From 4c399f28fd8656c5467ec8967dcb111cb640ab22 Mon Sep 17 00:00:00 2001 From: Daniel Golle Date: Sun, 26 Apr 2015 19:43:26 +0200 Subject: [PATCH] freeradius2: update to version 2.2.7 and refresh patches Signed-off-by: Daniel Golle --- net/freeradius2/Makefile | 4 +- .../patches/001-fix-makefile.patch | 6 +- net/freeradius2/patches/002-config.patch | 103 +++++++++++------- .../patches/004-ldap_configure.patch | 12 +- .../patches/008-honor_ccpflags.patch | 6 +- .../patches/010-disbale-openssl-check.patch | 8 +- 6 files changed, 87 insertions(+), 52 deletions(-) diff --git a/net/freeradius2/Makefile b/net/freeradius2/Makefile index 1f1d86dce6..ac0c1b04bd 100644 --- a/net/freeradius2/Makefile +++ b/net/freeradius2/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=freeradius2 -PKG_VERSION:=2.2.6 +PKG_VERSION:=2.2.7 PKG_RELEASE:=1 PKG_SOURCE:=freeradius-server-$(PKG_VERSION).tar.bz2 PKG_SOURCE_URL:=ftp://ftp.freeradius.org/pub/freeradius/ -PKG_MD5SUM:=e9a6f9bbee9706b008b924061ab3f915 +PKG_MD5SUM:=b84b9ffa1ac9b20b2643e5a08ac483a1 PKG_MAINTAINER:=Daniel Golle PKG_LICENSE:=GPL-2.0 PKG_LICENSE_FILES:=COPYRIGHT LICENSE diff --git a/net/freeradius2/patches/001-fix-makefile.patch b/net/freeradius2/patches/001-fix-makefile.patch index 2daaec8230..676f99cd1a 100644 --- a/net/freeradius2/patches/001-fix-makefile.patch +++ b/net/freeradius2/patches/001-fix-makefile.patch @@ -1,5 +1,7 @@ ---- a/Make.inc.in -+++ b/Make.inc.in +Index: freeradius-server-2.2.7/Make.inc.in +=================================================================== +--- freeradius-server-2.2.7.orig/Make.inc.in ++++ freeradius-server-2.2.7/Make.inc.in @@ -5,6 +5,7 @@ # diff --git a/net/freeradius2/patches/002-config.patch b/net/freeradius2/patches/002-config.patch index 8794345fa8..c486389b8c 100644 --- a/net/freeradius2/patches/002-config.patch +++ b/net/freeradius2/patches/002-config.patch @@ -1,5 +1,7 @@ ---- a/raddb/dictionary.in -+++ b/raddb/dictionary.in +Index: freeradius-server-2.2.7/raddb/dictionary.in +=================================================================== +--- freeradius-server-2.2.7.orig/raddb/dictionary.in ++++ freeradius-server-2.2.7/raddb/dictionary.in @@ -11,7 +11,7 @@ # # The filename given here should be an absolute path. @@ -9,8 +11,10 @@ # # Place additional attributes or $INCLUDEs here. They will ---- a/raddb/eap.conf -+++ b/raddb/eap.conf +Index: freeradius-server-2.2.7/raddb/eap.conf +=================================================================== +--- freeradius-server-2.2.7.orig/raddb/eap.conf ++++ freeradius-server-2.2.7/raddb/eap.conf @@ -27,7 +27,7 @@ # then that EAP type takes precedence over the # default type configured here. @@ -206,8 +210,10 @@ # This option enables support for MS-SoH # see doc/SoH.txt for more info. ---- a/raddb/modules/counter -+++ b/raddb/modules/counter +Index: freeradius-server-2.2.7/raddb/modules/counter +=================================================================== +--- freeradius-server-2.2.7.orig/raddb/modules/counter ++++ freeradius-server-2.2.7/raddb/modules/counter @@ -69,7 +69,7 @@ # 'check-name' attribute. # @@ -217,8 +223,10 @@ key = User-Name count-attribute = Acct-Session-Time reset = daily ---- a/raddb/modules/pap -+++ b/raddb/modules/pap +Index: freeradius-server-2.2.7/raddb/modules/pap +=================================================================== +--- freeradius-server-2.2.7.orig/raddb/modules/pap ++++ freeradius-server-2.2.7/raddb/modules/pap @@ -18,5 +18,5 @@ # # http://www.openldap.org/faq/data/cache/347.html @@ -226,8 +234,10 @@ - auto_header = no + auto_header = yes } ---- a/raddb/modules/radutmp -+++ b/raddb/modules/radutmp +Index: freeradius-server-2.2.7/raddb/modules/radutmp +=================================================================== +--- freeradius-server-2.2.7.orig/raddb/modules/radutmp ++++ freeradius-server-2.2.7/raddb/modules/radutmp @@ -12,7 +12,7 @@ radutmp { # Where the file is stored. It's not a log file, # so it doesn't need rotating. @@ -237,8 +247,10 @@ # The field in the packet to key on for the # 'user' name, If you have other fields which you want ---- a/raddb/modules/sradutmp -+++ b/raddb/modules/sradutmp +Index: freeradius-server-2.2.7/raddb/modules/sradutmp +=================================================================== +--- freeradius-server-2.2.7.orig/raddb/modules/sradutmp ++++ freeradius-server-2.2.7/raddb/modules/sradutmp @@ -10,7 +10,7 @@ # then name "sradutmp" to identify it later in the "accounting" # section. @@ -248,8 +260,10 @@ perm = 0644 callerid = "no" } ---- a/raddb/radiusd.conf.in -+++ b/raddb/radiusd.conf.in +Index: freeradius-server-2.2.7/raddb/radiusd.conf.in +=================================================================== +--- freeradius-server-2.2.7.orig/raddb/radiusd.conf.in ++++ freeradius-server-2.2.7/raddb/radiusd.conf.in @@ -66,7 +66,7 @@ name = radiusd # Location of config and logfiles. @@ -277,7 +291,7 @@ # clients = per_socket_clients } -@@ -584,8 +584,8 @@ security { +@@ -576,8 +576,8 @@ security { # # allowed values: {no, yes} # @@ -288,7 +302,7 @@ # CLIENTS CONFIGURATION -@@ -782,7 +782,7 @@ instantiate { +@@ -774,7 +774,7 @@ instantiate { # The entire command line (and output) must fit into 253 bytes. # # e.g. Framed-Pool = `%{exec:/bin/echo foo}` @@ -297,7 +311,7 @@ # # The expression module doesn't do authorization, -@@ -799,15 +799,15 @@ instantiate { +@@ -791,15 +791,15 @@ instantiate { # other xlat functions such as md5, sha1 and lc. # # We do not recommend removing it's listing here. @@ -316,7 +330,7 @@ # subsections here can be thought of as "virtual" modules. # -@@ -831,7 +831,7 @@ instantiate { +@@ -823,7 +823,7 @@ instantiate { # to multiple times. # ###################################################################### @@ -325,7 +339,7 @@ ###################################################################### # -@@ -841,9 +841,9 @@ $INCLUDE policy.conf +@@ -833,9 +833,9 @@ $INCLUDE policy.conf # match the regular expression: /[a-zA-Z0-9_.]+/ # # It allows you to define new virtual servers simply by placing @@ -337,7 +351,7 @@ ###################################################################### # -@@ -851,7 +851,7 @@ $INCLUDE sites-enabled/ +@@ -843,7 +843,7 @@ $INCLUDE sites-enabled/ # "authenticate {}", "accounting {}", have been moved to the # the file: # @@ -346,8 +360,10 @@ # # This is the "default" virtual server that has the same # configuration as in version 1.0.x and 1.1.x. The default ---- a/raddb/sites-available/default -+++ b/raddb/sites-available/default +Index: freeradius-server-2.2.7/raddb/sites-available/default +=================================================================== +--- freeradius-server-2.2.7.orig/raddb/sites-available/default ++++ freeradius-server-2.2.7/raddb/sites-available/default @@ -85,7 +85,7 @@ authorize { # # It takes care of processing the 'raddb/hints' and the @@ -391,7 +407,7 @@ # ntdomain # -@@ -195,8 +195,8 @@ authorize { +@@ -197,8 +197,8 @@ authorize { # Use the checkval module # checkval @@ -402,7 +418,7 @@ # # If no other module has claimed responsibility for -@@ -277,7 +277,7 @@ authenticate { +@@ -279,7 +279,7 @@ authenticate { # If you have a Cisco SIP server authenticating against # FreeRADIUS, uncomment the following line, and the 'digest' # line in the 'authorize' section. @@ -411,7 +427,7 @@ # # Pluggable Authentication Modules. -@@ -294,7 +294,7 @@ authenticate { +@@ -296,7 +296,7 @@ authenticate { # be used for authentication ONLY for compatibility with legacy # FreeRADIUS configurations. # @@ -420,7 +436,7 @@ # Uncomment it if you want to use ldap for authentication # -@@ -330,8 +330,8 @@ authenticate { +@@ -332,8 +332,8 @@ authenticate { # # Pre-accounting. Decide which accounting type to use. # @@ -431,7 +447,7 @@ # # Session start times are *implied* in RADIUS. -@@ -354,7 +354,7 @@ preacct { +@@ -356,7 +356,7 @@ preacct { # # Ensure that we have a semi-unique identifier for every # request, and many NAS boxes are broken. @@ -440,7 +456,7 @@ # # Look for IPASS-style 'realm/', and if not found, look for -@@ -364,13 +364,13 @@ preacct { +@@ -366,13 +366,13 @@ preacct { # Accounting requests are generally proxied to the same # home server as authentication requests. # IPASS @@ -457,7 +473,7 @@ # # Accounting. Log the accounting data. -@@ -380,7 +380,7 @@ accounting { +@@ -382,7 +382,7 @@ accounting { # Create a 'detail'ed log of the packets. # Note that accounting requests which are proxied # are also logged in the detail file. @@ -466,7 +482,7 @@ # daily # Update the wtmp file -@@ -432,7 +432,7 @@ accounting { +@@ -434,7 +434,7 @@ accounting { exec # Filter attributes from the accounting response. @@ -475,7 +491,7 @@ # # See "Autz-Type Status-Server" for how this works. -@@ -458,7 +458,7 @@ session { +@@ -460,7 +460,7 @@ session { # Post-Authentication # Once we KNOW that the user has been authenticated, there are # additional steps we can take. @@ -484,7 +500,7 @@ # Get an address from the IP Pool. # main_pool -@@ -488,7 +488,7 @@ post-auth { +@@ -490,7 +490,7 @@ post-auth { # ldap # For Exec-Program and Exec-Program-Wait @@ -493,7 +509,7 @@ # # Calculate the various WiMAX keys. In order for this to work, -@@ -572,12 +572,12 @@ post-auth { +@@ -574,18 +574,18 @@ post-auth { # Add the ldap module name (or instance) if you have set # 'edir_account_policy_check = yes' in the ldap module configuration # @@ -502,6 +518,13 @@ +# Post-Auth-Type REJECT { +# # log failed authentications in SQL, too. # sql + + # Insert EAP-Failure message if the request was + # rejected by policy instead of because of an + # authentication failure +- eap ++# eap + - attr_filter.access_reject - } -} @@ -511,7 +534,7 @@ # # When the server decides to proxy a request to a home server, -@@ -587,7 +587,7 @@ post-auth { +@@ -595,7 +595,7 @@ post-auth { # # Only a few modules currently have this method. # @@ -520,7 +543,7 @@ # attr_rewrite # Uncomment the following line if you want to change attributes -@@ -603,14 +603,14 @@ pre-proxy { +@@ -611,14 +611,14 @@ pre-proxy { # server, un-comment the following line, and the # 'detail pre_proxy_log' section, above. # pre_proxy_log @@ -537,7 +560,7 @@ # If you want to have a log of replies from a home server, # un-comment the following line, and the 'detail post_proxy_log' -@@ -634,7 +634,7 @@ post-proxy { +@@ -642,7 +642,7 @@ post-proxy { # hidden inside of the EAP packet, and the end server will # reject the EAP request. # @@ -546,15 +569,17 @@ # # If the server tries to proxy a request and fails, then the -@@ -656,5 +656,5 @@ post-proxy { +@@ -664,5 +664,5 @@ post-proxy { # Post-Proxy-Type Fail { # detail # } -} +#} ---- a/raddb/users -+++ b/raddb/users +Index: freeradius-server-2.2.7/raddb/users +=================================================================== +--- freeradius-server-2.2.7.orig/raddb/users ++++ freeradius-server-2.2.7/raddb/users @@ -169,22 +169,22 @@ # by the terminal server in which case there may not be a "P" suffix. # The terminal server sends "Framed-Protocol = PPP" for auto PPP. diff --git a/net/freeradius2/patches/004-ldap_configure.patch b/net/freeradius2/patches/004-ldap_configure.patch index 7f3e240174..05b6789b35 100644 --- a/net/freeradius2/patches/004-ldap_configure.patch +++ b/net/freeradius2/patches/004-ldap_configure.patch @@ -1,5 +1,7 @@ ---- a/src/modules/rlm_ldap/configure -+++ b/src/modules/rlm_ldap/configure +Index: freeradius-server-2.2.7/src/modules/rlm_ldap/configure +=================================================================== +--- freeradius-server-2.2.7.orig/src/modules/rlm_ldap/configure ++++ freeradius-server-2.2.7/src/modules/rlm_ldap/configure @@ -1,10 +1,10 @@ #! /bin/sh # From configure.in Revision. @@ -4239,8 +4241,10 @@ +fi ---- a/src/modules/rlm_ldap/configure.in -+++ b/src/modules/rlm_ldap/configure.in +Index: freeradius-server-2.2.7/src/modules/rlm_ldap/configure.in +=================================================================== +--- freeradius-server-2.2.7.orig/src/modules/rlm_ldap/configure.in ++++ freeradius-server-2.2.7/src/modules/rlm_ldap/configure.in @@ -87,6 +87,9 @@ if test x$with_[]modname != xno; then ) fi diff --git a/net/freeradius2/patches/008-honor_ccpflags.patch b/net/freeradius2/patches/008-honor_ccpflags.patch index 086e717239..7e6d81e045 100644 --- a/net/freeradius2/patches/008-honor_ccpflags.patch +++ b/net/freeradius2/patches/008-honor_ccpflags.patch @@ -1,5 +1,7 @@ ---- a/src/modules/rules.mak -+++ b/src/modules/rules.mak +Index: freeradius-server-2.2.7/src/modules/rules.mak +=================================================================== +--- freeradius-server-2.2.7.orig/src/modules/rules.mak ++++ freeradius-server-2.2.7/src/modules/rules.mak @@ -63,10 +63,10 @@ $(LT_OBJS): $(SERVER_HEADERS) # ####################################################################### diff --git a/net/freeradius2/patches/010-disbale-openssl-check.patch b/net/freeradius2/patches/010-disbale-openssl-check.patch index c254912d46..483221dbc0 100644 --- a/net/freeradius2/patches/010-disbale-openssl-check.patch +++ b/net/freeradius2/patches/010-disbale-openssl-check.patch @@ -1,6 +1,8 @@ ---- a/configure.in -+++ b/configure.in -@@ -796,35 +796,6 @@ if test "x$WITH_OPENSSL" = xyes; then +Index: freeradius-server-2.2.7/configure.in +=================================================================== +--- freeradius-server-2.2.7.orig/configure.in ++++ freeradius-server-2.2.7/configure.in +@@ -820,35 +820,6 @@ if test "x$WITH_OPENSSL" = xyes; then OPENSSL_INCLUDE="-DOPENSSL_NO_KRB5" fi