1
0
OBS User unknown 2009-02-10 17:49:14 +00:00 committed by Git OBS Bridge
parent a535d7c783
commit 2faa385271
11 changed files with 123 additions and 138 deletions

View File

@ -1,123 +0,0 @@
--- dialup_admin/bin/clean_radacct
+++ dialup_admin/bin/clean_radacct
@@ -5,6 +5,7 @@
# Works with mysql and postgresql
#
use POSIX;
+use File::Temp;
$conf=shift||'/usr/share/dialup_admin/conf/admin.conf';
$back_days = 35;
@@ -42,11 +43,10 @@
$query = "DELETE FROM $sql_accounting_table WHERE AcctStopTime IS NULL AND AcctStartTime < '$date';";
print "$query\n";
-open TMP, ">/tmp/clean_radacct.query"
- or die "Could not open tmp file\n";
-print TMP $query;
-close TMP;
-$command = "$sqlcmd -h$sql_server -u$sql_username $sql_password $sql_database </tmp/clean_radacct.query" if ($sql_type eq 'mysql');
-$command = "$sqlcmd -U $sql_username -f /tmp/clean_radacct.query $sql_database" if ($sql_type eq 'pg');
-$command = "$sqlcmd '$sql_server' '$sql_port' '' '$sql_username' '$sql_password' </tmp/clean_radacct.query" if ($sql_type eq 'sqlrelay');
+my ($fh, $tmp_filename) = tempfile() or die "Could not open tmp file\n";
+print $fh $query;
+close $fh;
+$command = "$sqlcmd -h$sql_server -u$sql_username $sql_password $sql_database < $tmp_filename" if ($sql_type eq 'mysql');
+$command = "$sqlcmd -U $sql_username -f $tmp_filename $sql_database" if ($sql_type eq 'pg');
+$command = "$sqlcmd '$sql_server' '$sql_port' '' '$sql_username' '$sql_password' < $tmp_filename" if ($sql_type eq 'sqlrelay');
`$command`;
--- dialup_admin/bin/monthly_tot_stats
+++ dialup_admin/bin/monthly_tot_stats
@@ -1,5 +1,6 @@
#!/usr/bin/perl
use POSIX;
+use File::Temp;
# Log in the mtotacct table aggregated accounting information for
# each user spaning in one month period.
@@ -51,14 +52,13 @@
AcctDate <= '$date_end' GROUP BY UserName,NASIPAddress;";
print "$query1\n";
print "$query2\n";
-open TMP, ">/tmp/tot_stats.query"
- or die "Could not open tmp file\n";
-print TMP "ALTER SESSION SET NLS_TIMESTAMP_TZ_FORMAT='YYYY-MM-DD HH24:MI:SS.FF TZH:TZM';\n" if ($sql_type eq 'oracle');
-print TMP $query1;
-print TMP $query2;
-close TMP;
-$command = "$sqlcmd -h $sql_server -u $sql_username $sql_password $sql_database </tmp/tot_stats.query" if ($sql_type eq 'mysql');
-$command = "$sqlcmd -U $sql_username -f /tmp/tot_stats.query $sql_database" if ($sql_type eq 'pg');
+my ($fh, $tmp_filename) = tempfile() or die "Could not open tmp file\n";
+print $fh "ALTER SESSION SET NLS_TIMESTAMP_TZ_FORMAT='YYYY-MM-DD HH24:MI:SS.FF TZH:TZM';\n" if ($sql_type eq 'oracle');
+print $fh $query1;
+print $fh $query2;
+close $fh;
+$command = "$sqlcmd -h $sql_server -u $sql_username $sql_password $sql_database < $tmp_filename" if ($sql_type eq 'mysql');
+$command = "$sqlcmd -U $sql_username -f $tmp_filename $sql_database" if ($sql_type eq 'pg');
$command = "$sqlcmd $sql_username/$pass" . "@" . "$sql_database <$tmpfile.$server" if ($sql_type eq 'oracle');
-$command = "$sqlcmd '$sql_server' '$sql_port' '' '$sql_username' '$sql_password' </tmp/tot_stats.query" if ($sql_type eq 'sqlrelay');
+$command = "$sqlcmd '$sql_server' '$sql_port' '' '$sql_username' '$sql_password' < $tmp_filename" if ($sql_type eq 'sqlrelay');
`$command`;
--- dialup_admin/bin/tot_stats
+++ dialup_admin/bin/tot_stats
@@ -1,5 +1,6 @@
#!/usr/bin/perl
use POSIX;
+use File::Temp;
# Log in the totacct table aggregated daily accounting information for
# each user.
@@ -48,14 +49,13 @@
AcctStopTime < '$date_end' GROUP BY UserName,NASIPAddress;";
print "$query1\n";
print "$query2\n";
-open TMP, ">/tmp/tot_stats.query"
- or die "Could not open tmp file\n";
-print TMP "ALTER SESSION SET NLS_TIMESTAMP_TZ_FORMAT='YYYY-MM-DD HH24:MI:SS.FF TZH:TZM';\n" if ($sql_type eq 'oracle');
-print TMP $query1;
-print TMP $query2;
-close TMP;
-$command = "$sqlcmd -h $sql_server -u $sql_username $sql_password $sql_database </tmp/tot_stats.query" if ($sql_type eq 'mysql');
-$command = "$sqlcmd -U $sql_username -f /tmp/tot_stats.query $sql_database" if ($sql_type eq 'pg');
+my ($fh, $tmp_filename) = tempfile() or die "Could not open tmp file\n";
+print $fh "ALTER SESSION SET NLS_TIMESTAMP_TZ_FORMAT='YYYY-MM-DD HH24:MI:SS.FF TZH:TZM';\n" if ($sql_type eq 'oracle');
+print $fh $query1;
+print $fh $query2;
+close $fh;
+$command = "$sqlcmd -h $sql_server -u $sql_username $sql_password $sql_database < $tmp_filename" if ($sql_type eq 'mysql');
+$command = "$sqlcmd -U $sql_username -f $tmp_filename $sql_database" if ($sql_type eq 'pg');
$command = "$sqlcmd $sql_username/$pass" . "@" . "$sql_database <$tmpfile.$server" if ($sql_type eq 'oracle');
-$command = "$sqlcmd '$sql_server' '$sql_port' '' '$sql_username' '$sql_password' </tmp/tot_stats.query" if ($sql_type eq 'sqlrelay');
+$command = "$sqlcmd '$sql_server' '$sql_port' '' '$sql_username' '$sql_password' < $tmp_filename" if ($sql_type eq 'sqlrelay');
`$command`;
--- dialup_admin/bin/truncate_radacct
+++ dialup_admin/bin/truncate_radacct
@@ -5,6 +5,7 @@
# Works with mysql and postgresql
#
use POSIX;
+use File::Temp;
$conf=shift||'/usr/share/dialup_admin/conf/admin.conf';
$back_days = 90;
@@ -44,13 +45,12 @@
$query .= "DELETE FROM $sql_accounting_table WHERE AcctStopTime < '$date' AND AcctStopTime IS NOT NULL ;";
$query .= "UNLOCK TABLES;" if ($sql_type eq 'mysql');
print "$query\n";
-open TMP, ">/tmp/truncate_radacct.query"
- or die "Could not open tmp file\n";
-print TMP "ALTER SESSION SET NLS_TIMESTAMP_TZ_FORMAT='YYYY-MM-DD HH24:MI:SS.FF TZH:TZM';\n" if ($sql_type eq 'oracle');
-print TMP $query;
-close TMP;
-$command = "$sqlcmd -h$sql_server -u$sql_username $sql_password $sql_database </tmp/truncate_radacct.query" if ($sql_type eq 'mysql');
-$command = "$sqlcmd -U $sql_username -f /tmp/truncate_radacct.query $sql_database" if ($sql_type eq 'pg');
+my ($fh, $tmp_filename) = tempfile() or die "Could not open tmp file\n";
+print $fh "ALTER SESSION SET NLS_TIMESTAMP_TZ_FORMAT='YYYY-MM-DD HH24:MI:SS.FF TZH:TZM';\n" if ($sql_type eq 'oracle');
+print $fh $query;
+close $fh;
+$command = "$sqlcmd -h$sql_server -u$sql_username $sql_password $sql_database < $tmp_filename" if ($sql_type eq 'mysql');
+$command = "$sqlcmd -U $sql_username -f $tmp_filename $sql_database" if ($sql_type eq 'pg');
$command = "$sqlcmd $sql_username/$pass" . "@" . "$sql_database <$tmpfile.$server" if ($sql_type eq 'oracle');
-$command = "$sqlcmd '$sql_server' '$sql_port' '' '$sql_username' '$sql_password' </tmp/truncate_radacct.query" if ($sql_type eq 'sqlrelay');
+$command = "$sqlcmd '$sql_server' '$sql_port' '' '$sql_username' '$sql_password' < $tmp_filename" if ($sql_type eq 'sqlrelay');
`$command`;

View File

@ -1,3 +0,0 @@
version https://git-lfs.github.com/spec/v1
oid sha256:d675601c0bde53d0f2f32d5280d8271ae7a546dcc251fb94ae6d5168fd04adfe
size 2366923

View File

@ -17,9 +17,9 @@
+`/usr/bin/gzip -9 $backup_directory/$date3`; +`/usr/bin/gzip -9 $backup_directory/$date3`;
--- dialup_admin/bin/clean_radacct --- dialup_admin/bin/clean_radacct
+++ dialup_admin/bin/clean_radacct +++ dialup_admin/bin/clean_radacct
@@ -6,7 +6,7 @@ @@ -7,7 +7,7 @@
#
use POSIX; use POSIX;
use File::Temp;
-$conf=shift||'/usr/local/dialup_admin/conf/admin.conf'; -$conf=shift||'/usr/local/dialup_admin/conf/admin.conf';
+$conf=shift||'/usr/share/dialup_admin/conf/admin.conf'; +$conf=shift||'/usr/share/dialup_admin/conf/admin.conf';
@ -52,7 +52,7 @@
+15 0 1 * * /usr/share/dialup_admin/bin/clean_radacct >/dev/null 2>&1 +15 0 1 * * /usr/share/dialup_admin/bin/clean_radacct >/dev/null 2>&1
--- dialup_admin/bin/log_badlogins --- dialup_admin/bin/log_badlogins
+++ dialup_admin/bin/log_badlogins +++ dialup_admin/bin/log_badlogins
@@ -17,7 +17,7 @@ @@ -18,7 +18,7 @@
$|=1; $|=1;
$file=shift||'none'; $file=shift||'none';
@ -63,7 +63,7 @@
# Uncomment to force inserts even if there are sql errors. That can # Uncomment to force inserts even if there are sql errors. That can
--- dialup_admin/bin/monthly_tot_stats --- dialup_admin/bin/monthly_tot_stats
+++ dialup_admin/bin/monthly_tot_stats +++ dialup_admin/bin/monthly_tot_stats
@@ -8,7 +8,7 @@ @@ -9,7 +9,7 @@
# Works only with mysql and postgresql # Works only with mysql and postgresql
# #
@ -96,7 +96,7 @@
while(<CONF>){ while(<CONF>){
--- dialup_admin/bin/tot_stats --- dialup_admin/bin/tot_stats
+++ dialup_admin/bin/tot_stats +++ dialup_admin/bin/tot_stats
@@ -7,7 +7,7 @@ @@ -8,7 +8,7 @@
# Works with mysql and postgresql # Works with mysql and postgresql
# #
@ -107,9 +107,9 @@
open CONF, "<$conf" open CONF, "<$conf"
--- dialup_admin/bin/truncate_radacct --- dialup_admin/bin/truncate_radacct
+++ dialup_admin/bin/truncate_radacct +++ dialup_admin/bin/truncate_radacct
@@ -6,7 +6,7 @@ @@ -7,7 +7,7 @@
#
use POSIX; use POSIX;
use File::Temp;
-$conf=shift||'/usr/local/dialup_admin/conf/admin.conf'; -$conf=shift||'/usr/local/dialup_admin/conf/admin.conf';
+$conf=shift||'/usr/share/dialup_admin/conf/admin.conf'; +$conf=shift||'/usr/share/dialup_admin/conf/admin.conf';

View File

@ -0,0 +1,11 @@
--- src/modules/rlm_ldap/rlm_ldap.c
+++ src/modules/rlm_ldap/rlm_ldap.c
@@ -1849,7 +1849,7 @@
LDAP_CONN *conn1;
int auth_state = -1;
char *challenge = NULL;
- int challenge_len = MAX_CHALLENGE_LEN;
+ size_t challenge_len = MAX_CHALLENGE_LEN;
char *state = NULL;
dattr = dict_attrbyname("eDir-APC");

View File

@ -30,7 +30,7 @@
eaptype_name, lt_dlerror()); eaptype_name, lt_dlerror());
--- src/modules/rlm_sql/rlm_sql.c --- src/modules/rlm_sql/rlm_sql.c
+++ src/modules/rlm_sql/rlm_sql.c +++ src/modules/rlm_sql/rlm_sql.c
@@ -821,7 +821,11 @@ @@ -830,7 +830,11 @@
return -1; return -1;
} }

View File

@ -0,0 +1,11 @@
--- src/modules/rlm_sqlhpwippool/rlm_sqlhpwippool.c
+++ src/modules/rlm_sqlhpwippool/rlm_sqlhpwippool.c
@@ -771,7 +771,7 @@
nasip.s_addr = vp->vp_ipaddr;
strncpy(nasipstr, inet_ntoa(nasip), sizeof(nasipstr) - 1);
- nasipstr[sizeof(nasipstr)] = 0;
+ nasipstr[sizeof(nasipstr) - 1] = 0;
if (!nvp_query(__LINE__, data, sqlsock,
"UPDATE `%s`.`ips`, `radacct` "

View File

@ -0,0 +1,3 @@
version https://git-lfs.github.com/spec/v1
oid sha256:984cf7f3418de8f2abe1e599827264495cef1d234cce4abe05a06a4b6419db1a
size 2380451

View File

@ -1,3 +1,49 @@
-------------------------------------------------------------------
Tue Feb 10 10:38:27 CET 2009 - prusnak@suse.cz
- updated to 2.1.3
o Feature Improvements
* Allow running with user=radiusd and binding to secure sockets.
* Start sending Status-Server "are you alive" messages earlier,
which helps with proxying multiple realms to a home server.
* Removed thread pool code from rlm_perl. It's not necessary.
* Added example Perl configuration to raddb/modules/perl
* Force OpenSSL to support certificates with SHA256. This seems
to be necessary for WiMAX certs.
o Bug Fixes
* Fix Debian patch to allow it to build.
* Fix potential NULL dereference in debugging mode on certain
platforms for TTLS and PEAP inner tunnels.
* Fix uninitialized memory in handling of vendor definitions
* Fix parsing of quoted (but non-string) attributes in
the users< file.
* Initialize unknown NAS IP to 255.255.255.255, rather than 0.0.0.0
* use SUN_LEN in control socket, to avoid truncation on some platforms.
* Correct internal handling of debug condition to prevent it
from being over-written.
* Check return code of regcomp in unlang, so that invalid regular
expressions are caught rather than mishandled.
* Make rlm_sql use <ltdl.h>. Addresses bug #610.
* Document list "type = status" better. Closes bug #580.
* Set "default days" for certificates, because OpenSSL won't do it.
This closes bug #615.
* Reference correct list in example raddb/modules/ldap. Closes #596.
* Increase default schema size for Acct-Session-Id to 64. Closes #540.
* Fix use of temporary files in dialup-admin. Closes #605
and addresses CVE-2008-4474.
* Addressed a number of minor issues found by Coverity.
* Added DHCP option 150 to the dictionary. Closes #618.
- removed CVE-2008-4474.patch (included in update)
- fixed buffer overflow (overflow.patch)
-------------------------------------------------------------------
Tue Feb 10 10:19:32 CET 2009 - prusnak@suse.cz
- fixed eDirectory bug on 64bit architectures (edir-64bit.patch)
[bnc#474006]
------------------------------------------------------------------- -------------------------------------------------------------------
Fri Feb 6 15:19:04 CET 2009 - prusnak@suse.cz Fri Feb 6 15:19:04 CET 2009 - prusnak@suse.cz

View File

@ -1,5 +1,5 @@
# #
# spec file for package freeradius-server (Version 2.1.1) # spec file for package freeradius-server (Version 2.1.3)
# #
# Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany. # Copyright (c) 2009 SUSE LINUX Products GmbH, Nuernberg, Germany.
# #
@ -18,8 +18,8 @@
Name: freeradius-server Name: freeradius-server
Version: 2.1.1 Version: 2.1.3
Release: 6 Release: 1
License: GPL v2 only; LGPL v2.1 only License: GPL v2 only; LGPL v2.1 only
Group: Productivity/Networking/Radius/Servers Group: Productivity/Networking/Radius/Servers
Provides: radiusd Provides: radiusd
@ -33,7 +33,8 @@ Patch0: %{name}-%{version}-ltdl.patch
Patch1: %{name}-%{version}-dialup_admin.patch Patch1: %{name}-%{version}-dialup_admin.patch
Patch2: %{name}-%{version}-rcradiusd.patch Patch2: %{name}-%{version}-rcradiusd.patch
Patch3: %{name}-%{version}-codecleanup.patch Patch3: %{name}-%{version}-codecleanup.patch
Patch4: %{name}-%{version}-CVE-2008-4474.patch Patch4: %{name}-%{version}-edir-64bit.patch
Patch5: %{name}-%{version}-overflow.patch
PreReq: perl openssl pwdutils coreutils PreReq: perl openssl pwdutils coreutils
PreReq: %insserv_prereq %fillup_prereq PreReq: %insserv_prereq %fillup_prereq
BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRoot: %{_tmppath}/%{name}-%{version}-build
@ -210,6 +211,7 @@ Authors:
%patch2 %patch2
%patch3 %patch3
%patch4 %patch4
%patch5
%build %build
#export CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing -DLDAP_DEPRECATED -fPIC -DPIC" #export CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing -DLDAP_DEPRECATED -fPIC -DPIC"
@ -435,6 +437,44 @@ rm -rf $RPM_BUILD_ROOT
%attr(644,root,root) %{_includedir}/freeradius/*.h %attr(644,root,root) %{_includedir}/freeradius/*.h
%changelog %changelog
* Tue Feb 10 2009 prusnak@suse.cz
- updated to 2.1.3
o Feature Improvements
* Allow running with user=radiusd and binding to secure sockets.
* Start sending Status-Server "are you alive" messages earlier,
which helps with proxying multiple realms to a home server.
* Removed thread pool code from rlm_perl. It's not necessary.
* Added example Perl configuration to raddb/modules/perl
* Force OpenSSL to support certificates with SHA256. This seems
to be necessary for WiMAX certs.
o Bug Fixes
* Fix Debian patch to allow it to build.
* Fix potential NULL dereference in debugging mode on certain
platforms for TTLS and PEAP inner tunnels.
* Fix uninitialized memory in handling of vendor definitions
* Fix parsing of quoted (but non-string) attributes in
the users< file.
* Initialize unknown NAS IP to 255.255.255.255, rather than 0.0.0.0
* use SUN_LEN in control socket, to avoid truncation on some platforms.
* Correct internal handling of debug condition to prevent it
from being over-written.
* Check return code of regcomp in unlang, so that invalid regular
expressions are caught rather than mishandled.
* Make rlm_sql use <ltdl.h>. Addresses bug #610.
* Document list "type = status" better. Closes bug #580.
* Set "default days" for certificates, because OpenSSL won't do it.
This closes bug #615.
* Reference correct list in example raddb/modules/ldap. Closes #596.
* Increase default schema size for Acct-Session-Id to 64. Closes #540.
* Fix use of temporary files in dialup-admin. Closes #605
and addresses CVE-2008-4474.
* Addressed a number of minor issues found by Coverity.
* Added DHCP option 150 to the dictionary. Closes #618.
- removed CVE-2008-4474.patch (included in update)
- fixed buffer overflow (overflow.patch)
* Tue Feb 10 2009 prusnak@suse.cz
- fixed eDirectory bug on 64bit architectures (edir-64bit.patch)
[bnc#474006]
* Fri Feb 06 2009 prusnak@suse.cz * Fri Feb 06 2009 prusnak@suse.cz
- moved manpages from section 1 to utils subpackage [bnc#469682] - moved manpages from section 1 to utils subpackage [bnc#469682]
* Fri Jan 09 2009 prusnak@suse.cz * Fri Jan 09 2009 prusnak@suse.cz