed standard, this is actually a virtual
machine created for testing this exact issue. I installed 7.3 from
the image file, along with all of the sets. From there, I immediately
upgraded to a snapshot, rebooted and pulled a fresh copy of the ports.
I updated the ports using CVS and then built wpa_supplicant with your
Makefile patch.
After rebooting the virtual machine, all of the correct paths were
listed on the testing VM, though I am not clear on what caused the
issue in the first place. In any event, following the reboot I was able
to run wpa_supplicant without receiving the error message.
Unfortunately, I hit another snag when attempting to perform the 802.1X
authentication using the OpenSSL 3.1 flavor of wpa_supplicant:
SSL routines::unsafe legacy renegotiation disabled
Some research led me to manually apply the patch below and now,
wpa_supplicant stalls after loading the certificates, which prevents
authentication from completing. I then adjusted your Makefile patch to
use OpenSSL 1.1, re-compiled, packaged and reinstalled wpa_supplicant.
I then rebooted (to be safe) and tested the new OpenSSL 1.1 flavor of
wpa_supplicant and I was finally able to complete the 802.1X
authentication process. At least now I have a way forward when 7.4 is
released, thank you very much for your assistance.
I am not sure if this is the most appropriate place to ask this but
is it possible to make the OpenSSL flavors of wpa_supplicant
available as binary packages in the official repositories?
Thanks again for all of your help!
OpenSSL 3 wpa_supplicant patch reference:
https://gitlab.archlinux.org/bryango/wpa_supplicant/-/blob/2-2.10-8/wpa_supplicant-legacy-server-connect.patch
