pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/net/freeradius - Update to freeradius 1.0.4
details: https://anonhg.NetBSD.org/pkgsrc/rev/df3db1a0c415
branches: trunk
changeset: 496714:df3db1a0c415
user: adrianp <adrianp%pkgsrc.org@localhost>
date: Sat Jul 09 17:25:00 2005 +0000
description:
- Update to freeradius 1.0.4
- The security issues mentioned in this update were incorporated
into patch-ak previously and a security advisory was already
made in regards to this.
> FreeRADIUS 1.0.4 ; Date: 2005/06/11 22:46:52, urgency=medium
>
> * Fix installation problem.
> * Increase a buffer size, so radrelay doesn't truncate values.
> * Updates in the documentation. Patches from Thor Spruyt.
>
> FreeRADIUS 1.0.3 ; Date: 2005/06/03 17:15:11, urgency=high
> Security Fixes
> * Always escape the strings in the SQL module.
> * Check buffer bound when input character needs escaping in
> the SQL module. Bug found by Primoz Bratanic.
>
> Bug fixes
> * Return EAP-Fail in Access-Reject, rather than an empty Access-Reject
> * Don't send Proxy-State from home server in TTLS.
> * Fixes for forking external programs, so the server doesn't
> suddenly stop processing requests, or stop forking programs.
> * radzap now works, but it's command-line options have changed
> completely, and it's a shell script.
> * radwho has updated command-line options, and no longer reads
> Unix "utmp" files.
> * Fix bug in calling checkrad script with NAS port > 9999999
> * Fix long-standing bug when both crypt and pthreads are in use
> * Don't SEGV when rlm_sql gets 'NULL' value from request.
> * Re-arrange code in radrelay to not duplicate accounting packets.
> * In rlm_attr_rewrite, change the value when the attribute type
> is different from string.
diffstat:
net/freeradius/Makefile | 6 +-
net/freeradius/PLIST | 3 +-
net/freeradius/distinfo | 9 +--
net/freeradius/patches/patch-ak | 90 -----------------------------------------
4 files changed, 8 insertions(+), 100 deletions(-)
diffs (149 lines):
diff -r f018752a417b -r df3db1a0c415 net/freeradius/Makefile
--- a/net/freeradius/Makefile Sat Jul 09 16:16:45 2005 +0000
+++ b/net/freeradius/Makefile Sat Jul 09 17:25:00 2005 +0000
@@ -1,7 +1,6 @@
-# $NetBSD: Makefile,v 1.29 2005/05/22 20:08:23 jlam Exp $
+# $NetBSD: Makefile,v 1.30 2005/07/09 17:25:00 adrianp Exp $
-DISTNAME= freeradius-1.0.2
-PKGREVISION= 2
+DISTNAME= freeradius-1.0.4
CATEGORIES= net
MASTER_SITES= ftp://ftp.freeradius.org/pub/radius/ \
ftp://ftp.Awfulhak.org/pub/radius/
@@ -122,7 +121,6 @@
. for f in ${EGFILES}
${INSTALL_DATA} ${WRKSRC}/raddb/${f} ${EGDIR}/${f}
. endfor
-. undef f
@${MKDIR} ${PKG_SYSCONFDIR}/certs
@${MKDIR} ${PKG_SYSCONFDIR}/certs/demoCA
diff -r f018752a417b -r df3db1a0c415 net/freeradius/PLIST
--- a/net/freeradius/PLIST Sat Jul 09 16:16:45 2005 +0000
+++ b/net/freeradius/PLIST Sat Jul 09 17:25:00 2005 +0000
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.8 2005/05/02 20:34:02 reed Exp $
+@comment $NetBSD: PLIST,v 1.9 2005/07/09 17:25:00 adrianp Exp $
bin/radclient
bin/radeapclient
bin/radlast
@@ -369,6 +369,7 @@
share/freeradius/dictionary.freeradius
share/freeradius/dictionary.gandalf
share/freeradius/dictionary.garderos
+share/freeradius/dictionary.gemtek
share/freeradius/dictionary.itk
share/freeradius/dictionary.juniper
share/freeradius/dictionary.karlnet
diff -r f018752a417b -r df3db1a0c415 net/freeradius/distinfo
--- a/net/freeradius/distinfo Sat Jul 09 16:16:45 2005 +0000
+++ b/net/freeradius/distinfo Sat Jul 09 17:25:00 2005 +0000
@@ -1,9 +1,8 @@
-$NetBSD: distinfo,v 1.14 2005/05/18 21:58:45 adrianp Exp $
+$NetBSD: distinfo,v 1.15 2005/07/09 17:25:00 adrianp Exp $
-SHA1 (freeradius-1.0.2.tar.gz) = 5703fd8abb4f28c15d716bd1ec1e9cfe2e1e6c90
-RMD160 (freeradius-1.0.2.tar.gz) = 796da74e64da189d7d7520201c7c4139f9f478c4
-Size (freeradius-1.0.2.tar.gz) = 2208884 bytes
+SHA1 (freeradius-1.0.4.tar.gz) = f0c877ae80592609ada4875cf1b472c7742720fb
+RMD160 (freeradius-1.0.4.tar.gz) = b75a872ced9a461f3063f19d49546fc9ef86a225
+Size (freeradius-1.0.4.tar.gz) = 2209057 bytes
SHA1 (patch-ae) = 0c1b6c79329f41c35e3a783e61cc205cb78a4773
SHA1 (patch-ai) = bb4dafd3f6b961403caa955c9a09c271468ada36
SHA1 (patch-aj) = 422c9dfbde08c26acf41a040c57508ab9725004e
-SHA1 (patch-ak) = ad272be635d6b27e5b986c3e9a06ef85484c1230
diff -r f018752a417b -r df3db1a0c415 net/freeradius/patches/patch-ak
--- a/net/freeradius/patches/patch-ak Sat Jul 09 16:16:45 2005 +0000
+++ /dev/null Thu Jan 01 00:00:00 1970 +0000
@@ -1,90 +0,0 @@
-$NetBSD: patch-ak,v 1.3 2005/05/18 21:58:45 adrianp Exp $
-
---- src/modules/rlm_sql/rlm_sql.c.orig 2004-09-30 15:54:22.000000000 +0100
-+++ src/modules/rlm_sql/rlm_sql.c
-@@ -158,6 +158,7 @@ static int rlm_sql_init(void) {
- */
- static int sql_set_user(SQL_INST *inst, REQUEST *request, char *sqlusername, const char *username);
- static int generate_sql_clients(SQL_INST *inst);
-+static int sql_escape_func(char *out, int outlen, const char *in);
-
- /*
- * sql xlat function. Right now only SELECTs are supported. Only
-@@ -184,7 +185,7 @@ static int sql_xlat(void *instance, REQU
- /*
- * Do an xlat on the provided string (nice recursive operation).
- */
-- if (!radius_xlat(querystr, sizeof(querystr), fmt, request, func)) {
-+ if (!radius_xlat(querystr, sizeof(querystr), fmt, request, sql_escape_func)) {
- radlog(L_ERR, "rlm_sql (%s): xlat failed.",
- inst->config->xlat_name);
- return 0;
-@@ -409,18 +410,18 @@ static int sql_escape_func(char *out, in
-
- while (in[0]) {
- /*
-- * Only one byte left.
-- */
-- if (outlen <= 1) {
-- break;
-- }
--
-- /*
- * Non-printable characters get replaced with their
- * mime-encoded equivalents.
- */
- if ((in[0] < 32) ||
- strchr(allowed_chars, *in) == NULL) {
-+ /*
-+ * Only 3 or less bytes available.
-+ */
-+ if (outlen <= 3) {
-+ break;
-+ }
-+
- snprintf(out, outlen, "=%02X", (unsigned char) in[0]);
- in++;
- out += 3;
-@@ -430,7 +431,14 @@ static int sql_escape_func(char *out, in
- }
-
- /*
-- * Else it's a nice character.
-+ * Only one byte left.
-+ */
-+ if (outlen <= 1) {
-+ break;
-+ }
-+
-+ /*
-+ * Allowed character.
- */
- *out = *in;
- out++;
-@@ -517,7 +525,7 @@ static int sql_groupcmp(void *instance,
- */
- if (sql_set_user(inst, req, sqlusername, 0) < 0)
- return 1;
-- if (!radius_xlat(querystr, sizeof(querystr), inst->config->groupmemb_query, req, NULL)){
-+ if (!radius_xlat(querystr, sizeof(querystr), inst->config->groupmemb_query, req, sql_escape_func)){
- radlog(L_ERR, "rlm_sql (%s): xlat failed.",
- inst->config->xlat_name);
- /* Remove the username we (maybe) added above */
-@@ -1149,7 +1157,7 @@ static int rlm_sql_checksimul(void *inst
- if(sql_set_user(inst, request, sqlusername, 0) <0)
- return RLM_MODULE_FAIL;
-
-- radius_xlat(querystr, sizeof(querystr), inst->config->simul_count_query, request, NULL);
-+ radius_xlat(querystr, sizeof(querystr), inst->config->simul_count_query, request, sql_escape_func);
-
- /* initialize the sql socket */
- sqlsocket = sql_get_socket(inst);
-@@ -1193,7 +1201,7 @@ static int rlm_sql_checksimul(void *inst
- return RLM_MODULE_OK;
- }
-
-- radius_xlat(querystr, sizeof(querystr), inst->config->simul_verify_query, request, NULL);
-+ radius_xlat(querystr, sizeof(querystr), inst->config->simul_verify_query, request, sql_escape_func);
- if(rlm_sql_select_query(sqlsocket, inst, querystr)) {
- radlog(L_ERR, "rlm_sql (%s): sql_checksimul: Database query error", inst->config->xlat_name);
- sql_release_socket(inst, sqlsocket);
Home |
Main Index |
Thread Index |
Old Index