From 491f4fd604181efbb3a75c26ed9068f60ae4bde5 Mon Sep 17 00:00:00 2001 From: adrianp Date: Sat, 9 Jul 2005 17:25:00 +0000 Subject: - Update to freeradius 1.0.4 - The security issues mentioned in this update were incorporated into patch-ak previously and a security advisory was already made in regards to this. > FreeRADIUS 1.0.4 ; Date: 2005/06/11 22:46:52, urgency=medium > > * Fix installation problem. > * Increase a buffer size, so radrelay doesn't truncate values. > * Updates in the documentation. Patches from Thor Spruyt. > > FreeRADIUS 1.0.3 ; Date: 2005/06/03 17:15:11, urgency=high > Security Fixes > * Always escape the strings in the SQL module. > * Check buffer bound when input character needs escaping in > the SQL module. Bug found by Primoz Bratanic. > > Bug fixes > * Return EAP-Fail in Access-Reject, rather than an empty Access-Reject > * Don't send Proxy-State from home server in TTLS. > * Fixes for forking external programs, so the server doesn't > suddenly stop processing requests, or stop forking programs. > * radzap now works, but it's command-line options have changed > completely, and it's a shell script. > * radwho has updated command-line options, and no longer reads > Unix "utmp" files. > * Fix bug in calling checkrad script with NAS port > 9999999 > * Fix long-standing bug when both crypt and pthreads are in use > * Don't SEGV when rlm_sql gets 'NULL' value from request. > * Re-arrange code in radrelay to not duplicate accounting packets. > * In rlm_attr_rewrite, change the value when the attribute type > is different from string. --- net/freeradius/Makefile | 6 +-- net/freeradius/PLIST | 3 +- net/freeradius/distinfo | 9 ++--- net/freeradius/patches/patch-ak | 90 ----------------------------------------- 4 files changed, 8 insertions(+), 100 deletions(-) delete mode 100644 net/freeradius/patches/patch-ak (limited to 'net/freeradius') diff --git a/net/freeradius/Makefile b/net/freeradius/Makefile index beed546cfbd..4b33a358a6d 100644 --- a/net/freeradius/Makefile +++ b/net/freeradius/Makefile @@ -1,7 +1,6 @@ -# $NetBSD: Makefile,v 1.29 2005/05/22 20:08:23 jlam Exp $ +# $NetBSD: Makefile,v 1.30 2005/07/09 17:25:00 adrianp Exp $ -DISTNAME= freeradius-1.0.2 -PKGREVISION= 2 +DISTNAME= freeradius-1.0.4 CATEGORIES= net MASTER_SITES= ftp://ftp.freeradius.org/pub/radius/ \ ftp://ftp.Awfulhak.org/pub/radius/ @@ -122,7 +121,6 @@ post-install: . for f in ${EGFILES} ${INSTALL_DATA} ${WRKSRC}/raddb/${f} ${EGDIR}/${f} . endfor -. undef f @${MKDIR} ${PKG_SYSCONFDIR}/certs @${MKDIR} ${PKG_SYSCONFDIR}/certs/demoCA diff --git a/net/freeradius/PLIST b/net/freeradius/PLIST index 8c71dde3cf2..d925b4b76ea 100644 --- a/net/freeradius/PLIST +++ b/net/freeradius/PLIST @@ -1,4 +1,4 @@ -@comment $NetBSD: PLIST,v 1.8 2005/05/02 20:34:02 reed Exp $ +@comment $NetBSD: PLIST,v 1.9 2005/07/09 17:25:00 adrianp Exp $ bin/radclient bin/radeapclient bin/radlast @@ -369,6 +369,7 @@ share/freeradius/dictionary.foundry share/freeradius/dictionary.freeradius share/freeradius/dictionary.gandalf share/freeradius/dictionary.garderos +share/freeradius/dictionary.gemtek share/freeradius/dictionary.itk share/freeradius/dictionary.juniper share/freeradius/dictionary.karlnet diff --git a/net/freeradius/distinfo b/net/freeradius/distinfo index e906376846d..af3b4ecd173 100644 --- a/net/freeradius/distinfo +++ b/net/freeradius/distinfo @@ -1,9 +1,8 @@ -$NetBSD: distinfo,v 1.14 2005/05/18 21:58:45 adrianp Exp $ +$NetBSD: distinfo,v 1.15 2005/07/09 17:25:00 adrianp Exp $ -SHA1 (freeradius-1.0.2.tar.gz) = 5703fd8abb4f28c15d716bd1ec1e9cfe2e1e6c90 -RMD160 (freeradius-1.0.2.tar.gz) = 796da74e64da189d7d7520201c7c4139f9f478c4 -Size (freeradius-1.0.2.tar.gz) = 2208884 bytes +SHA1 (freeradius-1.0.4.tar.gz) = f0c877ae80592609ada4875cf1b472c7742720fb +RMD160 (freeradius-1.0.4.tar.gz) = b75a872ced9a461f3063f19d49546fc9ef86a225 +Size (freeradius-1.0.4.tar.gz) = 2209057 bytes SHA1 (patch-ae) = 0c1b6c79329f41c35e3a783e61cc205cb78a4773 SHA1 (patch-ai) = bb4dafd3f6b961403caa955c9a09c271468ada36 SHA1 (patch-aj) = 422c9dfbde08c26acf41a040c57508ab9725004e -SHA1 (patch-ak) = ad272be635d6b27e5b986c3e9a06ef85484c1230 diff --git a/net/freeradius/patches/patch-ak b/net/freeradius/patches/patch-ak deleted file mode 100644 index f5e80698007..00000000000 --- a/net/freeradius/patches/patch-ak +++ /dev/null @@ -1,90 +0,0 @@ -$NetBSD: patch-ak,v 1.3 2005/05/18 21:58:45 adrianp Exp $ - ---- src/modules/rlm_sql/rlm_sql.c.orig 2004-09-30 15:54:22.000000000 +0100 -+++ src/modules/rlm_sql/rlm_sql.c -@@ -158,6 +158,7 @@ static int rlm_sql_init(void) { - */ - static int sql_set_user(SQL_INST *inst, REQUEST *request, char *sqlusername, const char *username); - static int generate_sql_clients(SQL_INST *inst); -+static int sql_escape_func(char *out, int outlen, const char *in); - - /* - * sql xlat function. Right now only SELECTs are supported. Only -@@ -184,7 +185,7 @@ static int sql_xlat(void *instance, REQU - /* - * Do an xlat on the provided string (nice recursive operation). - */ -- if (!radius_xlat(querystr, sizeof(querystr), fmt, request, func)) { -+ if (!radius_xlat(querystr, sizeof(querystr), fmt, request, sql_escape_func)) { - radlog(L_ERR, "rlm_sql (%s): xlat failed.", - inst->config->xlat_name); - return 0; -@@ -409,18 +410,18 @@ static int sql_escape_func(char *out, in - - while (in[0]) { - /* -- * Only one byte left. -- */ -- if (outlen <= 1) { -- break; -- } -- -- /* - * Non-printable characters get replaced with their - * mime-encoded equivalents. - */ - if ((in[0] < 32) || - strchr(allowed_chars, *in) == NULL) { -+ /* -+ * Only 3 or less bytes available. -+ */ -+ if (outlen <= 3) { -+ break; -+ } -+ - snprintf(out, outlen, "=%02X", (unsigned char) in[0]); - in++; - out += 3; -@@ -430,7 +431,14 @@ static int sql_escape_func(char *out, in - } - - /* -- * Else it's a nice character. -+ * Only one byte left. -+ */ -+ if (outlen <= 1) { -+ break; -+ } -+ -+ /* -+ * Allowed character. - */ - *out = *in; - out++; -@@ -517,7 +525,7 @@ static int sql_groupcmp(void *instance, - */ - if (sql_set_user(inst, req, sqlusername, 0) < 0) - return 1; -- if (!radius_xlat(querystr, sizeof(querystr), inst->config->groupmemb_query, req, NULL)){ -+ if (!radius_xlat(querystr, sizeof(querystr), inst->config->groupmemb_query, req, sql_escape_func)){ - radlog(L_ERR, "rlm_sql (%s): xlat failed.", - inst->config->xlat_name); - /* Remove the username we (maybe) added above */ -@@ -1149,7 +1157,7 @@ static int rlm_sql_checksimul(void *inst - if(sql_set_user(inst, request, sqlusername, 0) <0) - return RLM_MODULE_FAIL; - -- radius_xlat(querystr, sizeof(querystr), inst->config->simul_count_query, request, NULL); -+ radius_xlat(querystr, sizeof(querystr), inst->config->simul_count_query, request, sql_escape_func); - - /* initialize the sql socket */ - sqlsocket = sql_get_socket(inst); -@@ -1193,7 +1201,7 @@ static int rlm_sql_checksimul(void *inst - return RLM_MODULE_OK; - } - -- radius_xlat(querystr, sizeof(querystr), inst->config->simul_verify_query, request, NULL); -+ radius_xlat(querystr, sizeof(querystr), inst->config->simul_verify_query, request, sql_escape_func); - if(rlm_sql_select_query(sqlsocket, inst, querystr)) { - radlog(L_ERR, "rlm_sql (%s): sql_checksimul: Database query error", inst->config->xlat_name); - sql_release_socket(inst, sqlsocket); -- cgit v1.2.3