freeradius3: A couple of small fixes
- Moves /etc/freeradius3/sites-{enabled,available}/inner-tunnel to be part of
the freeradius3-mod-eap package. This prevents conflicts between
freeradius3-mod-eap-peap and freeradius3-mod-eap-ttls which both included the
file before. This fixes LEDE bug FS#678.
- Change the demo cert validity to be 1 year instead of 60 days. Should keep the
cert valid for the duration of the LEDE release cycle (with some slack). This
fixes #4239.
Signed-off-by: Toke Høiland-Jørgensen <toke@toke.dk>
This commit is contained in:
Toke Høiland-Jørgensen
parent
c40bfa0bb3
commit
424f4e2c63
2 changed files with 35 additions and 10 deletions
|
|
@ -137,6 +137,8 @@ define Package/freeradius3-mod-eap/conffiles
|
|||
/etc/freeradius3/mods-available/eap
|
||||
/etc/freeradius3/mods-enabled/eap
|
||||
/etc/freeradius3/policy.d/eap
|
||||
/etc/freeradius3/sites-enabled/inner-tunnel
|
||||
/etc/freeradius3/sites-available/inner-tunnel
|
||||
endef
|
||||
|
||||
define Package/freeradius3-mod-eap-gtc
|
||||
|
|
@ -169,11 +171,6 @@ define Package/freeradius3-mod-eap-peap
|
|||
TITLE:=EAP/PEAP module
|
||||
endef
|
||||
|
||||
define Package/freeradius3-mod-eap-peap/conffiles
|
||||
/etc/freeradius3/sites-available/inner-tunnel
|
||||
/etc/freeradius3/sites-enabled/inner-tunnel
|
||||
endef
|
||||
|
||||
define Package/freeradius3-mod-eap-tls
|
||||
$(call Package/freeradius3/Default)
|
||||
DEPENDS:=freeradius3-mod-eap @FREERADIUS3_OPENSSL
|
||||
|
|
@ -186,11 +183,6 @@ define Package/freeradius3-mod-eap-ttls
|
|||
TITLE:=EAP/TTLS module
|
||||
endef
|
||||
|
||||
define Package/freeradius3-mod-eap-ttls/conffiles
|
||||
/etc/freeradius3/sites-available/inner-tunnel
|
||||
/etc/freeradius3/sites-enabled/inner-tunnel
|
||||
endef
|
||||
|
||||
define Package/freeradius3-mod-exec
|
||||
$(call Package/freeradius3/Default)
|
||||
DEPENDS:=freeradius3
|
||||
|
|
|
|||
33
net/freeradius3/patches/001-fix-cert-expiry.patch
Normal file
33
net/freeradius3/patches/001-fix-cert-expiry.patch
Normal file
|
|
@ -0,0 +1,33 @@
|
|||
--- a/raddb/certs/ca.cnf
|
||||
+++ b/raddb/certs/ca.cnf
|
||||
@@ -14,7 +14,7 @@ private_key = $dir/ca.key
|
||||
RANDFILE = $dir/.rand
|
||||
name_opt = ca_default
|
||||
cert_opt = ca_default
|
||||
-default_days = 60
|
||||
+default_days = 365
|
||||
default_crl_days = 30
|
||||
default_md = sha256
|
||||
preserve = no
|
||||
--- a/raddb/certs/client.cnf
|
||||
+++ b/raddb/certs/client.cnf
|
||||
@@ -14,7 +14,7 @@ private_key = $dir/ca.key
|
||||
RANDFILE = $dir/.rand
|
||||
name_opt = ca_default
|
||||
cert_opt = ca_default
|
||||
-default_days = 60
|
||||
+default_days = 365
|
||||
default_crl_days = 30
|
||||
default_md = sha256
|
||||
preserve = no
|
||||
--- a/raddb/certs/server.cnf
|
||||
+++ b/raddb/certs/server.cnf
|
||||
@@ -14,7 +14,7 @@ private_key = $dir/ca.key
|
||||
RANDFILE = $dir/.rand
|
||||
name_opt = ca_default
|
||||
cert_opt = ca_default
|
||||
-default_days = 60
|
||||
+default_days = 365
|
||||
default_crl_days = 30
|
||||
default_md = sha256
|
||||
preserve = no
|
||||
Loading…
Reference in a new issue