Sync from SUSE:SLFO:Main freeradius-client revision 3f222fca5405eb19ba299d385e6797d4

This commit is contained in:
Adrian Schröter 2024-05-03 12:38:02 +02:00
commit 6f7a635838
7 changed files with 491 additions and 0 deletions

23
.gitattributes vendored Normal file
View File

@ -0,0 +1,23 @@
## Default LFS
*.7z filter=lfs diff=lfs merge=lfs -text
*.bsp filter=lfs diff=lfs merge=lfs -text
*.bz2 filter=lfs diff=lfs merge=lfs -text
*.gem filter=lfs diff=lfs merge=lfs -text
*.gz filter=lfs diff=lfs merge=lfs -text
*.jar filter=lfs diff=lfs merge=lfs -text
*.lz filter=lfs diff=lfs merge=lfs -text
*.lzma filter=lfs diff=lfs merge=lfs -text
*.obscpio filter=lfs diff=lfs merge=lfs -text
*.oxt filter=lfs diff=lfs merge=lfs -text
*.pdf filter=lfs diff=lfs merge=lfs -text
*.png filter=lfs diff=lfs merge=lfs -text
*.rpm filter=lfs diff=lfs merge=lfs -text
*.tbz filter=lfs diff=lfs merge=lfs -text
*.tbz2 filter=lfs diff=lfs merge=lfs -text
*.tgz filter=lfs diff=lfs merge=lfs -text
*.ttf filter=lfs diff=lfs merge=lfs -text
*.txz filter=lfs diff=lfs merge=lfs -text
*.whl filter=lfs diff=lfs merge=lfs -text
*.xz filter=lfs diff=lfs merge=lfs -text
*.zip filter=lfs diff=lfs merge=lfs -text
*.zst filter=lfs diff=lfs merge=lfs -text

17
README.SUSE Normal file
View File

@ -0,0 +1,17 @@
In combination with package freeradius-server you can test this
freeradius-client package in a simple configuration.
cp /usr/share/doc/packages/freeradius-client/login.radius/login.example /usr/sbin/login.radius
chmod +x /usr/sbin/login.radius
You then have to change /etc/raddb/{clients,users} and
/etc/radiusclient/servers - just remove the '#' from the
corresponding lines.
Start radiusd (insserv radiusd and then execute rcradiusd start).
Afterwards you may install radlogin on e.g. /dev/tty8 and login
using a local user name. You are transferred to localhost via telnet -
not very interesting, but accounting is already enabled in /var/radacct.
have fun, tmg

BIN
freeradius-client-1.1.7.tar.gz (Stored with Git LFS) Normal file

Binary file not shown.

View File

@ -0,0 +1,12 @@
diff --git a/lib/rc-md5.h b/lib/rc-md5.h
index a30f16d..dcde619 100644
--- a/lib/rc-md5.h
+++ b/lib/rc-md5.h
@@ -10,6 +10,7 @@
#define _RC_MD5_H
#include "config.h"
+#include <stdlib.h>
#ifdef HAVE_NETTLE

80
freeradius-client.changes Normal file
View File

@ -0,0 +1,80 @@
-------------------------------------------------------------------
Mon Nov 6 16:05:23 UTC 2023 - Dominique Leuenberger <dimstar@opensuse.org>
- Fix build with RPM 4.19: unnumbered patches are no longer
supported.
-------------------------------------------------------------------
Thu Apr 23 15:13:18 UTC 2015 - vcizek@suse.com
- update to 1.1.7:
* Allow "configure --with-nettle" to use nettle MD5 implementation. Patch from Nikos Mavrogiannopoulos.
* Clean up generation of random numbers. Patch from Nikos Mavrogiannopoulos.
* Update BSD license as permitted by Christos Zoulas.
* Define PW_MAX_MSG_SIZE for maximum message sice. Patch from Nikos Mavrogiannopoulos.
* Allow the dictionary file parser to understand BEGIN-VENDOR / END-VENDOR as with FreeRADIUS server. Patch from Nikos Mavrogiannopoulos.
* Added support for IPv6. Patch from Nikos Mavrogiannopoulos.
* Don't crash if a config option is unset. Patch from Nikos Mavrogiannopoulos.
* Fix encoding of "date" attributes. Patch from Christian Schoch.
* Build fixes from Sven Neuhaus, Ghennadi Procopciuc, Daniel Pocock, and gureedo.
* Fix memory leaks. Patches from Alex Massover, William King, gureedo, and FreeSWITCH.
* Fixes to retry algorithm. Patch from Lewis Adam.
* Zero out secret fields. Patch from Scott Neugroschl.
* Update the dictionaries. Patches from Bogdan-Andrei Iancu and gureedo.
* Make the library thread-safe. Based on a patch from Alex Massover.
* Made rc_avpair_log thread-safe by using a buffer supplied by the caller. Patch from Alex Massover.
* Removed lock file for sequence number. It isn't needed.
* Use poll() where possible to avoid issues with FD_SETSIZE. Patch from Alfred E. Heggestad.
* Set Acct-Delay-Time in Accounting-Request packets. Patch from Alfred E. Heggestad.
- add freeradius-client-missing_size_t_definition.patch to fix
build on 13.2
-------------------------------------------------------------------
Tue Dec 6 11:47:34 UTC 2011 - coolo@suse.com
- BAD2c is not a license
-------------------------------------------------------------------
Sat Oct 1 05:39:07 UTC 2011 - coolo@suse.com
- add libtool as buildrequire to make the spec file more reliable
-------------------------------------------------------------------
Tue Feb 17 10:33:00 CET 2009 - prusnak@suse.cz
- fix garbled login.example file [bnc#469682]
-------------------------------------------------------------------
Wed Mar 19 17:03:39 CET 2008 - prusnak@suse.cz
- updated to 1.1.6
o Added dead_time functionality / configuration
o Merge in fixes and enhancements from 'radiusclient-ng'
o Improved functionality for embedded operation
- In use in FreeSWITCH and OpenSER projects
o Wrap gethostby*() family of calls with threadsafe variants
o Change UINT4 to uint32_t, int to size_t, etc.
o Fixed wrong usage of strncat function in several places
- dropped obsoleted patches:
* return.patch (included in update)
* strncat.patch (included in update)
-------------------------------------------------------------------
Wed Mar 5 20:42:30 CET 2008 - crrodriguez@suse.de
- fix build in BETA
- disable static libraries
-------------------------------------------------------------------
Wed Nov 7 15:36:06 CET 2007 - prusnak@suse.cz
- change %{version}-%{release} to %{version} in Requires tag
-------------------------------------------------------------------
Thu Mar 8 11:05:42 CET 2007 - prusnak@suse.cz
- created package from BuildService
* project: network:aaa
* package: freeradius-client
* version: 1.1.5

112
freeradius-client.spec Normal file
View File

@ -0,0 +1,112 @@
#
# spec file for package freeradius-client
#
# Copyright (c) 2023 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
Name: freeradius-client
Version: 1.1.7
Release: 0
Summary: FreeRADIUS Client Software
License: BSD-2-Clause
Group: Productivity/Networking/Radius/Clients
URL: http://www.freeradius.org/freeradius-client/
Source: ftp://ftp.freeradius.org/pub/freeradius/%{name}-%{version}.tar.gz
Source1: README.SUSE
Source2: login.example
Patch0: freeradius-client-missing_size_t_definition.patch
BuildRequires: libnettle-devel
BuildRequires: libtool
BuildRequires: pkg-config
Obsoletes: radiusclient
Obsoletes: radiusclient-ng
BuildRoot: %{_tmppath}/%{name}-%{version}-build
%description
A portable, easy-to-use and standard compliant library suitable for
developing free and commercial software that need support for a RADIUS
protocol (RFCs 2128 and 2139).
%package libs
Summary: Shared library of FreeRADIUS Client
Group: Productivity/Networking/Radius/Clients
%description libs
The package contains the shared library of FreeRADIUS Client
%package devel
Summary: Header files, libraries and development documentation for freeradius-client
Group: Productivity/Networking/Radius/Clients
Requires: %{name}-libs = %{version}
Requires: glibc-devel
%description devel
This package contains the header files, static libraries and
development documentation for freeradius-client. You need to install
freeradius-client-devel if you want to develop applications using
freeradius-client.
%prep
%setup -q
%patch0 -p1
find -type d -name CVS -print | xargs rm -rf
cp %{SOURCE1} .
cp %{SOURCE2} login.radius
%build
autoreconf -fiv
%configure \
--localstatedir=%{_localstatedir}/lib \
--enable-shadow \
--with-nettle \
--with-secure-path \
--disable-static \
--with-pic
make %{?_smp_mflags}
%install
make "DESTDIR=$RPM_BUILD_ROOT" install
rm -f %{buildroot}/%{_sbindir}/login.radius
rm -f login.radius/Makefile*
rm -f login.radius/migs/Makefile*
find %{buildroot} -type f -name "*.la" -delete -print
%post libs -p /sbin/ldconfig
%postun libs -p /sbin/ldconfig
%files
%defattr(-, root, root)
%doc BUGS COPYRIGHT README.radexample doc/ChangeLog doc/instop.html doc/login.example
%doc login.radius README.SUSE
%dir %{_sysconfdir}/radiusclient
%{_sysconfdir}/radiusclient/dictionary
%{_sysconfdir}/radiusclient/dictionary.*
%config(noreplace) %{_sysconfdir}/radiusclient/radiusclient.conf
%config(noreplace) %{_sysconfdir}/radiusclient/issue
%config(noreplace) %{_sysconfdir}/radiusclient/port-id-map
%config(noreplace) %{_sysconfdir}/radiusclient/servers
%{_sbindir}/*
%files libs
%defattr(-, root, root)
%{_libdir}/*.so.*
%files devel
%defattr(-, root, root)
%{_libdir}/*.so
%{_includedir}/*.h
%changelog

244
login.example Normal file
View File

@ -0,0 +1,244 @@
#!/usr/bin/perl
#
# Sample login-Script for use with radlogin
#
# Copyright (c) 1998 S.u.S.E. GmbH Fuerth, Germany.
#
# please send bugfixes or comments to feedback@suse.de.
#
# derived partly from login.radius/migs/login.radius
# currently does not do anything useful - for testing purposes only
# It only sets up Accounting for a simple Rlogin-User
#
# You can install this is /usr/sbin/login.radius for testing with
# radlogin
use strict;
# Programs and files.
my $prog_radacct = "/usr/bin/radacct";
my $prog_rlogin = "/usr/bin/rlogin";
my $prog_telnet = "/usr/bin/telnet";
my $prog_tcpclear = "/usr/bin/telnet -e ''";
my $prog_tty = "/usr/bin/tty";
my $prog_who = "/usr/bin/who";
my $debug = 1;
my $path_radiusclient_map = "/etc/radclient/port-id-map";
my $login_host = "0.0.0.0";
#############################################################################
# Main program.
print "Starting.\n" if ($debug);
# Run 'who am i' to determine the current port.
my $port = `$prog_tty`;
chomp ($port);
# Translate port numbers to numbers for RADIUS.
# This translation is done again by radacct, but it may be useful here.
# Remove if CPU time is a problem.
my ($portid, $line);
open (H, $path_radiusclient_map);
while (($line = <H>) && (!$portid))
{
my @info = split (/\s+/, $line);
$portid = $info[1] if ($info[0] eq $port);
}
close (H);
if ($debug)
{
# Print out all the RADIUS variables.
my @el = grep (/^RADIUS/, keys (%ENV));
my $e;
foreach $e (@el)
{
print "$e = " . $ENV{$e} . "\n";
}
}
# If the service type is Framed, then give them PPP.
# SLIP is not implemented (and will probably never be).
my $username = $ENV{"RADIUS_USER_NAME"};
# Generate a "unique" string for the session ID.
my $sessionid = "$$" . time ();
if ($ENV{"RADIUS_SERVICE_TYPE"} =~ /Login/)
{
# Warning: This code has not been tested as well as the PPP version,
# as of now (19961107).
# Determine what host to connect to.
if (($ENV{"RADIUS_LOGIN_IP_HOST"} eq "0.0.0.0") ||
!defined ($ENV{"RADIUS_LOGIN_IP_HOST"}))
{
die ("login_host not defined");
}
elsif ($ENV{"RADIUS_LOGIN_IP_HOST"} eq "255.255.255.255")
{
# The user should be able to choose. Prompt the user.
print "Host to connect to? ";
$login_host = <STDIN>;
chomp ($login_host);
}
else
{
# Use what's specified by the RADIUS server.
$login_host = $ENV{"RADIUS_LOGIN_IP_HOST"};
}
# Log into a host. Default to telnet. Do the accounting
# now, since the target of the login wouldn't know how to
# account for it.
# Time.
my $timestart = time ();
my $login_service = $ENV{"RADIUS_LOGIN_SERVICE"};
# What protocol are we running?
my ($prog_run, $login_port);
if ($login_service eq "Rlogin")
{
$prog_run = $prog_rlogin;
}
elsif ($login_service eq "Telnet")
{
$prog_run = $prog_telnet;
$login_port = $ENV{"RADIUS_LOGIN_PORT"};
}
elsif ($login_service eq "TCP-Clear")
{
$prog_run = $prog_tcpclear;
$login_port = $ENV{"RADIUS_LOGIN_PORT"};
} else {
die "unkown login_service $login_service\n";
}
# Start accounting. Send the record.
open (H, "| $prog_radacct") || die ("Cannot run $prog_radacct");
my $cmd =
"Acct-Session-ID = \"$sessionid\"\n" .
"User-Name = \"$username\"\n" .
"Acct-Status-Type = Start\n" .
"Acct-Authentic = RADIUS\n" .
"Service-Type = Login-User\n" .
"Login-Service = " . $login_service . "\n" .
"Login-IP-Host = $login_host\n";
print H $cmd;
close (H);
# Store the user information into portinfo. We need to
# manually fork, since we have to know the PID of the program.
my $pid = fork ();
if ($pid == 0)
{
# Child. Run the program.
# print "Connecting to $login_host:\n";
my $cmd = "$prog_run $login_host $login_port";
print "Running $cmd\n" if ($debug);
exec ("$cmd");
}
else
{
# Parent.
$login_host = $ENV{"RADIUS_LOGIN_IP_HOST"};
}
# Log into a host. Default to telnet. Do the accounting
# now, since the target of the login wouldn't know how to
# account for it.
# Time.
my $timestart = time ();
my $login_service = $ENV{"RADIUS_LOGIN_SERVICE"};
# What protocol are we running?
my ($prog_run, $login_port);
if ($login_service eq "Rlogin")
{
$prog_run = $prog_rlogin;
}
elsif ($login_service eq "Telnet")
{
$prog_run = $prog_telnet;
$login_port = $ENV{"RADIUS_LOGIN_PORT"};
}
elsif ($login_service eq "TCP-Clear")
{
$prog_run = $prog_tcpclear;
$login_port = $ENV{"RADIUS_LOGIN_PORT"};
} else {
die "unkown login_service $login_service\n";
}
# Start accounting. Send the record.
open (H, "| $prog_radacct") || die ("Cannot run $prog_radacct");
my $cmd =
"Acct-Session-ID = \"$sessionid\"\n" .
"User-Name = \"$username\"\n" .
"Acct-Status-Type = Start\n" .
"Acct-Authentic = RADIUS\n" .
"Service-Type = Login-User\n" .
"Login-Service = " . $login_service . "\n" .
"Login-IP-Host = $login_host\n";
print H $cmd;
close (H);
# Store the user information into portinfo. We need to
# manually fork, since we have to know the PID of the program.
my $pid = fork ();
if ($pid == 0)
{
# Child. Run the program.
# print "Connecting to $login_host:\n";
my $cmd = "$prog_run $login_host $login_port";
print "Running $cmd\n" if ($debug);
exec ("$cmd");
}
else
{
# Parent.
# Create the portinfo record, which needs the pid of the program
# to kill.
# The IP address is all zero, as it is not applicable here.
# Store the time now, and the Session-Timeout.
# Wait for the session to finish.
waitpid ($pid, 0);
}
# Stop. Send the record.
open (H, "| $prog_radacct") || die ("Cannot run $prog_radacct");
my $timespent = time () - $timestart;
my $cmd =
"Acct-Session-ID = \"$sessionid\"\n" .
"User-Name = \"$username\"\n" .
"Acct-Status-Type = Stop\n" .
"Acct-Authentic = RADIUS\n" .
"Service-Type = Login-User\n" .
"Login-Service = " . $login_service . "\n" .
"Login-IP-Host = $login_host\n" .
"Acct-Session-Time = $timespent\n";
print H $cmd;
close (H);
} else {
my $r = $ENV{"RADIUS_SERVICE_TYP"};
print "Unhandled Service-Type $r\n";
}
### END ####