Pullup ticket #5135 - requested by sevan

net/freeradius2: security fix Revisions pulled up: - net/freeradius2/Makefile 1.44 - net/freeradius2/PLIST 1.17 - net/freeradius2/distinfo 1.18 - net/freeradius2/patches/patch-aa 1.2 - net/freeradius2/patches/patch-ab 1.2 - net/freeradius2/patches/patch-ac 1.5 - net/freeradius2/patches/patch-ae 1.4 - net/freeradius2/patches/patch-ai 1.7 - net/freeradius2/patches/patch-aj 1.3 - net/freeradius2/patches/patch-ak 1.4 - net/freeradius2/patches/patch-al 1.4 - net/freeradius2/patches/patch-configure.in 1.1 - net/freeradius2/patches/patch-man_man5_dictionary.5 1.2 - net/freeradius2/patches/patch-src_modules_rlm__pap_rlm__pap.c deleted --- Module Name: pkgsrc Committed By: sevan Date: Tue Oct 11 14:12:42 UTC 2016 Modified Files: pkgsrc/net/freeradius2: Makefile PLIST distinfo pkgsrc/net/freeradius2/patches: patch-aa patch-ab patch-ac patch-ae patch-ai patch-aj patch-ak patch-al patch-man_man5_dictionary.5 Added Files: pkgsrc/net/freeradius2/patches: patch-configure.in Removed Files: pkgsrc/net/freeradius2/patches: patch-src_modules_rlm__pap_rlm__pap.c Log Message: Update to v2.2.9 http://freeradius.org/version2.html The 2.2.x release series is now End Of Life. Only security fixes will be applied to 2.2.x. Fix Tunnel-Password crash from home server. Found by Denis Andzakovic. Fix timer issue when proxying. Update EAP-TTLS so that MPPE keys are correctly calculated with TLSv1.2. Always delete MS-MPPE-* from the TTLS inner tunnel. This allows TTLS / EAP-MSCHAPv2 to work. Don't fall through in empty "case" statements. Fixes #1274.
author: bsiegert <bsiegert@pkgsrc.org> 2016-10-15 19:06:02 +0000
committer: bsiegert <bsiegert@pkgsrc.org> 2016-10-15 19:06:02 +0000
commit: da4a49d567a47015872306146bc5ddd910c2ee50 (patch)
tree: 82e6fe7e0e0e0735bafaf3d272470b47785f328d
parent: 2925f481171ebe953d10224635906e322b2fe1c7 (diff)
download: pkgsrc-da4a49d567a47015872306146bc5ddd910c2ee50.tar.gz
14 files changed, 132 insertions, 109 deletions
diff --git a/net/freeradius2/Makefile b/net/freeradius2/Makefile
index b2dd75cb422..d96055c05bf 100644
--- a/net/freeradius2/Makefile
+++ b/net/freeradius2/Makefile
@@ -1,8 +1,7 @@
-# $NetBSD: Makefile,v 1.42 2016/06/08 19:24:07 wiz Exp $
+# $NetBSD: Makefile,v 1.42.4.1 2016/10/15 19:06:02 bsiegert Exp $
 
 DISTNAME=	freeradius-server-${RADVER}
 PKGNAME=	${DISTNAME:S/-server//}
-PKGREVISION=	14
 CATEGORIES=	net
 MASTER_SITES=	ftp://ftp.freeradius.org/pub/freeradius/
 EXTRACT_SUFX=	.tar.bz2
@@ -15,6 +14,7 @@ LICENSE=	gnu-gpl-v2
 CONFLICTS+=		radiusd-cistron-[0-9]*
 CONFLICTS+=		freeradius<2.0
 USE_TOOLS+=		gmake perl:run
+USE_LANGUAGES+=		c c++
 USE_LIBTOOL=		yes
 USE_OLD_DES_API=	yes
 MAKE_JOBS_SAFE=		no
@@ -25,6 +25,7 @@ BUILD_DEFS+=		VARBASE
 FILES_SUBST+=		RADIUS_USER=${RADIUS_USER}
 FILES_SUBST+=		RADIUS_GROUP=${RADIUS_GROUP}
 PLIST_SUBST+=		RADVER=${RADVER}
+PLIST_SUBST+=		RADVERALT=${RADVERALT}
 MESSAGE_SRC+=		${PKGDIR}/MESSAGE
 MESSAGE_SUBST+=		CHOWN=${CHOWN:Q} CHMOD=${CHMOD:Q} VARBASE=${VARBASE}
 MESSAGE_SUBST+=		RADIUS_USER=${RADIUS_USER} XARGS=${XARGS:Q}
@@ -45,7 +46,8 @@ OWN_DIRS_PERMS+=	${VARBASE}/log/radiusd \
 OWN_DIRS_PERMS+=	${VARBASE}/log/radiusd/radacct \
 			${RADIUS_USER} ${RADIUS_GROUP} 0750
 
-RADVER=			2.2.0
+RADVER=			2.2.9
+RADVERALT=		020209
 EGDIR=			${PREFIX}/share/examples/freeradius
 
 BUILDLINK_API_DEPENDS.openssl+=	openssl>=0.9.7
@@ -157,6 +159,7 @@ post-install:
 	${INSTALL_DATA} ${WRKSRC}/src/modules/rlm_perl/example.pl ${DESTDIR}${EGDIR}
 
 .include "../../devel/libltdl/buildlink3.mk"
+.include "../../devel/libexecinfo/buildlink3.mk"
 .include "../../net/libpcap/buildlink3.mk"
 .include "../../security/openssl/buildlink3.mk"
 .include "../../mk/bsd.pkg.mk"
diff --git a/net/freeradius2/PLIST b/net/freeradius2/PLIST
index 7b986bf2e95..6290ac20610 100644
--- a/net/freeradius2/PLIST
+++ b/net/freeradius2/PLIST
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.16 2014/03/11 14:05:08 jperkin Exp $
+@comment $NetBSD: PLIST,v 1.16.22.1 2016/10/15 19:06:02 bsiegert Exp $
 bin/rad_counter
 bin/radclient
 bin/radconf2xml
@@ -15,6 +15,7 @@ ${PLIST.dbm}bin/rlm_dbm_parser
 bin/rlm_ippool_tool
 bin/smbencrypt
 include/freeradius/autoconf.h
+include/freeradius/base64.h
 include/freeradius/conf.h
 include/freeradius/conffile.h
 include/freeradius/detail.h
@@ -39,13 +40,14 @@ include/freeradius/realms.h
 include/freeradius/sha1.h
 include/freeradius/stats.h
 include/freeradius/sysutmp.h
+include/freeradius/threads.h
 include/freeradius/token.h
 include/freeradius/udpfromto.h
 include/freeradius/vmps.h
 include/freeradius/vqp.h
 lib/libfreeradius-eap-${RADVER}.la
 lib/libfreeradius-eap.la
-lib/libfreeradius-radius-${RADVER}.la
+lib/libfreeradius-radius-${RADVERALT}.la
 lib/libfreeradius-radius.la
 lib/rlm_acct_unique-${RADVER}.la
 lib/rlm_acct_unique.la
@@ -303,6 +305,12 @@ share/doc/freeradius/rfc/rfc5607.txt
 share/doc/freeradius/rfc/rfc5904.txt
 share/doc/freeradius/rfc/rfc5997.txt
 share/doc/freeradius/rfc/rfc6158.txt
+share/doc/freeradius/rfc/rfc6519.txt
+share/doc/freeradius/rfc/rfc6572.txt
+share/doc/freeradius/rfc/rfc6677.txt
+share/doc/freeradius/rfc/rfc6911.txt
+share/doc/freeradius/rfc/rfc6929.txt
+share/doc/freeradius/rfc/rfc6930.txt
 share/doc/freeradius/rlm_dbm
 share/doc/freeradius/rlm_eap
 share/doc/freeradius/rlm_expiration
@@ -441,8 +449,10 @@ share/freeradius/dictionary.3gpp
 share/freeradius/dictionary.3gpp2
 share/freeradius/dictionary.acc
 share/freeradius/dictionary.acme
+share/freeradius/dictionary.aerohive
 share/freeradius/dictionary.airespace
 share/freeradius/dictionary.alcatel
+share/freeradius/dictionary.alcatel-lucent.aaa
 share/freeradius/dictionary.alcatel.esam
 share/freeradius/dictionary.alcatel.sr
 share/freeradius/dictionary.alteon
@@ -459,7 +469,11 @@ share/freeradius/dictionary.avaya
 share/freeradius/dictionary.azaire
 share/freeradius/dictionary.bay
 share/freeradius/dictionary.bintec
+share/freeradius/dictionary.bluecoat
 share/freeradius/dictionary.bristol
+share/freeradius/dictionary.broadsoft
+share/freeradius/dictionary.brocade
+share/freeradius/dictionary.bskyb
 share/freeradius/dictionary.bt
 share/freeradius/dictionary.cablelabs
 share/freeradius/dictionary.cabletron
@@ -469,19 +483,27 @@ share/freeradius/dictionary.cisco
 share/freeradius/dictionary.cisco.bbsm
 share/freeradius/dictionary.cisco.vpn3000
 share/freeradius/dictionary.cisco.vpn5000
+share/freeradius/dictionary.citrix
 share/freeradius/dictionary.clavister
 share/freeradius/dictionary.colubris
 share/freeradius/dictionary.columbia_university
 share/freeradius/dictionary.compat
+share/freeradius/dictionary.compatible
 share/freeradius/dictionary.cosine
+share/freeradius/dictionary.dante
 share/freeradius/dictionary.dhcp
 share/freeradius/dictionary.digium
+share/freeradius/dictionary.dlink
+share/freeradius/dictionary.dragonwave
+share/freeradius/dictionary.efficientip
 share/freeradius/dictionary.eltex
 share/freeradius/dictionary.epygi
 share/freeradius/dictionary.ericsson
+share/freeradius/dictionary.ericsson.packet.core.networks
 share/freeradius/dictionary.erx
 share/freeradius/dictionary.extreme
 share/freeradius/dictionary.f5
+share/freeradius/dictionary.fdxtended
 share/freeradius/dictionary.fortinet
 share/freeradius/dictionary.foundry
 share/freeradius/dictionary.freeradius
@@ -501,12 +523,14 @@ share/freeradius/dictionary.itk
 share/freeradius/dictionary.jradius
 share/freeradius/dictionary.juniper
 share/freeradius/dictionary.karlnet
+share/freeradius/dictionary.kineto
 share/freeradius/dictionary.lancom
 share/freeradius/dictionary.livingston
 share/freeradius/dictionary.localweb
 share/freeradius/dictionary.lucent
 share/freeradius/dictionary.manzara
 share/freeradius/dictionary.merit
+share/freeradius/dictionary.meru
 share/freeradius/dictionary.microsoft
 share/freeradius/dictionary.mikrotik
 share/freeradius/dictionary.motorola
@@ -527,6 +551,7 @@ share/freeradius/dictionary.paloalto
 share/freeradius/dictionary.patton
 share/freeradius/dictionary.propel
 share/freeradius/dictionary.prosoft
+share/freeradius/dictionary.proxim
 share/freeradius/dictionary.purewave
 share/freeradius/dictionary.quiconnect
 share/freeradius/dictionary.quintum
@@ -553,8 +578,18 @@ share/freeradius/dictionary.rfc5447
 share/freeradius/dictionary.rfc5580
 share/freeradius/dictionary.rfc5607
 share/freeradius/dictionary.rfc5904
+share/freeradius/dictionary.rfc6519
+share/freeradius/dictionary.rfc6572
+share/freeradius/dictionary.rfc6677
+share/freeradius/dictionary.rfc6911
+share/freeradius/dictionary.rfc6930
+share/freeradius/dictionary.rfc7055
+share/freeradius/dictionary.rfc7268
+share/freeradius/dictionary.riverbed
 share/freeradius/dictionary.riverstone
 share/freeradius/dictionary.roaringpenguin
+share/freeradius/dictionary.ruckus
+share/freeradius/dictionary.sg
 share/freeradius/dictionary.shasta
 share/freeradius/dictionary.shiva
 share/freeradius/dictionary.siemens
@@ -587,5 +622,7 @@ share/freeradius/dictionary.wimax.wichorus
 share/freeradius/dictionary.wispr
 share/freeradius/dictionary.xedia
 share/freeradius/dictionary.xylan
+share/freeradius/dictionary.zeus
+share/freeradius/dictionary.zte
 share/freeradius/dictionary.zyxel
 @pkgdir share/examples/freeradius/sites-enabled
diff --git a/net/freeradius2/distinfo b/net/freeradius2/distinfo
index 4f3bbe3d4bc..11ded8ef09b 100644
--- a/net/freeradius2/distinfo
+++ b/net/freeradius2/distinfo
@@ -1,16 +1,15 @@
-$NetBSD: distinfo,v 1.17 2015/11/04 00:35:00 agc Exp $
+$NetBSD: distinfo,v 1.17.8.1 2016/10/15 19:06:02 bsiegert Exp $
 
-SHA1 (freeradius-server-2.2.0.tar.bz2) = 8710b21972072241219f006d26f609cb58875cda
-RMD160 (freeradius-server-2.2.0.tar.bz2) = 243569a7ad93b292439e6938be8102dba12b843d
-SHA512 (freeradius-server-2.2.0.tar.bz2) = 9afdb37293cbf20f85b9cce3c69fe5ccb987f44e84d58cd4150cd99cfe14f8e67359351c4de35f371bc71cac2eae7cd3e086632e011b035cae6a0054205ab961
-Size (freeradius-server-2.2.0.tar.bz2) = 2703349 bytes
-SHA1 (patch-aa) = 90c0c676ea668e36851eeffc0f1703624d703339
-SHA1 (patch-ab) = 7a23eb75a9818b073263fd36cbf17b692fa19a9f
-SHA1 (patch-ac) = e0d7f8b671d4c3646ab51dab2833a3593bf95c6a
-SHA1 (patch-ae) = aa43b83ba991f510cee40cb65c3621e9d559d6dd
-SHA1 (patch-ai) = d3baec3e140981bd0d793a10fb1162e201e565e0
-SHA1 (patch-aj) = 865882e6e6e935276529b98616c9059c555272b9
-SHA1 (patch-ak) = 751aba6a3f9716279f3a87871cf7008b7a921f9a
-SHA1 (patch-al) = 6d68e3e2d7dd50675f142be974b277da0f664c8b
-SHA1 (patch-man_man5_dictionary.5) = cc662beeb2351501c9761e4ce6fc8402c7907b30
-SHA1 (patch-src_modules_rlm__pap_rlm__pap.c) = 595c5dafb22d71fbcb00974e4fc56a1fd1e7c7c3
+SHA1 (freeradius-server-2.2.9.tar.bz2) = 730a5b681b375800a85c935cc2f34c5ba3aa951b
+RMD160 (freeradius-server-2.2.9.tar.bz2) = 4d3097e5d193a2268e81e3bde7cb6b75aed739c5
+Size (freeradius-server-2.2.9.tar.bz2) = 2793005 bytes
+SHA1 (patch-aa) = 07f28084b9d159a52014e31b5314827baaf07716
+SHA1 (patch-ab) = 306ee49b886d38341c2a94159ae033d2cff9c577
+SHA1 (patch-ac) = 689de3193b34f6ff169287a2512bda9691de6899
+SHA1 (patch-ae) = 98be5272791935ed6823165ff53893b352fd6974
+SHA1 (patch-ai) = c224f984167747894506e806a5a9775318b47d96
+SHA1 (patch-aj) = 99f62341e36932270ea0bce38bca8778a2125624
+SHA1 (patch-ak) = 898cc417449e9e5d5513a5d53b538ed320b923a2
+SHA1 (patch-al) = e553795702f48c26c41fa00a7fd59c48413c1423
+SHA1 (patch-configure.in) = e0fc20374d8600694d7a34e1ecef8e1f03b5816d
+SHA1 (patch-man_man5_dictionary.5) = 01242a57f7a2bd6b84313ec578b4650c525b72b8
diff --git a/net/freeradius2/patches/patch-aa b/net/freeradius2/patches/patch-aa
index c9c53147413..6a167d31200 100644
--- a/net/freeradius2/patches/patch-aa
+++ b/net/freeradius2/patches/patch-aa
@@ -1,8 +1,8 @@
-$NetBSD: patch-aa,v 1.1 2008/10/12 13:57:27 adrianp Exp $
+$NetBSD: patch-aa,v 1.1.64.1 2016/10/15 19:06:02 bsiegert Exp $
 
---- src/lib/log.c.orig	2008-10-11 21:31:55.000000000 +0200
-+++ src/lib/log.c	2008-10-11 21:31:49.000000000 +0200
-@@ -52,10 +52,10 @@
+--- src/lib/log.c.orig	2015-09-30 20:37:13.000000000 +0000
++++ src/lib/log.c
+@@ -52,10 +52,10 @@ RCSID("$Id: 73c46d7d3d460adfb424ef70ee4b
   *	Use pthread keys if we have pthreads.  For MAC, which should
   *	be very fast.
   */
diff --git a/net/freeradius2/patches/patch-ab b/net/freeradius2/patches/patch-ab
index 1c287a4527c..f1647575d82 100644
--- a/net/freeradius2/patches/patch-ab
+++ b/net/freeradius2/patches/patch-ab
@@ -1,6 +1,6 @@
-$NetBSD: patch-ab,v 1.1.1.1 2008/05/15 19:43:47 adrianp Exp $
+$NetBSD: patch-ab,v 1.1.1.1.72.1 2016/10/15 19:06:02 bsiegert Exp $
 
---- src/modules/rlm_perl/Makefile.in.orig	2006-02-10 19:47:17.000000000 +0000
+--- src/modules/rlm_perl/Makefile.in.orig	2015-09-30 20:37:13.000000000 +0000
 +++ src/modules/rlm_perl/Makefile.in
 @@ -15,4 +15,3 @@ include ../rules.mak
  $(LT_OBJS): $(HEADERS)
diff --git a/net/freeradius2/patches/patch-ac b/net/freeradius2/patches/patch-ac
index a2f5a9ca38b..e21a149f628 100644
--- a/net/freeradius2/patches/patch-ac
+++ b/net/freeradius2/patches/patch-ac
@@ -1,8 +1,8 @@
-$NetBSD: patch-ac,v 1.4 2013/04/12 13:45:47 joerg Exp $
+$NetBSD: patch-ac,v 1.4.28.1 2016/10/15 19:06:02 bsiegert Exp $
 
---- src/main/modules.c.orig	2010-10-29 11:11:18.000000000 +0000
+--- src/main/modules.c.orig	2015-09-30 20:37:13.000000000 +0000
 +++ src/main/modules.c
-@@ -1358,9 +1358,6 @@ int setup_modules(int reload, CONF_SECTI
+@@ -1408,9 +1408,6 @@ int setup_modules(int reload, CONF_SECTI
  		 *	It's like libtool and libltdl are some kind
  		 *	of sick joke.
  		 */
diff --git a/net/freeradius2/patches/patch-ae b/net/freeradius2/patches/patch-ae
index f62ffe25bba..80aafccb1de 100644
--- a/net/freeradius2/patches/patch-ae
+++ b/net/freeradius2/patches/patch-ae
@@ -1,6 +1,6 @@
-$NetBSD: patch-ae,v 1.3 2009/10/11 09:18:25 adam Exp $
+$NetBSD: patch-ae,v 1.3.56.1 2016/10/15 19:06:02 bsiegert Exp $
 
---- Makefile.orig	2009-09-14 16:43:29.000000000 +0200
+--- Makefile.orig	2015-09-30 20:37:13.000000000 +0000
 +++ Makefile
 @@ -11,7 +11,7 @@ include Make.inc
  
@@ -11,7 +11,7 @@ $NetBSD: patch-ae,v 1.3 2009/10/11 09:18:25 adam Exp $
  WHAT_TO_MAKE	= all
  
  all:
-@@ -46,9 +46,7 @@ export DESTDIR := $(R)
+@@ -47,9 +47,7 @@ export DESTDIR := $(R)
  install:
  	$(INSTALL) -d -m 755	$(R)$(sbindir)
  	$(INSTALL) -d -m 755	$(R)$(bindir)
diff --git a/net/freeradius2/patches/patch-ai b/net/freeradius2/patches/patch-ai
index 201c606202c..ce40907a0f1 100644
--- a/net/freeradius2/patches/patch-ai
+++ b/net/freeradius2/patches/patch-ai
@@ -1,48 +1,48 @@
-$NetBSD: patch-ai,v 1.6 2012/11/23 01:31:18 jnemeth Exp $
+$NetBSD: patch-ai,v 1.6.32.1 2016/10/15 19:06:02 bsiegert Exp $
 
---- configure.orig	2012-09-10 11:51:34.000000000 +0000
+--- configure.orig	2015-09-30 20:37:13.000000000 +0000
 +++ configure
-@@ -20961,13 +20961,13 @@ fi
+@@ -20177,13 +20177,13 @@ fi
  done
  
  
--  { echo "$as_me:$LINENO: checking for pthread_create in -lpthread" >&5
--echo $ECHO_N "checking for pthread_create in -lpthread... $ECHO_C" >&6; }
-+  { echo "$as_me:$LINENO: checking for pthread_create in ${PTHREAD_LDFLAGS} ${PTHREAD_LIBS}" >&5
-+echo $ECHO_N "checking for pthread_create in ${PTHREAD_LDFLAGS} ${PTHREAD_LIBS}... $ECHO_C" >&6; }
- if test "${ac_cv_lib_pthread_pthread_create+set}" = set; then
-   echo $ECHO_N "(cached) $ECHO_C" >&6
+-  { $as_echo "$as_me:${as_lineno-$LINENO}: checking for pthread_create in -lpthread" >&5
+-$as_echo_n "checking for pthread_create in -lpthread... " >&6; }
++  { $as_echo "$as_me:${as_lineno-$LINENO}: checking for pthread_create in ${PTHREAD_LDFLAGS} ${PTHREAD_LIBS}" >&5
++$as_echo_n "checking for pthread_create in ${PTHREAD_LDFLAGS} ${PTHREAD_LIBS}... " >&6; }
+ if ${ac_cv_lib_pthread_pthread_create+:} false; then :
+   $as_echo_n "(cached) " >&6
  else
    ac_check_lib_save_LIBS=$LIBS
 -LIBS="-lpthread  $LIBS"
 +LIBS="${PTHREAD_LDFLAGS} ${PTHREAD_LIBS}  $LIBS"
- cat >conftest.$ac_ext <<_ACEOF
- /* confdefs.h.  */
- _ACEOF
-@@ -21024,7 +21024,7 @@ fi
- echo "${ECHO_T}$ac_cv_lib_pthread_pthread_create" >&6; }
- if test $ac_cv_lib_pthread_pthread_create = yes; then
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+ /* end confdefs.h.  */
+ 
+@@ -20215,7 +20215,7 @@ fi
+ $as_echo "$ac_cv_lib_pthread_pthread_create" >&6; }
+ if test "x$ac_cv_lib_pthread_pthread_create" = xyes; then :
     CFLAGS="$CFLAGS -D_REENTRANT -D_POSIX_PTHREAD_SEMANTICS"
 -                  LIBS="-lpthread $LIBS"
 +                  LIBS="${PTHREAD_LDFLAGS} ${PTHREAD_LIBS} $LIBS"
  else
-   { echo "$as_me:$LINENO: checking for pthread_create in -lc_r" >&5
- echo $ECHO_N "checking for pthread_create in -lc_r... $ECHO_C" >&6; }
-@@ -21493,7 +21493,7 @@ if test "${ac_cv_lib_ssl_SSL_new+set}" =
-   echo $ECHO_N "(cached) $ECHO_C" >&6
+   { $as_echo "$as_me:${as_lineno-$LINENO}: checking for pthread_create in -lc_r" >&5
+ $as_echo_n "checking for pthread_create in -lc_r... " >&6; }
+@@ -20525,7 +20525,7 @@ if ${ac_cv_lib_ssl_SSL_new+:} false; the
+   $as_echo_n "(cached) " >&6
  else
    ac_check_lib_save_LIBS=$LIBS
 -LIBS="-lssl  $LIBS"
 +LIBS="-lssl -lcrypto  $LIBS"
- cat >conftest.$ac_ext <<_ACEOF
- /* confdefs.h.  */
- _ACEOF
-@@ -25556,7 +25556,7 @@ gethostbyaddrrstyle=""
- { echo "$as_me:$LINENO: checking gethostbyaddr_r() syntax" >&5
- echo $ECHO_N "checking gethostbyaddr_r() syntax... $ECHO_C" >&6; }
+ cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+ /* end confdefs.h.  */
+ 
+@@ -22529,7 +22529,7 @@ gethostbyaddrrstyle=""
+ { $as_echo "$as_me:${as_lineno-$LINENO}: checking gethostbyaddr_r() syntax" >&5
+ $as_echo_n "checking gethostbyaddr_r() syntax... " >&6; }
  case "$host" in
 -*-freebsd*)
 +*-freebsd* | *-dragonfly*)
- 	{ echo "$as_me:$LINENO: checking whether gethostbyaddr_r is declared" >&5
- echo $ECHO_N "checking whether gethostbyaddr_r is declared... $ECHO_C" >&6; }
- if test "${ac_cv_have_decl_gethostbyaddr_r+set}" = set; then
+ 	ac_fn_c_check_decl "$LINENO" "gethostbyaddr_r" "ac_cv_have_decl_gethostbyaddr_r" "
+ #ifdef HAVE_NETDB_H
+ #include <netdb.h>
diff --git a/net/freeradius2/patches/patch-aj b/net/freeradius2/patches/patch-aj
index 2a5b60697b9..18e48c78542 100644
--- a/net/freeradius2/patches/patch-aj
+++ b/net/freeradius2/patches/patch-aj
@@ -1,8 +1,8 @@
-$NetBSD: patch-aj,v 1.2 2010/07/20 08:41:21 adam Exp $
+$NetBSD: patch-aj,v 1.2.50.1 2016/10/15 19:06:02 bsiegert Exp $
 
---- Make.inc.in.orig	2010-05-24 05:40:58.000000000 +0000
+--- Make.inc.in.orig	2015-09-30 20:37:13.000000000 +0000
 +++ Make.inc.in
-@@ -46,6 +46,7 @@ INSTALLSTRIP	= @INSTALLSTRIP@
+@@ -47,6 +47,7 @@ INSTALLSTRIP	= @INSTALLSTRIP@
  LCRYPT		= @CRYPTLIB@
  LIBS		= @LIBS@
  LDFLAGS		= @LDFLAGS@
diff --git a/net/freeradius2/patches/patch-ak b/net/freeradius2/patches/patch-ak
index 44ede58f056..3d8e038d7ed 100644
--- a/net/freeradius2/patches/patch-ak
+++ b/net/freeradius2/patches/patch-ak
@@ -1,15 +1,13 @@
-$NetBSD: patch-ak,v 1.3 2008/10/12 13:57:27 adrianp Exp $
+$NetBSD: patch-ak,v 1.3.64.1 2016/10/15 19:06:02 bsiegert Exp $
 
---- raddb/radiusd.conf.in.orig	2008-09-25 10:41:26.000000000 +0200
+--- raddb/radiusd.conf.in.orig	2015-09-30 20:37:13.000000000 +0000
 +++ raddb/radiusd.conf.in
-@@ -164,8 +164,8 @@ pidfile = ${run_dir}/${name}.pid
- #  It will join all groups where "user" is a member.  This can allow
- #  for some finer-grained access controls.
+@@ -166,6 +166,8 @@ pidfile = ${run_dir}/${name}.pid
  #
--#user = radius
--#group = radius
-+user = @@RADIUS_USER@@
-+group = @@RADIUS_GROUP@@
+ #user = radius
+ #group = radius
++user = radius
++group = radius
  
- #  max_request_time: The maximum time (in seconds) to handle a request.
+ #  panic_action: Command to execute if the server dies unexpectedly.
  #
diff --git a/net/freeradius2/patches/patch-al b/net/freeradius2/patches/patch-al
index 5388c37ca39..49ccb20f5a6 100644
--- a/net/freeradius2/patches/patch-al
+++ b/net/freeradius2/patches/patch-al
@@ -1,8 +1,8 @@
-$NetBSD: patch-al,v 1.3 2010/07/20 08:41:21 adam Exp $
+$NetBSD: patch-al,v 1.3.50.1 2016/10/15 19:06:02 bsiegert Exp $
 
---- src/modules/rlm_preprocess/rlm_preprocess.c.orig	2010-05-24 05:40:58.000000000 +0000
+--- src/modules/rlm_preprocess/rlm_preprocess.c.orig	2015-09-30 20:37:13.000000000 +0000
 +++ src/modules/rlm_preprocess/rlm_preprocess.c
-@@ -130,7 +130,7 @@ static void cisco_vsa_hack(VALUE_PAIR *v
+@@ -128,7 +128,7 @@ static void cisco_vsa_hack(VALUE_PAIR *v
  		/*
  		 *  No weird packing.  Ignore it.
  		 */
@@ -11,7 +11,7 @@ $NetBSD: patch-al,v 1.3 2010/07/20 08:41:21 adam Exp $
  		if (!ptr) continue;
  
  		/*
-@@ -148,7 +148,7 @@ static void cisco_vsa_hack(VALUE_PAIR *v
+@@ -146,7 +146,7 @@ static void cisco_vsa_hack(VALUE_PAIR *v
  			const char *p;
  			DICT_ATTR	*dattr;
  
@@ -20,7 +20,7 @@ $NetBSD: patch-al,v 1.3 2010/07/20 08:41:21 adam Exp $
  			gettoken(&p, newattr, sizeof(newattr));
  
  			if ((dattr = dict_attrbyname(newattr)) != NULL) {
-@@ -232,10 +232,10 @@ static void rad_mangle(rlm_preprocess_t 
+@@ -231,10 +231,10 @@ static void rad_mangle(rlm_preprocess_t 
  		 *
  		 *	FIXME: should we handle this as a REALM ?
  		 */
@@ -33,7 +33,7 @@ $NetBSD: patch-al,v 1.3 2010/07/20 08:41:21 adam Exp $
  			namepair->length = strlen(newname);
  		}
  	}
-@@ -403,9 +403,9 @@ static int huntgroup_access(REQUEST *req
+@@ -415,9 +415,9 @@ static int huntgroup_access(REQUEST *req
  						       &request->packet->vps,
  						       PW_HUNTGROUP_NAME,
  						       PW_TYPE_STRING);
@@ -45,7 +45,7 @@ $NetBSD: patch-al,v 1.3 2010/07/20 08:41:21 adam Exp $
  			}
  			r = RLM_MODULE_OK;
  		}
-@@ -580,7 +580,7 @@ static int preprocess_authorize(void *in
+@@ -597,7 +597,7 @@ static int preprocess_authorize(void *in
  				  data->huntgroups)) != RLM_MODULE_OK) {
  		char buf[1024];
  		radlog_request(L_AUTH, 0, request, "No huntgroup access: [%s] (%s)",
@@ -54,7 +54,7 @@ $NetBSD: patch-al,v 1.3 2010/07/20 08:41:21 adam Exp $
  		       auth_name(buf, sizeof(buf), request, 1));
  		return r;
  	}
-@@ -631,7 +631,7 @@ static int preprocess_preaccounting(void
+@@ -648,7 +648,7 @@ static int preprocess_preaccounting(void
  				  data->huntgroups)) != RLM_MODULE_OK) {
  		char buf[1024];
  		radlog_request(L_INFO, 0, request, "No huntgroup access: [%s] (%s)",
diff --git a/net/freeradius2/patches/patch-configure.in b/net/freeradius2/patches/patch-configure.in
new file mode 100644
index 00000000000..86febc419b0
--- /dev/null
+++ b/net/freeradius2/patches/patch-configure.in
@@ -0,0 +1,12 @@
+$NetBSD: patch-configure.in,v 1.1.2.2 2016/10/15 19:06:02 bsiegert Exp $
+
+--- configure.in.orig	2015-09-30 20:37:13.000000000 +0000
++++ configure.in
+@@ -659,7 +659,6 @@ AC_CHECK_HEADERS( \
+ 	unistd.h \
+ 	crypt.h \
+ 	errno.h \
+-	execinfo.h \
+ 	resource.h \
+ 	sys/resource.h \
+ 	getopt.h \
diff --git a/net/freeradius2/patches/patch-man_man5_dictionary.5 b/net/freeradius2/patches/patch-man_man5_dictionary.5
index 4566904fb7b..d1cfef2d0e8 100644
--- a/net/freeradius2/patches/patch-man_man5_dictionary.5
+++ b/net/freeradius2/patches/patch-man_man5_dictionary.5
@@ -1,6 +1,6 @@
-$NetBSD: patch-man_man5_dictionary.5,v 1.1 2012/03/12 21:54:13 joerg Exp $
+$NetBSD: patch-man_man5_dictionary.5,v 1.1.38.1 2016/10/15 19:06:02 bsiegert Exp $
 
---- man/man5/dictionary.5.orig	2012-03-12 15:51:09.000000000 +0000
+--- man/man5/dictionary.5.orig	2015-09-30 20:37:13.000000000 +0000
 +++ man/man5/dictionary.5
 @@ -60,7 +60,6 @@ given, the attribute is defined to be a 
  Alternately, the options may be the a comma-separated list of the
diff --git a/net/freeradius2/patches/patch-src_modules_rlm__pap_rlm__pap.c b/net/freeradius2/patches/patch-src_modules_rlm__pap_rlm__pap.c
deleted file mode 100644
index e464afa9f3a..00000000000
--- a/net/freeradius2/patches/patch-src_modules_rlm__pap_rlm__pap.c
+++ /dev/null
@@ -1,26 +0,0 @@
-$NetBSD: patch-src_modules_rlm__pap_rlm__pap.c,v 1.1 2014/04/27 12:10:55 he Exp $
-
-Increase buffer size, and use output buffer size as limit for hex2bin.
-Should fix CVE-2014-2015, patch from
-https://github.com/FreeRADIUS/freeradius-server/commit/0d606cfc29a
-
---- src/modules/rlm_pap/rlm_pap.c.orig	2012-09-10 11:51:34.000000000 +0000
-+++ src/modules/rlm_pap/rlm_pap.c
-@@ -245,7 +245,7 @@ static int base64_decode (const char *sr
- static void normify(REQUEST *request, VALUE_PAIR *vp, size_t min_length)
- {
- 	size_t decoded;
--	uint8_t buffer[64];
-+	uint8_t buffer[256];
- 
- 	if (min_length >= sizeof(buffer)) return; /* paranoia */
- 
-@@ -253,7 +253,7 @@ static void normify(REQUEST *request, VA
- 	 *	Hex encoding.
- 	 */
- 	if (vp->length >= (2 * min_length)) {
--		decoded = fr_hex2bin(vp->vp_strvalue, buffer, vp->length >> 1);
-+		decoded = fr_hex2bin(vp->vp_strvalue, buffer, sizeof(buffer));
- 		if (decoded == (vp->length >> 1)) {
- 			RDEBUG2("Normalizing %s from hex encoding", vp->name);
- 			memcpy(vp->vp_octets, buffer, decoded);
author	bsiegert <bsiegert@pkgsrc.org>	2016-10-15 19:06:02 +0000
committer	bsiegert <bsiegert@pkgsrc.org>	2016-10-15 19:06:02 +0000
commit	da4a49d567a47015872306146bc5ddd910c2ee50 (patch)
tree	82e6fe7e0e0e0735bafaf3d272470b47785f328d
parent	2925f481171ebe953d10224635906e322b2fe1c7 (diff)
download	pkgsrc-da4a49d567a47015872306146bc5ddd910c2ee50.tar.gz