pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
pkgsrc: freeradius: Updated to 3.0.16
details: https://anonhg.NetBSD.org/pkgsrc/rev/fcf908108acd
branches: trunk
changeset: 306168:fcf908108acd
user: nonaka <nonaka%pkgsrc.org@localhost>
date: Thu Apr 12 01:21:07 2018 +0000
description:
freeradius: Updated to 3.0.16
2018.01.11 Version 3.0.16 has been released.
The focus of this release is stability.
Feature Improvements
* rlm_python now supports multiple lists. From #2031.
* Add trust router re-keying. From #2007.
* Add support for Samba / AD LDAP schema See doc/schemas/ldap/samba/README.txt
and doc/schemas/ldap/samba/.
* Add "tls_min_version" and "tls_max_version" to EAP module for Debian OpenSSL
issues.
* Better documentation for client certificates in PEAP and TTLS: it usually
doesn't work. Fixes #2068.
* Distinguish login failure from AD unavailable. Fixes #2069.
* Update RH spec files. Fixes #2070.
* Run Post-Proxy-Type if all home servers are dead Fixes #2072.
* Print offending IP addresses when EAP sessions come from two upstream home
servers, and rate-limit the messages.
* Minor packaging updates.
* Better documentation for rlm_rest.
* EAP-FAST now has it's own "cipher_list", so that it is easier to configure.
* EAP-FAST now forcibly disables TLS1.2, until such time as we implement
the new keying mechanism from TLS1.2.
* Add documentation for allow_expired_crl.
* Update Debian logrotation. #2093 and #2101.
* DHCP relay can now drop responses. #2095.
* rlm_sqlippool can now assign Delegated-IPv6-Prefix It also now can assign
any IPv4 or IPv6 address Based on patches from maximumG. #2094 See
raddb/mods-available/sqlippool for changes.
* radeapclient can now use EAP-SIM-Ki to dynamically create the necessary
triplets.
* Explain why many LDAP connections are closed Fixes #1969.
* Debian build / package issues fixed by Matthew Newton.
* dictionary.patton updates from Brice Schaffner. Fixes #2137.
* Added scripts to build "inner-server.pem", and updated mods-config/inner-eap
and certs/README to match.
* Added provisions for using an external CA. See raddb/certs/.
* Include dhcpclient binary in freeradius-dhcp debian packge.
Bug Fixes
* Bind the lifetime of program name and python path to the module FR-AD-002
(redone).
* Pass correct statement length into sqlite3_prepare[_v2] FR-AD-003 (redone).
* Allow 100-Continue responses with additional headers in rlm_rest.
* fix corner case where detail files were not being locked correctly.
* Fix (SQL-Group == "%{...}") checks, and same for LDAP-Group Fixes #1947.
* Clean up exfile code. Which should help to avoid issues with reading / writing
100's of detail files.
* Fix build for winbind. Patch from Alex Clouter.
* Fix checkrad for Mikrotik. Patch from Muchael Ducharme.
* Fix home server stats lookup. Patch from Phil Mayers.
* Add libjson-c3 as an optional dependency.
* Require LTB OpenLDAP on CentOS / Redhat, to avoid linking against NSS,
which breaks the server. Fixes #2040.
* rlm_python fixes. Fixes #2041.
* Typos in "man" pages. Fixes #2045.
* Expand "next" in %{%{...}:-%{...}}. Fixes #2048.
* Don't add TLS attributes twice. Fixes #2050.
* Fix memory allocation in rlm_rest. Fixes #2051.
* Update trustrouter for new API. Fixes #2059.
* Fix SQLite issues on FreeBSD. Fixes #2060.
* Don't do debug logging of bad passwords. Fixes #2064.
* More graceful handling of "die" in rlm_perl. Fixes #2073.
* Fix occasional crash when using cisco_accounting_username_bug = yes.
* EAP-FAST fixes from Isaac Boukris #2078, #2076, and #2082, #2126.
* DHCP fixes, relay, #2092, add run-time check, #2028.
* Decode multiple RADIUS packets at a time in highly loaded RadSec connections. Patch from Jan Tomasek. #2106.
* TunnelPassword is not "single value" in LDAP schema Fixes #2061.
* sql log now opens the expanded filename, not the input one This was
a regression introduced in 3.0.15.
* Remove unnecessary UNIQUE constrain in Oracle schemas.
* Fix SSL thread and locking issues when modules also use SSL Fixes #2125 and
#2129.
* Re-add dhcpclient "raw packet" changes. Patches from Nicolas Chaigne and
Matthew Newton. Fixes #2155.
diffstat:
net/freeradius/DEINSTALL | 4 +-
net/freeradius/INSTALL | 4 +-
net/freeradius/Makefile | 11 ++--
net/freeradius/Makefile.common | 4 +-
net/freeradius/PLIST | 11 +++-
net/freeradius/distinfo | 17 +++----
net/freeradius/patches/patch-ai | 38 +----------------
net/freeradius/patches/patch-configure.ac | 38 +----------------
net/freeradius/patches/patch-rlm_krb5_configure | 50 ----------------------
net/freeradius/patches/patch-rlm_perl_configure | 24 ----------
net/freeradius/patches/patch-rlm_yubikey_configure | 15 ------
11 files changed, 28 insertions(+), 188 deletions(-)
diffs (truncated from 369 to 300 lines):
diff -r 11f278640a80 -r fcf908108acd net/freeradius/DEINSTALL
--- a/net/freeradius/DEINSTALL Wed Apr 11 19:56:28 2018 +0000
+++ b/net/freeradius/DEINSTALL Thu Apr 12 01:21:07 2018 +0000
@@ -1,11 +1,11 @@
-# $NetBSD: DEINSTALL,v 1.1 2017/08/26 10:07:27 fhajny Exp $
+# $NetBSD: DEINSTALL,v 1.2 2018/04/12 01:21:07 nonaka Exp $
#
# Remove default symlinks in ${PKG_SYSCONFDIR} for enabled modules/sites
#
SITES_ENABLED="default inner-tunnel"
MODS_ENABLED="always attr_filter cache_eap chap date detail detail.log
- dhcp digest dynamic_clients eap echo exec expiration expr
+ digest dynamic_clients eap echo exec expiration expr
files linelog logintime mschap ntlm_auth pap passwd preprocess
radutmp realm replicate soh sradutmp unix unpack utf8"
diff -r 11f278640a80 -r fcf908108acd net/freeradius/INSTALL
--- a/net/freeradius/INSTALL Wed Apr 11 19:56:28 2018 +0000
+++ b/net/freeradius/INSTALL Thu Apr 12 01:21:07 2018 +0000
@@ -1,11 +1,11 @@
-# $NetBSD: INSTALL,v 1.1 2017/08/26 10:07:27 fhajny Exp $
+# $NetBSD: INSTALL,v 1.2 2018/04/12 01:21:07 nonaka Exp $
#
# Create default symlinks in ${PKG_SYSCONFDIR} for enabled modules/sites
#
SITES_ENABLED="default inner-tunnel"
MODS_ENABLED="always attr_filter cache_eap chap date detail detail.log
- dhcp digest dynamic_clients eap echo exec expiration expr
+ digest dynamic_clients eap echo exec expiration expr
files linelog logintime mschap ntlm_auth pap passwd preprocess
radutmp realm replicate soh sradutmp unix unpack utf8"
diff -r 11f278640a80 -r fcf908108acd net/freeradius/Makefile
--- a/net/freeradius/Makefile Wed Apr 11 19:56:28 2018 +0000
+++ b/net/freeradius/Makefile Thu Apr 12 01:21:07 2018 +0000
@@ -1,6 +1,5 @@
-# $NetBSD: Makefile,v 1.94 2018/01/28 20:10:58 wiz Exp $
+# $NetBSD: Makefile,v 1.95 2018/04/12 01:21:07 nonaka Exp $
-PKGREVISION= 1
.include "Makefile.common"
PKGNAME= ${DISTNAME:S/-server//}
@@ -30,6 +29,7 @@
CONFIGURE_ARGS+= --without-rlm_sql_postgresql
CONFIGURE_ARGS+= --without-rlm_sql_unixodbc
+RCD_SCRIPTS= radiusd
RADIUS_GROUP?= radiusd
RADIUS_USER?= radiusd
PKG_GROUPS= ${RADIUS_GROUP}
@@ -53,10 +53,10 @@
EGDIR= ${PREFIX}/share/examples/freeradius
-EGFILES= certs/ca.cnf certs/client.cnf certs/Makefile \
- certs/README certs/server.cnf certs/xpextensions \
+EGFILES= certs/ca.cnf certs/client.cnf certs/inner-server.cnf \
+ certs/Makefile certs/README certs/server.cnf \
+ certs/xpextensions \
clients.conf dictionary experimental.conf \
- hints huntgroups \
mods-available/abfab_psk_sql mods-available/always \
mods-available/attr_filter mods-available/cache \
mods-available/cache_eap mods-available/chap \
@@ -147,7 +147,6 @@
mods-config/sql/main/oracle/queries.conf \
mods-config/sql/main/oracle/schema.sql \
mods-config/sql/main/postgresql/extras/cisco_h323_db_schema.sql \
- mods-config/sql/main/postgresql/extras/update_radacct_group.sql \
mods-config/sql/main/postgresql/extras/voip-postpaid.conf \
mods-config/sql/main/postgresql/queries.conf \
mods-config/sql/main/postgresql/schema.sql \
diff -r 11f278640a80 -r fcf908108acd net/freeradius/Makefile.common
--- a/net/freeradius/Makefile.common Wed Apr 11 19:56:28 2018 +0000
+++ b/net/freeradius/Makefile.common Thu Apr 12 01:21:07 2018 +0000
@@ -1,7 +1,7 @@
-# $NetBSD: Makefile.common,v 1.1 2017/08/26 10:07:28 fhajny Exp $
+# $NetBSD: Makefile.common,v 1.2 2018/04/12 01:21:07 nonaka Exp $
# used by net/freeradius/Makefile.module
-DISTNAME= freeradius-server-3.0.15
+DISTNAME= freeradius-server-3.0.16
CATEGORIES= net
MASTER_SITES= ftp://ftp.freeradius.org/pub/freeradius/
EXTRACT_SUFX= .tar.bz2
diff -r 11f278640a80 -r fcf908108acd net/freeradius/PLIST
--- a/net/freeradius/PLIST Wed Apr 11 19:56:28 2018 +0000
+++ b/net/freeradius/PLIST Thu Apr 12 01:21:07 2018 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.28 2018/01/23 15:31:23 jperkin Exp $
+@comment $NetBSD: PLIST,v 1.29 2018/04/12 01:21:07 nonaka Exp $
bin/dhcpclient
bin/map_unit
bin/rad_counter
@@ -303,6 +303,12 @@
share/doc/freeradius/schemas/ldap/openldap/freeradius-clients.schema
share/doc/freeradius/schemas/ldap/openldap/freeradius.ldif
share/doc/freeradius/schemas/ldap/openldap/freeradius.schema
+share/doc/freeradius/schemas/ldap/samba/README.txt
+share/doc/freeradius/schemas/ldap/samba/freeradius-attrs.ldif
+share/doc/freeradius/schemas/ldap/samba/freeradius-classes.ldif
+share/doc/freeradius/schemas/ldap/samba/freeradius-clients-attrs.ldif
+share/doc/freeradius/schemas/ldap/samba/freeradius-clients-classes.ldif
+share/doc/freeradius/schemas/ldap/samba/freeradius-user.ldif
share/doc/freeradius/schemas/logstash/README
share/doc/freeradius/schemas/logstash/kibana4-dashboard.json
share/doc/freeradius/schemas/logstash/log-courier.conf
@@ -319,6 +325,7 @@
share/examples/freeradius/certs/bootstrap
share/examples/freeradius/certs/ca.cnf
share/examples/freeradius/certs/client.cnf
+share/examples/freeradius/certs/inner-server.cnf
share/examples/freeradius/certs/server.cnf
share/examples/freeradius/certs/xpextensions
share/examples/freeradius/clients.conf
@@ -449,7 +456,6 @@
share/examples/freeradius/mods-config/sql/main/oracle/queries.conf
share/examples/freeradius/mods-config/sql/main/oracle/schema.sql
share/examples/freeradius/mods-config/sql/main/postgresql/extras/cisco_h323_db_schema.sql
-share/examples/freeradius/mods-config/sql/main/postgresql/extras/update_radacct_group.sql
share/examples/freeradius/mods-config/sql/main/postgresql/extras/voip-postpaid.conf
share/examples/freeradius/mods-config/sql/main/postgresql/queries.conf
share/examples/freeradius/mods-config/sql/main/postgresql/schema.sql
@@ -470,7 +476,6 @@
share/examples/freeradius/mods-enabled/date
share/examples/freeradius/mods-enabled/detail
share/examples/freeradius/mods-enabled/detail.log
-share/examples/freeradius/mods-enabled/dhcp
share/examples/freeradius/mods-enabled/digest
share/examples/freeradius/mods-enabled/dynamic_clients
share/examples/freeradius/mods-enabled/eap
diff -r 11f278640a80 -r fcf908108acd net/freeradius/distinfo
--- a/net/freeradius/distinfo Wed Apr 11 19:56:28 2018 +0000
+++ b/net/freeradius/distinfo Thu Apr 12 01:21:07 2018 +0000
@@ -1,14 +1,11 @@
-$NetBSD: distinfo,v 1.34 2018/03/31 20:10:49 joerg Exp $
+$NetBSD: distinfo,v 1.35 2018/04/12 01:21:07 nonaka Exp $
-SHA1 (freeradius-server-3.0.15.tar.bz2) = f651142a31b514fc80d888fe8ab5040cbfdd546e
-RMD160 (freeradius-server-3.0.15.tar.bz2) = 46d2d491b71516c6db7659e46e1ec44c7fbf9d1f
-SHA512 (freeradius-server-3.0.15.tar.bz2) = a2808f0b70b73f11c4c7d00edcb4a56a2ab8f73ce0ff74a9834c8b613ce5ed75ece372f852b0891f68c6a33f50c1bababb76d2eff9326a7fc29fe6b45ec9af88
-Size (freeradius-server-3.0.15.tar.bz2) = 3038070 bytes
-SHA1 (patch-ai) = 834fea0886410de30ed489fa39be066fa3fb3186
-SHA1 (patch-configure.ac) = 2e1a979f51122f4c214f11574116a9a7695387d0
+SHA1 (freeradius-server-3.0.16.tar.bz2) = a7d1a88e112ce41ad08bd8beb66a5bdf36cac755
+RMD160 (freeradius-server-3.0.16.tar.bz2) = 0acbc54bc135ac18dc22c09f492b57eef8160a7b
+SHA512 (freeradius-server-3.0.16.tar.bz2) = fc26e8655e8155ad8b3d4e796a43fa9954f413195f0210e7e94c6b67e0b43d765e7886d9835fe56de0a70d13bba47868dd274f9e8a5669fdb2478a269b48ed10
+Size (freeradius-server-3.0.16.tar.bz2) = 3054887 bytes
+SHA1 (patch-ai) = e32ffd24b93e2cef2e72ef9a8ea59d49e1571dc0
+SHA1 (patch-configure.ac) = ffec1f851d23f560797c12eba5092f2940e4d662
SHA1 (patch-main_command.c) = 1c79b29eb13df341906c710c8dd41860a27473dd
SHA1 (patch-main_util.c) = b9cefdb9bc30df0906184e8c0bb883e5258767c3
-SHA1 (patch-rlm_krb5_configure) = e97f0efe85c449d3b8a9aa450b6b7d1d0e4c6b89
-SHA1 (patch-rlm_perl_configure) = 577d6f0df7322ee12a99aafcdcc2d0b40e89eb69
-SHA1 (patch-rlm_yubikey_configure) = ea62cc0e87da014befbd0ad79f68dc852dc0f254
SHA1 (patch-src_lib_udpfromto.c) = c8fce29e2b481820f1cc2196577f7d38bb549e1c
diff -r 11f278640a80 -r fcf908108acd net/freeradius/patches/patch-ai
--- a/net/freeradius/patches/patch-ai Wed Apr 11 19:56:28 2018 +0000
+++ b/net/freeradius/patches/patch-ai Thu Apr 12 01:21:07 2018 +0000
@@ -1,36 +1,9 @@
-$NetBSD: patch-ai,v 1.12 2017/09/09 22:46:57 joerg Exp $
+$NetBSD: patch-ai,v 1.13 2018/04/12 01:21:07 nonaka Exp $
Portable test syntax
--- configure.orig 2017-07-17 12:43:00.000000000 +0000
+++ configure
-@@ -9047,7 +9047,7 @@ fi
-
- smart_prefix=
-
-- if test "x$ac_cv_header_pcap_h" == "xyes"; then
-+ if test "x$ac_cv_header_pcap_h" = "xyes"; then
-
- $as_echo "#define HAVE_PCAP_H 1" >>confdefs.h
-
-@@ -9290,7 +9290,7 @@ fi
-
- smart_prefix=
-
-- if test "x$ac_cv_header_collectd_client_h" == "xyes"; then
-+ if test "x$ac_cv_header_collectd_client_h" = "xyes"; then
-
- $as_echo "#define HAVE_COLLECTDC_H 1" >>confdefs.h
-
-@@ -9533,7 +9533,7 @@ fi
-
- smart_prefix=
-
-- if test "x$ac_cv_header_sys_capability_h" == "xyes"; then
-+ if test "x$ac_cv_header_sys_capability_h" = "xyes"; then
-
- $as_echo "#define HAVE_CAPABILITY_H 1" >>confdefs.h
-
@@ -10133,7 +10133,49 @@ $as_echo "no" >&6; }
eval "ac_cv_type_${ac_safe_type}_has_ipi_addr="
fi
@@ -82,12 +55,3 @@
$as_echo "#define HAVE_IP_PKTINFO /**/" >>confdefs.h
-@@ -12656,7 +12698,7 @@ subdirs="$subdirs $mysubdirs"
-
-
-
--if test "x$werror" == "xyes"; then
-+if test "x$werror" = "xyes"; then
- CFLAGS="-Werror $CFLAGS"
- fi
-
diff -r 11f278640a80 -r fcf908108acd net/freeradius/patches/patch-configure.ac
--- a/net/freeradius/patches/patch-configure.ac Wed Apr 11 19:56:28 2018 +0000
+++ b/net/freeradius/patches/patch-configure.ac Thu Apr 12 01:21:07 2018 +0000
@@ -1,37 +1,10 @@
-$NetBSD: patch-configure.ac,v 1.1 2017/09/09 22:46:57 joerg Exp $
+$NetBSD: patch-configure.ac,v 1.2 2018/04/12 01:21:07 nonaka Exp $
Check if in_pkt_info has ipi_spec_dst before trying to use (NetBSD 8 doesn't).
Fix test syntax.
--- configure.ac.orig 2017-07-17 12:43:00.000000000 +0000
+++ configure.ac
-@@ -1213,7 +1213,7 @@ else
- dnl #
- smart_try_dir="$pcap_include_dir"
- FR_SMART_CHECK_INCLUDE([pcap.h])
-- if test "x$ac_cv_header_pcap_h" == "xyes"; then
-+ if test "x$ac_cv_header_pcap_h" = "xyes"; then
- AC_DEFINE(HAVE_PCAP_H, 1, [Define to 1 if you have the <pcap.h> header file.])
- AC_SUBST(PCAP_LIBS)
- AC_SUBST(PCAP_LDFLAGS)
-@@ -1231,7 +1231,7 @@ else
- dnl #
- smart_try_dir="$collectdclient_include_dir"
- FR_SMART_CHECK_INCLUDE([collectd/client.h])
-- if test "x$ac_cv_header_collectd_client_h" == "xyes"; then
-+ if test "x$ac_cv_header_collectd_client_h" = "xyes"; then
- AC_DEFINE(HAVE_COLLECTDC_H, 1, [Define to 1 if you have the `collectdclient' library (-lcollectdclient).])
- AC_SUBST(COLLECTDC_LIBS)
- AC_SUBST(COLLECTDC_LDFLAGS)
-@@ -1251,7 +1251,7 @@ else
- dnl #
- smart_try_dir="$cap_include_dir"
- FR_SMART_CHECK_INCLUDE([sys/capability.h])
-- if test "x$ac_cv_header_sys_capability_h" == "xyes"; then
-+ if test "x$ac_cv_header_sys_capability_h" = "xyes"; then
- AC_DEFINE(HAVE_CAPABILITY_H, 1, [Define to 1 if you have the <sys/capability.h> header file.])
- else
- AC_MSG_WARN([cap headers not found, will not perform debugger checks. Use --with-cap-include-dir=<path>.])
@@ -1511,7 +1511,8 @@ dnl #
dnl # struct ip_pktinfo
dnl #
@@ -42,12 +15,3 @@
AC_DEFINE(HAVE_IP_PKTINFO, [], [define if you have IP_PKTINFO (Linux)])
fi
-@@ -2217,7 +2218,7 @@ dnl # Add -Werror last, so it doesn't i
- dnl # test programs.
- dnl #
- dnl #############################################################
--if test "x$werror" == "xyes"; then
-+if test "x$werror" = "xyes"; then
- CFLAGS="-Werror $CFLAGS"
- fi
-
diff -r 11f278640a80 -r fcf908108acd net/freeradius/patches/patch-rlm_krb5_configure
--- a/net/freeradius/patches/patch-rlm_krb5_configure Wed Apr 11 19:56:28 2018 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,50 +0,0 @@
-$NetBSD: patch-rlm_krb5_configure,v 1.1 2017/08/26 10:07:28 fhajny Exp $
-
-Portable test syntax
-
---- src/modules/rlm_krb5/configure.orig 2016-09-29 15:19:48.000000000 +0000
-+++ src/modules/rlm_krb5/configure
-@@ -3913,7 +3913,7 @@ if test "x$smart_lib" != "x"; then
- SMART_LIBS="$smart_ldflags $smart_lib $SMART_LIBS"
- fi
-
-- if test "x$ac_cv_lib_krb5_krb5_verify_user_opt" == xyes; then
-+ if test "x$ac_cv_lib_krb5_krb5_verify_user_opt" = xyes; then
- krb5_api_type='heimdal'
- else
- krb5_api_type='mit'
-@@ -4114,13 +4114,13 @@ _ACEOF
- fi
- done
-
-- if test "x$ac_cv_func_krb5_get_error_message" == xyes; then
-+ if test "x$ac_cv_func_krb5_get_error_message" = xyes; then
- krb5mod_cflags="${krb5mod_cflags} -DHAVE_KRB5_GET_ERROR_MESSAGE"
- fi
-- if test "x$ac_cv_func_krb5_free_error_message" == xyes; then
-+ if test "x$ac_cv_func_krb5_free_error_message" = xyes; then
- krb5mod_cflags="${krb5mod_cflags} -DHAVE_KRB5_FREE_ERROR_MESSAGE"
- fi
-- if test "x$ac_cv_func_krb5_free_error_string" == xyes; then
Home |
Main Index |
Thread Index |
Old Index