diff --git a/net/freeradius2/Makefile b/net/freeradius2/Makefile index 89619cc83..3f77189d2 100644 --- a/net/freeradius2/Makefile +++ b/net/freeradius2/Makefile @@ -9,7 +9,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=freeradius2 PKG_VERSION:=2.2.5 -PKG_RELEASE:=2.1 +PKG_RELEASE:=2.2 PKG_SOURCE:=freeradius-server-$(PKG_VERSION).tar.bz2 PKG_SOURCE_URL:=\ diff --git a/net/freeradius2/patches/010-disbale-openssl-check.patch b/net/freeradius2/patches/010-disable-openssl-check.patch similarity index 76% rename from net/freeradius2/patches/010-disbale-openssl-check.patch rename to net/freeradius2/patches/010-disable-openssl-check.patch index 4bf225276..d0da5f403 100644 --- a/net/freeradius2/patches/010-disbale-openssl-check.patch +++ b/net/freeradius2/patches/010-disable-openssl-check.patch @@ -36,3 +36,21 @@ if test "x$OPENSSL_LIBS" = x; then LIBS=$old_LIBS LDFLAGS="$old_LDFLAGS" +--- a/src/main/version.c ++++ b/src/main/version.c +@@ -43,6 +43,7 @@ static long ssl_built = OPENSSL_VERSION_ + */ + int ssl_check_version(int allow_vulnerable) + { ++#if 0 + long ssl_linked; + + /* +@@ -74,6 +75,7 @@ int ssl_check_version(int allow_vulnerab + return -1; + } + } ++#endif + + return 0; + } diff --git a/net/freeradius2/patches/011-upstram-relax-ssl-version-checks.patch b/net/freeradius2/patches/011-upstram-relax-ssl-version-checks.patch deleted file mode 100644 index 2b11d2d4e..000000000 --- a/net/freeradius2/patches/011-upstram-relax-ssl-version-checks.patch +++ /dev/null @@ -1,62 +0,0 @@ -From 5ae2a70a135062a025d8fabc104eeae3a2c53a7a Mon Sep 17 00:00:00 2001 -From: Arran Cudbard-Bell -Date: Tue, 17 Jun 2014 10:09:24 +0100 -Subject: [PATCH] Relax libssl checks - ---- - src/main/version.c | 35 ++++++++++++++++++++++++++++------- - 1 file changed, 28 insertions(+), 7 deletions(-) - ---- a/src/main/version.c -+++ b/src/main/version.c -@@ -34,7 +34,12 @@ RCSID("$Id: af82d4126a65d94929c22f44da2b - - static long ssl_built = OPENSSL_VERSION_NUMBER; - --/** Check build and linked versions of OpenSSL match -+/** Check built and linked versions of OpenSSL match -+ * -+ * OpenSSL version number consists of: -+ * MMNNFFPPS: major minor fix patch status -+ * -+ * Where status >= 0 && < 10 means beta, and status 10 means release. - * - * Startup check for whether the linked version of OpenSSL matches the - * version the server was built against. -@@ -54,14 +59,30 @@ int ssl_check_version(int allow_vulnerab - - ssl_linked = SSLeay(); - -- if (ssl_linked != ssl_built) { -- radlog(L_ERR, "libssl version mismatch." -- " Built with: %lx\n Linked: %lx", -- (unsigned long) ssl_built, -- (unsigned long) ssl_linked); -+ /* -+ * Status mismatch always triggers error. -+ */ -+ if ((ssl_linked & 0x00000000f) != (ssl_built & 0x00000000f)) { -+ mismatch: -+ radlog(L_ERR, "libssl version mismatch. built: %lx linked: %lx", -+ (unsigned long) ssl_built, (unsigned long) ssl_linked); - - return -1; -- }; -+ } -+ -+ /* -+ * Use the OpenSSH approach and relax fix checks after version -+ * 1.0.0 and only allow moving backwards within a patch -+ * series. -+ */ -+ if (ssl_built & 0xff) { -+ if ((ssl_built & 0xffff) != (ssl_linked & 0xffff) || -+ (ssl_built & 0x0000ff) > (ssl_linked & 0x0000ff)) goto mismatch; -+ /* -+ * Before 1.0.0 we require the same major minor and fix version -+ * and ignore the patch number. -+ */ -+ } else if ((ssl_built & 0xffffff) != (ssl_linked & 0xffffff)) goto mismatch; - - if (!allow_vulnerable) { - /* Check for bad versions */