Sync from SUSE:SLFO:Main freeradius-client revision 3f222fca5405eb19ba299d385e6797d4

2024-05-03 12:38:02 +02:00 · 2024-05-03 12:38:02 +02:00 · 6f7a635838
commit 6f7a635838
7 changed files with 491 additions and 0 deletions
--- a/.gitattributes
+++ b/.gitattributes
@ -0,0 +1,23 @@
+## Default LFS
+*.7z filter=lfs diff=lfs merge=lfs -text
+*.bsp filter=lfs diff=lfs merge=lfs -text
+*.bz2 filter=lfs diff=lfs merge=lfs -text
+*.gem filter=lfs diff=lfs merge=lfs -text
+*.gz filter=lfs diff=lfs merge=lfs -text
+*.jar filter=lfs diff=lfs merge=lfs -text
+*.lz filter=lfs diff=lfs merge=lfs -text
+*.lzma filter=lfs diff=lfs merge=lfs -text
+*.obscpio filter=lfs diff=lfs merge=lfs -text
+*.oxt filter=lfs diff=lfs merge=lfs -text
+*.pdf filter=lfs diff=lfs merge=lfs -text
+*.png filter=lfs diff=lfs merge=lfs -text
+*.rpm filter=lfs diff=lfs merge=lfs -text
+*.tbz filter=lfs diff=lfs merge=lfs -text
+*.tbz2 filter=lfs diff=lfs merge=lfs -text
+*.tgz filter=lfs diff=lfs merge=lfs -text
+*.ttf filter=lfs diff=lfs merge=lfs -text
+*.txz filter=lfs diff=lfs merge=lfs -text
+*.whl filter=lfs diff=lfs merge=lfs -text
+*.xz filter=lfs diff=lfs merge=lfs -text
+*.zip filter=lfs diff=lfs merge=lfs -text
+*.zst filter=lfs diff=lfs merge=lfs -text
--- a/README.SUSE
+++ b/README.SUSE
@ -0,0 +1,17 @@
+In combination with package freeradius-server you can test this 
+freeradius-client package in a simple configuration.
+
+cp /usr/share/doc/packages/freeradius-client/login.radius/login.example /usr/sbin/login.radius
+chmod +x /usr/sbin/login.radius
+
+You then have to change /etc/raddb/{clients,users} and 
+/etc/radiusclient/servers - just remove the '#' from the
+corresponding lines.
+
+Start radiusd (insserv radiusd and then execute rcradiusd start).
+
+Afterwards you may install radlogin on e.g. /dev/tty8 and login
+using a local user name. You are transferred to localhost via telnet -
+not very interesting, but accounting is already enabled in /var/radacct.
+
+have fun, tmg
--- a/freeradius-client-1.1.7.tar.gz
+++ b/freeradius-client-1.1.7.tar.gz
--- a/freeradius-client-missing_size_t_definition.patch
+++ b/freeradius-client-missing_size_t_definition.patch
@ -0,0 +1,12 @@
+diff --git a/lib/rc-md5.h b/lib/rc-md5.h
+index a30f16d..dcde619 100644
+--- a/lib/rc-md5.h
+++ b/lib/rc-md5.h
+@@ -10,6 +10,7 @@
+ #define _RC_MD5_H
+ 
+ #include "config.h"
+#include <stdlib.h>
+ 
+ #ifdef HAVE_NETTLE
+ 
--- a/freeradius-client.changes
+++ b/freeradius-client.changes
@ -0,0 +1,80 @@
+-------------------------------------------------------------------
+Mon Nov  6 16:05:23 UTC 2023 - Dominique Leuenberger <dimstar@opensuse.org>
+
+- Fix build with RPM 4.19: unnumbered patches are no longer
+  supported.
+
+-------------------------------------------------------------------
+Thu Apr 23 15:13:18 UTC 2015 - vcizek@suse.com
+
+- update to 1.1.7:
+  * Allow "configure --with-nettle" to use nettle MD5 implementation. Patch from Nikos Mavrogiannopoulos.
+  * Clean up generation of random numbers. Patch from Nikos Mavrogiannopoulos.
+  * Update BSD license as permitted by Christos Zoulas.
+  * Define PW_MAX_MSG_SIZE for maximum message sice. Patch from Nikos Mavrogiannopoulos.
+  * Allow the dictionary file parser to understand BEGIN-VENDOR / END-VENDOR as with FreeRADIUS server. Patch from Nikos Mavrogiannopoulos.
+  * Added support for IPv6. Patch from Nikos Mavrogiannopoulos.
+  * Don't crash if a config option is unset. Patch from Nikos Mavrogiannopoulos.
+  * Fix encoding of "date" attributes. Patch from Christian Schoch.
+  * Build fixes from Sven Neuhaus, Ghennadi Procopciuc, Daniel Pocock, and gureedo.
+  * Fix memory leaks. Patches from Alex Massover, William King, gureedo, and FreeSWITCH.
+  * Fixes to retry algorithm. Patch from Lewis Adam.
+  * Zero out secret fields. Patch from Scott Neugroschl.
+  * Update the dictionaries. Patches from Bogdan-Andrei Iancu and gureedo.
+  * Make the library thread-safe. Based on a patch from Alex Massover.
+  * Made rc_avpair_log thread-safe by using a buffer supplied by the caller. Patch from Alex Massover.
+  * Removed lock file for sequence number. It isn't needed.
+  * Use poll() where possible to avoid issues with FD_SETSIZE. Patch from Alfred E. Heggestad.
+  * Set Acct-Delay-Time in Accounting-Request packets. Patch from Alfred E. Heggestad.
+- add freeradius-client-missing_size_t_definition.patch to fix
+  build on 13.2
+
+-------------------------------------------------------------------
+Tue Dec  6 11:47:34 UTC 2011 - coolo@suse.com
+
+- BAD2c is not a license
+
+-------------------------------------------------------------------
+Sat Oct  1 05:39:07 UTC 2011 - coolo@suse.com
+
+- add libtool as buildrequire to make the spec file more reliable
+
+-------------------------------------------------------------------
+Tue Feb 17 10:33:00 CET 2009 - prusnak@suse.cz
+
+- fix garbled login.example file [bnc#469682]
+
+-------------------------------------------------------------------
+Wed Mar 19 17:03:39 CET 2008 - prusnak@suse.cz
+
+- updated to 1.1.6
+  o Added dead_time functionality / configuration
+  o Merge in fixes and enhancements from 'radiusclient-ng'
+  o Improved functionality for embedded operation
+    - In use in FreeSWITCH and OpenSER projects
+  o Wrap gethostby*() family of calls with threadsafe variants
+  o Change UINT4 to uint32_t, int to size_t, etc.
+  o Fixed wrong usage of strncat function in several places
+- dropped obsoleted patches:
+  * return.patch (included in update)
+  * strncat.patch (included in update)
+
+-------------------------------------------------------------------
+Wed Mar  5 20:42:30 CET 2008 - crrodriguez@suse.de
+
+- fix build in BETA
+- disable static libraries 
+
+-------------------------------------------------------------------
+Wed Nov  7 15:36:06 CET 2007 - prusnak@suse.cz
+
+- change %{version}-%{release} to %{version} in Requires tag
+
+-------------------------------------------------------------------
+Thu Mar  8 11:05:42 CET 2007 - prusnak@suse.cz
+
+- created package from BuildService
+  * project: network:aaa
+  * package: freeradius-client
+  * version: 1.1.5
+
--- a/freeradius-client.spec
+++ b/freeradius-client.spec
@ -0,0 +1,112 @@
+#
+# spec file for package freeradius-client
+#
+# Copyright (c) 2023 SUSE LLC
+#
+# All modifications and additions to the file contributed by third parties
+# remain the property of their copyright owners, unless otherwise agreed
+# upon. The license for this file, and modifications and additions to the
+# file, is the same license as for the pristine package itself (unless the
+# license for the pristine package is not an Open Source License, in which
+# case the license is the MIT License). An "Open Source License" is a
+# license that conforms to the Open Source Definition (Version 1.9)
+# published by the Open Source Initiative.
+
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
+#
+
+
+Name:           freeradius-client
+Version:        1.1.7
+Release:        0
+Summary:        FreeRADIUS Client Software
+License:        BSD-2-Clause
+Group:          Productivity/Networking/Radius/Clients
+URL:            http://www.freeradius.org/freeradius-client/
+Source:         ftp://ftp.freeradius.org/pub/freeradius/%{name}-%{version}.tar.gz
+Source1:        README.SUSE
+Source2:        login.example
+Patch0:         freeradius-client-missing_size_t_definition.patch
+BuildRequires:  libnettle-devel
+BuildRequires:  libtool
+BuildRequires:  pkg-config
+Obsoletes:      radiusclient
+Obsoletes:      radiusclient-ng
+BuildRoot:      %{_tmppath}/%{name}-%{version}-build
+
+%description
+A portable, easy-to-use and standard compliant library suitable for
+developing free and commercial software that need support for a RADIUS
+protocol (RFCs 2128 and 2139).
+
+%package libs
+Summary:        Shared library of FreeRADIUS Client
+Group:          Productivity/Networking/Radius/Clients
+
+%description libs
+The package contains the shared library of FreeRADIUS Client
+
+%package devel
+Summary:        Header files, libraries and development documentation for freeradius-client
+Group:          Productivity/Networking/Radius/Clients
+Requires:       %{name}-libs = %{version}
+Requires:       glibc-devel
+
+%description devel
+This package contains the header files, static libraries and
+development documentation for freeradius-client. You need to install
+freeradius-client-devel if you want to develop applications using
+freeradius-client.
+
+%prep
+%setup -q
+%patch0 -p1
+find -type d -name CVS -print | xargs rm -rf
+cp %{SOURCE1} .
+cp %{SOURCE2} login.radius
+
+%build
+autoreconf -fiv
+%configure \
+    --localstatedir=%{_localstatedir}/lib \
+    --enable-shadow \
+    --with-nettle \
+    --with-secure-path \
+	--disable-static \
+	--with-pic
+make %{?_smp_mflags}
+
+%install
+make "DESTDIR=$RPM_BUILD_ROOT" install
+rm -f %{buildroot}/%{_sbindir}/login.radius
+rm -f login.radius/Makefile*
+rm -f login.radius/migs/Makefile*
+find %{buildroot} -type f -name "*.la" -delete -print
+
+%post libs -p /sbin/ldconfig
+
+%postun libs -p /sbin/ldconfig
+
+%files
+%defattr(-, root, root)
+%doc BUGS COPYRIGHT README.radexample doc/ChangeLog doc/instop.html doc/login.example
+%doc login.radius README.SUSE
+%dir %{_sysconfdir}/radiusclient
+%{_sysconfdir}/radiusclient/dictionary
+%{_sysconfdir}/radiusclient/dictionary.*
+%config(noreplace) %{_sysconfdir}/radiusclient/radiusclient.conf
+%config(noreplace) %{_sysconfdir}/radiusclient/issue
+%config(noreplace) %{_sysconfdir}/radiusclient/port-id-map
+%config(noreplace) %{_sysconfdir}/radiusclient/servers
+%{_sbindir}/*
+
+%files libs
+%defattr(-, root, root)
+%{_libdir}/*.so.*
+
+%files devel
+%defattr(-, root, root)
+%{_libdir}/*.so
+%{_includedir}/*.h
+
+%changelog
--- a/login.example
+++ b/login.example
@ -0,0 +1,244 @@
+#!/usr/bin/perl
+#
+# Sample login-Script for use with radlogin
+#
+# Copyright  (c)  1998  S.u.S.E. GmbH  Fuerth, Germany.
+#
+# please send bugfixes or comments to feedback@suse.de.
+#
+# derived partly from login.radius/migs/login.radius
+# currently does not do anything useful - for testing purposes only
+# It only sets up Accounting for a simple Rlogin-User
+#
+# You can install this is /usr/sbin/login.radius for testing with
+# radlogin
+
+use strict;
+
+# Programs and files.
+my $prog_radacct  = "/usr/bin/radacct";
+my $prog_rlogin   = "/usr/bin/rlogin";
+my $prog_telnet   = "/usr/bin/telnet";
+my $prog_tcpclear = "/usr/bin/telnet -e ''";
+my $prog_tty      = "/usr/bin/tty";
+my $prog_who      = "/usr/bin/who";
+
+my $debug = 1;
+
+my $path_radiusclient_map = "/etc/radclient/port-id-map";
+
+my $login_host = "0.0.0.0";
+
+#############################################################################
+
+# Main program.
+
+print "Starting.\n" if ($debug);
+
+# Run 'who am i' to determine the current port.
+my $port = `$prog_tty`;
+chomp ($port);
+
+# Translate port numbers to numbers for RADIUS.
+# This translation is done again by radacct, but it may be useful here.
+# Remove if CPU time is a problem.
+
+my ($portid, $line);
+open (H, $path_radiusclient_map);
+while (($line = <H>) && (!$portid))
+{
+    my @info = split (/\s+/, $line);
+    $portid = $info[1] if ($info[0] eq $port);
+}
+close (H);
+
+if ($debug)
+{
+    # Print out all the RADIUS variables.
+    my @el = grep (/^RADIUS/, keys (%ENV));
+    my $e;
+    foreach $e (@el)
+    {
+       print "$e = " . $ENV{$e} . "\n";
+    }
+}
+
+# If the service type is Framed, then give them PPP.
+# SLIP is not implemented (and will probably never be).
+my $username = $ENV{"RADIUS_USER_NAME"};
+
+# Generate a "unique" string for the session ID.
+my $sessionid = "$$" . time ();
+
+if ($ENV{"RADIUS_SERVICE_TYPE"} =~ /Login/)
+{
+    # Warning:  This code has not been tested as well as the PPP version,
+    # as of now (19961107).
+
+    # Determine what host to connect to.
+    if (($ENV{"RADIUS_LOGIN_IP_HOST"} eq "0.0.0.0") ||
+       !defined ($ENV{"RADIUS_LOGIN_IP_HOST"}))
+    {
+       die ("login_host not defined");
+    }
+    elsif ($ENV{"RADIUS_LOGIN_IP_HOST"} eq "255.255.255.255")
+    {
+       # The user should be able to choose.  Prompt the user.
+       print "Host to connect to?  ";
+       $login_host = <STDIN>;
+       chomp ($login_host);
+    }
+    else
+    {
+       # Use what's specified by the RADIUS server.
+       $login_host = $ENV{"RADIUS_LOGIN_IP_HOST"};
+    }
+
+    # Log into a host.  Default to telnet.  Do the accounting
+    # now, since the target of the login wouldn't know how to
+    # account for it.
+
+    # Time.
+    my $timestart = time ();
+    my $login_service = $ENV{"RADIUS_LOGIN_SERVICE"};
+
+    # What protocol are we running?
+    my ($prog_run, $login_port);
+
+    if ($login_service eq "Rlogin")
+    {
+       $prog_run = $prog_rlogin;
+    }
+    elsif ($login_service eq "Telnet")
+    {
+       $prog_run = $prog_telnet;
+       $login_port = $ENV{"RADIUS_LOGIN_PORT"};
+    }
+    elsif ($login_service eq "TCP-Clear")
+    {
+       $prog_run = $prog_tcpclear;
+       $login_port = $ENV{"RADIUS_LOGIN_PORT"};
+    } else {
+        die "unkown login_service $login_service\n";
+    }
+
+    # Start accounting.  Send the record.
+    open  (H, "| $prog_radacct") || die ("Cannot run $prog_radacct");
+
+    my $cmd =
+       "Acct-Session-ID = \"$sessionid\"\n" .
+       "User-Name = \"$username\"\n" .
+       "Acct-Status-Type = Start\n" .
+        "Acct-Authentic = RADIUS\n" .
+        "Service-Type = Login-User\n" .
+        "Login-Service = " . $login_service . "\n" .
+        "Login-IP-Host = $login_host\n";
+    print H $cmd;
+    close (H);
+
+    # Store the user information into portinfo.  We need to
+    # manually fork, since we have to know the PID of the program.
+
+    my $pid = fork ();
+    if ($pid == 0)
+    {
+       # Child.  Run the program.
+       # print "Connecting to $login_host:\n";
+       my $cmd = "$prog_run $login_host $login_port";
+       print "Running $cmd\n" if ($debug);
+       exec ("$cmd");
+    }
+    else
+    {
+       # Parent.
+       $login_host = $ENV{"RADIUS_LOGIN_IP_HOST"};
+    }
+
+    # Log into a host.  Default to telnet.  Do the accounting
+    # now, since the target of the login wouldn't know how to
+    # account for it.
+
+    # Time.
+    my $timestart = time ();
+    my $login_service = $ENV{"RADIUS_LOGIN_SERVICE"};
+
+    # What protocol are we running?
+    my ($prog_run, $login_port);
+
+    if ($login_service eq "Rlogin")
+    {
+       $prog_run = $prog_rlogin;
+    }
+    elsif ($login_service eq "Telnet")
+    {
+       $prog_run = $prog_telnet;
+       $login_port = $ENV{"RADIUS_LOGIN_PORT"};
+    }
+    elsif ($login_service eq "TCP-Clear")
+    {
+       $prog_run = $prog_tcpclear;
+       $login_port = $ENV{"RADIUS_LOGIN_PORT"};
+    } else {
+        die "unkown login_service $login_service\n";
+    }
+
+    # Start accounting.  Send the record.
+    open  (H, "| $prog_radacct") || die ("Cannot run $prog_radacct");
+
+    my $cmd =
+       "Acct-Session-ID = \"$sessionid\"\n" .
+       "User-Name = \"$username\"\n" .
+       "Acct-Status-Type = Start\n" .
+        "Acct-Authentic = RADIUS\n" .
+        "Service-Type = Login-User\n" .
+        "Login-Service = " . $login_service . "\n" .
+        "Login-IP-Host = $login_host\n";
+    print H $cmd;
+    close (H);
+
+    # Store the user information into portinfo.  We need to
+    # manually fork, since we have to know the PID of the program.
+
+    my $pid = fork ();
+    if ($pid == 0)
+    {
+       # Child.  Run the program.
+       # print "Connecting to $login_host:\n";
+       my $cmd = "$prog_run $login_host $login_port";
+       print "Running $cmd\n" if ($debug);
+       exec ("$cmd");
+    }
+    else
+    {
+       # Parent.
+       # Create the portinfo record, which needs the pid of the program
+       # to kill.
+       # The IP address is all zero, as it is not applicable here.
+       # Store the time now, and the Session-Timeout.
+
+       # Wait for the session to finish.
+       waitpid ($pid, 0);
+    }
+    # Stop.  Send the record.
+    open  (H, "| $prog_radacct") || die ("Cannot run $prog_radacct");
+
+    my $timespent = time () - $timestart;
+
+    my $cmd =
+       "Acct-Session-ID = \"$sessionid\"\n" .
+       "User-Name = \"$username\"\n" .
+       "Acct-Status-Type = Stop\n" .
+        "Acct-Authentic = RADIUS\n" .
+        "Service-Type = Login-User\n" .
+        "Login-Service = " . $login_service . "\n" .
+        "Login-IP-Host = $login_host\n" .
+        "Acct-Session-Time = $timespent\n";
+
+    print H $cmd;
+    close (H);
+} else {
+    my $r = $ENV{"RADIUS_SERVICE_TYP"};
+    print "Unhandled Service-Type $r\n";
+}
+
+### END ####