Subject: CVS commit: pkgsrc/net/radiusd-cistron
To: None <pkgsrc-changes@NetBSD.org>
From: Martti Kuparinen <firstname.lastname@example.org>
Date: 12/16/2003 19:19:41
Module Name: pkgsrc
Committed By: martti
Date: Tue Dec 16 19:19:41 UTC 2003
pkgsrc/net/radiusd-cistron: Makefile PLIST distinfo
pkgsrc/net/radiusd-cistron/patches: patch-aa patch-ab patch-af
radiusd-cistron (1.6.7) cistron; urgency=medium
* Fix checkrad.pl::cisco_snmp and usrhiper_snmp so that communities
other than "public" can be used too.
* Error out on superflous command line args (optind >= argc)
* Encrypt CHAP-Password in radclient so that CHAP can be tested too
* Add "wildcard" option to realms - if you set this option, you can
match on the entire username using shell wildcards in the realms file.
* If the nastype in /etc/raddb/naslist is set to 'none' for a nas,
logins on that nas will have no simultaneous use restrictions imposed
and those logins will not count towards the total amount of logins.
* Removed 'raduse' and manpage.
* Can disable radutmp with "-u none" (likewise radwtmp with "-W none",
though we already had "-w" for that).
* Call checkrad with an extra argument, the framed IP address.
* Fix bug where $INCLUDEing a file without any records would
cause the rest of the original file to be ignored
* Support for 64-bit wide integers (integer8 type). If compiled with
gcc, users file can contain both hex and decimal 64-bit values,
and 64-bit values are printed in decimal. With other compilers
(no "long long" support) only hex 64-bit values are supported.
* Change "_" to "-" in dictionary.redback and change the 64 bits
values to integer8.
* Moved the dictionary files to /usr/local/share/radius. Now
only /etc/raddb/dictionary remains that $INCLUDES all the others.
For new installs only; existing installations won't be changed
* Make integer in the format string of sprintf(buf, "%03d:%.20s", ..) in
make_wtmp() unsigned (%u), otherwise the sprintf could in some cases
(negative NAS-Port, very long NAS-name) overrun the buffer by one
byte, overwriting the least significant byte of the return address
on the stack with a \0. Not sure if this is exploitable or not,
but it could be a security problem.
* Make sure ut.login (struct radutmp member) is treated everywhere
as a NON-zero terminated string.
* Make sure unsigned integers are used in all places using lvalues
(32 bits radius values), especially nas_port.
* radrelay: update id of packet when retransmitting.
* Print an error and free the request struct if we receive an unknown
* rad_check_multi: if username/NAS/port match, don't count as dup.
To generate a diff of this commit:
cvs rdiff -r1.10 -r1.11 pkgsrc/net/radiusd-cistron/Makefile
cvs rdiff -r1.6 -r1.7 pkgsrc/net/radiusd-cistron/PLIST
cvs rdiff -r1.4 -r1.5 pkgsrc/net/radiusd-cistron/distinfo
cvs rdiff -r1.3 -r1.4 pkgsrc/net/radiusd-cistron/patches/patch-aa \
cvs rdiff -r1.2 -r1.3 pkgsrc/net/radiusd-cistron/patches/patch-af
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.