Difuse/packages
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

freeradius3: Update to 3.0.26

Browse source 
Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
This commit is contained in:
Jianhui Zhao 2023-05-28 22:04:17 +08:00 committed by Rosen Penev
parent fa76c4df5c
commit dda8ba0ca7
3 changed files with 20 additions and 28 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
net/freeradius3/Makefile
View file

@ -8,19 +8,19 @@
include $(TOPDIR)/rules.mk include $(TOPDIR)/rules.mk
PKG_NAME:=freeradius3 PKG_NAME:=freeradius3
PKG_VERSION:=3_0_21 PKG_VERSION:=3.0.26
PKG_RELEASE:=2 PKG_RELEASE:=1
PKG_SOURCE:=release_$(PKG_VERSION).tar.gz PKG_SOURCE:=freeradius-server-$(PKG_VERSION).tar.bz2
PKG_SOURCE_URL:=https://github.com/FreeRADIUS/freeradius-server/archive PKG_SOURCE_URL:=https://github.com/FreeRADIUS/freeradius-server/releases/download/release_$(subst .,_,$(PKG_VERSION))/
PKG_HASH:=b2014372948a92f86cfe2cf43c58ef47921c03af05666eb9d6416bdc6eeaedc2 PKG_HASH:=9a65314c462da4d4c4204df72c45f210de671f89317299b01f78549ac4503f59
PKG_MAINTAINER:= PKG_MAINTAINER:=
PKG_LICENSE:=GPL-2.0 PKG_LICENSE:=GPL-2.0
PKG_LICENSE_FILES:=COPYRIGHT LICENSE PKG_LICENSE_FILES:=COPYRIGHT LICENSE
PKG_CPE_ID:=cpe:/a:freeradius:freeradius PKG_CPE_ID:=cpe:/a:freeradius:freeradius
PKG_BUILD_DIR:=$(BUILD_DIR)/freeradius-server-release_$(PKG_VERSION) PKG_BUILD_DIR:=$(BUILD_DIR)/freeradius-server-$(PKG_VERSION)
PKG_FIXUP:=autoreconf PKG_FIXUP:=autoreconf
PYTHON3_PKG_BUILD:=0 PYTHON3_PKG_BUILD:=0
@ -77,7 +77,6 @@ define Package/freeradius3-default
+freeradius3-mod-digest \ +freeradius3-mod-digest \
+freeradius3-mod-eap \ +freeradius3-mod-eap \
+freeradius3-mod-eap-gtc \ +freeradius3-mod-eap-gtc \
+freeradius3-mod-eap-leap \
+freeradius3-mod-eap-md5 \ +freeradius3-mod-eap-md5 \
+freeradius3-mod-eap-mschapv2 \ +freeradius3-mod-eap-mschapv2 \
+freeradius3-mod-eap-peap \ +freeradius3-mod-eap-peap \
@ -195,12 +194,6 @@ define Package/freeradius3-mod-eap-gtc
TITLE:=EAP/GTC module TITLE:=EAP/GTC module
endef endef
define Package/freeradius3-mod-eap-leap
$(call Package/freeradius3/Default)
DEPENDS:=freeradius3-mod-eap
TITLE:=EAP/LEAP module
endef
define Package/freeradius3-mod-eap-md5 define Package/freeradius3-mod-eap-md5
$(call Package/freeradius3/Default) $(call Package/freeradius3/Default)
DEPENDS:=freeradius3-mod-eap DEPENDS:=freeradius3-mod-eap
@ -774,7 +767,6 @@ $(eval $(call BuildPlugin,freeradius3-mod-detail,rlm_detail,))
$(eval $(call BuildPlugin,freeradius3-mod-digest,rlm_digest,)) $(eval $(call BuildPlugin,freeradius3-mod-digest,rlm_digest,))
$(eval $(call BuildPlugin,freeradius3-mod-eap,rlm_eap,)) $(eval $(call BuildPlugin,freeradius3-mod-eap,rlm_eap,))
$(eval $(call BuildPlugin,freeradius3-mod-eap-gtc,rlm_eap_gtc,)) $(eval $(call BuildPlugin,freeradius3-mod-eap-gtc,rlm_eap_gtc,))
$(eval $(call BuildPlugin,freeradius3-mod-eap-leap,rlm_eap_leap,))
$(eval $(call BuildPlugin,freeradius3-mod-eap-md5,rlm_eap_md5,)) $(eval $(call BuildPlugin,freeradius3-mod-eap-md5,rlm_eap_md5,))
$(eval $(call BuildPlugin,freeradius3-mod-eap-mschapv2,rlm_eap_mschapv2,)) $(eval $(call BuildPlugin,freeradius3-mod-eap-mschapv2,rlm_eap_mschapv2,))
$(eval $(call BuildPlugin,freeradius3-mod-eap-peap,rlm_eap_peap,)) $(eval $(call BuildPlugin,freeradius3-mod-eap-peap,rlm_eap_peap,))

10
net/freeradius3/patches/002-disable-session-cache-CVE-2017-9148.patch
View file

@ -9,16 +9,16 @@ Last-Update: 2020-04-28
--- a/src/main/tls.c --- a/src/main/tls.c
+++ b/src/main/tls.c +++ b/src/main/tls.c
@@ -675,7 +675,7 @@ tls_session_t *tls_new_session(TALLOC_CT @@ -934,7 +934,7 @@ after_chain:
state->mtu = vp->vp_integer;
} }
if (vp) vp->vp_integer = state->mtu;
- if (conf->session_cache_enable) state->allow_session_resumption = true; /* otherwise it's false */ - if (conf->session_cache_enable) state->allow_session_resumption = true; /* otherwise it's false */
+ if (/*conf->session_cache_enable*/0) state->allow_session_resumption = true; /* otherwise it's false */ + if (/*conf->session_cache_enable*/0) state->allow_session_resumption = true; /* otherwise it's false */
return state; return state;
} }
@@ -3332,7 +3332,7 @@ post_ca: @@ -4389,7 +4389,7 @@ post_ca:
/* /*
* Callbacks, etc. for session resumption. * Callbacks, etc. for session resumption.
*/ */
@ -27,7 +27,7 @@ Last-Update: 2020-04-28
/* /*
* Cache sessions on disk if requested. * Cache sessions on disk if requested.
*/ */
@@ -3402,7 +3402,7 @@ post_ca: @@ -4469,7 +4469,7 @@ post_ca:
/* /*
* Setup session caching * Setup session caching
*/ */
@ -36,7 +36,7 @@ Last-Update: 2020-04-28
/* /*
* Create a unique context Id per EAP-TLS configuration. * Create a unique context Id per EAP-TLS configuration.
*/ */
@@ -3571,7 +3571,7 @@ fr_tls_server_conf_t *tls_server_conf_pa @@ -4757,7 +4757,7 @@ fr_tls_server_conf_t *tls_server_conf_pa
goto error; goto error;
} }

18
net/freeradius3/patches/010-openssl-deprecated.patch
View file

@ -18,15 +18,15 @@
} }
--- a/src/main/tls.c --- a/src/main/tls.c
+++ b/src/main/tls.c +++ b/src/main/tls.c
@@ -55,6 +55,7 @@ USES_APPLE_DEPRECATED_API /* OpenSSL API @@ -60,6 +60,7 @@ USES_APPLE_DEPRECATED_API /* OpenSSL API
# include <openssl/evp.h> # include <openssl/evp.h>
# endif # endif
# include <openssl/ssl.h> # include <openssl/ssl.h>
+# include <openssl/dh.h> +# include <openssl/dh.h>
#define LOG_PREFIX "tls" #if OPENSSL_VERSION_NUMBER >= 0x30000000L
# include <openssl/provider.h>
@@ -2133,7 +2134,7 @@ int cbtls_verify(int ok, X509_STORE_CTX @@ -2954,7 +2955,7 @@ int cbtls_verify(int ok, X509_STORE_CTX
int my_ok = ok; int my_ok = ok;
ASN1_INTEGER *sn = NULL; ASN1_INTEGER *sn = NULL;
@ -35,7 +35,7 @@
VALUE_PAIR **certs; VALUE_PAIR **certs;
char **identity; char **identity;
#ifdef HAVE_OPENSSL_OCSP_H #ifdef HAVE_OPENSSL_OCSP_H
@@ -2207,7 +2208,7 @@ int cbtls_verify(int ok, X509_STORE_CTX @@ -3028,7 +3029,7 @@ int cbtls_verify(int ok, X509_STORE_CTX
* Get the Expiration Date * Get the Expiration Date
*/ */
buf[0] = '\0'; buf[0] = '\0';
@ -44,7 +44,7 @@
if (certs && (lookup <= 1) && asn_time && if (certs && (lookup <= 1) && asn_time &&
(asn_time->length < (int) sizeof(buf))) { (asn_time->length < (int) sizeof(buf))) {
memcpy(buf, (char*) asn_time->data, asn_time->length); memcpy(buf, (char*) asn_time->data, asn_time->length);
@@ -2220,7 +2221,7 @@ int cbtls_verify(int ok, X509_STORE_CTX @@ -3041,7 +3042,7 @@ int cbtls_verify(int ok, X509_STORE_CTX
* Get the Valid Since Date * Get the Valid Since Date
*/ */
buf[0] = '\0'; buf[0] = '\0';
@ -53,7 +53,7 @@
if (certs && (lookup <= 1) && asn_time && if (certs && (lookup <= 1) && asn_time &&
(asn_time->length < (int) sizeof(buf))) { (asn_time->length < (int) sizeof(buf))) {
memcpy(buf, (char*) asn_time->data, asn_time->length); memcpy(buf, (char*) asn_time->data, asn_time->length);
@@ -2690,10 +2691,12 @@ static int set_ecdh_curve(SSL_CTX *ctx, @@ -3592,10 +3593,12 @@ static int set_ecdh_curve(SSL_CTX *ctx,
*/ */
int tls_global_init(bool spawn_flag, bool check) int tls_global_init(bool spawn_flag, bool check)
{ {
@ -66,7 +66,7 @@
/* /*
* Initialize the index for the certificates. * Initialize the index for the certificates.
@@ -2769,6 +2772,7 @@ int tls_global_version_check(char const @@ -3693,6 +3696,7 @@ int tls_global_version_check(char const
*/ */
void tls_global_cleanup(void) void tls_global_cleanup(void)
{ {
@ -74,7 +74,7 @@
#if OPENSSL_VERSION_NUMBER < 0x10000000L #if OPENSSL_VERSION_NUMBER < 0x10000000L
ERR_remove_state(0); ERR_remove_state(0);
#elif OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) #elif OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
@@ -2781,6 +2785,7 @@ void tls_global_cleanup(void) @@ -3718,6 +3722,7 @@ void tls_global_cleanup(void)
ERR_free_strings(); ERR_free_strings();
EVP_cleanup(); EVP_cleanup();
CRYPTO_cleanup_all_ex_data(); CRYPTO_cleanup_all_ex_data();