Add patch from the freeradius git repository, fixing CVE-2012-3547.

Bump PKGREVISION
author: bouyer <bouyer@pkgsrc.org> 2012-09-12 18:37:09 +0000
committer: bouyer <bouyer@pkgsrc.org> 2012-09-12 18:37:09 +0000
commit: 33fd658376b57c591d8db15eb5c71f9783225265 (patch)
tree: b6c0ee0eba12fcc0fb7b5e8b086f22a2f15953ea /net
parent: 67dc3bb315575d3f5d9169dcec06e429e7ec1882 (diff)
download: pkgsrc-33fd658376b57c591d8db15eb5c71f9783225265.tar.gz
3 files changed, 19 insertions, 3 deletions
diff --git a/net/freeradius2/Makefile b/net/freeradius2/Makefile
index 2b80a6c5bda..924aeacc04c 100644
--- a/net/freeradius2/Makefile
+++ b/net/freeradius2/Makefile
@@ -1,8 +1,8 @@
-# $NetBSD: Makefile,v 1.23 2012/04/03 01:38:18 obache Exp $
+# $NetBSD: Makefile,v 1.24 2012/09/12 18:37:09 bouyer Exp $
 
 DISTNAME=	freeradius-server-${RADVER}
 PKGNAME=	${DISTNAME:S/-server//}
-PKGREVISION=	3
+PKGREVISION=	4
 CATEGORIES=	net
 MASTER_SITES=	ftp://ftp.freeradius.org/pub/freeradius/
 EXTRACT_SUFX=	.tar.bz2
diff --git a/net/freeradius2/distinfo b/net/freeradius2/distinfo
index a75456eba82..c5d91a61a34 100644
--- a/net/freeradius2/distinfo
+++ b/net/freeradius2/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.12 2012/03/12 21:54:13 joerg Exp $
+$NetBSD: distinfo,v 1.13 2012/09/12 18:37:09 bouyer Exp $
 
 SHA1 (freeradius-server-2.1.12.tar.bz2) = d80760f5ca854225e262954ce2505c22ef5fc6b2
 RMD160 (freeradius-server-2.1.12.tar.bz2) = f951119a54057d2948f6dc28faa4bb2434b416a1
@@ -12,3 +12,4 @@ SHA1 (patch-aj) = 865882e6e6e935276529b98616c9059c555272b9
 SHA1 (patch-ak) = 751aba6a3f9716279f3a87871cf7008b7a921f9a
 SHA1 (patch-al) = 6d68e3e2d7dd50675f142be974b277da0f664c8b
 SHA1 (patch-man_man5_dictionary.5) = cc662beeb2351501c9761e4ce6fc8402c7907b30
+SHA1 (patch-src_modules_rlm_eap_types_rlm_eap_tls_rlm_eap_tls.c) = 3e52710e8fa6276beb5ef59d1f6895d27374f3fc
diff --git a/net/freeradius2/patches/patch-src_modules_rlm_eap_types_rlm_eap_tls_rlm_eap_tls.c b/net/freeradius2/patches/patch-src_modules_rlm_eap_types_rlm_eap_tls_rlm_eap_tls.c
new file mode 100644
index 00000000000..e7247416e6e
--- /dev/null
+++ b/net/freeradius2/patches/patch-src_modules_rlm_eap_types_rlm_eap_tls_rlm_eap_tls.c
@@ -0,0 +1,15 @@
+$NetBSD: patch-src_modules_rlm_eap_types_rlm_eap_tls_rlm_eap_tls.c,v 1.1 2012/09/12 18:37:10 bouyer Exp $
+Fix CVE-2012-3547, from freerdius git repository:
+https://github.com/alandekok/freeradius-server/commit/78e5aed56c36a9231bc91ea5f55b3edf88a9d2a4
+
+--- src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c.orig	2012-09-12 20:17:15.000000000 +0200
++++ src/modules/rlm_eap/types/rlm_eap_tls/rlm_eap_tls.c	2012-09-12 20:17:18.000000000 +0200
+@@ -531,7 +531,7 @@
+ 	 */
+ 	buf[0] = '\0';
+ 	asn_time = X509_get_notAfter(client_cert);
+-	if ((lookup <= 1) && asn_time && (asn_time->length < MAX_STRING_LEN)) {
++	if ((lookup <= 1) && asn_time && (asn_time->length < sizeof(buf))) {
+ 		memcpy(buf, (char*) asn_time->data, asn_time->length);
+ 		buf[asn_time->length] = '\0';
+ 		pairadd(&handler->certs,
author	bouyer <bouyer@pkgsrc.org>	2012-09-12 18:37:09 +0000
committer	bouyer <bouyer@pkgsrc.org>	2012-09-12 18:37:09 +0000
commit	33fd658376b57c591d8db15eb5c71f9783225265 (patch)
tree	b6c0ee0eba12fcc0fb7b5e8b086f22a2f15953ea /net
parent	67dc3bb315575d3f5d9169dcec06e429e7ec1882 (diff)
download	pkgsrc-33fd658376b57c591d8db15eb5c71f9783225265.tar.gz