diff --git a/freeradius-server-2.1.10.tar.bz2 b/freeradius-server-2.1.10.tar.bz2 deleted file mode 100644 index 2f95a24..0000000 --- a/freeradius-server-2.1.10.tar.bz2 +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:8c56356cec5fd33522d86118a1065e004cce6735f0889146526f9839261fee9e -size 2545578 diff --git a/freeradius-server-2.1.11.tar.bz2 b/freeradius-server-2.1.11.tar.bz2 new file mode 100644 index 0000000..1b00ba9 --- /dev/null +++ b/freeradius-server-2.1.11.tar.bz2 @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:c93ce0c419c5540cb044d5319c3beb995d2a91134bdc2ed5896c72413f95b9e7 +size 2632549 diff --git a/freeradius-server-snprintf-overflow.patch b/freeradius-server-snprintf-overflow.patch new file mode 100644 index 0000000..70896c5 --- /dev/null +++ b/freeradius-server-snprintf-overflow.patch @@ -0,0 +1,17 @@ +Index: freeradius-server-2.1.11/src/modules/rlm_mschap/rlm_mschap.c +=================================================================== +--- freeradius-server-2.1.11.orig/src/modules/rlm_mschap/rlm_mschap.c ++++ freeradius-server-2.1.11/src/modules/rlm_mschap/rlm_mschap.c +@@ -1251,10 +1251,10 @@ static int mschap_authenticate(void * in + inst->allow_retry); + + if (inst->retry_msg) { +- snprintf(buffer + 9, sizeof(buffer), " C="); ++ snprintf(buffer + 9, sizeof(buffer) - 9, " C="); + for (i = 0; i < 16; i++) { + snprintf(buffer + 12 + i*2, +- sizeof(buffer), "%02x", ++ sizeof(buffer) - 12 - i*2, "%02x", + fr_rand() & 0xff); + } + snprintf(buffer + 12 + 32, sizeof(buffer) - 45, diff --git a/freeradius-server.changes b/freeradius-server.changes index 43d11e9..159efc9 100644 --- a/freeradius-server.changes +++ b/freeradius-server.changes @@ -1,3 +1,12 @@ +------------------------------------------------------------------- +Fri Jun 24 09:18:52 UTC 2011 - puzel@novell.com + +- update to 2.1.11 + - see /usr/share/doc/packages/freeradius-server/ChangeLog + for complete list of changes in this release +- add freeradius-server-snprintf-overflow.patch +- use spec-cleaner + ------------------------------------------------------------------- Tue May 24 19:18:44 UTC 2011 - crrodriguez@opensuse.org diff --git a/freeradius-server.spec b/freeradius-server.spec index 05bee84..078dcc6 100644 --- a/freeradius-server.spec +++ b/freeradius-server.spec @@ -18,16 +18,12 @@ Name: freeradius-server -Version: 2.1.10 +Version: 2.1.11 Release: 5 License: GPLv2 ; LGPLv2.1 -Group: Productivity/Networking/Radius/Servers -Provides: radiusd -Provides: freeradius = %{version} -Obsoletes: freeradius < %{version} -Conflicts: radiusd-livingston radiusd-cistron icradius -Url: http://www.freeradius.org/ Summary: Very Highly Configurable Radius Server +Url: http://www.freeradius.org/ +Group: Productivity/Networking/Radius/Servers Source: %{name}-%{version}.tar.bz2 Patch1: freeradius-server-2.1.6-dialup_admin.patch Patch2: freeradius-server-2.1.6-rcradiusd.patch @@ -37,15 +33,7 @@ Patch6: freeradius-server-sha1-default.patch Patch7: freeradius-server-fix-cert-bootstrap.patch Patch8: freeradius-server-initscript-pidfile.patch Patch9: freeradius-server-radius-reload-logrotate.patch -PreReq: perl openssl pwdutils coreutils -PreReq: %insserv_prereq %fillup_prereq -BuildRoot: %{_tmppath}/%{name}-%{version}-build -%define _oracle_support 0 -%define apxs2 apxs2-prefork -%define apache2_sysconfdir %(%{_sbindir}/%{apxs2} -q SYSCONFDIR) -Requires: %{name}-libs = %{version} -Requires: python -Recommends: logrotate +Patch10: freeradius-server-snprintf-overflow.patch BuildRequires: apache2-devel BuildRequires: cyrus-sasl-devel BuildRequires: db-devel @@ -54,7 +42,6 @@ BuildRequires: gdbm-devel BuildRequires: gettext-devel BuildRequires: glibc-devel BuildRequires: krb5-devel -BuildRequires: libapr1-devel BuildRequires: libcom_err-devel BuildRequires: libmysqlclient-devel BuildRequires: libpcap-devel @@ -69,6 +56,24 @@ BuildRequires: postgresql-devel BuildRequires: python-devel BuildRequires: sqlite3-devel BuildRequires: unixODBC-devel +BuildRequires: pkgconfig(apr-1) +PreReq: %fillup_prereq +PreReq: %insserv_prereq +PreReq: coreutils +PreReq: openssl +PreReq: perl +PreReq: pwdutils +%define _oracle_support 0 +%define apxs2 apxs2-prefork +%define apache2_sysconfdir %(%{_sbindir}/%{apxs2} -q SYSCONFDIR) +Requires: %{name}-libs = %{version} +Requires: python +Recommends: logrotate +Provides: radiusd +Provides: freeradius = %{version} +Obsoletes: freeradius < %{version} +BuildRoot: %{_tmppath}/%{name}-%{version}-build +Conflicts: radiusd-livingston radiusd-cistron icradius %description The FreeRADIUS server has a number of features found in other servers @@ -85,27 +90,17 @@ features are: * Accounting methods - - -Authors: --------- - Miquel van Smoorenburg - Alan DeKok - Mike Machado - Alan Curry - various other people - %if %_oracle_support == 1 %package oracle - -BuildRequires: oracle-instantclient-basic oracle-instantclient-devel -Group: Productivity/Networking/Radius/Servers Summary: FreeRADIUS Oracle database support -Requires: oracle-instantclient-basic -Requires: %{name}-libs = %{version} +Group: Productivity/Networking/Radius/Servers +BuildRequires: oracle-instantclient-basic +BuildRequires: oracle-instantclient-devel Requires: %{name} = %{version} +Requires: %{name}-libs = %{version} +Requires: oracle-instantclient-basic %description oracle The FreeRADIUS server has a number of features found in other servers, @@ -119,26 +114,16 @@ attributes Selecting a particular configuration Authentication methods %package libs License: GPLv2 ; LGPLv2.1 -Group: Productivity/Networking/Radius/Servers Summary: FreeRADIUS shared library +Group: Productivity/Networking/Radius/Servers %description libs The FreeRADIUS shared library - - -Authors: --------- - Miquel van Smoorenburg - Alan DeKok - Mike Machado - Alan Curry - various other people - %package utils License: GPLv2 ; LGPLv2.1 -Group: Productivity/Networking/Radius/Clients Summary: FreeRADIUS Clients +Group: Productivity/Networking/Radius/Clients Requires: %{name}-libs = %{version} %description utils @@ -156,76 +141,42 @@ features are: * Accounting methods - - -Authors: --------- - Miquel van Smoorenburg - Alan DeKok - Mike Machado - Alan Curry - various other people - %package dialupadmin License: GPLv2 ; LGPLv2.1 -Group: Productivity/Networking/Radius/Servers Summary: Web management for FreeRADIUS -Requires: http_daemon mod_php_any php -Requires: php-ldap php-mysql perl-DateManip -Requires: php-pgsql php-session +Group: Productivity/Networking/Radius/Servers +Requires: http_daemon +Requires: mod_php_any +Requires: perl-DateManip +Requires: php +Requires: php-ldap +Requires: php-mysql +Requires: php-pgsql +Requires: php-session %description dialupadmin Dialup Admin supports users either in SQL (MySQL or PostgreSQL are supported) or in LDAP. Apart from the web pages, it also includes a number of scripts to make the administrator's life a lot easier. - - -Authors: --------- - Kostas Kalevras - Basilis Pappas - Panagiotis Christias - Thanasis Duitsis - %package devel License: GPLv2 ; LGPLv2.1 -Group: Development/Libraries/C and C++ Summary: FreeRADIUS Development Files (static libs) +Group: Development/Libraries/C and C++ Requires: %{name}-libs = %{version} %description devel These are the static libraries for the FreeRADIUS package. - - -Authors: --------- - Miquel van Smoorenburg - Alan DeKok - Mike Machado - Alan Curry - various other people - %package doc License: GPLv2 ; LGPLv2.1 -Group: Productivity/Networking/Radius/Servers Summary: FreeRADIUS Documentation +Group: Productivity/Networking/Radius/Servers Requires: %{name} %description doc This package contains FreeRADIUS Documentation - - -Authors: --------- - Miquel van Smoorenburg - Alan DeKok - Mike Machado - Alan Curry - various other people - %prep %setup -q %patch1 @@ -236,6 +187,7 @@ Authors: %patch7 -p1 %patch8 -p1 %patch9 -p1 +%patch10 -p1 %build modified="$(sed -n '/^----/n;s/ - .*$//;p;q' "%{_sourcedir}/%{name}.changes")" @@ -245,7 +197,7 @@ find . -type f -regex ".*\.c\|.*\.cpp\|.*\.h" -exec sed -i "s/__DATE__/${DATE}/g # This package failed when testing with -Wl,-as-needed being default. # So we disable it here, if you want to retest, just delete this comment and the line below. export SUSE_ASNEEDED=0 -export CFLAGS="$RPM_OPT_FLAGS -DLDAP_DEPRECATED -fstack-protector" +export CFLAGS="%{optflags} -DLDAP_DEPRECATED -fstack-protector" %ifarch x86_64 ppc ppc64 s390 s390x export CFLAGS="$CFLAGS -fPIC -DPIC" %endif @@ -269,6 +221,8 @@ export LDFLAGS="-pie" --without-rlm_sql_firebird \ --without-rlm_sql_iodbc \ --without-rlm_ruby \ + --without-rlm_redis \ + --without-rlm_rediswho \ %if %{_oracle_support} == 1 --with-rlm_sql_oracle \ --with-oracle-lib-dir=%{_libdir}/oracle/10.1.0.3/client/lib/ @@ -279,45 +233,45 @@ export LDFLAGS="-pie" make %install -mkdir -p $RPM_BUILD_ROOT%{_localstatedir}/lib/radiusd -make install R=$RPM_BUILD_ROOT INSTALLSTRIP= +mkdir -p %{buildroot}%{_localstatedir}/lib/radiusd +make install R=%{buildroot} INSTALLSTRIP= # modify default configuration -RADDB=$RPM_BUILD_ROOT%{_sysconfdir}/raddb +RADDB=%{buildroot}%{_sysconfdir}/raddb perl -i -pe 's/^#user =.*$/user = radiusd/' $RADDB/radiusd.conf perl -i -pe 's/^#group =.*$/group = radiusd/' $RADDB/radiusd.conf perl -i -pe 's/^#user =.*$/user = radiusd/' $RADDB/radrelay.conf perl -i -pe 's/^#group =.*$/group = radiusd/' $RADDB/radrelay.conf -/sbin/ldconfig -n $RPM_BUILD_ROOT%{_libdir}/freeradius +/sbin/ldconfig -n %{buildroot}%{_libdir}/freeradius # logs -touch $RPM_BUILD_ROOT%{_localstatedir}/log/radius/radutmp -touch $RPM_BUILD_ROOT%{_localstatedir}/log/radius/radius.log +touch %{buildroot}%{_localstatedir}/log/radius/radutmp +touch %{buildroot}%{_localstatedir}/log/radius/radius.log # SuSE -install -d $RPM_BUILD_ROOT%{_sysconfdir}/pam.d -install -d $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d -install -m 644 suse/radiusd-pam $RPM_BUILD_ROOT%{_sysconfdir}/pam.d/radiusd -install -m 644 suse/radiusd-logrotate $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/radiusd -install -d -m 755 $RPM_BUILD_ROOT%{_sysconfdir}/init.d -install -m 744 suse/rcradiusd $RPM_BUILD_ROOT%{_sysconfdir}/init.d/freeradius -ln -sf ../..%{_sysconfdir}/init.d/freeradius $RPM_BUILD_ROOT%{_sbindir}/rcfreeradius -cp -al $RPM_BUILD_ROOT%{_sbindir}/radiusd $RPM_BUILD_ROOT%{_sbindir}/radrelay -install -m 744 suse/rcradius-relayd $RPM_BUILD_ROOT%{_sysconfdir}/init.d/freeradius-relay -ln -sf ../..%{_sysconfdir}/init.d/freeradius-relay $RPM_BUILD_ROOT%{_sbindir}/rcfreeradius-relay +install -d %{buildroot}%{_sysconfdir}/pam.d +install -d %{buildroot}%{_sysconfdir}/logrotate.d +install -m 644 suse/radiusd-pam %{buildroot}%{_sysconfdir}/pam.d/radiusd +install -m 644 suse/radiusd-logrotate %{buildroot}%{_sysconfdir}/logrotate.d/radiusd +install -d -m 755 %{buildroot}%{_sysconfdir}/init.d +install -m 744 suse/rcradiusd %{buildroot}%{_sysconfdir}/init.d/freeradius +ln -sf ../..%{_sysconfdir}/init.d/freeradius %{buildroot}%{_sbindir}/rcfreeradius +cp -al %{buildroot}%{_sbindir}/radiusd %{buildroot}%{_sbindir}/radrelay +install -m 744 suse/rcradius-relayd %{buildroot}%{_sysconfdir}/init.d/freeradius-relay +ln -sf ../..%{_sysconfdir}/init.d/freeradius-relay %{buildroot}%{_sbindir}/rcfreeradius-relay mv -v doc/README doc/README.doc # install dialup_admin -DIALUPADMIN=$RPM_BUILD_ROOT%{_datadir}/dialup_admin +DIALUPADMIN=%{buildroot}%{_datadir}/dialup_admin mkdir -p $DIALUPADMIN -cp -r dialup_admin/* $RPM_BUILD_ROOT%{_datadir}/dialup_admin +cp -r dialup_admin/* %{buildroot}%{_datadir}/dialup_admin # apache2 config -install -d -m 755 $RPM_BUILD_ROOT%{apache2_sysconfdir}/conf.d -install -m 644 suse/admin-httpd.conf $RPM_BUILD_ROOT%{apache2_sysconfdir}/conf.d/radius.conf +install -d -m 755 %{buildroot}%{apache2_sysconfdir}/conf.d +install -m 644 suse/admin-httpd.conf %{buildroot}%{apache2_sysconfdir}/conf.d/radius.conf # remove unneeded stuff rm -rf doc/00-OLD -rm -f $RPM_BUILD_ROOT%{_sbindir}/rc.radiusd -rm -rf $RPM_BUILD_ROOT%{_datadir}/doc/freeradius* -rm -rf $RPM_BUILD_ROOT%{_libdir}/freeradius/*.*a -rm -f $RPM_BUILD_ROOT%{_datadir}/dialup_admin/Makefile -rm -f $RPM_BUILD_ROOT%{_defaultdocdir}/%{name}/Makefile -rm -f $RPM_BUILD_ROOT%{_defaultdocdir}/%{name}/examples/Makefile +rm -f %{buildroot}%{_sbindir}/rc.radiusd +rm -rf %{buildroot}%{_datadir}/doc/freeradius* +rm -rf %{buildroot}%{_libdir}/freeradius/*.*a +rm -f %{buildroot}%{_datadir}/dialup_admin/Makefile +rm -f %{buildroot}%{_defaultdocdir}/%{name}/Makefile +rm -f %{buildroot}%{_defaultdocdir}/%{name}/examples/Makefile %pre %{_sbindir}/groupadd -r radiusd 2> /dev/null || : @@ -340,7 +294,7 @@ chgrp radiusd /etc/raddb/certs/* %{insserv_cleanup} %clean -rm -rf $RPM_BUILD_ROOT +rm -rf %{buildroot} %files doc %defattr(-,root,root) @@ -426,7 +380,7 @@ rm -rf $RPM_BUILD_ROOT %attr(700,radiusd,radiusd) %dir %{_localstatedir}/log/radius/ %attr(700,radiusd,radiusd) %dir %{_localstatedir}/log/radius/radacct/ %attr(644,radiusd,radiusd) %{_localstatedir}/log/radius/radutmp -%config(noreplace) %attr(600,radiusd,radiusd) /var/log/radius/radius.log +%config(noreplace) %attr(600,radiusd,radiusd) %{_localstatedir}/log/radius/radius.log # RADIUS Loadable Modules %attr(755,root,root) %dir %{_libdir}/freeradius %attr(755,root,root) %{_libdir}/freeradius/rlm_*.so*