pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/net/freeradius2 Freeradius version 2.0 of the server i...
details: https://anonhg.NetBSD.org/pkgsrc/rev/641f42bcc22a
branches: trunk
changeset: 542414:641f42bcc22a
user: adrianp <adrianp%pkgsrc.org@localhost>
date: Thu May 15 19:43:47 2008 +0000
description:
Freeradius version 2.0 of the server is intended to be backwards compatible
with previous versions, but also to have many new features, such as:
* simple policy language (see "man unlang")
* virtual servers (raddb/sites-available/README)
* IPv6 support
* better proxy support (raddb/proxy.conf)
* More EAP types
* Debugging output should be MUCH easier to understand
* VMPS support
* More modules are marked "stable" (python, etc.)
* SQL configuration has been cleaned up (see raddb/sql/*)
* limited support for HUP
* check configuration and exit (radiusd -C)
* Server core is now event based (simpler, more powerful)
diffstat:
net/freeradius2/DESCR | 23 ++
net/freeradius2/MESSAGE | 17 +
net/freeradius2/MESSAGE.pam | 21 +
net/freeradius2/Makefile | 178 +++++++++++++++
net/freeradius2/PLIST | 444 +++++++++++++++++++++++++++++++++++++++
net/freeradius2/PLIST.dbm | 5 +
net/freeradius2/PLIST.gdbm | 3 +
net/freeradius2/PLIST.kerberos | 3 +
net/freeradius2/PLIST.ldap | 3 +
net/freeradius2/PLIST.mysql | 2 +
net/freeradius2/PLIST.pam | 3 +
net/freeradius2/PLIST.pgsql | 2 +
net/freeradius2/PLIST.sorted | 439 ++++++++++++++++++++++++++++++++++++++
net/freeradius2/distinfo | 11 +
net/freeradius2/files/radiusd.sh | 36 +++
net/freeradius2/options.mk | 112 +++++++++
net/freeradius2/patches/patch-ab | 9 +
net/freeradius2/patches/patch-ae | 23 ++
net/freeradius2/patches/patch-ai | 48 ++++
net/freeradius2/patches/patch-aj | 12 +
net/freeradius2/patches/patch-ak | 15 +
net/freeradius2/patches/patch-al | 65 +++++
22 files changed, 1474 insertions(+), 0 deletions(-)
diffs (truncated from 1562 to 300 lines):
diff -r 64288441851a -r 641f42bcc22a net/freeradius2/DESCR
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/net/freeradius2/DESCR Thu May 15 19:43:47 2008 +0000
@@ -0,0 +1,23 @@
+ All code in this server was written from scratch.
+
+ The server is mostly compatible with livingston radiusd-2.01
+ (no menus or s/key support though) but with more feautures, such as:
+
+ o Can limit max. number of simultaneous logins on a per-user basis!
+ o Multiple DEFAULT entries, that can optionally fall-through.
+ o In fact, every entry can fall-through
+ o Deny/permit access based on huntgroup users dials into
+ o Set certain parameters (such as static IP address) based on huntgroup
+ o Extra "hints" file that can select SLIP/PPP/rlogin based on
+ username pattern (Puser or user.ppp is PPP, plain "user" is rlogin etc).
+ o Can execute an external program when user has authenticated (for example
+ to run a sendmail queue).
+ o Can use `$INCLUDE filename' in radiusd.conf, users, and dictionary files
+ o Can act as a proxy server, relaying requests to a remote server
+ o Supports Vendor-Specific attributes
+ o No good documentation at all, just like the original radiusd 1.16!
+
+ Then of course for general RADIUS questions, especially if you are using
+ Livingston / Lucent RABU equipment, there is the portmaster-radius mailing
+ list. Send mail to portmaster-radius-request%livingston.com@localhost to find
+ out how to subscribe.
diff -r 64288441851a -r 641f42bcc22a net/freeradius2/MESSAGE
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/net/freeradius2/MESSAGE Thu May 15 19:43:47 2008 +0000
@@ -0,0 +1,17 @@
+===========================================================================
+$NetBSD: MESSAGE,v 1.1.1.1 2008/05/15 19:43:47 adrianp Exp $
+
+Note to users who have been running radiusd as root before:
+
+As radiusd now runs unprivileged by default (as ${RADIUS_USER}:${RADIUS_GROUP}),
+you'll have to adapt some permissions:
+
+ ${CHOWN} -R ${RADIUS_USER}:${RADIUS_GROUP} ${VARBASE}/run/radiusd
+ ${CHOWN} -R ${RADIUS_USER}:${RADIUS_GROUP} ${PKG_SYSCONFDIR}
+ ${FIND} ${PKG_SYSCONFDIR} -type d | ${XARGS} ${CHMOD} 0750
+ ${FIND} ${PKG_SYSCONFDIR} -type f | ${XARGS} ${CHMOD} 0640
+
+In addition to this the base logging directory has now been moved from
+${VARBASE}/log to ${VARBASE}/log/radiusd.
+
+===========================================================================
diff -r 64288441851a -r 641f42bcc22a net/freeradius2/MESSAGE.pam
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/net/freeradius2/MESSAGE.pam Thu May 15 19:43:47 2008 +0000
@@ -0,0 +1,21 @@
+===========================================================================
+$NetBSD: MESSAGE.pam,v 1.1.1.1 2008/05/15 19:43:47 adrianp Exp $
+
+Certain PAM modules require that radiusd run as root in order to
+perform privileged operations. However, other PAM modules (e.g. pam-dbm),
+will work with with radiusd running as non-root if the non-root user is
+given the permissions necessary.
+
+If you will be using a PAM module that requires radiusd to run as root
+you can set the following in /etc/mk.conf:
+
+ RADIUS_USER=root
+ RADIUS_GROUP=wheel
+
+And then re-install freeradius. Alternatively, you can just change the
+following settings in your ${PKG_SYSCONFDIR}/radiusd.conf
+
+ user = root
+ group = wheel
+
+===========================================================================
diff -r 64288441851a -r 641f42bcc22a net/freeradius2/Makefile
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/net/freeradius2/Makefile Thu May 15 19:43:47 2008 +0000
@@ -0,0 +1,178 @@
+# $NetBSD: Makefile,v 1.1.1.1 2008/05/15 19:43:47 adrianp Exp $
+
+DISTNAME= freeradius-server-${RADVER}
+PKGNAME= ${DISTNAME:S/-server//}
+CATEGORIES= net
+MASTER_SITES= ftp://ftp.freeradius.org/pub/freeradius/
+EXTRACT_SUFX= .tar.bz2
+
+MAINTAINER= adrianp%NetBSD.org@localhost
+HOMEPAGE= http://www.freeradius.org/
+COMMENT= Free RADIUS server implementation
+
+CONFLICTS+= freeradius-1.[0-9]*
+
+.include "../../mk/bsd.prefs.mk"
+
+CONFLICTS+= radiusd-cistron-[0-9]*
+USE_TOOLS+= gmake perl:run
+GNU_CONFIGURE= YES
+USE_LIBTOOL= YES
+USE_OLD_DES_API= YES
+
+BUILD_DEFS= VARBASE
+PLIST_SRC= ${WRKDIR}/.PLIST_SRC
+FILES_SUBST+= RADIUS_USER=${RADIUS_USER:Q}
+FILES_SUBST+= RADIUS_GROUP=${RADIUS_GROUP:Q}
+PLIST_SUBST+= RADVER=${RADVER}
+MESSAGE_SRC+= ${WRKDIR}/.MESSAGE_SRC
+MESSAGE_SUBST+= CHOWN=${CHOWN:Q} CHMOD=${CHMOD:Q} VARBASE=${VARBASE}
+MESSAGE_SUBST+= RADIUS_USER=${RADIUS_USER:Q} XARGS=${XARGS:Q}
+MESSAGE_SUBST+= RADIUS_GROUP=${RADIUS_GROUP:Q} FIND=${FIND:Q}
+
+PKG_SYSCONFSUBDIR= raddb
+RCD_SCRIPTS= radiusd
+RADIUS_USER?= radius
+RADIUS_GROUP?= radius
+PKG_GROUPS= ${RADIUS_USER}
+PKG_USERS= ${RADIUS_USER}:${RADIUS_GROUP}
+PKG_GROUPS_VARS+= RADIUS_GROUP
+PKG_USERS_VARS+= RADIUS_USER
+OWN_DIRS_PERMS+= ${VARBASE}/run/radiusd \
+ ${RADIUS_USER} ${RADIUS_GROUP} 0750
+OWN_DIRS_PERMS+= ${VARBASE}/log/radiusd \
+ ${RADIUS_USER} ${RADIUS_GROUP} 0750
+OWN_DIRS_PERMS+= ${VARBASE}/log/radiusd/radacct \
+ ${RADIUS_USER} ${RADIUS_GROUP} 0750
+
+RADVER= 2.0.4
+EGDIR= ${PREFIX}/share/examples/freeradius
+
+BUILDLINK_API_DEPENDS.openssl+= openssl>=0.9.7
+
+CONFIGURE_ARGS+= --with-logdir=${VARBASE}/log/radiusd
+CONFIGURE_ARGS+= --localstatedir=${VARBASE:Q}
+CONFIGURE_ARGS+= --sysconfdir=${PKG_SYSCONFBASEDIR:Q}
+CONFIGURE_ARGS+= --disable-ltdl-install
+CONFIGURE_ARGS+= --with-ltdl-lib=${PREFIX}/lib
+CONFIGURE_ARGS+= --with-ltdl-include=${PREFIX}/include
+CONFIGURE_ARGS+= --without-rlm_ippool
+CONFIGURE_ARGS+= --without-rlm_smb
+CONFIGURE_ARGS+= --without-rlm_sql_iodbc
+CONFIGURE_ARGS+= --without-rlm_sql_oracle
+CONFIGURE_ARGS+= --without-rlm_sql_unixodbc
+CONFIGURE_ARGS+= --quiet
+#CONFIGURE_ARGS+= --without-rlm_eap_peap
+#CONFIGURE_ARGS+= --without-rlm_eap_sim
+#CONFIGURE_ARGS+= --without-rlm_eap_tls
+#CONFIGURE_ARGS+= --without-rlm_eap_ttls
+
+REPLACE_PERL= scripts/radsqlrelay
+
+SUBST_CLASSES= make
+SUBST_STAGE.make= post-patch
+SUBST_FILES.make= src/modules/rlm_mschap/Makefile \
+ src/modules/rlm_sql/drivers/rlm_sql_postgresql/Makefile.in
+SUBST_SED.make= -e "s|RLM_LDFLAGS =|RLM_LDFLAGS = \
+ -L../../../src/lib/.libs/ -lradius|g"
+SUBST_SED.make+= -e "s|RLM_SQL_LIBS =|RLM_SQL_LIBS = \
+ -L${PREFIX}/lib|g"
+SUBST_MESSAGE.make= Fixing Makefiles.
+
+SUBST_CLASSES+= config
+SUBST_STAGE.config= post-patch
+SUBST_FILES.config= raddb/radiusd.conf.in
+SUBST_SED.config= -e "s|@@RADIUS_USER@@|${RADIUS_USER}|g"
+SUBST_SED.config+= -e "s|@@RADIUS_GROUP@@|${RADIUS_GROUP}|g"
+SUBST_MESSAGE.config= Fixing configuration files.
+
+.include "options.mk"
+
+EGFILES= certs/demoCA/cacert.pem certs/bootstrap certs/xpextensions \
+ certs/client.cnf certs/server.cnf certs/README certs/ca.cnf \
+ sql/mssql/dialup.conf sql/mssql/schema.sql \
+ sql/mysql/dialup.conf sql/mysql/nas.sql sql/mysql/ippool.conf \
+ sql/mysql/schema.sql sql/mysql/counter.conf \
+ sql/mysql/ippool.sql sql/oracle/dialup.conf sql/oracle/nas.sql \
+ sql/oracle/schema.sql sql/oracle/ippool.sql \
+ sql/postgresql/dialup.conf sql/postgresql/nas.sql \
+ sql/postgresql/voip-postpaid.conf sql/postgresql/ippool.conf \
+ sql/postgresql/schema.sql sql/postgresql/ippool.sql \
+ sql/postgresql/cisco_h323_db_schema.sql \
+ sql/postgresql/counter.conf sql/postgresql/admin.sql \
+ sql/postgresql/update_radacct_group_trigger.sql policy.txt \
+ experimental.conf radiusd.conf otp.conf policy.conf \
+ preproxy_users users vmpsd.conf.in acct_users snmp.conf \
+ ldap.attrmap clients.conf huntgroups sql.conf sqlippool.conf \
+ sites-available/inner-tunnel sites-available/example \
+ sites-available/buffered-sql sites-available/default \
+ sites-available/vmps sites-available/README \
+ sites-available/proxy-inner-tunnel \
+ sites-available/copy-acct-to-home-server attrs.pre-proxy \
+ sites-available/dhcp sites-available/robust-proxy-accounting \
+ sites-available/virtual.example.com sql/mysql/admin.sql \
+ eap.conf attrs.accounting_response hints attrs.access_reject \
+ templates.conf attrs proxy.conf dictionary
+
+EGDIRS= certs certs/demoCA sql sql/mssql sql/mysql sql/oracle \
+ sql/postgresql sites-available
+
+.for f in ${EGFILES}
+CONF_FILES_PERMS+= ${EGDIR}/${f} ${PKG_SYSCONFDIR}/${f} \
+ ${RADIUS_USER} ${RADIUS_GROUP} 0640
+.endfor
+
+.include "../../security/openssl/buildlink3.mk"
+.include "../../devel/libltdl/buildlink3.mk"
+.include "../../mk/pthread.buildlink3.mk"
+
+.if defined(PTHREAD_TYPE) && ${PTHREAD_TYPE} == "none"
+CONFIGURE_ARGS+= --without-threads
+.endif
+
+.if defined(PTHREAD_TYPE) && ${PTHREAD_TYPE} == "pth"
+.include "../../devel/pthread-sem/buildlink3.mk"
+SUBST_SED.make+= -e 's|@ldap_ldflags@|@ldap_ldflags@ \
+ ${PTHREAD_LDFLAGS:M*:Q} ${PTHREAD_LIBS:M*:Q} -lsemaphore|g'
+.endif
+
+.if defined(PTHREAD_TYPE) && ${PTHREAD_TYPE} == "native"
+SUBST_SED.make+= -e 's|@ldap_ldflags@|@ldap_ldflags@ \
+ ${PTHREAD_LDFLAGS:M*:Q} ${PTHREAD_LIBS:M*:Q}|g'
+.endif
+
+.if ${MACHINE_ARCH} == "amd64"
+CFLAGS+= -fPIC
+.endif
+
+post-build:
+ ${CP} ${PKGDIR}/PLIST ${WRKDIR}/.PLIST_SRC
+ ${CP} ${PKGDIR:Q}/MESSAGE ${WRKDIR:Q}/.MESSAGE_SRC
+
+. if !empty(PKG_OPTIONS:Mpam)
+ ${CP} ${PKGDIR:Q}/MESSAGE.pam ${WRKDIR:Q}/.MESSAGE_SRC.pam
+. endif
+
+post-install:
+ ${INSTALL_DATA_DIR} ${EGDIR}
+
+. for d in ${EGDIRS}
+ ${INSTALL_DATA_DIR} ${EGDIR}/${d}
+. endfor
+
+. for f in ${EGFILES}
+ ${INSTALL_DATA} ${WRKSRC}/raddb/${f} ${EGDIR}/${f}
+. endfor
+
+ ${INSTALL_DATA} ${WRKSRC}/src/modules/rlm_perl/example.pl ${EGDIR}
+
+. for d in ${EGDIRS}
+ ${MKDIR} ${PKG_SYSCONFDIR}/${d}
+. endfor
+
+ ${CHOWN} ${RADIUS_USER}:${RADIUS_GROUP} ${PKG_SYSCONFDIR}/certs
+ ${CHOWN} ${RADIUS_USER}:${RADIUS_GROUP} ${PKG_SYSCONFDIR}/certs/demoCA
+ ${CHMOD} 0750 ${PKG_SYSCONFDIR}/certs
+ ${CHMOD} 0750 ${PKG_SYSCONFDIR}/certs/demoCA
+
+.include "../../mk/bsd.pkg.mk"
diff -r 64288441851a -r 641f42bcc22a net/freeradius2/PLIST
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/net/freeradius2/PLIST Thu May 15 19:43:47 2008 +0000
@@ -0,0 +1,444 @@
+@comment $NetBSD: PLIST,v 1.1.1.1 2008/05/15 19:43:47 adrianp Exp $
+bin/radclient
+bin/radeapclient
+bin/radlast
+bin/radsniff
+bin/radsqlrelay
+bin/radtest
+bin/radwho
+bin/radzap
+bin/smbencrypt
+include/freeradius/hash.h
+include/freeradius/ident.h
+include/freeradius/libradius.h
+include/freeradius/md4.h
+include/freeradius/md5.h
+include/freeradius/missing.h
+include/freeradius/packet.h
+include/freeradius/radius.h
+include/freeradius/radpaths.h
+include/freeradius/sha1.h
+include/freeradius/token.h
+include/freeradius/udpfromto.h
+include/freeradius/vqp.h
+lib/rlm_acct_unique-${RADVER}.la
+lib/rlm_acct_unique.la
+lib/rlm_always-${RADVER}.la
+lib/rlm_always.la
+lib/rlm_attr_filter-${RADVER}.la
+lib/rlm_attr_filter.la
+lib/rlm_attr_rewrite-${RADVER}.la
+lib/rlm_attr_rewrite.la
+lib/rlm_chap-${RADVER}.la
+lib/rlm_chap.la
+lib/rlm_checkval-${RADVER}.la
+lib/rlm_checkval.la
+lib/rlm_detail-${RADVER}.la
+lib/rlm_detail.la
+lib/rlm_digest-${RADVER}.la
+lib/rlm_digest.la
+lib/rlm_eap-${RADVER}.la
+lib/rlm_eap.la
Home |
Main Index |
Thread Index |
Old Index