pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/net freeradius: updated to 3.0.20



details:   https://anonhg.NetBSD.org/pkgsrc/rev/dd342780c87c
branches:  trunk
changeset: 419924:dd342780c87c
user:      adam <adam%pkgsrc.org@localhost>
date:      Mon Dec 30 18:17:22 2019 +0000

description:
freeradius: updated to 3.0.20

FreeRADIUS 3.0.20 Thu 14 Nov 2019 12:00:00 EDT urgency=medium
Feature improvements
* Add Jenkins continuous integration.
  Used to build http://packages.networkradius.com/
* Added Force10 dictionary.
* Update dictionary.hp with new attributes.
* Update dictionary.aruba with new attributes.
* Update logrotate settings to rotate as non-root user.
* Fix side-channel leak in EAP-PWD.  Patch from Mathy Vanhoef.
* Relax OpenSSL version checks, now that their API is both
  public, and stable.
* Note that tls_min_version/tls_max_version also support "1.3"
  Since there is no standard yet for EAP with TLS 1.3, it
  will not work.
* Added tripplite dictionary.
* Switch to the async interface for rlm_sql_postgresql so that
  we can enforce query_timeout.
* Added new LDAP option 'allow_dangling_group_ref'.
* Updated documentation and functionality for EAP session caching.
  See "cache" section of mods-available/eap.
* Tighten systemd unit file security.
* Disable TLS 1.0 and TLS 1.1 support in the default configuration.
  We STRONGLY recommend doing this for all installations.
* Add expansions for *outgoing* Radsec connections.
  "%{proxy_listen:TLS-...}"  for TLS-Client-Cert-* and TLS-Cert-*
  attributes.
* Add %{listen:tls} which returns "yes" or "no" for TLS or non-TLS
  connections.
* Update dictionary.lancom with new attributes.
* Added rlm_sql_mongo.  See raddb/mods-available/sql.  Note that
  this module is experimental.
* Added more documentation in sites-available/robust-proxy-accounting
* sqlippool now re-allocates unexpired leases, to prevent IP pool
  exhaustion when clients perform multiple reauthentication attempts.
  Patch from Terry Burton.
* Add support to radmin keep the history in ~/.radmin_history
* Add support for ENV and LD_PRELOAD in radiusd.conf.  See the new
  ENV sub-section of radiusd.conf.
* Update dictionary.aptilo.
* Update dictionary.airespace.
* Add sites-available/coa-relay, which makes CoA easier.
  Patch from Terry Burton.
* Add example stored procedure for IP Pools in MySQL.
  See mods-config/sql/ippool/mysql/procedure.sql
  Patch from Terry Burton.
* Update dictionary.dhcp dictionary with the recent hardware types.
* Add experimental rlm_python3.  This should largely work the same
  as rlm_python, which was Python2 only.
* Add Dockerfiles for Debian10 and CentOS8.
* Add RPM spec file compatibility for RHEL/CentOS 8.
* Notes on iOS 13 certificate issues.  See
  https://support.apple.com/en-us/HT210176.
* Notes on certificate constraints.  See raddb/certs/server.cnf.
* Add NAIRealm example to raddb/certs/server.cnf, for RFC 7585.

Bug fixes
* Allow listen.ipaddr to reference an IPv6-only host.
* ERX-Acct-Request-Reason is "integer".
* Fix a slow memory leak in the file management code.
* Try to fix file permissions if they get modified while
  the server is running.
* Fix slow memory leak with clients.
* Fix request and connection timeouts in rlm_rest.
* Fix systemd issues.  Patches from Daniele Rondina.
* Fixes from clang analyzer.
* Fix missing include for the dictionaries: alcatel.esam,
  altiga,alvarion.wimax.v2_2,aptis,asn,audiocodes,avaya,bristol,
  columbia_university,freedhcp,garderos,infoblox,motorola.illegal,
  starent.vsa1, telkom, wimax.wichorus.
* Fix internal sanity check when running with "-Xx"
* Allow "inner-tunnel" virtual servers to work better with
  "accept" and "reject" policies.
* Fix dictionary.huawei data types for Huawei-DNS-Server-IPv6-address
  and Huawei-Framed-IPv6-Address.
* Framed-Interface-ID in postgresql/queries.conf is string, not inet

* Fix rlm_cache to complain on unknown attributes in the
  "update" section of its configuration.
* Add configure checks for -latomic.  This helps on armel, mips
  and mipsel.
* Add support to Oracle 19 and 18.
* Add support for decoding tags in rlm_rest.
* Use correct passwords when updating CRLs in raddb/certs/
* Properly separate "originate-coa" packets when accounting packets
  are read from the detail file reader.
* Use the correct virtual server for pre/post-proxy.
* radsqlrelay fixes backported from "master" branch.
  Patches from Terry Burton.
* Fix DoS issues due to multithreaded BN_CTX access.
  Patch from Mathy Vanhoef.  CVE-2019-17185

diffstat:

 net/freeradius-freetds/Makefile |   3 +--
 net/freeradius-perl/Makefile    |   3 +--
 net/freeradius-rest/Makefile    |   3 +--
 net/freeradius/DEINSTALL        |   4 +++-
 net/freeradius/Makefile         |   3 +--
 net/freeradius/Makefile.common  |   6 +++---
 net/freeradius/PLIST            |   9 ++++++++-
 net/freeradius/distinfo         |  10 +++++-----
 8 files changed, 23 insertions(+), 18 deletions(-)

diffs (157 lines):

diff -r f867a0469142 -r dd342780c87c net/freeradius-freetds/Makefile
--- a/net/freeradius-freetds/Makefile   Mon Dec 30 18:01:51 2019 +0000
+++ b/net/freeradius-freetds/Makefile   Mon Dec 30 18:17:22 2019 +0000
@@ -1,6 +1,5 @@
-# $NetBSD: Makefile,v 1.8 2019/07/20 22:46:37 wiz Exp $
+# $NetBSD: Makefile,v 1.9 2019/12/30 18:17:22 adam Exp $
 
-PKGREVISION= 1
 .include "../../net/freeradius/Makefile.module"
 
 PKGNAME=       ${DISTNAME:S/-server/-freetds/}
diff -r f867a0469142 -r dd342780c87c net/freeradius-perl/Makefile
--- a/net/freeradius-perl/Makefile      Mon Dec 30 18:01:51 2019 +0000
+++ b/net/freeradius-perl/Makefile      Mon Dec 30 18:17:22 2019 +0000
@@ -1,6 +1,5 @@
-# $NetBSD: Makefile,v 1.6 2019/08/11 13:22:08 wiz Exp $
+# $NetBSD: Makefile,v 1.7 2019/12/30 18:17:22 adam Exp $
 
-PKGREVISION= 1
 .include "../../net/freeradius/Makefile.module"
 
 PKGNAME=       ${DISTNAME:S/-server/-perl/}
diff -r f867a0469142 -r dd342780c87c net/freeradius-rest/Makefile
--- a/net/freeradius-rest/Makefile      Mon Dec 30 18:01:51 2019 +0000
+++ b/net/freeradius-rest/Makefile      Mon Dec 30 18:17:22 2019 +0000
@@ -1,6 +1,5 @@
-# $NetBSD: Makefile,v 1.11 2019/08/22 12:23:39 ryoon Exp $
+# $NetBSD: Makefile,v 1.12 2019/12/30 18:17:22 adam Exp $
 
-PKGREVISION= 2
 .include "../../net/freeradius/Makefile.module"
 
 PKGNAME=       ${DISTNAME:S/-server/-rest/}
diff -r f867a0469142 -r dd342780c87c net/freeradius/DEINSTALL
--- a/net/freeradius/DEINSTALL  Mon Dec 30 18:01:51 2019 +0000
+++ b/net/freeradius/DEINSTALL  Mon Dec 30 18:17:22 2019 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: DEINSTALL,v 1.2 2018/04/12 01:21:07 nonaka Exp $
+# $NetBSD: DEINSTALL,v 1.3 2019/12/30 18:17:22 adam Exp $
 #
 # Remove default symlinks in ${PKG_SYSCONFDIR} for enabled modules/sites
 #
@@ -20,5 +20,7 @@
        done
        ${RMDIR} @PKG_SYSCONFDIR@/sites-enabled
        ${RMDIR} @PKG_SYSCONFDIR@/mods-enabled  
+       ${RM} @PKG_SYSCONFDIR@/hints
+       ${RM} @PKG_SYSCONFDIR@/huntgroups
        ;;
 esac
diff -r f867a0469142 -r dd342780c87c net/freeradius/Makefile
--- a/net/freeradius/Makefile   Mon Dec 30 18:01:51 2019 +0000
+++ b/net/freeradius/Makefile   Mon Dec 30 18:17:22 2019 +0000
@@ -1,6 +1,5 @@
-# $NetBSD: Makefile,v 1.102 2019/11/03 11:45:34 rillig Exp $
+# $NetBSD: Makefile,v 1.103 2019/12/30 18:17:22 adam Exp $
 
-PKGREVISION= 1
 .include "Makefile.common"
 
 PKGNAME=       ${DISTNAME:S/-server//}
diff -r f867a0469142 -r dd342780c87c net/freeradius/Makefile.common
--- a/net/freeradius/Makefile.common    Mon Dec 30 18:01:51 2019 +0000
+++ b/net/freeradius/Makefile.common    Mon Dec 30 18:17:22 2019 +0000
@@ -1,13 +1,13 @@
-# $NetBSD: Makefile.common,v 1.5 2019/07/04 07:44:52 adam Exp $
+# $NetBSD: Makefile.common,v 1.6 2019/12/30 18:17:22 adam Exp $
 # used by net/freeradius/Makefile.module
 
-DISTNAME=      freeradius-server-3.0.19
+DISTNAME=      freeradius-server-3.0.20
 CATEGORIES=    net
 MASTER_SITES=  ftp://ftp.freeradius.org/pub/freeradius/
 EXTRACT_SUFX=  .tar.bz2
 
 MAINTAINER=    pkgsrc-users%NetBSD.org@localhost
-HOMEPAGE=      http://www.freeradius.org/
+HOMEPAGE=      https://freeradius.org/
 LICENSE=       gnu-gpl-v2
 
 USE_LANGUAGES+=                c c++
diff -r f867a0469142 -r dd342780c87c net/freeradius/PLIST
--- a/net/freeradius/PLIST      Mon Dec 30 18:01:51 2019 +0000
+++ b/net/freeradius/PLIST      Mon Dec 30 18:17:22 2019 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.31 2019/07/04 07:44:52 adam Exp $
+@comment $NetBSD: PLIST,v 1.32 2019/12/30 18:17:22 adam Exp $
 bin/dhcpclient
 bin/map_unit
 bin/rad_counter
@@ -384,6 +384,7 @@
 share/examples/freeradius/mods-available/perl
 share/examples/freeradius/mods-available/preprocess
 share/examples/freeradius/mods-available/python
+share/examples/freeradius/mods-available/python3
 share/examples/freeradius/mods-available/radutmp
 share/examples/freeradius/mods-available/realm
 share/examples/freeradius/mods-available/redis
@@ -440,6 +441,8 @@
 share/examples/freeradius/mods-config/sql/ippool-dhcp/oracle/schema.sql
 share/examples/freeradius/mods-config/sql/ippool-dhcp/sqlite/queries.conf
 share/examples/freeradius/mods-config/sql/ippool-dhcp/sqlite/schema.sql
+share/examples/freeradius/mods-config/sql/ippool/mongo/queries.conf
+share/examples/freeradius/mods-config/sql/ippool/mysql/procedure.sql
 share/examples/freeradius/mods-config/sql/ippool/mysql/queries.conf
 share/examples/freeradius/mods-config/sql/ippool/mysql/schema.sql
 share/examples/freeradius/mods-config/sql/ippool/oracle/procedures.sql
@@ -450,6 +453,7 @@
 share/examples/freeradius/mods-config/sql/ippool/postgresql/schema.sql
 share/examples/freeradius/mods-config/sql/ippool/sqlite/queries.conf
 share/examples/freeradius/mods-config/sql/ippool/sqlite/schema.sql
+share/examples/freeradius/mods-config/sql/main/mongo/queries.conf
 share/examples/freeradius/mods-config/sql/main/mssql/queries.conf
 share/examples/freeradius/mods-config/sql/main/mssql/schema.sql
 share/examples/freeradius/mods-config/sql/main/mysql/extras/wimax/queries.conf
@@ -529,6 +533,7 @@
 share/examples/freeradius/sites-available/channel_bindings
 share/examples/freeradius/sites-available/check-eap-tls
 share/examples/freeradius/sites-available/coa
+share/examples/freeradius/sites-available/coa-relay
 share/examples/freeradius/sites-available/control-socket
 share/examples/freeradius/sites-available/copy-acct-to-home-server
 share/examples/freeradius/sites-available/decoupled-accounting
@@ -626,6 +631,7 @@
 share/freeradius/dictionary.extreme
 share/freeradius/dictionary.f5
 share/freeradius/dictionary.fdxtended
+share/freeradius/dictionary.force10
 share/freeradius/dictionary.fortinet
 share/freeradius/dictionary.foundry
 share/freeradius/dictionary.freedhcp
@@ -748,6 +754,7 @@
 share/freeradius/dictionary.terena
 share/freeradius/dictionary.trapeze
 share/freeradius/dictionary.travelping
+share/freeradius/dictionary.tripplite
 share/freeradius/dictionary.tropos
 share/freeradius/dictionary.ukerna
 share/freeradius/dictionary.unix
diff -r f867a0469142 -r dd342780c87c net/freeradius/distinfo
--- a/net/freeradius/distinfo   Mon Dec 30 18:01:51 2019 +0000
+++ b/net/freeradius/distinfo   Mon Dec 30 18:17:22 2019 +0000
@@ -1,9 +1,9 @@
-$NetBSD: distinfo,v 1.38 2019/07/04 07:44:52 adam Exp $
+$NetBSD: distinfo,v 1.39 2019/12/30 18:17:22 adam Exp $
 
-SHA1 (freeradius-server-3.0.19.tar.bz2) = 6bb57e634ad6e85f6c324f851296c688edbc3b11
-RMD160 (freeradius-server-3.0.19.tar.bz2) = 753b89e13b80312131149cdaf26b944bc802e338
-SHA512 (freeradius-server-3.0.19.tar.bz2) = 9bb3401a52288de541a2272149f4341840dc1df7203583746bef46c0b1b1f2b8886931c9f6f9ce3d92951e271ab5a84a50a8587a3acd69cc20bc86f5817d28e1
-Size (freeradius-server-3.0.19.tar.bz2) = 3127564 bytes
+SHA1 (freeradius-server-3.0.20.tar.bz2) = 3dd0e18fa04aff410876309e4322313b700db2b7
+RMD160 (freeradius-server-3.0.20.tar.bz2) = eb38b754b745051bc2e16ba342f356df73a6d3e3
+SHA512 (freeradius-server-3.0.20.tar.bz2) = d5e0732a75268480092b46822a0e0fffb683adb93be13932eb170d2dc783a46d0daff4cadd0de69fd5ce4578083c9f69a9cccc485ea9c0c2eecf82c772f54b8e
+Size (freeradius-server-3.0.20.tar.bz2) = 3161984 bytes
 SHA1 (patch-ai) = e32ffd24b93e2cef2e72ef9a8ea59d49e1571dc0
 SHA1 (patch-configure.ac) = ffec1f851d23f560797c12eba5092f2940e4d662
 SHA1 (patch-main_command.c) = 1c79b29eb13df341906c710c8dd41860a27473dd



Home | Main Index | Thread Index | Old Index