summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorbouyer <bouyer@pkgsrc.org>2012-09-12 18:37:09 +0000
committerbouyer <bouyer@pkgsrc.org>2012-09-12 18:37:09 +0000
commit33fd658376b57c591d8db15eb5c71f9783225265 (patch)
treeb6c0ee0eba12fcc0fb7b5e8b086f22a2f15953ea
parent67dc3bb315575d3f5d9169dcec06e429e7ec1882 (diff)
downloadpkgsrc-33fd658376b57c591d8db15eb5c71f9783225265.tar.gz
Add patch from the freeradius git repository, fixing CVE-2012-3547.
Bump PKGREVISION
-rw-r--r--net/freeradius2/Makefile4
-rw-r--r--net/freeradius2/distinfo3
-rw-r--r--net/freeradius2/patches/patch-src_modules_rlm_eap_types_rlm_eap_tls_rlm_eap_tls.c15
3 files changed, 19 insertions, 3 deletions
diff --git a/net/freeradius2/Makefile b/net/freeradius2/Makefile
index 2b80a6c5bda..924aeacc04c 100644
--- a/net/freeradius2/Makefile
+++ b/net/freeradius2/Makefile
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.23 2012/04/03 01:38:18 obache Exp $
+# $NetBSD: Makefile,v 1.24 2012/09/12 18:37:09 bouyer Exp $
DISTNAME= freeradius-server-${RADVER}
PKGNAME= ${DISTNAME:S/-server//}
-PKGREVISION= 3
+PKGREVISION= 4
CATEGORIES= net
MASTER_SITES= ftp://ftp.freeradius.org/pub/freeradius/
EXTRACT_SUFX= .tar.bz2
diff --git a/net/freeradius2/distinfo b/net/freeradius2/distinfo
index a75456eba82..c5d91a61a34 100644
--- a/net/freeradius2/distinfo
+++ b/net/freeradius2/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.12 2012/03/12 21:54:13 joerg Exp $
+$NetBSD: distinfo,v 1.13 2012/09/12 18:37:09 bouyer Exp $
SHA1 (freeradius-server-2.1.12.tar.bz2) = d80760f5ca854225e262954ce2505c22ef5fc6b2
RMD160 (freeradius-server-2.1.12.tar.bz2) = f951119a54057d2948f6dc28faa4bb2434b416a1
@@ -12,3 +12,4 @@ SHA1 (patch-aj) = 865882e6e6e935276529b98616c9059c555272b9
SHA1 (patch-ak) = 751aba6a3f9716279f3a87871cf7008b7a921f9a
SHA1 (patch-al) = 6d68e3e2d7dd50675f142be974b277da0f664c8b
SHA1 (patch-man_man5_dictionary.5) = cc662beeb2351501c9761e4ce6fc8402c7907b30
+SHA1 (patch-src_modules_rlm_eap_types_rlm_eap_tls_rlm_eap_tls.c) = 3e52710e8fa6276beb5ef59d1f6895d27374f3fc
diff --git a/net/freeradius2/patches/patch-src_modules_rlm_eap_types_rlm_eap_tls_rlm_eap_tls.c b/net/freeradius2/patches/patch-src_modules_rlm_eap_types_rlm_eap_tls_rlm_eap_tls.c
new file mode 100644
index 00000000000..e7247416e6e
--- /dev/null
+++ b/net/freeradius2/patches/patch-src_modules_rlm_eap_types_rlm_eap_tls_rlm_eap_tls.c
@@ -0,0 +1,15 @@
+$NetBSD: patch-src_modules_rlm_eap_types_rlm_eap_tls_rlm_eap_tls.c,v 1.1 2012/09/12 18:37:10 bouyer Exp $
+Fix CVE-2012-3547, from freerdius git repository:
+https://github.com/alandekok/freeradius-server/commit/78e5aed56c36a9231bc91ea5f55b3edf88a9d2a4
+
+--- src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c.orig 2012-09-12 20:17:15.000000000 +0200
++++ src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c 2012-09-12 20:17:18.000000000 +0200
+@@ -531,7 +531,7 @@
+ */
+ buf[0] = '\0';
+ asn_time = X509_get_notAfter(client_cert);
+- if ((lookup <= 1) && asn_time && (asn_time->length < MAX_STRING_LEN)) {
++ if ((lookup <= 1) && asn_time && (asn_time->length < sizeof(buf))) {
+ memcpy(buf, (char*) asn_time->data, asn_time->length);
+ buf[asn_time->length] = '\0';
+ pairadd(&handler->certs,