ports/133532: [maintainer update] update net/freeradius2 to 2.1.4
David Wood
david at wood2.org.uk
Thu Apr 9 04:10:03 UTC 2009
>Number: 133532
>Category: ports
>Synopsis: [maintainer update] update net/freeradius2 to 2.1.4
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: maintainer-update
>Submitter-Id: current-users
>Arrival-Date: Thu Apr 09 04:10:02 UTC 2009
>Closed-Date:
>Last-Modified:
>Originator: David Wood
>Release: 7.1-RELEASE amd64
>Organization:
>Environment:
FreeBSD manganese.wood2.org.uk 7.1-RELEASE-p4 FreeBSD 7.1-RELEASE-p4 #0: Tue Mar 24 19:09:50 GMT 2009 david at manganese.wood2.org.uk:/scratch/usr/obj/usr/src/sys/MANGANESE amd64
>Description:
Update to FreeRADIUS 2.1.4.
This patch has been ready for a little while, but I was holding
back in the hope that the overdue FreeRADIUS 2.1.5 would be
released, fixing a few problems. With the imminent ports freeze, I
am submitting this patch now.
FreeBSD notes
=============
Mark MAKE_JOBS_UNSAFE.
Patch raddb/certs/Makefile for the full path to the openssl binary
(so that ports OpenSSL is used to bootstrap the server if it is
installed).
Use the pkg-install mechanism to update the libdir line in
radiusd.conf automatically.
In this version of FreeRADIUS, it appears that radmin is broken on
FreeBSD if you have gid (and/or uid, presumably) set in
raddb/sites-available/control-socket. In this event, the call to
getpeereid(3) in line 2096 of src/main/command.c fails with
ENOTCONN, radiusd segfaults and radmin goes into a loop using 100%
CPU time on one core. I hope to look further into this, but that
is a low priority task for me. If you are affected, you'll have to
unset uid and gid in raddb/sites-available/control-socket and rely
purely on the file permissions of /var/run/radiusd/radiusd.sock
for security. In any event, radmin is not for production use - see
the warnings on the man page for radmin(1).
This really is version 2.1.4 - VERSION is mistakenly set to 2.1.5
(see http://preview.tinyurl.com/dcnbsz for more details).
Release notes
=============
Feature improvements
* Permit multiple "-e" in radmin.
* Add support for originating CoA-Request and Disconnect-Request.
See raddb/sites-available/originate-coa.
* Added "lifetime" and "max_queries" to raddb/sql.conf.
This helps address the problem of hung SQL sockets.
* Allow packets to be injected via radmin. See "inject help"
in radmin.
* Answer VMPS reconfirmation request. Patch from Hermann Lauer.
* Sample logrotate script in scripts/logrotate.freeradius
* Add configurable poll interval for "detail" listeners
* New "raddebug" command. This prints debugging information from
a running server. See "man raddebug.
* Add "require_message_authenticator" configuration to home_server
configuration. This makes the server add Message-Authenticator
to all outgoing Access-Request packets.
* Added smsotp module, as contributed by Siemens.
* Enabled the administration socket in the default install.
See raddb/sites-available/control-socket, and "man radmin"
* Handle duplicate clients, such as with replicated or
load-balanced SQL servers and "readclients = yes"
Bug fixes
* Clean up control sockets when they are closed, so that we don't
leak memory.
* Define SUN_LEN for systems that don't have it.
* Correct some boundary conditions in the conditional checker ("if")
in "unlang". Bug noted by Arran Cudbard-Bell.
* Work around minor building issues in gmake. This should only
have affected developers.
* Change how we manage unprivileged user/group, so that we do not
create control sockets owned by root.
* Fixed more minor issues found by Coverity.
* Allow raddb/certs/bootstrap to run when there is no "make"
command installed.
* In radiusd.conf, run_dir depends on the name of the program,
and isn't hard-coded to "..../radiusd"
* Check for EOF in more places in the "detail" file reader.
* Added Freeswitch dictionary.
* Chop ethernet frames in VMPS, rather than droppping packets.
* Fix EAP-TLS bug. Patch from Arnaud Ebalard
* Don't lose string for regex-compares in the "users" file.
* Expose more functions in rlm_sql to rlm_sqlippool, which
helps on systems where RTLD_GLOBAL is off.
* Fix typos in MySQL schemas for ippools.
* Remove macro that was causing build issues on some platforms.
* Fixed issues with dead home servers. Bug noted by Chris Moules.
* Fixed "access after free" with some dynamic clients.
INSTRUCTIONS
============
No files have been been deleted.
files/patch-version and files/patch-bootstrap have been added.
>How-To-Repeat:
>Fix:
Patch attached with submission follows:
Index: distinfo
===================================================================
--- distinfo (.../branches/FreeBSD-ports-tree/freeradius2) (revision 249)
+++ distinfo (.../trunk/freeradius2) (revision 249)
@@ -1,3 +1,3 @@
-MD5 (freeradius-server-2.1.3.tar.bz2) = df7a23ec6303a89d014fcc43418ce5e5
-SHA256 (freeradius-server-2.1.3.tar.bz2) = 984cf7f3418de8f2abe1e599827264495cef1d234cce4abe05a06a4b6419db1a
-SIZE (freeradius-server-2.1.3.tar.bz2) = 2380451
+MD5 (freeradius-server-2.1.4.tar.bz2) = ba1fd573222ed5c8bead1cce1383a7a9
+SHA256 (freeradius-server-2.1.4.tar.bz2) = d509191a2a0cd556f23639547d176c662c0fc0de09fc625e1afc62ed84cbd2de
+SIZE (freeradius-server-2.1.4.tar.bz2) = 2405962
Index: files/patch-version
===================================================================
--- files/patch-version (.../branches/FreeBSD-ports-tree/freeradius2) (revision 0)
+++ files/patch-version (.../trunk/freeradius2) (revision 249)
@@ -0,0 +1,5 @@
+--- VERSION 2009-03-19 13:59:05.000000000 +0000
++++ VERSION 2009-03-19 13:59:14.000000000 +0000
+@@ -1 +1 @@
+-2.1.5
++2.1.4
Index: files/patch-bootstrap
===================================================================
--- files/patch-bootstrap (.../branches/FreeBSD-ports-tree/freeradius2) (revision 0)
+++ files/patch-bootstrap (.../trunk/freeradius2) (revision 249)
@@ -0,0 +1,11 @@
+--- raddb/certs/bootstrap 2009-03-18 20:20:41.000000000 +0000
++++ raddb/certs/bootstrap 2009-03-18 21:20:25.000000000 +0000
+@@ -17,7 +17,7 @@
+ #
+ # If that worked, exit. Otherwise, run the commands manually.
+ #
+-if [ "$?" == "0" ]
++if [ $? -eq 0 ]
+ then
+ exit 0
+ fi
Index: files/pkg-install.in
===================================================================
--- files/pkg-install.in (.../branches/FreeBSD-ports-tree/freeradius2) (revision 249)
+++ files/pkg-install.in (.../trunk/freeradius2) (revision 249)
@@ -15,6 +15,7 @@
radius_raddb_work="%%RADDB_WORK%%"
radius_raddb="%%RADDB%%"
radius_logdir="%%LOGDIR%%"
+radius_libdir="%%LIBDIR%%"
radius_run_as_user="%%RUN_AS_USER%%"
@@ -145,6 +146,19 @@
fi
done
+ # Update the libdir line in radiusd.conf
+ echo "===> Updating libdir in ${radius_raddb}/radiusd.conf"
+ if ! sed -i.update-libdir-original -Ee $( \
+ echo -n 's:^(libdir[[:space:]=]+)(.*[[:space:]:]+)?' ; \
+ echo -n $( echo ${radius_libdir} | \
+ sed -Ee 's:^(.*)-[[:digit:].]+$:\1:' ) ; \
+ echo -n '(-[[:digit:].]+)?([[:space:]:]+.*)?$' ; \
+ echo -n ':\1\2'${radius_libdir}'\4:' \
+ ) ${radius_raddb}/radiusd.conf; then
+ echo "Failed to update libdir in ${radius_raddb}/radius.conf"
+ exit 1
+ fi
+ rm ${radius_raddb}/radiusd.conf.update-libdir-original
;;
esac
Index: pkg-plist
===================================================================
--- pkg-plist (.../branches/FreeBSD-ports-tree/freeradius2) (revision 249)
+++ pkg-plist (.../trunk/freeradius2) (revision 249)
@@ -60,6 +60,7 @@
%%EXAMPLESDIR%%/raddb/modules/mac2ip
%%EXAMPLESDIR%%/raddb/modules/mac2vlan
%%EXAMPLESDIR%%/raddb/modules/mschap
+%%EXAMPLESDIR%%/raddb/modules/otp
%%EXAMPLESDIR%%/raddb/modules/pam
%%EXAMPLESDIR%%/raddb/modules/pap
%%EXAMPLESDIR%%/raddb/modules/passwd
@@ -69,12 +70,12 @@
%%EXAMPLESDIR%%/raddb/modules/radutmp
%%EXAMPLESDIR%%/raddb/modules/realm
%%EXAMPLESDIR%%/raddb/modules/smbpasswd
+%%EXAMPLESDIR%%/raddb/modules/smsotp
%%EXAMPLESDIR%%/raddb/modules/sql_log
%%EXAMPLESDIR%%/raddb/modules/sqlcounter_expire_on_login
%%EXAMPLESDIR%%/raddb/modules/sradutmp
%%EXAMPLESDIR%%/raddb/modules/unix
%%EXAMPLESDIR%%/raddb/modules/wimax
-%%EXAMPLESDIR%%/raddb/otp.conf
%%EXAMPLESDIR%%/raddb/policy.conf
%%EXAMPLESDIR%%/raddb/policy.txt
%%EXAMPLESDIR%%/raddb/preproxy_users
@@ -90,11 +91,13 @@
%%EXAMPLESDIR%%/raddb/sites-available/dynamic-clients
%%EXAMPLESDIR%%/raddb/sites-available/example
%%EXAMPLESDIR%%/raddb/sites-available/inner-tunnel
+%%EXAMPLESDIR%%/raddb/sites-available/originate-coa
%%EXAMPLESDIR%%/raddb/sites-available/proxy-inner-tunnel
%%EXAMPLESDIR%%/raddb/sites-available/robust-proxy-accounting
%%EXAMPLESDIR%%/raddb/sites-available/status
%%EXAMPLESDIR%%/raddb/sites-available/virtual.example.com
%%EXAMPLESDIR%%/raddb/sites-available/vmps
+%%EXAMPLESDIR%%/raddb/sites-enabled/control-socket
%%EXAMPLESDIR%%/raddb/sites-enabled/default
%%EXAMPLESDIR%%/raddb/sites-enabled/inner-tunnel
%%EXAMPLESDIR%%/raddb/sql.conf
@@ -396,6 +399,11 @@
%%EXPM%%%%SMB%%%%LIBDIR%%/rlm_smb.a
%%EXPM%%%%SMB%%%%LIBDIR%%/rlm_smb.la
%%EXPM%%%%SMB%%%%LIBDIR%%/rlm_smb.so
+%%EXPM%%%%LIBDIR%%/rlm_smsotp-%%PORTVERSION%%.la
+%%EXPM%%%%LIBDIR%%/rlm_smsotp-%%PORTVERSION%%.so
+%%EXPM%%%%LIBDIR%%/rlm_smsotp.a
+%%EXPM%%%%LIBDIR%%/rlm_smsotp.la
+%%EXPM%%%%LIBDIR%%/rlm_smsotp.so
%%LIBDIR%%/rlm_sql-%%PORTVERSION%%.la
%%LIBDIR%%/rlm_sql-%%PORTVERSION%%.so
%%LIBDIR%%/rlm_sql.a
@@ -448,6 +456,7 @@
%%EXPM%%%%LIBDIR%%/rlm_wimax.so
@dirrm %%LIBDIR%%
sbin/checkrad
+sbin/raddebug
sbin/radiusd
sbin/radmin
sbin/radwatch
@@ -614,6 +623,7 @@
%%DATADIR%%/dictionary.foundry
%%DATADIR%%/dictionary.freeradius
%%DATADIR%%/dictionary.freeradius.internal
+%%DATADIR%%/dictionary.freeswitch
%%DATADIR%%/dictionary.gandalf
%%DATADIR%%/dictionary.garderos
%%DATADIR%%/dictionary.gemtek
Index: Makefile
===================================================================
--- Makefile (.../branches/FreeBSD-ports-tree/freeradius2) (revision 249)
+++ Makefile (.../trunk/freeradius2) (revision 249)
@@ -4,9 +4,11 @@
#
# $FreeBSD: ports/net/freeradius2/Makefile,v 1.75 2009/03/17 05:20:28 linimon Exp $
#
+# $Id$
+#
PORTNAME= freeradius
-DISTVERSION= 2.1.3
+DISTVERSION= 2.1.4
CATEGORIES= net
MASTER_SITES= ftp://ftp.freeradius.org/pub/freeradius/%SUBDIR%/ \
ftp://ftp.ntua.gr/pub/net/radius/freeradius/%SUBDIR%/ \
@@ -37,6 +39,7 @@
USE_PYTHON= yes
MAKE_ARGS+= LDFLAGS="-L${LOCALBASE}/lib ${PTHREAD_LIBS}"
CFLAGS+= -I${LOCALBASE}/include -L${LOCALBASE}/lib
+MAKE_JOBS_UNSAFE= yes
PLIST_SUB= PORTVERSION=${DISTVERSION}
@@ -133,6 +136,7 @@
RADDB_WORK="${WRKSRC}/raddb" \
RADDB="${PREFIX}/etc/raddb" \
LOGDIR="${LOGDIR}" \
+ LIBDIR="${PREFIX}/${FREERADIUS_LIBDIR}" \
RC_SUBR_SUFFIX="${RC_SUBR_SUFFIX}"
SUB_FILES+= pkg-install pkg-deinstall pkg-message
.ifdef(WITH_USER)
@@ -260,8 +264,8 @@
rlm_detail.5 rlm_digest.5 rlm_expr.5 rlm_files.5 rlm_mschap.5 \
rlm_pap.5 rlm_passwd.5 rlm_policy.5 rlm_realm.5 rlm_sql.5 \
rlm_sql_log.5 rlm_unix.5 unlang.5 users.5
-MAN8= radiusd.8 radmin.8 radrelay.8 radsqlrelay.8 radwatch.8 \
- rlm_ippool_tool.8
+MAN8= radiusd.8 radmin.8 raddebug.8 radrelay.8 radsqlrelay.8 \
+ radwatch.8 rlm_ippool_tool.8
SUB_LIST+= REQUIRE="${_REQUIRE}"
@@ -275,13 +279,24 @@
# Patch raddb/certs/bootstrap to use gmake instead of make
@${REINPLACE_CMD} -Ee "s:^make:${GMAKE}:" \
${WRKSRC}/raddb/certs/bootstrap
-# Clean up after the last operation (so as not to get unwanted files in raddb)
- @${FIND} -E ${WRKSRC}/raddb/certs -regex '.*/bootstrap\.(orig|bak)$$' \
+# Patch raddb/certs/Makefile for the full path to the openssl binary (using
+# ports OpenSSL if installed)
+ @${REINPLACE_CMD} -E \
+ -e "s:^([[:space:]])+openssl:\1${OPENSSLBASE}/bin/openssl:g" \
+ ${WRKSRC}/raddb/certs/Makefile
+# Clean up after the last two operations (so as not to get unwanted files in
+# raddb)
+ @${FIND} -E ${WRKSRC}/raddb/certs \
+ -regex '.*/(bootstrap|Makefile)\.(orig|bak)$$' \
-delete
# If EXPERIMENTAL (and therefore DHCP) is enabled, enable the DHCP dictionary
.ifdef(WITH_EXPERIMENTAL)
@${REINPLACE_CMD} -Ee 's:^#(.+ dictionary\.dhcp)$$:\1:g' \
${WRKSRC}/share/dictionary
+# Clean up (so as not to get an unwanted file in share)
+ @${FIND} -E ${WRKSRC}/share \
+ -regex '.*/dictionary\.(orig|bak)$$' \
+ -delete
.endif
# Patch scripts/Makefile not to install (unnecessary) rc.radiusd
@${REINPLACE_CMD} -Ee 's:^(.+rc\.radiusd.+)$$:#\1:g' \
Property changes on: Makefile
___________________________________________________________________
Added: svn:keywords
+ Id
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list