update to freeradius-3.2.1
This commit is contained in:
parent
6dea72d242
commit
6c1df0eca5
|
@ -8,7 +8,7 @@ COMMENT-pgsql= freeradius pgsql rlm addon
|
|||
COMMENT-python= freeradius python rlm addon
|
||||
COMMENT-python3= freeradius python3 rlm addon (experimental)
|
||||
|
||||
V= 3.2.0
|
||||
V= 3.2.1
|
||||
DISTNAME= freeradius-server-$V
|
||||
EXTRACT_SUFX= .tar.bz2
|
||||
|
||||
|
|
|
@ -1,2 +1,2 @@
|
|||
SHA256 (freeradius-server-3.2.0.tar.bz2) = owcc14/8tHBiF1Ydgi7kx2Da6yd6Y/NqnxHUEsPDnlY=
|
||||
SIZE (freeradius-server-3.2.0.tar.bz2) = 3399380
|
||||
SHA256 (freeradius-server-3.2.1.tar.bz2) = Ms1OrjwkryiTql/v9kO8msB1U0Gyt+jdYixumiPp8lY=
|
||||
SIZE (freeradius-server-3.2.1.tar.bz2) = 3399164
|
||||
|
|
|
@ -4,12 +4,12 @@ library detection doesn't offer a nice way to do it.
|
|||
Index: configure
|
||||
--- configure.orig
|
||||
+++ configure
|
||||
@@ -8467,7 +8467,7 @@ if test "x$smart_lib" != "x"; then
|
||||
@@ -7370,7 +7370,7 @@ if test "x$smart_lib" != "x"; then
|
||||
SMART_LIBS="$smart_ldflags $smart_lib $SMART_LIBS"
|
||||
fi
|
||||
|
||||
-if test "x$ac_cv_lib_collectdclient_lcc_connect" != "xyes"; then
|
||||
+if true || test "x$ac_cv_lib_collectdclient_lcc_connect" != "xyes"; then
|
||||
{ printf "%s\n" "$as_me:${as_lineno-$LINENO}: WARNING: collectdclient library not found. Use --with-collectdclient-lib-dir=<path>." >&5
|
||||
printf "%s\n" "$as_me: WARNING: collectdclient library not found. Use --with-collectdclient-lib-dir=<path>." >&2;}
|
||||
{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: collectdclient library not found. Use --with-collectdclient-lib-dir=<path>." >&5
|
||||
$as_echo "$as_me: WARNING: collectdclient library not found. Use --with-collectdclient-lib-dir=<path>." >&2;}
|
||||
else
|
||||
|
|
|
@ -1,8 +1,9 @@
|
|||
Don't hide command lines.
|
||||
|
||||
--- scripts/libtool.mk.orig Wed Nov 11 15:50:54 2015
|
||||
+++ scripts/libtool.mk Wed Nov 11 15:51:19 2015
|
||||
@@ -69,11 +69,11 @@ clean: .libs_clean
|
||||
Index: scripts/libtool.mk
|
||||
--- scripts/libtool.mk.orig
|
||||
+++ scripts/libtool.mk
|
||||
@@ -74,11 +74,11 @@ clean: .libs_clean
|
||||
# Re-define compilers and linkers
|
||||
#
|
||||
OBJ_EXT = lo
|
||||
|
|
|
@ -1,7 +1,7 @@
|
|||
Index: src/main/tls.c
|
||||
--- src/main/tls.c.orig
|
||||
+++ src/main/tls.c
|
||||
@@ -684,7 +684,7 @@ tls_session_t *tls_new_session(TALLOC_CTX *ctx, fr_tls
|
||||
@@ -688,7 +688,7 @@ tls_session_t *tls_new_session(TALLOC_CTX *ctx, fr_tls
|
||||
/*
|
||||
* Swap empty store with the old one.
|
||||
*/
|
||||
|
@ -10,7 +10,7 @@ Index: src/main/tls.c
|
|||
conf->old_x509_store = SSL_CTX_get_cert_store(conf->ctx);
|
||||
/* Bump refcnt so the store is kept allocated till next store replacement */
|
||||
X509_STORE_up_ref(conf->old_x509_store);
|
||||
@@ -1423,7 +1423,7 @@ void tls_session_information(tls_session_t *tls_sessio
|
||||
@@ -1427,7 +1427,7 @@ void tls_session_information(tls_session_t *tls_sessio
|
||||
if ((SSL_version(tls_session->ssl) > tls_session->conf->max_version) &&
|
||||
(rad_debug_lvl > 0)) {
|
||||
WARN("TLS 1.3 has been negotiated even though it was disabled. This is an OpenSSL Bug.");
|
||||
|
@ -19,7 +19,7 @@ Index: src/main/tls.c
|
|||
}
|
||||
#endif
|
||||
break;
|
||||
@@ -2024,7 +2024,7 @@ done:
|
||||
@@ -2034,7 +2034,7 @@ done:
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
@ -28,7 +28,7 @@ Index: src/main/tls.c
|
|||
static SSL_SESSION *cbtls_get_session(SSL *ssl, unsigned char *data, int len, int *copy)
|
||||
#else
|
||||
static SSL_SESSION *cbtls_get_session(SSL *ssl, const unsigned char *data, int len, int *copy)
|
||||
@@ -2408,7 +2408,7 @@ static int cbtls_cache_refresh(SSL *ssl, SSL_SESSION *
|
||||
@@ -2418,7 +2418,7 @@ static int cbtls_cache_refresh(SSL *ssl, SSL_SESSION *
|
||||
return 0;
|
||||
}
|
||||
|
||||
|
@ -37,7 +37,7 @@ Index: src/main/tls.c
|
|||
static SSL_SESSION *cbtls_cache_load(SSL *ssl, unsigned char *data, int len, int *copy)
|
||||
#else
|
||||
static SSL_SESSION *cbtls_cache_load(SSL *ssl, const unsigned char *data, int len, int *copy)
|
||||
@@ -2944,7 +2944,7 @@ int cbtls_verify(int ok, X509_STORE_CTX *ctx)
|
||||
@@ -2954,7 +2954,7 @@ int cbtls_verify(int ok, X509_STORE_CTX *ctx)
|
||||
char cn_str[1024];
|
||||
char buf[64];
|
||||
X509 *client_cert;
|
||||
|
@ -46,7 +46,7 @@ Index: src/main/tls.c
|
|||
const STACK_OF(X509_EXTENSION) *ext_list;
|
||||
#else
|
||||
STACK_OF(X509_EXTENSION) *ext_list;
|
||||
@@ -3162,7 +3162,7 @@ int cbtls_verify(int ok, X509_STORE_CTX *ctx)
|
||||
@@ -3182,7 +3182,7 @@ int cbtls_verify(int ok, X509_STORE_CTX *ctx)
|
||||
}
|
||||
|
||||
if (lookup == 0) {
|
||||
|
@ -55,7 +55,7 @@ Index: src/main/tls.c
|
|||
ext_list = X509_get0_extensions(client_cert);
|
||||
#else
|
||||
X509_CINF *client_inf;
|
||||
@@ -3215,7 +3215,7 @@ int cbtls_verify(int ok, X509_STORE_CTX *ctx)
|
||||
@@ -3235,7 +3235,7 @@ int cbtls_verify(int ok, X509_STORE_CTX *ctx)
|
||||
value[0] = '0';
|
||||
value[1] = 'x';
|
||||
const unsigned char *srcp;
|
||||
|
@ -64,7 +64,16 @@ Index: src/main/tls.c
|
|||
const ASN1_STRING *srcasn1p;
|
||||
srcasn1p = X509_EXTENSION_get_data(ext);
|
||||
srcp = ASN1_STRING_get0_data(srcasn1p);
|
||||
@@ -4239,6 +4239,7 @@ post_ca:
|
||||
@@ -4253,7 +4253,7 @@ post_ca:
|
||||
}
|
||||
}
|
||||
|
||||
-#if OPENSSL_VERSION_NUMBER >= 0x10101000L
|
||||
+#if OPENSSL_VERSION_NUMBER >= 0x10101000L && !defined(LIBRESSL_VERSION_NUMBER) /* SSL_CTX_set1_sigalgs_list */
|
||||
if (conf->sigalgs_list) {
|
||||
char *list;
|
||||
|
||||
@@ -4272,6 +4272,7 @@ post_ca:
|
||||
* Because saying "use TLS 1.1" isn't enough. We have to
|
||||
* send it flowers and cake.
|
||||
*/
|
||||
|
@ -72,7 +81,7 @@ Index: src/main/tls.c
|
|||
if (min_version <= TLS1_1_VERSION) {
|
||||
#if OPENSSL_VERSION_NUMBER >= 0x10101000L
|
||||
int seclevel = SSL_CTX_get_security_level(ctx);
|
||||
@@ -4264,6 +4265,7 @@ post_ca:
|
||||
@@ -4297,6 +4298,7 @@ post_ca:
|
||||
}
|
||||
#endif
|
||||
}
|
||||
|
|
|
@ -1,11 +0,0 @@
|
|||
Index: src/modules/stable
|
||||
--- src/modules/stable.orig
|
||||
+++ src/modules/stable
|
||||
@@ -25,6 +25,7 @@ rlm_passwd
|
||||
rlm_perl
|
||||
rlm_preprocess
|
||||
rlm_python
|
||||
+rlm_python3
|
||||
rlm_radutmp
|
||||
rlm_realm
|
||||
rlm_rest
|
|
@ -227,6 +227,7 @@ share/doc/freeradius/deployment/performance-testing
|
|||
share/doc/freeradius/deployment/supervise-radiusd.rst
|
||||
share/doc/freeradius/deployment/tuning_guide
|
||||
share/doc/freeradius/developer/
|
||||
share/doc/freeradius/developer/autotools.md
|
||||
share/doc/freeradius/developer/coding-methods.rst
|
||||
share/doc/freeradius/developer/contributing.rst
|
||||
share/doc/freeradius/developer/module_interface.rst
|
||||
|
@ -554,6 +555,10 @@ share/examples/freeradius/mods-config/preprocess/hints
|
|||
@sample ${FREERADIUS_ETC}/mods-config/preprocess/hints
|
||||
share/examples/freeradius/mods-config/preprocess/huntgroups
|
||||
@sample ${FREERADIUS_ETC}/mods-config/preprocess/huntgroups
|
||||
share/examples/freeradius/mods-config/realm/
|
||||
@sample ${FREERADIUS_ETC}/mods-config/realm/
|
||||
share/examples/freeradius/mods-config/realm/freeradius-naptr-to-home-server.sh
|
||||
@sample ${FREERADIUS_ETC}/mods-config/realm/freeradius-naptr-to-home-server.sh
|
||||
share/examples/freeradius/mods-config/sql/
|
||||
@sample ${FREERADIUS_ETC}/mods-config/sql/
|
||||
share/examples/freeradius/mods-config/sql/counter/
|
||||
|
@ -614,8 +619,10 @@ share/examples/freeradius/mods-config/sql/main/
|
|||
@comment @sample ${FREERADIUS_ETC}/mods-config/sql/main/mongo/queries.conf
|
||||
share/examples/freeradius/mods-config/sql/main/sqlite/
|
||||
@sample ${FREERADIUS_ETC}/mods-config/sql/main/sqlite/
|
||||
share/examples/freeradius/mods-config/sql/main/sqlite/process-radacct-refresh.sh
|
||||
@sample ${FREERADIUS_ETC}/mods-config/sql/main/sqlite/process-radacct-refresh.sh
|
||||
share/examples/freeradius/mods-config/sql/main/sqlite/process-radacct-close-after-reload.pl
|
||||
@sample ${FREERADIUS_ETC}/mods-config/sql/main/sqlite/process-radacct-close-after-reload.pl
|
||||
share/examples/freeradius/mods-config/sql/main/sqlite/process-radacct-new-data-usage-period.sh
|
||||
@sample ${FREERADIUS_ETC}/mods-config/sql/main/sqlite/process-radacct-new-data-usage-period.sh
|
||||
share/examples/freeradius/mods-config/sql/main/sqlite/process-radacct-schema.sql
|
||||
@sample ${FREERADIUS_ETC}/mods-config/sql/main/sqlite/process-radacct-schema.sql
|
||||
share/examples/freeradius/mods-config/sql/main/sqlite/queries.conf
|
||||
|
@ -703,6 +710,8 @@ share/examples/freeradius/sites-available/abfab-tls
|
|||
@sample ${FREERADIUS_ETC}/sites-available/abfab-tls
|
||||
share/examples/freeradius/sites-available/abfab-tr-idp
|
||||
@sample ${FREERADIUS_ETC}/sites-available/abfab-tr-idp
|
||||
share/examples/freeradius/sites-available/aws-nlb
|
||||
@sample ${FREERADIUS_ETC}/sites-available/aws-nlb
|
||||
share/examples/freeradius/sites-available/buffered-sql
|
||||
@sample ${FREERADIUS_ETC}/sites-available/buffered-sql
|
||||
share/examples/freeradius/sites-available/challenge
|
||||
|
@ -813,6 +822,7 @@ share/freeradius/dictionary.camiant
|
|||
share/freeradius/dictionary.centec
|
||||
share/freeradius/dictionary.checkpoint
|
||||
share/freeradius/dictionary.chillispot
|
||||
share/freeradius/dictionary.ciena
|
||||
share/freeradius/dictionary.cisco
|
||||
share/freeradius/dictionary.cisco.asa
|
||||
share/freeradius/dictionary.cisco.bbsm
|
||||
|
@ -894,6 +904,7 @@ share/freeradius/dictionary.netelastic
|
|||
share/freeradius/dictionary.netscreen
|
||||
share/freeradius/dictionary.networkphysics
|
||||
share/freeradius/dictionary.nexans
|
||||
share/freeradius/dictionary.nile
|
||||
share/freeradius/dictionary.nokia
|
||||
share/freeradius/dictionary.nokia.conflict
|
||||
share/freeradius/dictionary.nomadix
|
||||
|
|
Loading…
Reference in New Issue
Block a user