From 130a0e80567b90af0ee2d9057035e2890b698a76 Mon Sep 17 00:00:00 2001 From: kim Date: Mon, 22 Mar 1999 03:15:09 +0000 Subject: Merit AAA RADIUS server --- net/radius/Makefile | 69 ++++++++++++++++++++++++++++++++ net/radius/files/md5 | 6 +++ net/radius/patches/patch-aa | 95 +++++++++++++++++++++++++++++++++++++++++++++ net/radius/patches/patch-ab | 12 ++++++ net/radius/patches/patch-ac | 13 +++++++ net/radius/patches/patch-ad | 30 ++++++++++++++ net/radius/pkg/COMMENT | 1 + net/radius/pkg/DESCR | 5 +++ net/radius/pkg/PLIST | 27 +++++++++++++ 9 files changed, 258 insertions(+) create mode 100644 net/radius/Makefile create mode 100644 net/radius/files/md5 create mode 100644 net/radius/patches/patch-aa create mode 100644 net/radius/patches/patch-ab create mode 100644 net/radius/patches/patch-ac create mode 100644 net/radius/patches/patch-ad create mode 100644 net/radius/pkg/COMMENT create mode 100644 net/radius/pkg/DESCR create mode 100644 net/radius/pkg/PLIST (limited to 'net/radius') diff --git a/net/radius/Makefile b/net/radius/Makefile new file mode 100644 index 00000000000..11502b9e90a --- /dev/null +++ b/net/radius/Makefile @@ -0,0 +1,69 @@ +# $NetBSD: Makefile,v 1.1.1.1 1999/03/22 03:15:09 kim Exp $ +# + +DISTNAME= radius-3.6B +CATEGORIES= net +MASTER_SITES= ftp://ftp.merit.edu/radius/releases/ \ + http://www.mr.net/~bradley/radius/ +DISTFILES= ${EXTRACT_ONLY} ${EXTRA_FILES} + +MAINTAINER= kim@tac.nyc.ny.us +HOMEPAGE= http://www.merit.edu/aaa/ + +EXTRACT_ONLY= radius.3.6B.basic.tar.gz \ + radius.3.6B-skey.tar.gz +EXTRA_FILES= radius.3.6B-ftp.tar \ + radius.3.6B-simultd.tar + +DIST_SUBDIR= radius +NO_WRKSUBDIR= yes + +.include "../../mk/bsd.prefs.mk" + +.ifmake do-build +.if exists(/usr/lib/libkrb.a) && \ + (defined(MAKE_EBONES) || defined(MAKE_KERBEROS4)) +CFLAGS+= -DM_KERB -I/usr/include/kerberosIV +RADLIBS= -lkrb -ldes +.endif +.endif + +post-extract: + @cd ${WRKSRC} ; \ + for i in ${EXTRA_FILES} ; \ + do \ + ${GTAR} -xf ${_DISTDIR}/$${i} ; \ + done + +pre-patch: + @cd ${WRKSRC} ; \ + ${PATCH} -sp < prediff.diff ; \ + for i in ftp simult skey ; \ + do \ + ${PATCH} -sp < rad.$${i}.diff ; \ + done + +EXAMPLE_DIR= ${PREFIX}/share/examples/radius + +do-install: + @cd ${WRKSRC} ; \ + ${MAKE} man-install ; \ + ${MAKE} install ; \ + ${MAKE} util-install ; \ + ${MKDIR} ${EXAMPLE_DIR} ; \ + ${MAKE} config-install RADDB_INSDIR=${EXAMPLE_DIR} + +.include "../../mk/bsd.pkg.mk" + +.ifmake do-build +CFLAGS+= -DHAVE_SETVBUF -DNOSHADOW + +MAKE_ENV+= RADLIBS="${RADLIBS} -lskey" +MAKE_ENV+= LIBS=-lcrypt + +MAKE_ENV+= GNUZIP="`${ECHO} ${GZIP_CMD} | ${AWK} '{print $$1}'`" +.endif + +.ifmake do-install +MAKE_ENV+= INSTALL="${INSTALL} -c" +.endif diff --git a/net/radius/files/md5 b/net/radius/files/md5 new file mode 100644 index 00000000000..5dcfa132940 --- /dev/null +++ b/net/radius/files/md5 @@ -0,0 +1,6 @@ +$NetBSD: md5,v 1.1.1.1 1999/03/22 03:15:09 kim Exp $ + +MD5 (radius/radius.3.6B.basic.tar.gz) = 13dcc8f99cf4fa3cc421c47aaf48172b +MD5 (radius/radius.3.6B-skey.tar.gz) = ed6b2e786e0597521e393377a383cf8d +MD5 (radius/radius.3.6B-ftp.tar) = 76b8069c7a0ec8df10c5ade7109de73d +MD5 (radius/radius.3.6B-simultd.tar) = 0b521c76f16d5a8558a7e555f795b6b1 diff --git a/net/radius/patches/patch-aa b/net/radius/patches/patch-aa new file mode 100644 index 00000000000..6ae0a9fa6e6 --- /dev/null +++ b/net/radius/patches/patch-aa @@ -0,0 +1,95 @@ +$NetBSD: patch-aa,v 1.1.1.1 1999/03/22 03:15:09 kim Exp $ + +--- Makefile.orig Sun Mar 21 19:50:53 1999 ++++ Makefile Sun Mar 21 19:51:44 1999 +@@ -51,11 +51,11 @@ + # Where the configuration files live. + RADDB = ./raddb + # Some installation stuff. +-DAEMON_INSDIR = /usr/private/etc +-BIN_INSDIR = /usr/private/etc +-MAN_INSDIR = /usr/local/man +-RADDB_INSDIR = /usr/private/etc/raddb.new +-RADACCT_INSDIR = /usr/private/etc/radacct ++DAEMON_INSDIR = ${PREFIX}/sbin ++BIN_INSDIR = ${PREFIX}/sbin ++MAN_INSDIR = ${PREFIX}/man ++RADDB_INSDIR = /etc/raddb ++RADACCT_INSDIR = /var/log + # The server does not need to be owned by root, unless some shadow password + # scheme needs it. You might create a user id "radius" for just this purpose. + # The O G and M macros are for AIX, OSF/1 and HP-UX, see below. +@@ -63,12 +63,12 @@ + G = -g + M = -m + RADOWN = root +-RADGRP = bin ++RADGRP = wheel + + # Define COMPRESS to hold the pathname of your favourite compress program if + # you need to override the default value of /usr/ucb/compress: +-#COMPRESS = -DRAD_COMPRESS=\"/usr/local/bin/gzip\" +-#COMPRESS_ARGS = -DCOMPRESS_ARGS=\"-9\" ++COMPRESS = -DRAD_COMPRESS=\"${GNUZIP}\" ++COMPRESS_ARGS = -DCOMPRESS_ARGS=\"-nf9\" + + # Define SRV to hold any combination of server names you'd like to override: + #SRV3 = -DDEFAULT_TACACS_SERVER=\"vms.dns.name\" +@@ -90,13 +90,13 @@ + # -DBINARY_FILTERS - support for Ascend binary filters + # -DIP_ADDR_POOL - support for Ascend IP address pools + # +-ASCEND = -DASCEND -DBINARY_FILTERS ++ASCEND = -DASCEND -DBINARY_FILTERS -DIP_ADDR_POOL + + # Define USR_CCA to enable USR support: + #USR = -DUSR_CCA + + # Define RAD_LOG_FMT to change how the logfile name changes: +-RAD_LOG_FMT = -DRADIUS_LOG_FMT=\"logfile.%y%m%d\" ++RAD_LOG_FMT = -DRADIUS_LOG_FMT=\"radius\" + + STUFF = $(DIRS) $(SRV) $(COMPRESS) $(COMPRESS_ARGS) $(CHK_SHELLS) \ + $(ASCEND) $(USR) +@@ -122,10 +122,10 @@ + # radiusd -- the default + # + #-------------------------------------------------------------------------- +-DEFS = -DHAVE_SETVBUF -DNOSHADOW $(MERIT) $(STUFF) \ ++#DEFS = -DHAVE_SETVBUF -DNOSHADOW $(MERIT) $(STUFF) \ + # end local defs additions +-RADLIBS = ./logdaemon-5.6/skey/libskey.a +-INCS = -I./logdaemon-5.6/skey ++#RADLIBS = ./logdaemon-5.6/skey/libskey.a ++#INCS = -I./logdaemon-5.6/skey + + # + # mkerb +@@ -237,12 +237,12 @@ + # + #-------------------------------------------------------------------------- + +-CC = cc +-CFLAGS = -g $(DEFS) $(INCS) +-LDFLAGS = +-LIBS = +-RANLIB = ranlib +-INSTALL = /bin/install ++#CC = cc ++#CFLAGS = -g $(DEFS) $(INCS) ++#LDFLAGS = ++#LIBS = ++#RANLIB = ranlib ++#INSTALL = /bin/install + + # + # Solaris 2.x [[NB: if BIND/named not SMCC, try CFLAGS = ... -DBSD=1 ...]] +@@ -438,6 +438,8 @@ + #INSTALL = /bin/install + + # You must un-comment one, and only one, of the above sections! ++ ++CFLAGS+= ${MERIT} ${STUFF} + + # No modifications are necessary below this line except possibly near line 500. + diff --git a/net/radius/patches/patch-ab b/net/radius/patches/patch-ab new file mode 100644 index 00000000000..d1a09a14d06 --- /dev/null +++ b/net/radius/patches/patch-ab @@ -0,0 +1,12 @@ +$NetBSD: patch-ab,v 1.1.1.1 1999/03/22 03:15:09 kim Exp $ + +--- src/mit_stringtokey.c.orig Tue May 12 15:37:17 1998 ++++ src/mit_stringtokey.c Fri Mar 19 21:14:12 1999 +@@ -63,7 +63,6 @@ + register char *p_char; + static char k_char[64]; + static des_key_schedule key_sked; +- extern unsigned long des_cbc_cksum (); + + in_str = str; + forward = 1; diff --git a/net/radius/patches/patch-ac b/net/radius/patches/patch-ac new file mode 100644 index 00000000000..a45429edc5e --- /dev/null +++ b/net/radius/patches/patch-ac @@ -0,0 +1,13 @@ +$NetBSD: patch-ac,v 1.1.1.1 1999/03/22 03:15:09 kim Exp $ + +--- src/rad.ftp.c.orig Sat Oct 10 16:17:47 1998 ++++ src/rad.ftp.c Sun Mar 21 19:56:35 1999 +@@ -3,6 +3,8 @@ + + /* this file still needs to be proof-read for cross-platform compatibility */ + ++#include ++ + /* used by ???*/ + #include + diff --git a/net/radius/patches/patch-ad b/net/radius/patches/patch-ad new file mode 100644 index 00000000000..91cd7d05ca3 --- /dev/null +++ b/net/radius/patches/patch-ad @@ -0,0 +1,30 @@ +$NetBSD: patch-ad,v 1.1.1.1 1999/03/22 03:15:09 kim Exp $ + +--- src/rad.skey.c.orig Sat Oct 10 16:18:08 1998 ++++ src/rad.skey.c Sun Mar 21 21:26:32 1999 +@@ -75,11 +75,15 @@ + *ptr = NULL; + } + ++#ifndef __NetBSD__ + /* Check if this user has valid SKEY information and get the challenge. */ + if (skeyinfo(&skey, username, challenge) == 0) + { + /* position the pointer in the key for verification */ + if (skeylookup (&skey, username) != 0) ++#else ++ if (skeychallenge (&skey, username, challenge, sizeof(challenge)) != 0) ++#endif + { + dprintf(2, (LOG_DAEMON, LOG_DEBUG, "%s: skeylookup failed.", func)); + return EV_NAK; +@@ -92,7 +96,9 @@ + } + reply_sprintf (0, authreq, "%s", challenge); + return EV_NAK; ++#ifndef __NetBSD__ + } + /* The user has no SKEY information. Just NAK */ + return EV_NAK; ++#endif + } diff --git a/net/radius/pkg/COMMENT b/net/radius/pkg/COMMENT new file mode 100644 index 00000000000..6ff70ae0904 --- /dev/null +++ b/net/radius/pkg/COMMENT @@ -0,0 +1 @@ +a standard authentication protocol server diff --git a/net/radius/pkg/DESCR b/net/radius/pkg/DESCR new file mode 100644 index 00000000000..95c258ab9b1 --- /dev/null +++ b/net/radius/pkg/DESCR @@ -0,0 +1,5 @@ +RADIUS is a standard authentication protocol. The Merit AAA Server is +an enhanced version which adds proxying using realms. This package also +includes enhancements by MR.NET for supporting S/Key passwords, proxying +requests to an FTP server, restricting the number of simultaneous logins +for any given account, and for defaulting the authentication realm. diff --git a/net/radius/pkg/PLIST b/net/radius/pkg/PLIST new file mode 100644 index 00000000000..90a6290420a --- /dev/null +++ b/net/radius/pkg/PLIST @@ -0,0 +1,27 @@ +@comment $NetBSD: PLIST,v 1.1.1.1 1999/03/22 03:15:09 kim Exp $ +man/man5/authfile.5 +man/man5/clients.5 +man/man5/dictionary.5 +man/man5/engine.config.5 +man/man5/radius.fsm.5 +man/man5/users.5 +man/man5/vendors.5 +man/man8/builddbm.8 +man/man8/dnscheck.8 +man/man8/radcheck.8 +man/man8/radiusd.8 +man/man8/radpwtst.8 +sbin/dnscheck +sbin/radcheck +sbin/radiusd +sbin/radpass +sbin/radpwtst +share/examples/radius/authfile +share/examples/radius/clients +share/examples/radius/conversion.pl +share/examples/radius/dictionary +share/examples/radius/engine.config +share/examples/radius/users +share/examples/radius/vendors +share/examples/radius/xas.fsm +@dirrm share/examples/radius -- cgit v1.2.3