update to freeradius-2.2.7, rolling in some patches committed upstream and

removing some which are no longer needed. ok pea@ (maintainer). add a patch from upstream git (noticed after ok) fixing one of the default config files.
2015-06-23 21:38:06 +00:00 · 2015-06-23 21:38:06 +00:00 · 83fba7548b
commit 83fba7548b
parent 7e19473769
9 changed files with 32 additions and 127 deletions
--- a/net/freeradius/Makefile
+++ b/net/freeradius/Makefile
@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.59 2015/01/03 13:20:25 sthen Exp $
+# $OpenBSD: Makefile,v 1.60 2015/06/23 21:38:06 sthen Exp $

 SHARED_ONLY=	Yes
 SHARED_LIBS +=  freeradius-radius    4.2      # .0.0
@ -10,7 +10,7 @@ COMMENT-mysql=	freeradius mysql rlm addon
 COMMENT-pgsql=	freeradius pgsql rlm addon
 COMMENT-ldap=	freeradius ldap rlm addon

-V=		2.2.6
+V=		2.2.7
 DISTNAME=	freeradius-server-$V
 EXTRACT_SUFX=	.tar.bz2

--- a/net/freeradius/distinfo
+++ b/net/freeradius/distinfo
@ -1,2 +1,2 @@
-SHA256 (freeradius-server-2.2.6.tar.bz2) = HRw7EpLKs3QR62P72UQczvkIU4VMJftWokqAoWDW1Xc=
-SIZE (freeradius-server-2.2.6.tar.bz2) = 2790647
+SHA256 (freeradius-server-2.2.7.tar.bz2) = awr2Le0P2puySu5WjDvJ5fDAtzZTDfPBJg4rYIXy5fk=
+SIZE (freeradius-server-2.2.7.tar.bz2) = 2791603
--- a/net/freeradius/patches/patch-raddb_radiusd_conf_in
+++ b/net/freeradius/patches/patch-raddb_radiusd_conf_in
@ -1,6 +1,6 @@
-$OpenBSD: patch-raddb_radiusd_conf_in,v 1.13 2014/07/17 00:20:51 sthen Exp $
--- raddb/radiusd.conf.in.orig	Mon Apr 28 20:13:08 2014
-+++ raddb/radiusd.conf.in	Wed Jul  9 00:38:52 2014
+$OpenBSD: patch-raddb_radiusd_conf_in,v 1.14 2015/06/23 21:38:06 sthen Exp $
+--- raddb/radiusd.conf.in.orig	Wed Apr 22 18:31:54 2015
+++ raddb/radiusd.conf.in	Mon Jun 22 09:30:57 2015
@@ -103,7 +103,7 @@ db_dir = ${raddbdir}
 #	make
 #	make install
@ -21,7 +21,7 @@ $OpenBSD: patch-raddb_radiusd_conf_in,v 1.13 2014/07/17 00:20:51 sthen Exp $
 
 #  panic_action: Command to execute if the server dies unexpectedly.
 #
-@@ -584,8 +584,8 @@ security {
+@@ -576,8 +576,8 @@ security {
 #
 #  allowed values: {no, yes}
 #
@ -32,7 +32,7 @@ $OpenBSD: patch-raddb_radiusd_conf_in,v 1.13 2014/07/17 00:20:51 sthen Exp $
 
 
 # CLIENTS CONFIGURATION
-@@ -601,7 +601,7 @@ $INCLUDE proxy.conf
+@@ -593,7 +593,7 @@ $INCLUDE proxy.conf
 #  Anything listed in 'clients.conf' will take precedence over the
 #  information from the old-style configuration files.
 #
@ -41,7 +41,7 @@ $OpenBSD: patch-raddb_radiusd_conf_in,v 1.13 2014/07/17 00:20:51 sthen Exp $
 
 
 # THREAD POOL CONFIGURATION
-@@ -735,12 +735,12 @@ modules {
+@@ -727,12 +727,12 @@ modules {
 	#  For all EAP related authentications.
 	#  Now in another file, because it is very large.
 	#
@ -56,7 +56,7 @@ $OpenBSD: patch-raddb_radiusd_conf_in,v 1.13 2014/07/17 00:20:51 sthen Exp $
 
 	#
 	#  This module is an SQL enabled version of the counter module.
-@@ -752,12 +752,12 @@ modules {
+@@ -744,12 +744,12 @@ modules {
 	#  totally dependent on the SQL module to process Accounting
 	#  packets.
 	#
@ -71,7 +71,7 @@ $OpenBSD: patch-raddb_radiusd_conf_in,v 1.13 2014/07/17 00:20:51 sthen Exp $
 }
 
 # Instantiation
-@@ -831,7 +831,7 @@ instantiate {
+@@ -823,7 +823,7 @@ instantiate {
 #	to multiple times.
 #
 ######################################################################
--- a/net/freeradius/patches/patch-raddb_sites-available_default
+++ b/net/freeradius/patches/patch-raddb_sites-available_default
@ -0,0 +1,18 @@
+$OpenBSD: patch-raddb_sites-available_default,v 1.1 2015/06/23 21:38:06 sthen Exp $
+
+From 796d49527703b97cc7f9e9cef88dfa85454cc6f9 Mon Sep 17 00:00:00 2001
+From: "Alan T. DeKok" <aland@freeradius.org>
+Date: Wed, 20 May 2015 17:36:09 -0400
+Subject: [PATCH] Oops
+
+--- raddb/sites-available/default.orig	Tue Jun 23 22:34:44 2015
+++ raddb/sites-available/default	Tue Jun 23 22:35:00 2015
+@@ -157,8 +157,6 @@ authorize {
+ 		ok = return
+ 	}
+ 
+-	reject
+-
+ 	#
+ 	#  Pull crypt'd passwords from /etc/passwd or /etc/shadow,
+ 	#  using the system API's to get the password.  If you want
--- a/net/freeradius/patches/patch-src_main_command_c
+++ b/net/freeradius/patches/patch-src_main_command_c
@ -1,13 +0,0 @@
-$OpenBSD: patch-src_main_command_c,v 1.1 2008/09/21 15:39:14 rui Exp $
--- src/main/command.c.orig	Fri Sep  5 14:27:57 2008
-+++ src/main/command.c	Fri Sep 19 17:20:53 2008
-@@ -21,6 +21,9 @@
-  * Copyright 2008 Alan DeKok <aland@deployingradius.com>
-  */
- 
-+#include <sys/types.h>
-+#include <sys/stat.h>
-+
- #ifdef WITH_COMMAND_SOCKET
- 
- #include <freeradius-devel/modpriv.h>
--- a/net/freeradius/patches/patch-src_modules_rlm_eap_types_rlm_eap_tls_rlm_eap_tls_c
+++ b/net/freeradius/patches/patch-src_modules_rlm_eap_types_rlm_eap_tls_rlm_eap_tls_c
@ -1,18 +0,0 @@
-$OpenBSD: patch-src_modules_rlm_eap_types_rlm_eap_tls_rlm_eap_tls_c,v 1.2 2015/01/03 13:20:25 sthen Exp $
-
-From 88d032d68bb314a9b5942135a5d587219ec1ce1a Mon Sep 17 00:00:00 2001
-From: "Alan T. DeKok" <aland@freeradius.org>
-Date: Wed, 31 Dec 2014 08:25:13 -0500
-Subject: [PATCH] Sometimes we don't need to generate ephemeral RSA keys
-
--- src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c.orig	Tue Nov 18 19:56:52 2014
-+++ src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c	Fri Jan  2 22:39:22 2015
-@@ -202,6 +202,8 @@ static int generate_eph_rsa_key(SSL_CTX *ctx)
- {
- 	RSA *rsa;
- 
-+	if (!SSL_CTX_need_tmp_RSA(ctx)) return 0;
-+
- 	rsa = RSA_generate_key(512, RSA_F4, NULL, NULL);
- 
- 	if (!SSL_CTX_set_tmp_rsa(ctx, rsa)) {
--- a/net/freeradius/patches/patch-src_modules_rlm_otp_configure
+++ b/net/freeradius/patches/patch-src_modules_rlm_otp_configure
@ -1,12 +0,0 @@
-$OpenBSD: patch-src_modules_rlm_otp_configure,v 1.2 2011/11/22 16:22:27 jasper Exp $
--- src/modules/rlm_otp/configure.orig	Mon Jun 20 16:57:14 2011
-+++ src/modules/rlm_otp/configure	Tue Nov 22 17:22:06 2011
-@@ -3418,7 +3418,7 @@ if test "${ac_cv_lib_ssl_SSL_new+set}" = set; then
-   echo $ECHO_N "(cached) $ECHO_C" >&6
- else
-   ac_check_lib_save_LIBS=$LIBS
-LIBS="-lssl  $LIBS"
-+LIBS="-lcrypto -lssl  $LIBS"
- cat >conftest.$ac_ext <<_ACEOF
- /* confdefs.h.  */
- _ACEOF
--- a/net/freeradius/patches/patch-src_modules_rlm_replicate_rlm_replicate_c
+++ b/net/freeradius/patches/patch-src_modules_rlm_replicate_rlm_replicate_c
@ -1,70 +0,0 @@
-$OpenBSD: patch-src_modules_rlm_replicate_rlm_replicate_c,v 1.1 2015/01/03 13:20:25 sthen Exp $
-
-From 7882804109b4d4ccde8078df8a9243b991595f11 Mon Sep 17 00:00:00 2001
-From: "Alan T. DeKok" <aland@freeradius.org>
-Date: Fri, 12 Dec 2014 12:04:22 -0500
-Subject: [PATCH] Don't free packet twice
-
--- src/modules/rlm_replicate/rlm_replicate.c.orig	Tue Nov 18 19:56:52 2014
-+++ src/modules/rlm_replicate/rlm_replicate.c	Fri Jan  2 22:40:02 2015
-@@ -29,11 +29,11 @@ RCSID("$Id: patch-src_modules_rlm_replicate_rlm_replicate_c,v 1.1 2015/01/03 13:20:25 sthen Exp $
- #include <freeradius-devel/rad_assert.h>
- 
- 
-static void cleanup(RADIUS_PACKET *packet)
-+static void cleanup(RADIUS_PACKET **packet)
- {
-	if (!packet) return;
-	if (packet->sockfd >= 0) close(packet->sockfd);
-	rad_free(&packet);
-+	if (!packet || !*packet) return;
-+	if ((*packet)->sockfd >= 0) close((*packet)->sockfd);
-+	rad_free(packet);
- }
- 
- /*
-@@ -77,7 +77,7 @@ static int replicate_packet(void *instance, REQUEST *r
- 			pool = NULL;
- 			RDEBUG2("ERROR: Cannot replicate unknown packet code %d",
- 				request->packet->code);
-			cleanup(packet);
-+			cleanup(&packet);
- 			rcode = RLM_MODULE_FAIL;
- 			break;
- 		
-@@ -125,7 +125,7 @@ static int replicate_packet(void *instance, REQUEST *r
- 			packet->sockfd = fr_socket(&home->src_ipaddr, 0);
- 			if (packet->sockfd < 0) {
- 				RDEBUG("ERROR: Failed opening socket: %s", fr_strerror());
-				cleanup(packet);
-+				cleanup(&packet);
- 				rcode = RLM_MODULE_FAIL;
- 				break;
- 			}
-@@ -133,7 +133,7 @@ static int replicate_packet(void *instance, REQUEST *r
- 			packet->vps = paircopy(request->packet->vps);
- 			if (!packet->vps) {
- 				RDEBUG("ERROR: Out of memory!");
-				cleanup(packet);
-+				cleanup(&packet);
- 				rcode = RLM_MODULE_FAIL;
- 				break;
- 			}
-@@ -180,7 +180,7 @@ static int replicate_packet(void *instance, REQUEST *r
- 		if (rad_send(packet, NULL, home->secret) < 0) {
- 			RDEBUG("ERROR: Failed replicating packet: %s",
- 			       fr_strerror());
-			cleanup(packet);
-+			cleanup(&packet);
- 			rcode = RLM_MODULE_FAIL;
- 			break;
- 		}
-@@ -191,7 +191,7 @@ static int replicate_packet(void *instance, REQUEST *r
- 		rcode = RLM_MODULE_OK;
- 	}
- 
-	cleanup(packet);
-+	cleanup(&packet);
- 	rad_free(&request->proxy);
- 
- 	return rcode;
--- a/net/freeradius/pkg/PLIST-main
+++ b/net/freeradius/pkg/PLIST-main
@ -1,4 +1,4 @@
-@comment $OpenBSD: PLIST-main,v 1.25 2015/01/03 13:20:25 sthen Exp $
+@comment $OpenBSD: PLIST-main,v 1.26 2015/06/23 21:38:06 sthen Exp $
@conflict radiusd-cistron-*
@conflict radiusd-lucent-*
@pkgpath net/freeradius
@ -104,7 +104,7 @@ lib/freeradius/rlm_wimax.so
 lib/libfreeradius-eap.a
 lib/libfreeradius-eap.la
@lib lib/libfreeradius-eap.so.${LIBfreeradius-eap_VERSION}
-lib/libfreeradius-radius-020206.la
+lib/libfreeradius-radius-020207.la
 lib/libfreeradius-radius.a
 lib/libfreeradius-radius.la
@lib lib/libfreeradius-radius.so.${LIBfreeradius-radius_VERSION}