Dominique Leuenberger 2017-03-12 19:04:03 +00:00 committed by Git OBS Bridge
commit 8bb61fb781
7 changed files with 86 additions and 58 deletions

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:fe4e1f52cc2873f6aee2b12b0f03236978e4632f2acf298f834686b240c4183d
size 3016923

Binary file not shown.

View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:b3be0d8849878c31af0a5375d20b7b20c9d1c1572e89dc3f22992824cefffb84
size 3031744

Binary file not shown.

View File

@ -1,52 +0,0 @@
Index: freeradius-server-3.0.0/raddb/certs/Makefile
===================================================================
--- freeradius-server-3.0.0.orig/raddb/certs/Makefile 2013-10-15 18:20:43.563939081 +0200
+++ freeradius-server-3.0.0/raddb/certs/Makefile 2013-10-15 18:21:35.382475281 +0200
@@ -51,7 +51,7 @@ dh:
# Create a new self-signed CA certificate
#
######################################################################
-ca.key ca.pem: ca.cnf
+ca.key ca.pem:
@[ -f index.txt ] || $(MAKE) index.txt
@[ -f serial ] || $(MAKE) serial
openssl req -new -x509 -keyout ca.key -out ca.pem \
@@ -65,7 +65,7 @@ ca.der: ca.pem
# Create a new server certificate, signed by the above CA.
#
######################################################################
-server.csr server.key: server.cnf
+server.csr server.key:
openssl req -new -out server.csr -keyout server.key -config ./server.cnf
server.crt: server.csr ca.key ca.pem
@@ -87,7 +87,7 @@ server.vrfy: ca.pem
# certificate.
#
######################################################################
-client.csr client.key: client.cnf
+client.csr client.key:
openssl req -new -out client.csr -keyout client.key -config ./client.cnf
client.crt: client.csr ca.pem ca.key
Index: freeradius-server-3.0.0/raddb/certs/bootstrap
===================================================================
--- freeradius-server-3.0.0.orig/raddb/certs/bootstrap 2013-10-15 18:20:43.563939081 +0200
+++ freeradius-server-3.0.0/raddb/certs/bootstrap 2013-10-15 18:20:45.669960874 +0200
@@ -21,7 +21,9 @@ make -h > /dev/null 2>&1
#
if [ "$?" = "0" ]; then
make all
- exit $?
+ ret=$?
+ chgrp radiusd *
+ exit $ret
fi
#
@@ -80,3 +82,5 @@ fi
if [ ! -f client.crt ]; then
openssl ca -batch -keyfile ca.key -cert ca.pem -in client.csr -key `grep output_password ca.cnf | sed 's/.*=//;s/^ *//'` -out client.crt -extensions xpclient_ext -extfile xpextensions -config ./client.cnf
fi
+
+chgrp radiusd *

View File

@ -1,3 +1,85 @@
-------------------------------------------------------------------
Mon Mar 6 23:07:21 UTC 2017 - michael@stroeder.com
- removed obsolete freeradius-server-fix-cert-bootstrap.patch
because recent /etc/raddb/certs/bootstrap simply works
- update to 3.0.13
Feature improvements
* Add dictionary.rfc7930. Note that we do not implement
the RFC.
* Added 'cipher_server_preference' to mods-available/eap
Patch from #1797.
* OpenSSL 1.1.0 compatibility fixes.
* rlm_perl: radiusd::xlat to evaluate xlat string
within perl script
* Allow authentication retry in winbind. Patch from
Herwin Weststrate. See raddb/mods-available/mschap.
* Added "recv-coa" method to rlm_rest. It behaves the
same as "authorize".
* Document Trust Router tr_port option. Patch from
Stefan Paetow.
* Update elasticsearch/logstash examples so that they work
with elastic stack v5. Patch from Matthew Newton.
* Print information about packets, replies, and contents
in the detail file reader.
* Update abfab-tr policy. Pull request #1893
from Stefan Paetow.
* Reject packets which contain User-Password and
EAP-Message.
* Add example for filtering Access-Challenge.
See sites-enabled/default.
* Pull symlink fixes from v4.0.x. Fixes #1859.
* Add systemd reload. Not everything is reloaded, but
some is. Fixes #1662.
* Better documentation for listen "ipaddr". Fixes #1921
* Add dictionary.cnergee, updated dictionary.nomadix.
* radclient no longer needs -x to print statistics with -s.
Bug fixes
* Minor typos. Fixes #1763
* Fix typo in RPM build. Closes #1767.
* rlm_mschap check for password expiry only
if password was correct. Fixes #1762.
* Update debian build.
* update rlm_counter "man" page. Fixes #1775.
* Remove erroneous assert. Fixes #1778.
* fix mschap password change test. Fixes #1792.
* Cleanup config file on data remove. Fixes #1795.
* passwd module returns "notfound" if not found.
* Check for old OpenSSL, and don't build rlm_eap_fast
if it necessary. Fixes #1803
* Cleanup memory better after ldap version query.
Patch from Aleksey Katargin.
* Rename lt_* functions to avoid linker issues with
libtool. Fixes #1277
* Many miscellaneous fixes and typos.
* Allow long strings in %{%{foo} bar:-%{baz} blah".
Fixes #1866
* Fix filtering operators, along with more documentation and
more tests for them.
* Fix OpenSSL fixes. Fixes #1876.
* Finish SQL select queries even when SELECT returns no rows.
Fixes #1879.
* Set Module-Failure-Message for more EAP errors.
* Correct typo in dictionary.rfc5580. Fixes #1882
* Remove obselete systemd syslog.target.
* Client-Port-Balance load-balancing now uses client port.
* Radrelay examples fixed from Alex Clouter.
* Update systemd target. Pull request #1896.
* Trim starting whitespace in xlat strings.
* Get MySQL result lengths using normal API.
* suid down after fchown(). Fixes #1914.
* Fix cases of comparing pointer to NUL character. Fixes #1915.
* OpenSSL v1.1 fixes. Pull request #1921.
* Better Handle v4/v6 host names. Pull request #1919.
* Remove "Auth-Type = System" from docs and examples.
* Don't crash on malformed %{home_server}. Fixes #1922
* fix erroneous use of talloc destructor in rlm_eap
* Issue trigger modules.sql.fail. Fixes #1923
* Document python_path gotcha's. Fixes #1845
* dlopen() the specific version of Python. Fixes #1592
-------------------------------------------------------------------
Mon Feb 20 15:27:28 CET 2017 - kukuk@suse.de

View File

@ -20,7 +20,7 @@
%define apxs2 apxs2-prefork
%define apache2_sysconfdir %(%{_sbindir}/%{apxs2} -q SYSCONFDIR)
Name: freeradius-server
Version: 3.0.12
Version: 3.0.13
Release: 0
%if 0%{?suse_version} > 1140
@ -59,7 +59,6 @@ Source2: freeradius-tmpfiles.conf
Patch1: freeradius-server-tmpfiles.patch
Patch2: freeradius-server-radiusd-logrotate.patch
Patch3: freeradius-server-rcradiusd.patch
Patch4: freeradius-server-fix-cert-bootstrap.patch
Patch5: freeradius-server-rlm_sql_unixodbc-configure.patch
Patch6: freeradius-server-radclient-init-error-buffer.patch
Patch7: freeradius-server-opensslversion.patch
@ -234,7 +233,6 @@ FreeRADIUS plugin providing SQLite support.
%patch1 -p1
%patch2 -p1
%patch3 -p1
%patch4 -p1
%patch5 -p1
%patch6 -p1
%patch7 -p1