Merge pull request #11129 from Robby-/openwrt-19.07-freeradius3_update_3_0_20

[19.07] freeradius3: Update to 3.0.20
2020-01-26 10:48:13 -08:00 · 2020-01-26 10:48:13 -08:00 · 045e54e6b6
commit 045e54e6b6
parent 885c9ed6cb b3c1a67ff1
2 changed files with 17 additions and 17 deletions
--- a/net/freeradius3/Makefile
+++ b/net/freeradius3/Makefile
@ -1,5 +1,5 @@
 #
-# Copyright (C) 2008-2016 OpenWrt.org
+# Copyright (C) 2008-2020 OpenWrt.org
 #
 # This is free software, licensed under the GNU General Public License v2.
 # See /LICENSE for more information.
@ -8,12 +8,12 @@
 include $(TOPDIR)/rules.mk

 PKG_NAME:=freeradius3
-PKG_VERSION:=release_3_0_19
-PKG_RELEASE:=2
+PKG_VERSION:=release_3_0_20
+PKG_RELEASE:=1

 PKG_SOURCE:=$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=https://github.com/FreeRADIUS/freeradius-server/archive
-PKG_HASH:=34c50ac47a683b13eae1a02f2d0263c0bd51a83f01b99c02c5fe25df07a1ee77
+PKG_HASH:=8177fe550af6685a040884dbe3df28431bdc5a8d3a48a9f4f88bdb49f2d0e90c

 PKG_MAINTAINER:=
 PKG_LICENSE:=GPL-2.0
--- a/net/freeradius3/patches/002-disable-session-cache-CVE-2017-9148.patch
+++ b/net/freeradius3/patches/002-disable-session-cache-CVE-2017-9148.patch
@ -3,22 +3,13 @@ Description: disable session caching in the server (as opposed to in the
 https://security-tracker.debian.org/tracker/CVE-2017-9148
 Author: Michael Stapelberg <stapelberg@debian.org>
 Forwarded: not-needed
-Last-Update: 2017-05-30
+Last-Update: 2020-01-24

 ---

 --- a/src/main/tls.c
 +++ b/src/main/tls.c
-@@ -594,7 +594,7 @@ tls_session_t *tls_new_session(TALLOC_CT
- 	 *
- 	 *	FIXME: Also do it every N sessions?
- 	 */
-	if (conf->session_cache_enable &&
-+	if (/*conf->session_cache_enable*/0 &&
- 	    ((conf->session_last_flushed + ((int)conf->session_timeout * 1800)) <= request->timestamp)){
- 		RDEBUG2("Flushing SSL sessions (of #%ld)", SSL_CTX_sess_number(conf->ctx));
- 
-@@ -689,7 +689,7 @@ tls_session_t *tls_new_session(TALLOC_CT
+@@ -675,7 +675,7 @@ tls_session_t *tls_new_session(TALLOC_CTX *ctx, fr_tls_server_conf_t *conf, REQU
 		state->mtu = vp->vp_integer;
 	}
 
@ -27,7 +18,7 @@ Last-Update: 2017-05-30
 
 	return state;
 }
-@@ -3277,7 +3277,7 @@ post_ca:
+@@ -3292,7 +3292,7 @@ post_ca:
 	/*
 	 *	Callbacks, etc. for session resumption.
 	 */
@ -36,7 +27,7 @@ Last-Update: 2017-05-30
 		/*
 		 *	Cache sessions on disk if requested.
 		 */
-@@ -3347,7 +3347,7 @@ post_ca:
+@@ -3362,7 +3362,7 @@ post_ca:
 	/*
 	 *	Setup session caching
 	 */
@ -45,3 +36,12 @@ Last-Update: 2017-05-30
 		/*
 		 *	Create a unique context Id per EAP-TLS configuration.
 		 */
+@@ -3531,7 +3531,7 @@ fr_tls_server_conf_t *tls_server_conf_parse(CONF_SECTION *cs)
+ 		goto error;
+ 	}
+ 
+-	if (conf->session_cache_enable) {
+	if (/*conf->session_cache_enable*/0) {
+ 		CONF_SECTION	*subcs;
+ 		CONF_ITEM	*ci;
+