Age | Commit message (Collapse) | Author | Files | Lines |
|
|
|
|
|
It's safe to assume the test for MACHINE_ARCH == "amd64" doesn't actually apply
to NetBSD, hence being redundant.
ok joerg@
|
|
Problems found with existing digests:
Package haproxy distfile haproxy-1.5.14.tar.gz
159f5beb8fdc6b8059ae51b53dc935d91c0fb51f [recorded]
da39a3ee5e6b4b0d3255bfef95601890afd80709 [calculated]
Problems found locating distfiles:
Package bsddip: missing distfile bsddip-1.02.tar.Z
Package citrix_ica: missing distfile citrix_ica-10.6.115659/en.linuxx86.tar.gz
Package djbdns: missing distfile djbdns-1.05-test25.diff.bz2
Package djbdns: missing distfile djbdns-cachestats.patch
Package djbdns: missing distfile 0002-dnscache-cache-soa-records.patch
Package gated: missing distfile gated-3-5-11.tar.gz
Package owncloudclient: missing distfile owncloudclient-2.0.2.tar.xz
Package poink: missing distfile poink-1.6.tar.gz
Package ra-rtsp-proxy: missing distfile rtspd-src-1.0.0.0.tar.gz
Package ucspi-ssl: missing distfile ucspi-ssl-0.70-ucspitls-0.1.patch
Package waste: missing distfile waste-source.tar.gz
Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden). All existing
SHA1 digests retained for now as an audit trail.
|
|
having a PKGNAME of p5-*, or depending such a package,
for perl-5.22.0.
|
|
|
|
Do it for all packages that
* mention perl, or
* have a directory name starting with p5-*, or
* depend on a package starting with p5-
like last time, for 5.18, where this didn't lead to complaints.
Let me know if you have any this time.
|
|
These are now handled dynamically if INIT_SYSTEM is set to "rc.d", or
ignored otherwise.
|
|
|
|
sysutils/user_* packages.
|
|
a) refer 'perl' in their Makefile, or
b) have a directory name of p5-*, or
c) have any dependency on any p5-* package
Like last time, where this caused no complaints.
|
|
|
|
|
|
|
|
|
|
|
|
are called p5-*.
I hope that's all of them.
|
|
|
|
|
|
|
|
Bug fixes: Fix crash (memcpy with length -1) when invalid Tunnel-Password
attributes are received.
|
|
|
|
|
|
|
|
|
|
|
|
MAKE_JOBS=2 and worked without.
|
|
|
|
|
|
on packages that are affected by the switch from the openssl 0.9.7
branch to the 0.9.8 branch. ok jlam@
|
|
|
|
Also do some pkglintification while we are here.
|
|
Feature Improvements
* Updated LDAP documentation.
* Added note on DH parameters in eap.conf, and debugging messages which complain if DH is used, but not configured properly.
* Updated the Mikrotik dictionary. Added a note that the sample dictionary they supply is broken.
* Output more information on blocked threads, which should help narrow down which modules is causing the problem.
* Added more eDirectory support.
* rlm_ldap now prints out attributes in the standard format
* Enabled server-side handling of procedures in MySQL
Bug Fixes
* Added NT-Hash support for mschap_xlat.
* Corrected documentation to point to correct location of files.
* Checks for more recent FreeBSD versions.
* uses -DLDAP_DEPRECATED to avoid OpenLDAP crashes.
* Use correct value for authentication name in rlm_mschap.
* Fix over-ride for usernames when use_tunneled_reply = yes.
|
|
the owner of all installed files is a non-root user. This change
affects most packages that require special users or groups by making
them use the specified unprivileged user and group instead.
(1) Add two new variables PKG_GROUPS_VARS and PKG_USERS_VARS to
unprivileged.mk. These two variables are lists of other bmake
variables that define package-specific users and groups. Packages
that have user-settable variables for users and groups, e.g. apache
and APACHE_{USER,GROUP}, courier-mta and COURIER_{USER,GROUP},
etc., should list these variables in PKG_USERS_VARS and PKG_GROUPS_VARS
so that unprivileged.mk can know to set them to ${UNPRIVILEGED_USER}
and ${UNPRIVILEGED_GROUP}.
(2) Modify packages to use PKG_GROUPS_VARS and PKG_USERS_VARS.
|
|
Feature Improvements
* Added more dictionaries
Bug Fixes
* Corrected typo in rlm_pap.c (closes #440)
* Corrected typo in src/main/auth.c (closes #437)
* Suppress SSL error messages if error is zero. (closes #436)
* Don't complain about "Error in read client certificate A" if we expect to
read it in the next packet. Fix based on patch by Dan Lukes.
* Corrected nearly 30 bugs found by Coverity See also http://scan.coverity.com
* Don't die on HUP. Instead leak memory (sorry). After a few hundred HUP's, the
server will have leaked a few megabytes of memory, and you should probably
re-start it. It's ugly, but better than dying. (Closes #426)
* Corrected a few double free's
* Corrected typo in radrelay, which prevented it from working
* Made Firebird module build
* Fixed bug in PostgreSQL module that caused server crash.
* Fixed bug in SQL module that could cause server to crash.
|
|
2006.03.05 Version 1.1.5 has been released.
The focus of this release is stability.
Feature Improvements
* Added more dictionaries
* Dictionary files now MUST NOT be globally writable.
* Configuration files now MUST NOT be globally writable.
* Be more aggressive about freeing memory on clean exit.
* Updated rlm_python.
* Added another experimental SQL IP Pool module
Bug Fixes
* Corrected base64 decoding in rlm_pap
* Don't retransmit accounting packets. The NAS should do this.
* Handle Client-Error in EAP-SIM. (Closes #419)
* Port OpenSSL locking fixes from CVS head. This makes PEAP more stable on i
some systems.
* Require Message-Authenticator in Status-Server packets.
* Correct Tunnel-Medium-Type VALUEs in dictionary.rfc2868.
* Increase buffer size for dynamic expansion, which allows longer SQL queries.
(Closes #405)
* Use correct line number when there's a parse error in one of the
configuration sections. (Closes #421)
* Terminate SSL sessions in EAP on error, rather than continuing in some cases.
* Increase buffer size to allow parsing of long octet strings,
* Fix string termination on xlat in rlm_perl.
|
|
Patch provided by Sergey Svishchev in private mail.
|
|
* Major enhancements to rlm_pap, that make "encryption_scheme"
a think of the past. See "man rlm_pap" for details.
* Added SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS flag to use
work-arounds that enable Windows Vista clients to work.
* Added preliminary code to support Firebird.
Use at your own risk!
* Send MS-CHAP2-Success, which makes EAP-TTLS/MSCHAP work on more
platforms.
* Add a new "reply-name" directive in rlm_sqlcounter to define the
name of the reply attribute.
* Added more dictionaries and attributes
* Print ntlm_auth failure reason in Module-Failure-Message
* radsqlrelay is able to get the DB password from a file instead
of command line.
Bug fixes
* Fix a parse error in the digest module, where malformed
digest requests would result in the user being accepted. Oops...
* VALUEs can only be defined for 'integer', to catch mistakes
with setting VALUEs for type 'string'.
* Better parsing of VALUE names, so that values starting with
a digit work correctly.
* Check return from malloc
* Fix a double free() in rlm_eap_tls.c
* Check return code of malloc() during initialization.
* Fix a corner case where the proxy port isn't set either in
radiusd.conf or in proxy.conf.
|
|
|
|
This version has been released to fix build issues in 1.1.2. The build
tools (autoconf, libtool, libltld) have been upgraded to a recent version,
and the server now builds "out of the box" on more platforms. Other fixes
include:
* More dictionary updates
* Oracle support for radsqlrelay
* Security and portability fixes to rlm_otp
* Experimental module to store IP's in an SQL table.
* Miscellaneous bug fixes
|
|
|
|
PAM support.
From discussions with John Nemeth.
|
|
bump to nb2
|
|
Fix mySQL PLIST
Fix all PLISTs to avoid a nightmare when the nb number is changed
Bump to nb1
|
|
* Updated dictionaries (as always),
* Extended Ascend "abinary" support for Juniper,
* Configurable "cipher_list" for EAP methods that use TLS,
* Additional checks on cert issuer validation for EAP methods that use TLS,
* SQL IODBC bug fixes,
* Updates to the LDAP module,
* Better catching of errors in the config files,
* Miscellaneous other fixes
In addition to this add an extra option to options.mk which is
"freeradius-simul-use". This will enable Simultaneous-Use and is
enabled by default. If you disable it freeradius can be built without
depending on the net-snmp package. Original idea from John Nemeth.
|
|
Add kerberos support - Patch from Kevin Sullivan in PR #33732
Bump to nb4
|
|
set OVERRIDE_DIRDEPTH to find any libtool scripts deeper in the WRKSRC
tree unless they're named something other than "libtool".
SHLIBTOOL_OVERRIDE generally doesn't need to be specified either -- just
define it to the empty list and shlibtool-override will look for libtool
scripts.
|
|
packages. Convert LDAP-based applications to depend on openldap-client, and
bump PKGREVISION for those that depend on it by default.
|
|
Bump revision.
|
|
RECOMMENDED is removed. It becomes ABI_DEPENDS.
BUILDLINK_RECOMMENDED.foo becomes BUILDLINK_ABI_DEPENDS.foo.
BUILDLINK_DEPENDS.foo becomes BUILDLINK_API_DEPENDS.foo.
BUILDLINK_DEPENDS does not change.
IGNORE_RECOMMENDED (which defaulted to "no") becomes USE_ABI_DEPENDS
which defaults to "yes".
Added to obsolete.mk checking for IGNORE_RECOMMENDED.
I did not manually go through and fix any aesthetic tab/spacing issues.
I have tested the above patch on DragonFly building and packaging
subversion and pkglint and their many dependencies.
I have also tested USE_ABI_DEPENDS=no on my NetBSD workstation (where I
have used IGNORE_RECOMMENDED for a long time). I have been an active user
of IGNORE_RECOMMENDED since it was available.
As suggested, I removed the documentation sentences suggesting bumping for
"security" issues.
As discussed on tech-pkg.
I will commit to revbump, pkglint, pkg_install, createbuildlink separately.
Note that if you use wip, it will fail! I will commit to pkgsrc-wip
later (within day).
|