summaryrefslogtreecommitdiff
path: root/net/freeradius
diff options
context:
space:
mode:
authoradrianp <adrianp@pkgsrc.org>2005-07-09 17:25:00 +0000
committeradrianp <adrianp@pkgsrc.org>2005-07-09 17:25:00 +0000
commit491f4fd604181efbb3a75c26ed9068f60ae4bde5 (patch)
tree9a006e12a5829a0291c02110e7e3889b4ed54596 /net/freeradius
parent8ed092220472409d82f3830750d38f90dc7f55fb (diff)
downloadpkgsrc-491f4fd604181efbb3a75c26ed9068f60ae4bde5.tar.gz
- Update to freeradius 1.0.4
- The security issues mentioned in this update were incorporated into patch-ak previously and a security advisory was already made in regards to this. > FreeRADIUS 1.0.4 ; Date: 2005/06/11 22:46:52, urgency=medium > > * Fix installation problem. > * Increase a buffer size, so radrelay doesn't truncate values. > * Updates in the documentation. Patches from Thor Spruyt. > > FreeRADIUS 1.0.3 ; Date: 2005/06/03 17:15:11, urgency=high > Security Fixes > * Always escape the strings in the SQL module. > * Check buffer bound when input character needs escaping in > the SQL module. Bug found by Primoz Bratanic. > > Bug fixes > * Return EAP-Fail in Access-Reject, rather than an empty Access-Reject > * Don't send Proxy-State from home server in TTLS. > * Fixes for forking external programs, so the server doesn't > suddenly stop processing requests, or stop forking programs. > * radzap now works, but it's command-line options have changed > completely, and it's a shell script. > * radwho has updated command-line options, and no longer reads > Unix "utmp" files. > * Fix bug in calling checkrad script with NAS port > 9999999 > * Fix long-standing bug when both crypt and pthreads are in use > * Don't SEGV when rlm_sql gets 'NULL' value from request. > * Re-arrange code in radrelay to not duplicate accounting packets. > * In rlm_attr_rewrite, change the value when the attribute type > is different from string.
Diffstat (limited to 'net/freeradius')
-rw-r--r--net/freeradius/Makefile6
-rw-r--r--net/freeradius/PLIST3
-rw-r--r--net/freeradius/distinfo9
-rw-r--r--net/freeradius/patches/patch-ak90
4 files changed, 8 insertions, 100 deletions
diff --git a/net/freeradius/Makefile b/net/freeradius/Makefile
index beed546cfbd..4b33a358a6d 100644
--- a/net/freeradius/Makefile
+++ b/net/freeradius/Makefile
@@ -1,7 +1,6 @@
-# $NetBSD: Makefile,v 1.29 2005/05/22 20:08:23 jlam Exp $
+# $NetBSD: Makefile,v 1.30 2005/07/09 17:25:00 adrianp Exp $
-DISTNAME= freeradius-1.0.2
-PKGREVISION= 2
+DISTNAME= freeradius-1.0.4
CATEGORIES= net
MASTER_SITES= ftp://ftp.freeradius.org/pub/radius/ \
ftp://ftp.Awfulhak.org/pub/radius/
@@ -122,7 +121,6 @@ post-install:
. for f in ${EGFILES}
${INSTALL_DATA} ${WRKSRC}/raddb/${f} ${EGDIR}/${f}
. endfor
-. undef f
@${MKDIR} ${PKG_SYSCONFDIR}/certs
@${MKDIR} ${PKG_SYSCONFDIR}/certs/demoCA
diff --git a/net/freeradius/PLIST b/net/freeradius/PLIST
index 8c71dde3cf2..d925b4b76ea 100644
--- a/net/freeradius/PLIST
+++ b/net/freeradius/PLIST
@@ -1,4 +1,4 @@
-@comment $NetBSD: PLIST,v 1.8 2005/05/02 20:34:02 reed Exp $
+@comment $NetBSD: PLIST,v 1.9 2005/07/09 17:25:00 adrianp Exp $
bin/radclient
bin/radeapclient
bin/radlast
@@ -369,6 +369,7 @@ share/freeradius/dictionary.foundry
share/freeradius/dictionary.freeradius
share/freeradius/dictionary.gandalf
share/freeradius/dictionary.garderos
+share/freeradius/dictionary.gemtek
share/freeradius/dictionary.itk
share/freeradius/dictionary.juniper
share/freeradius/dictionary.karlnet
diff --git a/net/freeradius/distinfo b/net/freeradius/distinfo
index e906376846d..af3b4ecd173 100644
--- a/net/freeradius/distinfo
+++ b/net/freeradius/distinfo
@@ -1,9 +1,8 @@
-$NetBSD: distinfo,v 1.14 2005/05/18 21:58:45 adrianp Exp $
+$NetBSD: distinfo,v 1.15 2005/07/09 17:25:00 adrianp Exp $
-SHA1 (freeradius-1.0.2.tar.gz) = 5703fd8abb4f28c15d716bd1ec1e9cfe2e1e6c90
-RMD160 (freeradius-1.0.2.tar.gz) = 796da74e64da189d7d7520201c7c4139f9f478c4
-Size (freeradius-1.0.2.tar.gz) = 2208884 bytes
+SHA1 (freeradius-1.0.4.tar.gz) = f0c877ae80592609ada4875cf1b472c7742720fb
+RMD160 (freeradius-1.0.4.tar.gz) = b75a872ced9a461f3063f19d49546fc9ef86a225
+Size (freeradius-1.0.4.tar.gz) = 2209057 bytes
SHA1 (patch-ae) = 0c1b6c79329f41c35e3a783e61cc205cb78a4773
SHA1 (patch-ai) = bb4dafd3f6b961403caa955c9a09c271468ada36
SHA1 (patch-aj) = 422c9dfbde08c26acf41a040c57508ab9725004e
-SHA1 (patch-ak) = ad272be635d6b27e5b986c3e9a06ef85484c1230
diff --git a/net/freeradius/patches/patch-ak b/net/freeradius/patches/patch-ak
deleted file mode 100644
index f5e80698007..00000000000
--- a/net/freeradius/patches/patch-ak
+++ /dev/null
@@ -1,90 +0,0 @@
-$NetBSD: patch-ak,v 1.3 2005/05/18 21:58:45 adrianp Exp $
-
---- src/modules/rlm_sql/rlm_sql.c.orig 2004-09-30 15:54:22.000000000 +0100
-+++ src/modules/rlm_sql/rlm_sql.c
-@@ -158,6 +158,7 @@ static int rlm_sql_init(void) {
- */
- static int sql_set_user(SQL_INST *inst, REQUEST *request, char *sqlusername, const char *username);
- static int generate_sql_clients(SQL_INST *inst);
-+static int sql_escape_func(char *out, int outlen, const char *in);
-
- /*
- * sql xlat function. Right now only SELECTs are supported. Only
-@@ -184,7 +185,7 @@ static int sql_xlat(void *instance, REQU
- /*
- * Do an xlat on the provided string (nice recursive operation).
- */
-- if (!radius_xlat(querystr, sizeof(querystr), fmt, request, func)) {
-+ if (!radius_xlat(querystr, sizeof(querystr), fmt, request, sql_escape_func)) {
- radlog(L_ERR, "rlm_sql (%s): xlat failed.",
- inst->config->xlat_name);
- return 0;
-@@ -409,18 +410,18 @@ static int sql_escape_func(char *out, in
-
- while (in[0]) {
- /*
-- * Only one byte left.
-- */
-- if (outlen <= 1) {
-- break;
-- }
--
-- /*
- * Non-printable characters get replaced with their
- * mime-encoded equivalents.
- */
- if ((in[0] < 32) ||
- strchr(allowed_chars, *in) == NULL) {
-+ /*
-+ * Only 3 or less bytes available.
-+ */
-+ if (outlen <= 3) {
-+ break;
-+ }
-+
- snprintf(out, outlen, "=%02X", (unsigned char) in[0]);
- in++;
- out += 3;
-@@ -430,7 +431,14 @@ static int sql_escape_func(char *out, in
- }
-
- /*
-- * Else it's a nice character.
-+ * Only one byte left.
-+ */
-+ if (outlen <= 1) {
-+ break;
-+ }
-+
-+ /*
-+ * Allowed character.
- */
- *out = *in;
- out++;
-@@ -517,7 +525,7 @@ static int sql_groupcmp(void *instance,
- */
- if (sql_set_user(inst, req, sqlusername, 0) < 0)
- return 1;
-- if (!radius_xlat(querystr, sizeof(querystr), inst->config->groupmemb_query, req, NULL)){
-+ if (!radius_xlat(querystr, sizeof(querystr), inst->config->groupmemb_query, req, sql_escape_func)){
- radlog(L_ERR, "rlm_sql (%s): xlat failed.",
- inst->config->xlat_name);
- /* Remove the username we (maybe) added above */
-@@ -1149,7 +1157,7 @@ static int rlm_sql_checksimul(void *inst
- if(sql_set_user(inst, request, sqlusername, 0) <0)
- return RLM_MODULE_FAIL;
-
-- radius_xlat(querystr, sizeof(querystr), inst->config->simul_count_query, request, NULL);
-+ radius_xlat(querystr, sizeof(querystr), inst->config->simul_count_query, request, sql_escape_func);
-
- /* initialize the sql socket */
- sqlsocket = sql_get_socket(inst);
-@@ -1193,7 +1201,7 @@ static int rlm_sql_checksimul(void *inst
- return RLM_MODULE_OK;
- }
-
-- radius_xlat(querystr, sizeof(querystr), inst->config->simul_verify_query, request, NULL);
-+ radius_xlat(querystr, sizeof(querystr), inst->config->simul_verify_query, request, sql_escape_func);
- if(rlm_sql_select_query(sqlsocket, inst, querystr)) {
- radlog(L_ERR, "rlm_sql (%s): sql_checksimul: Database query error", inst->config->xlat_name);
- sql_release_socket(inst, sqlsocket);