Difuse/packages
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Merge pull request #19 from danwrt/master

Browse source 
Import freeradius2
This commit is contained in:
sbyx 2014-06-13 18:23:36 +02:00
commit 0909955da2
26 changed files with 6574 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

55
admin/debootstrap/Makefile Normal file
View file

@ -0,0 +1,55 @@
#
# Copyright (C) 2010 Gianluigi Tiesi <sherpya@netfarm.it>
# Copyright (C) 2011-2013 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
#
include $(TOPDIR)/rules.mk
PKG_NAME:=debootstrap
PKG_VERSION:=1.0.60~bpo70+1
PKG_RELEASE:=1
PKG_MAINTAINER=Daniel Golle <daniel@makrotopia.org>
PKG_SOURCE:=$(PKG_NAME)-udeb_$(PKG_VERSION)_all.udeb
PKG_SOURCE_URL:=http://ftp.debian.org/debian/pool/main/d/debootstrap
PKG_MD5SUM:=6d4e3b97981b9e0bb86f49d8edac91af
UNPACK_CMD=ar -p "$(DL_DIR)/$(PKG_SOURCE)" data.tar.xz | xzcat | tar -C $(1) -xf -
include $(INCLUDE_DIR)/package.mk
define Package/debootstrap
SECTION:=admin
CATEGORY:=Administration
TITLE:=Bootstrap a basic Debian system
URL:=http://wiki.debian.org/Debootstrap
DEPENDS:= +coreutils +coreutils-chroot +coreutils-sha1sum
endef
define Package/debootstrap/description
debootstrap is used to create a Debian base system from scratch, without
requiring the availability of dpkg or apt. It does this by downloading .deb
files from a mirror site, and carefully unpacking them into a directory which
can eventually be chrooted into.
endef
define Build/Compile
# file pkgdetails.c was imported from debian package base-installer version 1.130
$(TARGET_CC) $(TARGET_CFLAGS) $(TARGET_LDFLAGS) ./files/pkgdetails.c -o $(PKG_BUILD_DIR)/usr/share/debootstrap/pkgdetails
endef
define Package/debootstrap/install
$(INSTALL_DIR) $(1)/usr/sbin
$(INSTALL_BIN) $(PKG_BUILD_DIR)/usr/sbin/$(PKG_NAME) $(1)/usr/sbin
$(INSTALL_DIR) $(1)/usr/share/debootstrap
$(INSTALL_BIN) $(PKG_BUILD_DIR)/usr/share/debootstrap/pkgdetails $(1)/usr/share/debootstrap
$(INSTALL_DATA) $(PKG_BUILD_DIR)/usr/share/debootstrap/functions $(1)/usr/share/debootstrap
$(INSTALL_DATA) $(PKG_BUILD_DIR)/usr/share/debootstrap/devices.tar.gz $(1)/usr/share/debootstrap
$(INSTALL_DIR) $(1)/usr/share/debootstrap/scripts
$(INSTALL_DATA) $(PKG_BUILD_DIR)/usr/share/debootstrap/scripts/* $(1)/usr/share/debootstrap/scripts
endef
$(eval $(call BuildPackage,debootstrap))

347
admin/debootstrap/files/pkgdetails.c Normal file
View file

@ -0,0 +1,347 @@
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <ctype.h>
#include <stdarg.h>
#include <errno.h>
#define MAX_LINE 1000
#define MAX_PKGS 100
char *checksum_field=NULL;
static void oom_die(void)
{
fputs("Out of memory!\n", stderr);
exit(1);
}
static char *xvasprintf(const char *fmt, va_list ap) {
char *ret;
if (vasprintf (&ret, fmt, ap) < 0) {
if (errno == ENOMEM)
oom_die();
return NULL;
}
return ret;
}
static char *xasprintf(const char *fmt, ...) {
va_list ap;
char *ret;
va_start(ap, fmt);
ret = xvasprintf(fmt, ap);
va_end(ap);
return ret;
}
static char *fieldcpy(char *dst, char *fld) {
while (*fld && *fld != ':')
fld++;
if (!*(fld++))
return NULL;
while (isspace(*fld)) fld++;
return strcpy(dst, fld);
}
static void outputdeps(char *deps) {
char *pch = deps;
while (1) {
while (isspace(*pch)) pch++;
if (!*pch) break;
while (*pch && *pch != '(' && *pch != '|' && *pch != ','
&& !isspace(*pch))
{
fputc(*pch++, stdout);
}
fputc('\n', stdout);
while (*pch && *pch++ != ',') (void)NULL;
}
}
static void dogetdeps(char *pkgsfile, char **in_pkgs, int pkgc) {
char buf[MAX_LINE];
char cur_pkg[MAX_LINE];
char cur_deps[MAX_LINE];
char cur_predeps[MAX_LINE];
char prev_pkg[MAX_LINE];
char *pkgs[MAX_PKGS];
int i;
int skip;
FILE *f;
int output_pkg = -1;
cur_pkg[0] = cur_deps[0] = cur_predeps[0] = prev_pkg[0] = '\0';
for (i = 0; i < pkgc; i++) pkgs[i] = in_pkgs[i];
f = fopen(pkgsfile, "r");
if (f == NULL) {
perror(pkgsfile);
exit(1);
}
skip = 1;
while (fgets(buf, sizeof(buf), f)) {
if (*buf && buf[strlen(buf)-1] == '\n') buf[strlen(buf)-1] = '\0';
if (strncasecmp(buf, "Package:", 8) == 0) {
int any = 0;
skip = 1;
fieldcpy(cur_pkg, buf);
if (strcmp(cur_pkg, prev_pkg) != 0) {
if (output_pkg != -1)
pkgs[output_pkg] = NULL;
if (cur_deps[0])
outputdeps(cur_deps);
if (cur_predeps[0])
outputdeps(cur_predeps);
strcpy(prev_pkg, cur_pkg);
}
cur_deps[0] = cur_predeps[0] = '\0';
output_pkg = -1;
for (i = 0; i < pkgc; i++) {
if (!pkgs[i]) continue;
any = 1;
if (strcmp(cur_pkg, pkgs[i]) == 0) {
skip = 0;
output_pkg = i;
break;
}
}
if (!any) break;
} else if (!skip && strncasecmp(buf, "Depends:", 8) == 0)
fieldcpy(cur_deps, buf);
else if (!skip && strncasecmp(buf, "Pre-Depends:", 12) == 0)
fieldcpy(cur_predeps, buf);
}
if (cur_deps[0])
outputdeps(cur_deps);
if (cur_predeps[0])
outputdeps(cur_predeps);
fclose(f);
}
static void dopkgmirrorpkgs(int uniq, char *mirror, char *pkgsfile,
char *fieldname, char **in_pkgs, int pkgc)
{
char buf[MAX_LINE];
char cur_field[MAX_LINE];
char cur_pkg[MAX_LINE];
char cur_ver[MAX_LINE];
char cur_arch[MAX_LINE];
char cur_size[MAX_LINE];
char cur_checksum[MAX_LINE];
char cur_filename[MAX_LINE];
char prev_pkg[MAX_LINE];
char *pkgs[MAX_PKGS];
int i;
FILE *f;
char *output = NULL;
int output_pkg = -1;
cur_field[0] = cur_pkg[0] = cur_ver[0] = cur_arch[0] = cur_filename[0] = prev_pkg[0] = '\0';
for (i = 0; i < pkgc; i++) pkgs[i] = in_pkgs[i];
f = fopen(pkgsfile, "r");
if (f == NULL) {
perror(pkgsfile);
exit(1);
}
while (fgets(buf, sizeof(buf), f)) {
if (*buf && buf[strlen(buf)-1] == '\n') buf[strlen(buf)-1] = '\0';
if (strncasecmp(buf, fieldname, strlen(fieldname)) == 0) {
fieldcpy(cur_field, buf);
}
if (strncasecmp(buf, "Package:", 8) == 0) {
fieldcpy(cur_pkg, buf);
if (strcmp(cur_pkg, prev_pkg) != 0) {
if (output)
fputs(output, stdout);
if (uniq && output_pkg != -1)
pkgs[output_pkg] = NULL;
strcpy(prev_pkg, cur_pkg);
}
free(output);
output = NULL;
output_pkg = -1;
} else if (strncasecmp(buf, "Version:", 8) == 0) {
fieldcpy(cur_ver, buf);
} else if (strncasecmp(buf, "Architecture:", 13) == 0) {
fieldcpy(cur_arch, buf);
} else if (strncasecmp(buf, "Size:", 5) == 0) {
fieldcpy(cur_size, buf);
} else if (strncasecmp(buf, checksum_field, strlen(checksum_field)) == 0
&& buf[strlen(checksum_field)] == ':') {
fieldcpy(cur_checksum, buf);
} else if (strncasecmp(buf, "Filename:", 9) == 0) {
fieldcpy(cur_filename, buf);
} else if (!*buf) {
int any = 0;
for (i = 0; i < pkgc; i++) {
if (!pkgs[i]) continue;
any = 1;
if (strcmp(cur_field, pkgs[i]) == 0) {
free(output);
output = xasprintf("%s %s %s %s %s %s %s\n", cur_pkg, cur_ver, cur_arch, mirror, cur_filename, cur_checksum, cur_size);
output_pkg = i;
break;
}
}
if (!any) break;
cur_field[0] = '\0';
}
}
if (output)
fputs(output, stdout);
if (uniq && output_pkg != -1)
pkgs[output_pkg] = NULL;
fclose(f);
/* any that weren't found are returned as "pkg -" */
if (uniq) {
for (i = 0; i < pkgc; i++) {
if (pkgs[i]) {
printf("%s -\n", pkgs[i]);
}
}
}
}
static void dopkgstanzas(char *pkgsfile, char **pkgs, int pkgc)
{
char buf[MAX_LINE];
char *accum;
size_t accum_size = 0, accum_alloc = MAX_LINE * 2;
char cur_pkg[MAX_LINE];
FILE *f;
accum = malloc(accum_alloc);
if (!accum)
oom_die();
f = fopen(pkgsfile, "r");
if (f == NULL) {
perror(pkgsfile);
free(accum);
exit(1);
}
while (fgets(buf, sizeof(buf), f)) {
if (*buf) {
size_t len = strlen(buf);
if (accum_size + len + 1 > accum_alloc) {
accum_alloc = (accum_size + len + 1) * 2;
accum = realloc(accum, accum_alloc);
if (!accum)
oom_die();
}
strcpy(accum + accum_size, buf);
accum_size += len;
}
if (*buf && buf[strlen(buf)-1] == '\n') buf[strlen(buf)-1] = '\0';
if (strncasecmp(buf, "Package:", 8) == 0) {
fieldcpy(cur_pkg, buf);
} else if (!*buf) {
int i;
for (i = 0; i < pkgc; i++) {
if (!pkgs[i]) continue;
if (strcmp(cur_pkg, pkgs[i]) == 0) {
fputs(accum, stdout);
if (accum[accum_size - 1] != '\n')
fputs("\n\n", stdout);
else if (accum[accum_size - 2] != '\n')
fputc('\n', stdout);
break;
}
}
*accum = '\0';
accum_size = 0;
}
}
fclose(f);
free(accum);
}
static int dotranslatewgetpercent(int low, int high, int end, char *str) {
int ch;
int val, lastval;
/* print out anything that looks like a % on its own line, appropriately
* scaled */
lastval = val = 0;
while ( (ch = getchar()) != EOF ) {
if (isdigit(ch)) {
val *= 10; val += ch - '0';
} else if (ch == '%') {
float f = (float) val / 100.0 * (high - low) + low;
if (str) {
printf("P: %d %d %s\n", (int) f, end, str);
} else {
printf("P: %d %d\n", (int) f, end);
}
lastval = val;
} else {
val = 0;
}
}
return lastval == 100;
}
int main(int argc, char *argv[]) {
checksum_field=getenv("DEBOOTSTRAP_CHECKSUM_FIELD");
if (checksum_field == NULL) {
checksum_field="MD5sum";
}
if ((argc == 6 || argc == 5) && strcmp(argv[1], "WGET%") == 0) {
if (dotranslatewgetpercent(atoi(argv[2]), atoi(argv[3]),
atoi(argv[4]), argc == 6 ? argv[5] : NULL))
{
exit(0);
} else {
exit(1);
}
} else if (argc >= 4 && strcmp(argv[1], "GETDEPS") == 0) {
int i;
for (i = 3; argc - i > MAX_PKGS; i += MAX_PKGS) {
dogetdeps(argv[2], argv+i, MAX_PKGS);
}
dogetdeps(argv[2], argv+i, argc-i);
exit(0);
} else if (argc >= 5 && strcmp(argv[1], "PKGS") == 0) {
int i;
for (i = 4; argc - i > MAX_PKGS; i += MAX_PKGS) {
dopkgmirrorpkgs(1, argv[2], argv[3], "Package:", argv+i, MAX_PKGS);
}
dopkgmirrorpkgs(1, argv[2], argv[3], "Package:", argv+i, argc-i);
exit(0);
} else if (argc >= 6 && strcmp(argv[1], "FIELD") == 0) {
int i;
for (i = 5; argc - i > MAX_PKGS; i += MAX_PKGS) {
dopkgmirrorpkgs(0, argv[3], argv[4], argv[2], argv+i, MAX_PKGS);
}
dopkgmirrorpkgs(0, argv[3], argv[4], argv[2], argv+i, argc-i);
exit(0);
} else if (argc >= 4 && strcmp(argv[1], "STANZAS") == 0) {
int i;
for (i = 3; argc - i > MAX_PKGS; i += MAX_PKGS) {
dopkgstanzas(argv[2], argv+i, MAX_PKGS);
}
dopkgstanzas(argv[2], argv+i, argc-i);
exit(0);
} else {
fprintf(stderr, "usage: %s PKGS mirror packagesfile pkgs..\n", argv[0]);
fprintf(stderr, " or: %s FIELD field mirror packagesfile pkgs..\n",
argv[0]);
fprintf(stderr, " or: %s GETDEPS packagesfile pkgs..\n", argv[0]);
fprintf(stderr, " or: %s STANZAS packagesfile pkgs..\n", argv[0]);
fprintf(stderr, " or: %s WGET%% low high end reason\n", argv[0]);
exit(1);
}
}

11
admin/debootstrap/patches/100-busybox_fix.patch Normal file
View file

@ -0,0 +1,11 @@
--- a/usr/share/debootstrap/functions
+++ b/usr/share/debootstrap/functions
@@ -859,8 +859,6 @@ choose_extractor () {
if [ -n "$EXTRACTOR_OVERRIDE" ]; then
extractor="$EXTRACTOR_OVERRIDE"
- elif type dpkg-deb >/dev/null 2>&1; then
- extractor="dpkg-deb"
else
extractor="ar"
fi

59
libs/libowfat/Makefile Normal file
View file

@ -0,0 +1,59 @@
#
# Copyright (C) 2010-2014 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
#
include $(TOPDIR)/rules.mk
LOWFAT_VERSION=0.28
PKG_NAME:=libowfat
PKG_VERSION:=$(LOWFAT_VERSION)
PKG_RELEASE:=2
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
PKG_SOURCE_URL:=http://dl.fefe.de
PKG_MD5SUM:=6bbee9a86506419657d87123b7a6f2c1
PKG_MAINTAINER:=Daniel Golle <daniel@makrotopia.org>
include $(INCLUDE_DIR)/package.mk
# set to 1 to enable debugging
DEBUG=
define Package/libowfat
SECTION:=libs
CATEGORY:=Libraries
TITLE:=reimplemented libdjb under GPL
URL:=http://www.fefe.de/libowfat/
endef
define Build/Configure
endef
TARGET_CFLAGS += $(FPIC)
LOWFAT_MAKEOPTS = $(TARGET_CONFIGURE_OPTS) \
CFLAGS="$(TARGET_CFLAGS) -I$(PKG_BUILD_DIR) -I$(STAGING_DIR)/usr/include" \
DEBUG="$(DEBUG)" \
VERSION="$(LOWFAT_VERSION)" \
OS="Linux"
# work around a nasty gcc bug
ifneq ($(CONFIG_GCC_VERSION_4_2_4),)
LOWFAT_MAKEOPTS += WOPTS=""
endif
define Build/Compile
$(MAKE) -C $(PKG_BUILD_DIR) $(LOWFAT_MAKEOPTS)
endef
define Build/InstallDev
mkdir -p $(1)/usr/include/libowfat
$(CP) $(PKG_BUILD_DIR)/*.h $(1)/usr/include/libowfat
$(INSTALL_DIR) $(1)/usr/lib
$(CP) $(PKG_BUILD_DIR)/*.a $(1)/usr/lib
endef
$(eval $(call BuildPackage,libowfat))

14
net/freeradius2/Config.in Normal file
View file

@ -0,0 +1,14 @@
# FreeRADIUS avanced configuration
choice
prompt "SSL library"
default FREERADIUS_OPENSSL
depends on PACKAGE_freeradius2-common
config FREERADIUS_NOSSL
bool "No SSL support"
config FREERADIUS_OPENSSL
bool "OpenSSL"
endchoice

632
net/freeradius2/Makefile Normal file
View file

@ -0,0 +1,632 @@
#
# Copyright (C) 2008-2014 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
#
include $(TOPDIR)/rules.mk
PKG_NAME:=freeradius2
PKG_VERSION:=2.2.5
PKG_RELEASE:=1
PKG_SOURCE:=freeradius-server-$(PKG_VERSION).tar.bz2
PKG_SOURCE_URL:=ftp://ftp.freeradius.org/pub/freeradius/
PKG_MD5SUM:=40535bace507d7a3134c3d858f3cbc5a
PKG_MAINTAINER:=Daniel Golle <daniel@makrotopia.org>
PKG_BUILD_DIR:=$(BUILD_DIR)/freeradius-server-$(PKG_VERSION)
PKG_FIXUP:=autoreconf
PKG_CONFIG_DEPENDS := \
FREERADIUS_OPENSSL \
FREERADIUS_NOSSL
include $(INCLUDE_DIR)/package.mk
define Package/freeradius2/config
source "$(SOURCE)/Config.in"
endef
define Package/freeradius2/Default
SECTION:=net
CATEGORY:=Network
URL:=http://freeradius.org/
SUBMENU:=FreeRADIUS (version 2)
endef
define Package/freeradius2
$(call Package/freeradius2/Default)
DEPENDS:=+libltdl +libreadline +freeradius2-common
TITLE:=A flexible RADIUS server (version 2)
endef
define Package/freeradius2/conffiles
/etc/freeradius2/clients.conf
/etc/freeradius2/radiusd.conf
/etc/freeradius2/sites/default
endef
define Package/freeradius2-democerts
$(call Package/freeradius2/Default)
DEPENDS:=freeradius2
TITLE:=Demo certificates to test the server
endef
define Package/freeradius2-common
$(call Package/freeradius2/Default)
TITLE:=common files
DEPENDS:=+libpthread +FREERADIUS_OPENSSL:libopenssl
endef
define Package/freeradius2-mod-chap
$(call Package/freeradius2/Default)
DEPENDS:=freeradius2
TITLE:=CHAP module
endef
define Package/freeradius2-mod-chap/conffiles
/etc/freeradius2/modules/chap
endef
define Package/freeradius2-mod-detail
$(call Package/freeradius2/Default)
DEPENDS:=freeradius2
TITLE:=Detailed accounting module
endef
define Package/freeradius2-mod-detail/conffiles
/etc/freeradius2/modules/detail
endef
define Package/freeradius2-mod-eap
$(call Package/freeradius2/Default)
DEPENDS:=freeradius2
TITLE:=Base EAP module
endef
define Package/freeradius2-mod-eap/conffiles
/etc/freeradius2/eap.conf
endef
define Package/freeradius2-mod-eap-gtc
$(call Package/freeradius2/Default)
DEPENDS:=freeradius2-mod-eap
TITLE:=EAP/GTC module
endef
define Package/freeradius2-mod-eap-md5
$(call Package/freeradius2/Default)
DEPENDS:=freeradius2-mod-eap
TITLE:=EAP/MD5 module
endef
define Package/freeradius2-mod-eap-mschapv2
$(call Package/freeradius2/Default)
DEPENDS:=freeradius2-mod-eap +freeradius2-mod-mschap
TITLE:=EAP/MS-CHAPv2 module
endef
define Package/freeradius2-mod-eap-peap
$(call Package/freeradius2/Default)
DEPENDS:=freeradius2-mod-eap @FREERADIUS_OPENSSL
TITLE:=EAP/PEAP module
endef
define Package/freeradius2-mod-eap-tls
$(call Package/freeradius2/Default)
DEPENDS:=freeradius2-mod-eap @FREERADIUS_OPENSSL
TITLE:=EAP/TLS module
endef
define Package/freeradius2-mod-eap-ttls
$(call Package/freeradius2/Default)
DEPENDS:=freeradius2-mod-eap-tls
TITLE:=EAP/TTLS module
endef
define Package/freeradius2-mod-exec
$(call Package/freeradius2/Default)
DEPENDS:=freeradius2
TITLE:=EXEC module
endef
define Package/freeradius2-mod-exec/conffiles
/etc/freeradius2/modules/exec
endef
define Package/freeradius2-mod-expiration
$(call Package/freeradius2/Default)
DEPENDS:=freeradius2
TITLE:=Expiration module
endef
define Package/freeradius2-mod-expiration/conffiles
/etc/freeradius2/modules/expiration
endef
define Package/freeradius2-mod-always
$(call Package/freeradius2/Default)
DEPENDS:=freeradius2
TITLE:=Always module
endef
define Package/freeradius2-mod-always/conffiles
/etc/freeradius2/modules/always
endef
define Package/freeradius2-mod-expr
$(call Package/freeradius2/Default)
DEPENDS:=freeradius2
TITLE:=EXPR module
endef
define Package/freeradius2-mod-expr/conffiles
/etc/freeradius2/modules/expr
endef
define Package/freeradius2-mod-attr-filter
$(call Package/freeradius2/Default)
DEPENDS:=freeradius2
TITLE:=ATTR filter module
endef
define Package/freeradius2-mod-attr-filter/conffiles
/etc/freeradius2/modules/attr_filter
/etc/freeradius2/attrs
/etc/freeradius2/attrs.access_reject
/etc/freeradius2/attrs.accounting_response
/etc/freeradius2/attrs.pre-proxy
endef
define Package/freeradius2-mod-attr-rewrite
$(call Package/freeradius2/Default)
DEPENDS:=freeradius2
TITLE:=ATTR rewrite module
endef
define Package/freeradius2-mod-attr-rewrite/conffiles
/etc/freeradius2/modules/attr_rewrite
endef
define Package/freeradius2-mod-files
$(call Package/freeradius2/Default)
DEPENDS:=freeradius2
TITLE:=Module using local files for authorization
endef
define Package/freeradius2-mod-files/conffiles
/etc/freeradius2/acct_users
/etc/freeradius2/preproxy_users
/etc/freeradius2/users
/etc/freeradius2/modules/files
endef
define Package/freeradius2-mod-passwd
$(call Package/freeradius2/Default)
DEPENDS:=freeradius2
TITLE:=Rlm passwd module
endef
define Package/freeradius2-mod-passwd/conffiles
/etc/freeradius2/modules/passwd
endef
define Package/freeradius2-mod-ldap
$(call Package/freeradius2/Default)
DEPENDS:=freeradius2 +PACKAGE_freeradius2-mod-ldap:libopenldap
TITLE:=LDAP module
endef
define Package/freeradius2-mod-ldap/conffiles
/etc/freeradius2/ldap.attrmap
/etc/freeradius2/modules/ldap
endef
define Package/freeradius2-mod-logintime
$(call Package/freeradius2/Default)
DEPENDS:=freeradius2
TITLE:=Logintime module
endef
define Package/freeradius2-mod-logintime/conffiles
/etc/freeradius2/modules/logintime
endef
define Package/freeradius2-mod-mschap
$(call Package/freeradius2/Default)
DEPENDS:=freeradius2
TITLE:=MS-CHAP and MS-CHAPv2 module
endef
define Package/freeradius2-mod-mschap/conffiles
/etc/freeradius2/modules/mschap
endef
define Package/freeradius2-mod-pap
$(call Package/freeradius2/Default)
DEPENDS:=freeradius2
TITLE:=PAP module
endef
define Package/freeradius2-mod-pap/conffiles
/etc/freeradius2/modules/pap
endef
define Package/freeradius2-mod-preprocess
$(call Package/freeradius2/Default)
DEPENDS:=freeradius2
TITLE:=Request pre-processing module
endef
define Package/freeradius2-mod-preprocess/conffiles
/etc/freeradius2/hints
/etc/freeradius2/huntgroups
/etc/freeradius2/modules/preprocess
endef
define Package/freeradius2-mod-realm
$(call Package/freeradius2/Default)
DEPENDS:=freeradius2
TITLE:=Realms handling module
endef
define Package/freeradius2-mod-realm/conffiles
/etc/freeradius2/proxy.conf
/etc/freeradius2/modules/realm
endef
define Package/freeradius2-mod-sql
$(call Package/freeradius2/Default)
DEPENDS:=freeradius2
TITLE:=Base SQL module
endef
define Package/freeradius2-mod-sql/conffiles
/etc/freeradius2/sql.conf
endef
define Package/freeradius2-mod-sql-mysql
$(call Package/freeradius2/Default)
DEPENDS:=freeradius2-mod-sql \
+PACKAGE_freeradius2-mod-sql-mysql:libmysqlclient-r
TITLE:=MySQL module
endef
define Package/freeradius2-mod-sql-pgsql
$(call Package/freeradius2/Default)
DEPENDS:=freeradius2-mod-sql \
+PACKAGE_freeradius2-mod-sql-pgsql:libpq
TITLE:=PostgreSQL module
endef
define Package/freeradius2-mod-sql-sqlite
$(call Package/freeradius2/Default)
DEPENDS:=freeradius2-mod-sql \
+PACKAGE_freeradius2-mod-sql-sqlite:libsqlite3
TITLE:=SQLite module
endef
define Package/freeradius2-mod-sqlcounter
$(call Package/freeradius2/Default)
DEPENDS:=freeradius2-mod-sql
TITLE:=Generic SQL Counter module
endef
define Package/freeradius2-mod-radutmp
$(call Package/freeradius2/Default)
DEPENDS:=freeradius2
TITLE:=Radius UTMP module
endef
define Package/freeradius2-mod-radutmp/conffiles
/etc/freeradius2/modules/radutmp
/etc/freeradius2/modules/sradutmp
endef
define Package/freeradius2-utils
$(call Package/freeradius2/Default)
DEPENDS:=+freeradius2-common
TITLE:=Misc. client utilities
endef
define Package/freeradius2-mod-sqllog
$(call Package/freeradius2/Default)
DEPENDS:=freeradius2
TITLE:=SQL Logging module
endef
CONFIGURE_ARGS+= \
--libdir=/usr/lib/freeradius2 \
--libexecdir=/usr/lib/freeradius2 \
--enable-shared \
--disable-static \
--disable-developer \
--with-threads \
$(if $(CONFIG_FREERADIUS_OPENSSL),--with,--without)-openssl \
$(if $(CONFIG_FREERADIUS_OPENSSL),--with-openssl-includes="$(STAGING_DIR)/usr/include",) \
$(if $(CONFIG_FREERADIUS_OPENSSL),--with-openssl-libraries="$(STAGING_DIR)/usr/lib",) \
--with-system-libtool \
--with-system-libltdl \
--enable-strict-dependencies \
--with-raddbdir=/etc/freeradius2 \
--with-radacctdir=/var/db/radacct \
--with-logdir=/var/log \
--without-edir \
--without-snmp \
--without-rlm_checkval \
--without-rlm_dbm \
--without-rlm_counter \
--with-rlm_expr \
--with-rlm_eap \
--without-rlm_eap_sim \
--without-rlm_example \
--without-rlm_ippool \
--without-rlm_krb5 \
--without-rlm_otp \
--without-rlm_smsotp \
--without-rlm_pam \
--without-rlm_perl \
--without-rlm_python \
--without-rlm_smb \
--with-rlm_sql \
--with-rlm_sqlcounter \
--without-rlm_sqlhpwippool \
--without-rlm_sqlippool \
--without-rlm_sql_db2 \
--without-rlm_sql_firebird \
--without-rlm_sql_freetds \
--without-rlm_sql_iodbc \
--without-rlm_sql_oracle \
--without-rlm_sql_sybase \
--without-rlm_sql_unixodbc \
--without-rlm_sql_log \
--without-rlm_unix \
--without-rlm_eap_tnc \
--without-rlm_eap_ikev2 \
--without-rlm_opendirectory \
--without-rlm_wimax \
--without-rlm_ruby \
--without-rlm_caching \
--without-rlm_redis \
--without-rlm_rediswho \
--without-rlm_soh \
--without-rlm_sim \
--without-rlm_replicate \
--without-rlm_protocol_filter \
--without-rlm_policy \
--without-rlm_linelog \
--without-rlm_jradius \
--without-rlm_fastusers \
--without-rlm_eap_leap \
--without-rlm_dynamic_clients \
--without-rlm_digest \
--without-rlm_cram \
--without-rlm_copy_packet \
--without-rlm_acct_unique \
--without-rlm_acctlog
PKG_DICTIONARIES:= \
freeradius freeradius.internal \
rfc2865 rfc2866 rfc2867 rfc2868 rfc2869 rfc3162 rfc3576 rfc3580 \
rfc4372 rfc4675 rfc4679 \
microsoft \
wispr \
ifneq ($(SDK)$(CONFIG_PACKAGE_freeradius2-mod-ldap),)
CONFIGURE_ARGS+= \
--with-rlm_ldap-include-dir="$(STAGING_DIR)/usr/include" \
--with-rlm_ldap-lib-dir="$(STAGING_DIR)/usr/lib"
CONFIGURE_LIBS+= -lcrypto -lssl
else
CONFIGURE_ARGS+= --without-rlm_ldap
endif
ifneq ($(SDK)$(CONFIG_PACKAGE_freeradius2-mod-sql-mysql),)
CONFIGURE_ARGS+= \
--with-mysql-include-dir="$(STAGING_DIR)/usr/include" \
--with-mysql-lib-dir="$(STAGING_DIR)/usr/lib/mysql"
CONFIGURE_LIBS+= -lz
CONFIGURE_VARS+= ac_cv_lib_mysqlclient_r_mysql_init=yes
else
CONFIGURE_ARGS+= --without-rlm_sql_mysql
endif
ifneq ($(SDK)$(CONFIG_PACKAGE_freeradius2-mod-sql-pgsql),)
CONFIGURE_ARGS+= \
--with-rlm_sql_postgresql-include-dir="$(STAGING_DIR)/usr/include" \
--with-rlm_sql_postgresql-lib-dir="$(STAGING_DIR)/usr/lib"
else
CONFIGURE_ARGS+= --without-rlm_sql_postgresql
endif
ifneq ($(SDK)$(CONFIG_PACKAGE_freeradius2-mod-sqllog),)
CONFIGURE_ARGS+= \
--with-rlm_sql_log \
--with-experimental-modules \
else
CONFIGURE_ARGS+= --without-rlm_sql_log
endif
ifneq ($(SDK)$(CONFIG_PACKAGE_freeradius2-mod-sql-sqlite),)
CONFIGURE_ARGS+= \
--with-rlm_sql_sqlite \
--with-experimental-modules \
--with-sqlite-include-dir="$(STAGING_DIR)/usr/include" \
--with-sqlite-lib-dir="$(STAGING_DIR)/usr/lib"
else
CONFIGURE_ARGS+= --without-rlm_sql_sqlite
endif
ifneq ($(SDK)$(CONFIG_PACKAGE_freeradius2-mod-eap-peap),)
CONFIGURE_ARGS+= \
--with-rlm_eap_peap \
--with-rlm_eap_peap-include-dir="$(STAGING_DIR)/usr/include" \
--with-rlm_eap_peap-lib-dir="$(STAGING_DIR)/usr/lib"
CONFIGURE_LIBS+= -lcrypto -lssl
else
CONFIGURE_ARGS+= --without-rlm_eap_peap
endif
ifneq ($(SDK)$(CONFIG_PACKAGE_freeradius2-mod-eap-tls),)
CONFIGURE_ARGS+= \
--with-rlm_eap_tls \
--with-rlm_eap_tls-include-dir="$(STAGING_DIR)/usr/include" \
--with-rlm_eap_tls-lib-dir="$(STAGING_DIR)/usr/lib"
CONFIGURE_LIBS+= -lcrypto -lssl
else
CONFIGURE_ARGS+= --without-rlm_eap_tls
endif
ifneq ($(SDK)$(CONFIG_PACKAGE_freeradius2-mod-eap-ttls),)
CONFIGURE_ARGS+= \
--with-rlm_eap_ttls \
--with-rlm_eap_ttls-include-dir="$(STAGING_DIR)/usr/include" \
--with-rlm_eap_ttls-lib-dir="$(STAGING_DIR)/usr/lib"
CONFIGURE_LIBS+= -lcrypto -lssl
else
CONFIGURE_ARGS+= --without-rlm_eap_ttls
endif
ifneq ($(SDK)$(CONFIG_PACKAGE_freeradius2-mod-attr-rewrite),)
CONFIGURE_ARGS+= --with-rlm_attr-rewrite
else
CONFIGURE_ARGS+= --without-rlm_attr-rewrite
endif
ifneq ($(SDK)$(CONFIG_PACKAGE_freeradius2-mod-radutmp),)
CONFIGURE_ARGS+= --with-rlm_radutmp
else
CONFIGURE_ARGS+= --without-rlm_radutmp
endif
ifneq ($(SDK)$(CONFIG_PACKAGE_freeradius2-mod-logintime),)
CONFIGURE_ARGS+= --with-rlm_logintime
else
CONFIGURE_ARGS+= --without-rlm_logintime
endif
ifneq ($(SDK)$(CONFIG_PACKAGE_freeradius2-mod-expiration),)
CONFIGURE_ARGS+= --with-rlm_expiration
else
CONFIGURE_ARGS+= --without-rlm_expiration
endif
ifneq ($(SDK)$(CONFIG_PACKAGE_freeradius2-mod-always),)
CONFIGURE_ARGS+= --with-rlm_always
else
CONFIGURE_ARGS+= --without-rlm_always
endif
CONFIGURE_VARS+= \
LDFLAGS="$$$$LDFLAGS" \
LIBS="$(CONFIGURE_LIBS)" \
MYSQL_CONFIG="no" \
ac_cv_lib_readline=no \
define Build/Compile
$(MAKE) -C $(PKG_BUILD_DIR) \
R="$(PKG_INSTALL_DIR)" \
INSTALLSTRIP="" \
all certs install
endef
define Package/freeradius2-common/install
$(INSTALL_DIR) $(1)/etc/freeradius2
chmod 771 $(1)/etc/freeradius2
$(CP) $(PKG_INSTALL_DIR)/etc/freeradius2/dictionary $(1)/etc/freeradius2/ ; \
$(INSTALL_DIR) $(1)/usr/lib/freeradius2
$(CP) $(PKG_INSTALL_DIR)/usr/lib/freeradius2/libfreeradius-radius{,-*}.so $(1)/usr/lib/freeradius2
$(CP) $(PKG_INSTALL_DIR)/usr/lib/freeradius2/libfreeradius-eap{,-*}.so $(1)/usr/lib/freeradius2
$(INSTALL_DIR) $(1)/usr/share/freeradius2
$(CP) $(PKG_INSTALL_DIR)/usr/share/freeradius/dictionary $(1)/usr/share/freeradius2/
$(SED) "s,^\(\$$$$INCLUDE\),#\1,g" $(1)/usr/share/freeradius2/dictionary
for f in $(PKG_DICTIONARIES); do \
$(CP) $(PKG_INSTALL_DIR)/usr/share/freeradius/dictionary.$$$${f} $(1)/usr/share/freeradius2/ ; \
$(SED) "s,^#\(\$$$$INCLUDE dictionary\.$$$${f}\),\1,g" $(1)/usr/share/freeradius2/dictionary ; \
done
endef
define Package/freeradius2/install
$(INSTALL_DIR) $(1)/etc/freeradius2/modules
$(INSTALL_DIR) $(1)/etc/freeradius2/sites
for f in clients.conf radiusd.conf policy.conf; do \
$(CP) $(PKG_INSTALL_DIR)/etc/freeradius2/$$$${f} $(1)/etc/freeradius2/ ; \
done
$(CP) $(PKG_INSTALL_DIR)/etc/freeradius2/sites-available/default $(1)/etc/freeradius2/sites/default
$(INSTALL_DIR) $(1)/usr/sbin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/radiusd $(1)/usr/sbin/
$(INSTALL_DIR) $(1)/etc/init.d
$(INSTALL_BIN) ./files/radiusd.init $(1)/etc/init.d/radiusd
endef
define Package/freeradius2-democerts/install
$(INSTALL_DIR) $(1)/etc/freeradius2/certs
$(CP) \
$(PKG_BUILD_DIR)/raddb/certs/ca.pem \
$(PKG_BUILD_DIR)/raddb/certs/dh \
$(PKG_BUILD_DIR)/raddb/certs/random \
$(PKG_BUILD_DIR)/raddb/certs/server.pem \
$(1)/etc/freeradius2/certs/
endef
define Package/freeradius2-utils/install
$(INSTALL_DIR) $(1)/usr/bin
for f in radclient radeapclient radwho; do \
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/bin/$$$${f} $(1)/usr/bin/ ; \
done
endef
define BuildPlugin
define Package/$(1)/install
[ -z "$(2)" ] || $(INSTALL_DIR) $$(1)/usr/lib/freeradius2
for m in $(2); do \
$(CP) $(PKG_INSTALL_DIR)/usr/lib/freeradius2/$$$$$$$${m}{,-*}.so $$(1)/usr/lib/freeradius2 ; \
done
[ -z "$(3)" ] || $(INSTALL_DIR) $$(1)/etc/freeradius2
[ -z "$(4)" ] || $(INSTALL_DIR) $$(1)/etc/freeradius2/$(4)
for f in $(3); do \
$(CP) $(PKG_INSTALL_DIR)/etc/freeradius2/$$$$$$$${f} $$(1)/etc/freeradius2/$$$$$$$${f} ; \
done
endef
$$(eval $$(call BuildPackage,$(1)))
endef
$(eval $(call BuildPackage,freeradius2))
$(eval $(call BuildPackage,freeradius2-common))
$(eval $(call BuildPackage,freeradius2-democerts))
$(eval $(call BuildPlugin,freeradius2-mod-chap,rlm_chap,modules/chap,modules,))
$(eval $(call BuildPlugin,freeradius2-mod-detail,rlm_detail,modules/detail,modules,))
$(eval $(call BuildPlugin,freeradius2-mod-eap,rlm_eap,eap.conf))
$(eval $(call BuildPlugin,freeradius2-mod-eap-gtc,rlm_eap_gtc,))
$(eval $(call BuildPlugin,freeradius2-mod-eap-md5,rlm_eap_md5,))
$(eval $(call BuildPlugin,freeradius2-mod-eap-mschapv2,rlm_eap_mschapv2,))
$(eval $(call BuildPlugin,freeradius2-mod-eap-peap,rlm_eap_peap,))
$(eval $(call BuildPlugin,freeradius2-mod-eap-tls,rlm_eap_tls,))
$(eval $(call BuildPlugin,freeradius2-mod-eap-ttls,rlm_eap_ttls,))
$(eval $(call BuildPlugin,freeradius2-mod-exec,rlm_exec,modules/exec modules/echo ,modules,))
$(eval $(call BuildPlugin,freeradius2-mod-attr-rewrite,rlm_attr_rewrite,modules/attr_rewrite,modules,))
$(eval $(call BuildPlugin,freeradius2-mod-files,rlm_files,acct_users preproxy_users users modules/files,modules,))
$(eval $(call BuildPlugin,freeradius2-mod-passwd,rlm_passwd,modules/passwd,modules,))
$(eval $(call BuildPlugin,freeradius2-mod-ldap,rlm_ldap,ldap.attrmap modules/ldap,modules,))
$(eval $(call BuildPlugin,freeradius2-mod-mschap,rlm_mschap,modules/mschap,modules,))
$(eval $(call BuildPlugin,freeradius2-mod-pap,rlm_pap,modules/pap,modules,))
$(eval $(call BuildPlugin,freeradius2-mod-preprocess,rlm_preprocess,hints huntgroups modules/preprocess,modules,))
$(eval $(call BuildPlugin,freeradius2-mod-realm,rlm_realm,proxy.conf modules/realm modules/inner-eap,modules,))
$(eval $(call BuildPlugin,freeradius2-mod-sql,rlm_sql,sql.conf,))
$(eval $(call BuildPlugin,freeradius2-mod-sql-mysql,rlm_sql_mysql,))
$(eval $(call BuildPlugin,freeradius2-mod-sql-pgsql,rlm_sql_postgresql,))
$(eval $(call BuildPlugin,freeradius2-mod-sql-sqlite,rlm_sql_sqlite,))
$(eval $(call BuildPlugin,freeradius2-mod-sqlcounter,rlm_sqlcounter,))
$(eval $(call BuildPlugin,freeradius2-mod-sqllog,rlm_sql_log,))
$(eval $(call BuildPlugin,freeradius2-mod-radutmp,rlm_radutmp,modules/radutmp modules/sradutmp,modules,))
$(eval $(call BuildPlugin,freeradius2-mod-logintime,rlm_logintime,modules/logintime,modules,))
$(eval $(call BuildPlugin,freeradius2-mod-expr,rlm_expr,modules/expr,modules,))
$(eval $(call BuildPlugin,freeradius2-mod-attr-filter,rlm_attr_filter,modules/attr_filter attrs attrs.access_reject attrs.accounting_response attrs.pre-proxy,modules,,))
$(eval $(call BuildPlugin,freeradius2-mod-expiration,rlm_expiration,modules/expiration,modules,))
$(eval $(call BuildPlugin,freeradius2-mod-always,rlm_always,modules/always,modules,))
$(eval $(call BuildPackage,freeradius2-utils))

22
net/freeradius2/files/radiusd.init Normal file
View file

@ -0,0 +1,22 @@
#!/bin/sh /etc/rc.common
# Copyright (C) 2006 OpenWrt.org
START=50
DEFAULT=/etc/default/radiusd
LOG_D=/var/log
RUN_D=/var/run
PID_F=$RUN_D/radiusd.pid
RADACCT_D=/var/db/radacct
IPADDR=$(ifconfig br-lan | sed -n 's/.*dr:\(.*\)Bc.*/\1/p')
start() {
[ -f $DEFAULT ] && . $DEFAULT
mkdir -p $LOG_D
mkdir -p $RUN_D
mkdir -p $RADACCT_D
radiusd -i $IPADDR -p 1812,1813 $OPTIONS
}
stop() {
[ -f $PID_F ] && kill $(cat $PID_F)
}

10
net/freeradius2/patches/001-fix-makefile.patch Normal file
View file

@ -0,0 +1,10 @@
--- a/Make.inc.in
+++ b/Make.inc.in
@@ -5,6 +5,7 @@
#
# Location of files.
+SHELL = @SHELL@
prefix = @prefix@
exec_prefix = @exec_prefix@
sysconfdir = @sysconfdir@

588
net/freeradius2/patches/002-config.patch Normal file
View file

@ -0,0 +1,588 @@
--- a/raddb/dictionary.in
+++ b/raddb/dictionary.in
@@ -11,7 +11,7 @@
#
# The filename given here should be an absolute path.
#
-$INCLUDE @prefix@/share/freeradius/dictionary
+$INCLUDE @prefix@/share/freeradius2/dictionary
#
# Place additional attributes or $INCLUDEs here. They will
--- a/raddb/eap.conf
+++ b/raddb/eap.conf
@@ -27,7 +27,7 @@
# then that EAP type takes precedence over the
# default type configured here.
#
- default_eap_type = md5
+ default_eap_type = peap
# A list is maintained to correlate EAP-Response
# packets with EAP-Request packets. After a
@@ -72,8 +72,8 @@
# for wireless connections. It is insecure, and does
# not provide for dynamic WEP keys.
#
- md5 {
- }
+# md5 {
+# }
# Cisco LEAP
#
@@ -87,8 +87,8 @@
# User-Password, or the NT-Password attributes.
# 'System' authentication is impossible with LEAP.
#
- leap {
- }
+# leap {
+# }
# Generic Token Card.
#
@@ -101,7 +101,7 @@
# the users password will go over the wire in plain-text,
# for anyone to see.
#
- gtc {
+# gtc {
# The default challenge, which many clients
# ignore..
#challenge = "Password: "
@@ -118,8 +118,8 @@
# configured for the request, and do the
# authentication itself.
#
- auth_type = PAP
- }
+# auth_type = PAP
+# }
## EAP-TLS
#
@@ -215,7 +215,7 @@
# In these cases, fragment size should be
# 1024 or less.
#
- # fragment_size = 1024
+ fragment_size = 1024
# include_length is a flag which is
# by default set to yes If set to
@@ -225,7 +225,7 @@
# message is included ONLY in the
# First packet of a fragment series.
#
- # include_length = yes
+ include_length = yes
# Check the Certificate Revocation List
#
@@ -297,7 +297,7 @@
# for the server to print out an error message,
# and refuse to start.
#
- make_cert_command = "${certdir}/bootstrap"
+ # make_cert_command = "${certdir}/bootstrap"
#
# Elliptical cryptography configuration
@@ -332,7 +332,7 @@
# You probably also want "use_tunneled_reply = yes"
# when using fast session resumption.
#
- cache {
+ # cache {
#
# Enable it. The default is "no".
# Deleting the entire "cache" subsection
@@ -348,14 +348,14 @@
# enable resumption for just one user
# by setting the above attribute to "yes".
#
- enable = no
+ # enable = no
#
# Lifetime of the cached entries, in hours.
# The sessions will be deleted after this
# time.
#
- lifetime = 24 # hours
+ # lifetime = 24 # hours
#
# The maximum number of entries in the
@@ -364,8 +364,8 @@
# This could be set to the number of users
# who are logged in... which can be a LOT.
#
- max_entries = 255
- }
+ # max_entries = 255
+ # }
#
# As of version 2.1.10, client certificates can be
@@ -503,7 +503,7 @@
#
# in the control items for a request.
#
- ttls {
+# ttls {
# The tunneled EAP session needs a default
# EAP type which is separate from the one for
# the non-tunneled EAP module. Inside of the
@@ -511,7 +511,7 @@
# If the request does not contain an EAP
# conversation, then this configuration entry
# is ignored.
- default_eap_type = md5
+# default_eap_type = mschapv2
# The tunneled authentication request does
# not usually contain useful attributes
@@ -527,7 +527,7 @@
# is copied to the tunneled request.
#
# allowed values: {no, yes}
- copy_request_to_tunnel = no
+# copy_request_to_tunnel = yes
# The reply attributes sent to the NAS are
# usually based on the name of the user
@@ -540,7 +540,7 @@
# the tunneled request.
#
# allowed values: {no, yes}
- use_tunneled_reply = no
+# use_tunneled_reply = no
#
# The inner tunneled request can be sent
@@ -552,13 +552,13 @@
# the virtual server that processed the
# outer requests.
#
- virtual_server = "inner-tunnel"
+# virtual_server = "inner-tunnel"
# This has the same meaning as the
# same field in the "tls" module, above.
# The default value here is "yes".
# include_length = yes
- }
+# }
##################################################
#
@@ -627,14 +627,14 @@
# the PEAP module also has these configuration
# items, which are the same as for TTLS.
- copy_request_to_tunnel = no
- use_tunneled_reply = no
+ copy_request_to_tunnel = yes
+ use_tunneled_reply = yes
# When the tunneled session is proxied, the
# home server may not understand EAP-MSCHAP-V2.
# Set this entry to "no" to proxy the tunneled
# EAP-MSCHAP-V2 as normal MSCHAPv2.
- # proxy_tunneled_request_as_eap = yes
+ proxy_tunneled_request_as_eap = no
#
# The inner tunneled request can be sent
@@ -646,7 +646,8 @@
# the virtual server that processed the
# outer requests.
#
- virtual_server = "inner-tunnel"
+ # virtual_server = "inner-tunnel"
+ EAP-TLS-Require-Client-Cert = no
# This option enables support for MS-SoH
# see doc/SoH.txt for more info.
--- a/raddb/modules/counter
+++ b/raddb/modules/counter
@@ -69,7 +69,7 @@
# 'check-name' attribute.
#
counter daily {
- filename = ${db_dir}/db.daily
+ filename = ${radacctdir}/db.daily
key = User-Name
count-attribute = Acct-Session-Time
reset = daily
--- a/raddb/modules/pap
+++ b/raddb/modules/pap
@@ -18,5 +18,5 @@
#
# http://www.openldap.org/faq/data/cache/347.html
pap {
- auto_header = no
+ auto_header = yes
}
--- a/raddb/modules/radutmp
+++ b/raddb/modules/radutmp
@@ -12,7 +12,7 @@ radutmp {
# Where the file is stored. It's not a log file,
# so it doesn't need rotating.
#
- filename = ${logdir}/radutmp
+ filename = ${radacctdir}/radutmp
# The field in the packet to key on for the
# 'user' name, If you have other fields which you want
--- a/raddb/modules/sradutmp
+++ b/raddb/modules/sradutmp
@@ -10,7 +10,7 @@
# then name "sradutmp" to identify it later in the "accounting"
# section.
radutmp sradutmp {
- filename = ${logdir}/sradutmp
+ filename = ${radacctdir}/sradutmp
perm = 0644
callerid = "no"
}
--- a/raddb/radiusd.conf.in
+++ b/raddb/radiusd.conf.in
@@ -66,7 +66,7 @@ name = radiusd
# Location of config and logfiles.
confdir = ${raddbdir}
-run_dir = ${localstatedir}/run/${name}
+run_dir = ${localstatedir}/run
# Should likely be ${localstatedir}/lib/radiusd
db_dir = ${raddbdir}
@@ -323,7 +323,7 @@ listen {
# If your system does not support this feature, you will
# get an error if you try to use it.
#
-# interface = eth0
+ interface = br-lan
# Per-socket lists of clients. This is a very useful feature.
#
@@ -350,7 +350,7 @@ listen {
# ipv6addr = ::
port = 0
type = acct
-# interface = eth0
+ interface = br-lan
# clients = per_socket_clients
}
@@ -584,8 +584,8 @@ security {
#
# allowed values: {no, yes}
#
-proxy_requests = yes
-$INCLUDE proxy.conf
+proxy_requests = no
+#$INCLUDE proxy.conf
# CLIENTS CONFIGURATION
@@ -782,7 +782,7 @@ instantiate {
# The entire command line (and output) must fit into 253 bytes.
#
# e.g. Framed-Pool = `%{exec:/bin/echo foo}`
- exec
+# exec
#
# The expression module doesn't do authorization,
@@ -799,15 +799,15 @@ instantiate {
# other xlat functions such as md5, sha1 and lc.
#
# We do not recommend removing it's listing here.
- expr
+# expr
#
# We add the counter module here so that it registers
# the check-name attribute before any module which sets
# it
# daily
- expiration
- logintime
+# expiration
+# logintime
# subsections here can be thought of as "virtual" modules.
#
@@ -831,7 +831,7 @@ instantiate {
# to multiple times.
#
######################################################################
-$INCLUDE policy.conf
+#$INCLUDE policy.conf
######################################################################
#
@@ -841,9 +841,9 @@ $INCLUDE policy.conf
# match the regular expression: /[a-zA-Z0-9_.]+/
#
# It allows you to define new virtual servers simply by placing
-# a file into the raddb/sites-enabled/ directory.
+# a file into the /etc/freeradius2/sites/ directory.
#
-$INCLUDE sites-enabled/
+$INCLUDE sites/
######################################################################
#
@@ -851,7 +851,7 @@ $INCLUDE sites-enabled/
# "authenticate {}", "accounting {}", have been moved to the
# the file:
#
-# raddb/sites-available/default
+# /etc/freeradius2/sites/default
#
# This is the "default" virtual server that has the same
# configuration as in version 1.0.x and 1.1.x. The default
--- a/raddb/sites-available/default
+++ b/raddb/sites-available/default
@@ -85,7 +85,7 @@ authorize {
#
# It takes care of processing the 'raddb/hints' and the
# 'raddb/huntgroups' files.
- preprocess
+# preprocess
#
# If you want to have a log of authentication requests,
@@ -96,7 +96,7 @@ authorize {
#
# The chap module will set 'Auth-Type := CHAP' if we are
# handling a CHAP request and Auth-Type has not already been set
- chap
+# chap
#
# If the users are logging in with an MS-CHAP-Challenge
@@ -104,13 +104,13 @@ authorize {
# the MS-CHAP-Challenge attribute, and add 'Auth-Type := MS-CHAP'
# to the request, which will cause the server to then use
# the mschap module for authentication.
- mschap
+# mschap
#
# If you have a Cisco SIP server authenticating against
# FreeRADIUS, uncomment the following line, and the 'digest'
# line in the 'authenticate' section.
- digest
+# digest
#
# The WiMAX specification says that the Calling-Station-Id
@@ -133,7 +133,7 @@ authorize {
# Otherwise, when the first style of realm doesn't match,
# the other styles won't be checked.
#
- suffix
+# suffix
# ntdomain
#
@@ -195,8 +195,8 @@ authorize {
# Use the checkval module
# checkval
- expiration
- logintime
+# expiration
+# logintime
#
# If no other module has claimed responsibility for
@@ -277,7 +277,7 @@ authenticate {
# If you have a Cisco SIP server authenticating against
# FreeRADIUS, uncomment the following line, and the 'digest'
# line in the 'authorize' section.
- digest
+# digest
#
# Pluggable Authentication Modules.
@@ -294,7 +294,7 @@ authenticate {
# be used for authentication ONLY for compatibility with legacy
# FreeRADIUS configurations.
#
- unix
+# unix
# Uncomment it if you want to use ldap for authentication
#
@@ -330,8 +330,8 @@ authenticate {
#
# Pre-accounting. Decide which accounting type to use.
#
-preacct {
- preprocess
+#preacct {
+# preprocess
#
# Session start times are *implied* in RADIUS.
@@ -354,7 +354,7 @@ preacct {
#
# Ensure that we have a semi-unique identifier for every
# request, and many NAS boxes are broken.
- acct_unique
+# acct_unique
#
# Look for IPASS-style 'realm/', and if not found, look for
@@ -364,13 +364,13 @@ preacct {
# Accounting requests are generally proxied to the same
# home server as authentication requests.
# IPASS
- suffix
+# suffix
# ntdomain
#
# Read the 'acct_users' file
- files
-}
+# files
+#}
#
# Accounting. Log the accounting data.
@@ -380,7 +380,7 @@ accounting {
# Create a 'detail'ed log of the packets.
# Note that accounting requests which are proxied
# are also logged in the detail file.
- detail
+# detail
# daily
# Update the wtmp file
@@ -432,7 +432,7 @@ accounting {
exec
# Filter attributes from the accounting response.
- attr_filter.accounting_response
+ #attr_filter.accounting_response
#
# See "Autz-Type Status-Server" for how this works.
@@ -458,7 +458,7 @@ session {
# Post-Authentication
# Once we KNOW that the user has been authenticated, there are
# additional steps we can take.
-post-auth {
+#post-auth {
# Get an address from the IP Pool.
# main_pool
@@ -488,7 +488,7 @@ post-auth {
# ldap
# For Exec-Program and Exec-Program-Wait
- exec
+# exec
#
# Calculate the various WiMAX keys. In order for this to work,
@@ -572,12 +572,12 @@ post-auth {
# Add the ldap module name (or instance) if you have set
# 'edir_account_policy_check = yes' in the ldap module configuration
#
- Post-Auth-Type REJECT {
- # log failed authentications in SQL, too.
+# Post-Auth-Type REJECT {
+# # log failed authentications in SQL, too.
# sql
- attr_filter.access_reject
- }
-}
+# attr_filter.access_reject
+# }
+#}
#
# When the server decides to proxy a request to a home server,
@@ -587,7 +587,7 @@ post-auth {
#
# Only a few modules currently have this method.
#
-pre-proxy {
+#pre-proxy {
# attr_rewrite
# Uncomment the following line if you want to change attributes
@@ -603,14 +603,14 @@ pre-proxy {
# server, un-comment the following line, and the
# 'detail pre_proxy_log' section, above.
# pre_proxy_log
-}
+#}
#
# When the server receives a reply to a request it proxied
# to a home server, the request may be massaged here, in the
# post-proxy stage.
#
-post-proxy {
+#post-proxy {
# If you want to have a log of replies from a home server,
# un-comment the following line, and the 'detail post_proxy_log'
@@ -634,7 +634,7 @@ post-proxy {
# hidden inside of the EAP packet, and the end server will
# reject the EAP request.
#
- eap
+# eap
#
# If the server tries to proxy a request and fails, then the
@@ -656,5 +656,5 @@ post-proxy {
# Post-Proxy-Type Fail {
# detail
# }
-}
+#}
--- a/raddb/users
+++ b/raddb/users
@@ -169,22 +169,22 @@
# by the terminal server in which case there may not be a "P" suffix.
# The terminal server sends "Framed-Protocol = PPP" for auto PPP.
#
-DEFAULT Framed-Protocol == PPP
- Framed-Protocol = PPP,
- Framed-Compression = Van-Jacobson-TCP-IP
+#DEFAULT Framed-Protocol == PPP
+# Framed-Protocol = PPP,
+# Framed-Compression = Van-Jacobson-TCP-IP
#
# Default for CSLIP: dynamic IP address, SLIP mode, VJ-compression.
#
-DEFAULT Hint == "CSLIP"
- Framed-Protocol = SLIP,
- Framed-Compression = Van-Jacobson-TCP-IP
+#DEFAULT Hint == "CSLIP"
+# Framed-Protocol = SLIP,
+# Framed-Compression = Van-Jacobson-TCP-IP
#
# Default for SLIP: dynamic IP address, SLIP mode.
#
-DEFAULT Hint == "SLIP"
- Framed-Protocol = SLIP
+#DEFAULT Hint == "SLIP"
+# Framed-Protocol = SLIP
#
# Last default: rlogin to our main server.

4253
net/freeradius2/patches/004-ldap_configure.patch Normal file
View file

File diff suppressed because it is too large Load diff

15
net/freeradius2/patches/008-honor_ccpflags.patch Normal file
View file

@ -0,0 +1,15 @@
--- a/src/modules/rules.mak
+++ b/src/modules/rules.mak
@@ -63,10 +63,10 @@ $(LT_OBJS): $(SERVER_HEADERS)
#
#######################################################################
%.lo: %.c
- $(LIBTOOL) --mode=compile --tag=CC $(CC) $(CFLAGS) $(RLM_CFLAGS) -c $<
+ $(LIBTOOL) --mode=compile --tag=CC $(CC) $(CFLAGS) $(CPPFLAGS) $(RLM_CFLAGS) -c $<
%.lo: %.cpp
- $(LIBTOOL) --mode=compile --tag=CXX $(CXX) $(CFLAGS) $(RLM_CFLAGS) -c $<
+ $(LIBTOOL) --mode=compile --tag=CXX $(CXX) $(CFLAGS) $(CPPFLAGS) $(RLM_CFLAGS) -c $<
ifneq ($(TARGET),)
#######################################################################

38
net/freeradius2/patches/010-disbale-openssl-check.patch Normal file
View file

@ -0,0 +1,38 @@
--- a/configure.in
+++ b/configure.in
@@ -832,35 +832,6 @@ if test "x$WITH_OPENSSL" = xyes; then
OPENSSL_INCLUDE="-DOPENSSL_NO_KRB5"
fi
- dnl #
- dnl # Now check that the header versions match the library
- dnl #
- AC_MSG_CHECKING([OpenSSL library and header version consistency])
- AC_RUN_IFELSE(
- [AC_LANG_PROGRAM(
- [[
- #include <stdio.h>
- #include <openssl/opensslv.h>
- #include <openssl/crypto.h>
- ]],
- [[
- if (SSLeay() == OPENSSL_VERSION_NUMBER) {
- return 0;
- } else {
- printf("library: %lx header: %lx... ", (unsigned long) SSLeay(), (unsigned long) OPENSSL_VERSION_NUMBER);
- return 1;
- }
- ]]
- )],
- [
- AC_MSG_RESULT(yes)
- ],
- [
- AC_MSG_RESULT(no)
- AC_MSG_FAILURE([OpenSSL library version does not match header version])
- ]
- )
-
if test "x$OPENSSL_LIBS" = x; then
LIBS=$old_LIBS
LDFLAGS="$old_LDFLAGS"

55
net/opentracker/Makefile Normal file
View file

@ -0,0 +1,55 @@
#
# Copyright (C) 2006-2014 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
#
include $(TOPDIR)/rules.mk
PKG_NAME:=opentracker
PKG_VERSION:=20130804
PKG_RELEASE:=1
PKG_REV:=954f5029dfa17734dc408336ef710c192268e8a4
PKG_MAINTAINER:=Daniel Golle <daniel@makrotopia.org>
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2
PKG_SOURCE_URL:=git://erdgeist.org/opentracker
PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
PKG_SOURCE_VERSION:=$(PKG_REV)
PKG_SOURCE_PROTO:=git
PKG_BUILD_DEPENDS:=libowfat
include $(INCLUDE_DIR)/package.mk
define Package/opentracker
SUBMENU:=BitTorrent
SECTION:=net
CATEGORY:=Network
TITLE:=opentracker
URL:=http://erdgeist.org/arts/software/opentracker/
DEPENDS:=+zlib +libpthread
endef
define Package/opentracker/description
opentracker - An open and free bittorrent tracker
opentracker is an open and free bittorrent tracker project.
It aims for minimal resource usage and is intended to run at your wlan router.
Currently it is deployed as an open and free tracker instance.
Read our free and open tracker blog and announce your torrents there
(but do not hesitate to setup your own free trackers!).
endef
MAKE_FLAGS += PREFIX="$(STAGING_DIR)/usr"
define Package/opentracker/install
$(INSTALL_DIR) $(1)/usr/bin
$(INSTALL_BIN) $(PKG_BUILD_DIR)/opentracker $(1)/usr/bin
$(INSTALL_DIR) $(1)/etc
$(INSTALL_CONF) $(PKG_BUILD_DIR)/opentracker.conf.sample $(1)/etc/opentracker.conf
$(INSTALL_DIR) $(1)/etc/init.d
$(INSTALL_BIN) ./files/opentracker.init $(1)/etc/init.d/opentracker
endef
$(eval $(call BuildPackage,opentracker))

16
net/opentracker/files/opentracker.init Executable file
View file

@ -0,0 +1,16 @@
#!/bin/sh /etc/rc.common
START=10
STOP=15
NAME="opentracker"
PROG="/usr/bin/opentracker"
OPTIONS="-f /etc/opentracker.conf"
USE_PROCD=1
start_service()
{
procd_open_instance
procd_set_param command $PROG $OPTIONS
procd_close_instance
}

32
net/opentracker/patches/100-makefile.patch Normal file
View file

@ -0,0 +1,32 @@
Index: opentracker-20130804/Makefile
===================================================================
--- opentracker-20130804.orig/Makefile
+++ opentracker-20130804/Makefile
@@ -9,13 +9,13 @@ CC?=gcc
# BSD flavour
# PREFIX?=/usr/local
-# LIBOWFAT_HEADERS=$(PREFIX)/include/libowfat
-# LIBOWFAT_LIBRARY=$(PREFIX)/lib
+LIBOWFAT_HEADERS=$(PREFIX)/include/libowfat
+LIBOWFAT_LIBRARY=$(PREFIX)/lib
# Debug flavour
-PREFIX?=..
-LIBOWFAT_HEADERS=$(PREFIX)/libowfat
-LIBOWFAT_LIBRARY=$(PREFIX)/libowfat
+# PREFIX?=..
+# LIBOWFAT_HEADERS=$(PREFIX)/libowfat
+# LIBOWFAT_LIBRARY=$(PREFIX)/libowfat
BINDIR?=$(PREFIX)/bin
@@ -66,7 +66,7 @@ CFLAGS_debug = $(CFLAGS) $(OPTS_debug) $
$(BINARY): $(OBJECTS) $(HEADERS)
$(CC) -o $@ $(OBJECTS) $(LDFLAGS)
- strip $@
+ $(STRIP) $@
$(BINARY).debug: $(OBJECTS_debug) $(HEADERS)
$(CC) -o $@ $(OBJECTS_debug) $(LDFLAGS)
proxy: $(OBJECTS_proxy) $(HEADERS)

71
net/xl2tpd/Makefile Normal file
View file

@ -0,0 +1,71 @@
#
# Copyright (C) 2006-2014 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
#
include $(TOPDIR)/rules.mk
PKG_NAME:=xl2tpd
PKG_VERSION:=1.3.6
PKG_RELEASE:=1
PKG_MAINTAINER:=Daniel Golle <daniel@makrotopia.org>
PKG_RELEASE=$(PKG_SOURCE_VERSION)
PKG_SOURCE_PROTO:=git
PKG_SOURCE_URL:=https://github.com/xelerance/xl2tpd.git
PKG_SOURCE_SUBDIR:=$(PKG_NAME)-$(PKG_VERSION)
PKG_SOURCE_VERSION:=5619e1771048e74b729804e8602f409af0f3faea
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_INSTALL:=1
include $(INCLUDE_DIR)/package.mk
define Package/xl2tpd
SECTION:=net
CATEGORY:=Network
TITLE:=An L2TP (Layer 2 Tunneling Protocol) daemon
URL:=http://www.xelerance.com/software/xl2tpd/
SUBMENU:=VPN
DEPENDS:=+ppp-mod-pppol2tp +ip +resolveip
endef
define Package/xl2tpd/description
l2tpd is the open source implementation of the L2TP tunneling protocol (RFC2661).
It does implement both LAC and LNS role in a L2TP networking architecture. The
main goal of this protocol is to tunnel PPP frame trough an IP network.
endef
# XXX: CFLAGS are already set by Build/Compile/Default
MAKE_FLAGS+= \
OFLAGS=""
define Package/xl2tpd/conffiles
/etc/xl2tpd/xl2tpd.conf
/etc/xl2tpd/xl2tp-secrets
/etc/ppp/options.xl2tpd
endef
define Package/xl2tpd/install
$(INSTALL_DIR) $(1)/usr/sbin
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/local/sbin/xl2tpd $(1)/usr/sbin/
$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/local/sbin/xl2tpd-control $(1)/usr/sbin/
$(INSTALL_DIR) $(1)/etc/init.d
$(INSTALL_BIN) ./files/xl2tpd.init $(1)/etc/init.d/xl2tpd
$(INSTALL_DIR) $(1)/etc/xl2tpd
$(INSTALL_DATA) ./files/xl2tpd.conf $(1)/etc/xl2tpd/
$(INSTALL_CONF) ./files/xl2tp-secrets $(1)/etc/xl2tpd/
$(INSTALL_DIR) $(1)/etc/ppp
$(INSTALL_DATA) ./files/options.xl2tpd $(1)/etc/ppp/
$(INSTALL_DIR) $(1)/lib/netifd/proto
$(INSTALL_BIN) ./files/l2tp.sh $(1)/lib/netifd/proto
endef
$(eval $(call BuildPackage,xl2tpd))

23
net/xl2tpd/README Normal file
View file

@ -0,0 +1,23 @@
OpenWRT Package for xl2tpd
xl2tpd is a development from the original l2tpd package originally written by
Mark Spencer, subsequently forked by Scott Balmos and David Stipp, inherited
by Jeff McAdams, modified substantially by Jacco de Leeuw and then forked
again by Xelerance (after it was abandoned by l2tpd.org).
Rationale for inclusion in OpenWRT:
l2tpd has some serious alignment problems on RISC platforms. It also runs
purely in userspace.
Some of the features added in this fork include:
1. IPSec SA reference tracking inconjunction with openswan's IPSec transport
mode, which adds support for multiple clients behind the same NAT router
and multiple clients on the same internal IP behind different NAT routers.
2. Support for the pppol2tp kernel mode L2TP.
3. Alignment and endian problems resolved.
hcg

107
net/xl2tpd/files/l2tp.sh Normal file
View file

@ -0,0 +1,107 @@
#!/bin/sh
[ -x /usr/sbin/xl2tpd ] || exit 0
[ -n "$INCLUDE_ONLY" ] || {
. /lib/functions.sh
. ../netifd-proto.sh
init_proto "$@"
}
proto_l2tp_init_config() {
proto_config_add_string "username"
proto_config_add_string "password"
proto_config_add_string "keepalive"
proto_config_add_string "pppd_options"
proto_config_add_boolean "ipv6"
proto_config_add_int "mtu"
proto_config_add_string "server"
available=1
no_device=1
}
proto_l2tp_setup() {
local config="$1"
local iface="$2"
local optfile="/tmp/l2tp/options.${config}"
local ip serv_addr server
json_get_var server server && {
for ip in $(resolveip -t 5 "$server"); do
( proto_add_host_dependency "$config" "$ip" )
serv_addr=1
done
}
[ -n "$serv_addr" ] || {
echo "Could not resolve server address"
sleep 5
proto_setup_failed "$config"
exit 1
}
if [ ! -p /var/run/xl2tpd/l2tp-control ]; then
/etc/init.d/xl2tpd start
fi
json_get_vars ipv6 demand keepalive username password pppd_options
[ "$ipv6" = 1 ] || ipv6=""
if [ "${demand:-0}" -gt 0 ]; then
demand="precompiled-active-filter /etc/ppp/filter demand idle $demand"
else
demand="persist"
fi
[ -n "$mtu" ] || json_get_var mtu mtu
local interval="${keepalive##*[, ]}"
[ "$interval" != "$keepalive" ] || interval=5
mkdir -p /tmp/l2tp
echo "${keepalive:+lcp-echo-interval $interval lcp-echo-failure ${keepalive%%[, ]*}}" > "${optfile}"
echo "usepeerdns" >> "${optfile}"
echo "nodefaultroute" >> "${optfile}"
echo "${username:+user \"$username\" password \"$password\"}" >> "${optfile}"
echo "ipparam \"$config\"" >> "${optfile}"
echo "ifname \"l2tp-$config\"" >> "${optfile}"
echo "ip-up-script /lib/netifd/ppp-up" >> "${optfile}"
echo "ipv6-up-script /lib/netifd/ppp-up" >> "${optfile}"
echo "ip-down-script /lib/netifd/ppp-down" >> "${optfile}"
echo "ipv6-down-script /lib/netifd/ppp-down" >> "${optfile}"
# Don't wait for LCP term responses; exit immediately when killed.
echo "lcp-max-terminate 0" >> "${optfile}"
echo "${ipv6:++ipv6} ${pppd_options}" >> "${optfile}"
echo "${mtu:+mtu $mtu mru $mtu}" >> "${optfile}"
xl2tpd-control add l2tp-${config} pppoptfile=${optfile} lns=${server} redial=yes redial timeout=20
xl2tpd-control connect l2tp-${config}
}
proto_l2tp_teardown() {
local interface="$1"
local optfile="/tmp/l2tp/options.${interface}"
case "$ERROR" in
11|19)
proto_notify_error "$interface" AUTH_FAILED
proto_block_restart "$interface"
;;
2)
proto_notify_error "$interface" INVALID_OPTIONS
proto_block_restart "$interface"
;;
esac
xl2tpd-control disconnect l2tp-${interface}
# Wait for interface to go down
while [ -d /sys/class/net/l2tp-${interface} ]; do
sleep 1
done
xl2tpd-control remove l2tp-${interface}
rm -f ${optfile}
}
[ -n "$INCLUDE_ONLY" ] || {
add_protocol l2tp
}

13
net/xl2tpd/files/options.xl2tpd Normal file
View file

@ -0,0 +1,13 @@
#
lock
noauth
debug
dump
logfd 2
logfile /var/log/xl2tpd.log
noccp
novj
novjccomp
nopcomp
noaccomp

5
net/xl2tpd/files/xl2tp-secrets Normal file
View file

@ -0,0 +1,5 @@
# Secrets for authenticating l2tp tunnels
# us them secret
# * marko blah2
# zeus marko blah
# * * interop

23
net/xl2tpd/files/xl2tpd.conf Normal file
View file

@ -0,0 +1,23 @@
[global]
port = 1701
auth file = /etc/xl2tpd/xl2tp-secrets
access control = no
;[lns default]
;exclusive = yes
;ip range = 192.168.254.202-192.168.254.210
;lac = 10.0.1.2
;hidden bit = no
;local ip = 192.168.254.200
;length bit = yes
;refuse authentication = yes
;name = VersaLink
;ppp debug = yes
;pppoptfile = /etc/ppp/options.xl2tpd
;[lac left]
;lns = 10.0.1.2
;refuse authentication = yes
;name = VersaLink
;ppp debug = yes
;pppoptfile = /etc/ppp/options.xl2tpd

73
net/xl2tpd/files/xl2tpd.conf.sample Normal file
View file

@ -0,0 +1,73 @@
;
; Sample l2tpd configuration file
;
; This example file should give you some idea of how the options for l2tpd
; should work. The best place to look for a list of all options is in
; the source code itself, until I have the time to write better documetation :)
; Specifically, the file "file.c" contains a list of commands at the end.
;
; You most definitely don't have to spell out everything as it is done here
;
; [global] ; Global parameters:
; port = 1701 ; * Bind to port 1701
; auth file = /etc/xl2tpd/xl2tp-secrets ; * Where our challenge secrets are
; access control = yes ; * Refuse connections without IP match
; rand source = dev ; Source for entropy for random
; ; numbers, options are:
; ; dev - reads of /dev/urandom
; ; sys - uses rand()
; ; egd - reads from egd socket
; ; egd is not yet implemented
;
; [lns default] ; Our fallthrough LNS definition
; exclusive = no ; * Only permit one tunnel per host
; ip range = 192.168.0.1-192.168.0.20 ; * Allocate from this IP range
; no ip range = 192.168.0.3-192.168.0.9 ; * Except these hosts
; ip range = 192.168.0.5 ; * But this one is okay
; ip range = lac1-lac2 ; * And anything from lac1 to lac2's IP
; lac = 192.168.1.4 - 192.168.1.8 ; * These can connect as LAC's
; no lac = untrusted.marko.net ; * This guy can't connect
; hidden bit = no ; * Use hidden AVP's?
; local ip = 192.168.1.2 ; * Our local IP to use
; length bit = yes ; * Use length bit in payload?
; require chap = yes ; * Require CHAP auth. by peer
; refuse pap = yes ; * Refuse PAP authentication
; refuse chap = no ; * Refuse CHAP authentication
; refuse authentication = no ; * Refuse authentication altogether
; require authentication = yes ; * Require peer to authenticate
; unix authentication = no ; * Use /etc/passwd for auth.
; name = myhostname ; * Report this as our hostname
; ppp debug = no ; * Turn on PPP debugging
; pppoptfile = /etc/ppp/options.xl2tpd.lns ; * ppp options file
; call rws = 10 ; * RWS for call (-1 is valid)
; tunnel rws = 4 ; * RWS for tunnel (must be > 0)
; flow bit = yes ; * Include sequence numbers
; challenge = yes ; * Challenge authenticate peer ;
;
; [lac marko] ; Example VPN LAC definition
; lns = lns.marko.net ; * Who is our LNS?
; lns = lns2.marko.net ; * A backup LNS (not yet used)
; redial = yes ; * Redial if disconnected?
; redial timeout = 15 ; * Wait n seconds between redials
; max redials = 5 ; * Give up after n consecutive failures
; hidden bit = yes ; * User hidden AVP's?
; local ip = 192.168.1.1 ; * Force peer to use this IP for us
; remote ip = 192.168.1.2 ; * Force peer to use this as their IP
; length bit = no ; * Use length bit in payload?
; require pap = no ; * Require PAP auth. by peer
; require chap = yes ; * Require CHAP auth. by peer
; refuse pap = yes ; * Refuse PAP authentication
; refuse chap = no ; * Refuse CHAP authentication
; refuse authentication = no ; * Refuse authentication altogether
; require authentication = yes ; * Require peer to authenticate
; name = marko ; * Report this as our hostname
; ppp debug = no ; * Turn on PPP debugging
; pppoptfile = /etc/ppp/options.xl2tpd.marko ; * ppp options file for this lac
; call rws = 10 ; * RWS for call (-1 is valid)
; tunnel rws = 4 ; * RWS for tunnel (must be > 0)
; flow bit = yes ; * Include sequence numbers
; challenge = yes ; * Challenge authenticate peer
;
; [lac cisco] ; Another quick LAC
; lns = cisco.marko.net ; * Required, but can take from default
; require authentication = yes

18
net/xl2tpd/files/xl2tpd.init Normal file
View file

@ -0,0 +1,18 @@
#!/bin/sh /etc/rc.common
# Copyright (C) 2006-2010 OpenWrt.org
START=60
BIN=xl2tpd
DEFAULT=/etc/default/$BIN
RUN_D=/var/run
PID_F=$RUN_D/$BIN.pid
start() {
mkdir -p $RUN_D/$BIN
[ -f $DEFAULT ] && . $DEFAULT
$BIN $OPTIONS
}
stop() {
[ -f $PID_F ] && kill $(cat $PID_F)
}

12
net/xl2tpd/patches/100-makefile_opt_flags.patch Normal file
View file

@ -0,0 +1,12 @@
--- a/Makefile
+++ b/Makefile
@@ -91,7 +91,8 @@ OSFLAGS+= -DUSE_KERNEL
IPFLAGS?= -DIP_ALLOCATION
-CFLAGS+= $(DFLAGS) -O2 -fno-builtin -Wall -DSANITY $(OSFLAGS) $(IPFLAGS)
+OFLAGS=-O2
+CFLAGS+= $(DFLAGS) $(OFLAGS) -fno-builtin -Wall -DSANITY $(OSFLAGS) $(IPFLAGS)
HDRS=l2tp.h avp.h misc.h control.h call.h scheduler.h file.h aaa.h md5.h
OBJS=xl2tpd.o pty.o misc.o control.o avp.o call.o network.o avpsend.o scheduler.o file.o aaa.o md5.o
SRCS=${OBJS:.o=.c} ${HDRS}

43
net/xl2tpd/patches/110-makefile_dont_build_pfc.patch Normal file
View file

@ -0,0 +1,43 @@
--- a/Makefile
+++ b/Makefile
@@ -107,10 +107,10 @@ BINDIR?=$(DESTDIR)${PREFIX}/bin
MANDIR?=$(DESTDIR)${PREFIX}/share/man
-all: $(EXEC) pfc $(CONTROL_EXEC)
+all: $(EXEC) $(CONTROL_EXEC)
clean:
- rm -f $(OBJS) $(EXEC) pfc.o pfc $(CONTROL_EXEC)
+ rm -f $(OBJS) $(EXEC) $(CONTROL_EXEC)
$(EXEC): $(OBJS) $(HDRS)
$(CC) $(LDFLAGS) -o $@ $(OBJS) $(LDLIBS)
@@ -118,14 +118,10 @@ $(EXEC): $(OBJS) $(HDRS)
$(CONTROL_EXEC): $(CONTROL_SRCS)
$(CC) $(CFLAGS) $(LDFLAGS) $(CONTROL_SRCS) -o $@
-pfc:
- $(CC) $(CFLAGS) -c contrib/pfc.c
- $(CC) $(LDFLAGS) -o pfc pfc.o -lpcap $(LDLIBS)
-
romfs:
$(ROMFSINST) /bin/$(EXEC)
-install: ${EXEC} pfc ${CONTROL_EXEC}
+install: ${EXEC} ${CONTROL_EXEC}
install -d -m 0755 ${SBINDIR}
install -m 0755 $(EXEC) ${SBINDIR}/$(EXEC)
install -d -m 0755 ${MANDIR}/man5
@@ -133,11 +129,6 @@ install: ${EXEC} pfc ${CONTROL_EXEC}
install -m 0644 doc/xl2tpd.8 ${MANDIR}/man8/
install -m 0644 doc/xl2tpd.conf.5 doc/l2tp-secrets.5 \
${MANDIR}/man5/
- # pfc
- install -d -m 0755 ${BINDIR}
- install -m 0755 pfc ${BINDIR}/pfc
- install -d -m 0755 ${MANDIR}/man1
- install -m 0644 contrib/pfc.1 ${MANDIR}/man1/
# control exec
install -d -m 0755 ${SBINDIR}
install -m 0755 $(CONTROL_EXEC) ${SBINDIR}/$(CONTROL_EXEC)

39
utils/mktorrent/Makefile Normal file
View file

@ -0,0 +1,39 @@
#
# Copyright (C) 2006-2014 OpenWrt.org
#
# This is free software, licensed under the GNU General Public License v2.
# See /LICENSE for more information.
#
include $(TOPDIR)/rules.mk
PKG_NAME:=mktorrent
PKG_VERSION:=1.0
PKG_RELEASE:=1
PKG_MAINTAINER:=Daniel Golle <daniel@makrotopia.org>
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=http://downloads.sourceforge.net/$(PKG_NAME)/
PKG_MD5SUM:=0da00209da96a0dc39efbb6eb5b4d8ff
include $(INCLUDE_DIR)/package.mk
define Package/mktorrent
SUBMENU:=BitTorrent
SECTION:=net
CATEGORY:=Network
TITLE:=mktorrent
URL:=http://mktorrent.sourceforge.net/
endef
define Package/mktorrent/Description
mktorrent is a simple command line utility to create BitTorrent metainfo files.
endef
define Package/mktorrent/install
$(INSTALL_DIR) $(1)/usr/bin
$(INSTALL_BIN) $(PKG_BUILD_DIR)/mktorrent $(1)/usr/bin
endef
$(eval $(call BuildPackage,mktorrent))