forked from pool/freeradius-server
This commit is contained in:
commit
655cbba530
23
.gitattributes
vendored
Normal file
23
.gitattributes
vendored
Normal file
@ -0,0 +1,23 @@
|
||||
## Default LFS
|
||||
*.7z filter=lfs diff=lfs merge=lfs -text
|
||||
*.bsp filter=lfs diff=lfs merge=lfs -text
|
||||
*.bz2 filter=lfs diff=lfs merge=lfs -text
|
||||
*.gem filter=lfs diff=lfs merge=lfs -text
|
||||
*.gz filter=lfs diff=lfs merge=lfs -text
|
||||
*.jar filter=lfs diff=lfs merge=lfs -text
|
||||
*.lz filter=lfs diff=lfs merge=lfs -text
|
||||
*.lzma filter=lfs diff=lfs merge=lfs -text
|
||||
*.obscpio filter=lfs diff=lfs merge=lfs -text
|
||||
*.oxt filter=lfs diff=lfs merge=lfs -text
|
||||
*.pdf filter=lfs diff=lfs merge=lfs -text
|
||||
*.png filter=lfs diff=lfs merge=lfs -text
|
||||
*.rpm filter=lfs diff=lfs merge=lfs -text
|
||||
*.tbz filter=lfs diff=lfs merge=lfs -text
|
||||
*.tbz2 filter=lfs diff=lfs merge=lfs -text
|
||||
*.tgz filter=lfs diff=lfs merge=lfs -text
|
||||
*.ttf filter=lfs diff=lfs merge=lfs -text
|
||||
*.txz filter=lfs diff=lfs merge=lfs -text
|
||||
*.whl filter=lfs diff=lfs merge=lfs -text
|
||||
*.xz filter=lfs diff=lfs merge=lfs -text
|
||||
*.zip filter=lfs diff=lfs merge=lfs -text
|
||||
*.zst filter=lfs diff=lfs merge=lfs -text
|
1
.gitignore
vendored
Normal file
1
.gitignore
vendored
Normal file
@ -0,0 +1 @@
|
||||
.osc
|
12
freeradius-server-2.0.1-conf_read.patch
Normal file
12
freeradius-server-2.0.1-conf_read.patch
Normal file
@ -0,0 +1,12 @@
|
||||
--- src/modules/rlm_protocol_filter/rlm_protocol_filter.c
|
||||
+++ src/modules/rlm_protocol_filter/rlm_protocol_filter.c
|
||||
@@ -100,8 +100,7 @@
|
||||
return -1;
|
||||
}
|
||||
|
||||
- inst->cs = conf_read("rlm_protocol_filter", 0,
|
||||
- inst->filename, NULL);
|
||||
+ inst->cs = cf_file_read(inst->filename);
|
||||
if (!inst->cs) {
|
||||
filter_detach(inst);
|
||||
return -1;
|
170
freeradius-server-2.0.1-dialup_admin.patch
Normal file
170
freeradius-server-2.0.1-dialup_admin.patch
Normal file
@ -0,0 +1,170 @@
|
||||
--- dialup_admin/bin/backup_radacct
|
||||
+++ dialup_admin/bin/backup_radacct
|
||||
@@ -1,7 +1,7 @@
|
||||
#!/usr/bin/perl
|
||||
use POSIX;
|
||||
|
||||
-$conf=shift||'/data/local/dialupadmin/conf/admin.conf';
|
||||
+$conf=shift||'/usr/share/dialup_admin/conf/admin.conf';
|
||||
$back_days = 80;
|
||||
$backup_directory = "/logs/radiusd/accounting";
|
||||
|
||||
@@ -48,4 +48,4 @@
|
||||
$command = "$sqlcmd $sql_username/$pass" . "@" . "$sql_database <$tmpfile.$server" if ($sql_type eq 'oracle');
|
||||
$command = "$sqlcmd '$sql_server' '$sql_port' '' '$sql_username' '$sql_password' </tmp/backup_radacct.query >$backup_directory/$date3" if ($sql_type eq 'sqlrelay');
|
||||
`$comm`;
|
||||
-`/usr/local/bin/gzip -9 $backup_directory/$date3`;
|
||||
+`/usr/bin/gzip -9 $backup_directory/$date3`;
|
||||
--- dialup_admin/bin/clean_radacct
|
||||
+++ dialup_admin/bin/clean_radacct
|
||||
@@ -6,7 +6,7 @@
|
||||
#
|
||||
use POSIX;
|
||||
|
||||
-$conf=shift||'/usr/local/dialup_admin/conf/admin.conf';
|
||||
+$conf=shift||'/usr/share/dialup_admin/conf/admin.conf';
|
||||
$back_days = 35;
|
||||
|
||||
|
||||
--- dialup_admin/bin/clearsession
|
||||
+++ dialup_admin/bin/clearsession
|
||||
@@ -49,8 +49,8 @@
|
||||
}
|
||||
if ($nastype eq 'cisco' && $type eq 'snmp'){
|
||||
|
||||
- $SNMPGET="/usr/local/bin/snmpget";
|
||||
- $SNMPSET="/usr/local/bin/snmpset";
|
||||
+ $SNMPGET="/usr/bin/snmpget";
|
||||
+ $SNMPSET="/usr/bin/snmpset";
|
||||
|
||||
die "Could not find snmpwalk binary. Please make sure that the \$SNMPGET variable points to the right location\n" if (! -x $SNMPGET);
|
||||
die "Could not find snmpset binary. Please make sure that the \$SNMPSET variable points to the right location\n" if (! -x $SNMPSET);
|
||||
--- dialup_admin/bin/dialup_admin.cron
|
||||
+++ dialup_admin/bin/dialup_admin.cron
|
||||
@@ -1,4 +1,4 @@
|
||||
-1 0 * * * /usr/local/dialup_admin/bin/tot_stats >/dev/null 2>&1
|
||||
-5 0 * * * /usr/local/dialup_admin/bin/monthly_tot_stats >/dev/null 2>&1
|
||||
-10 0 1 * * /usr/local/dialup_admin/bin/truncate_radacct >/dev/null 2>&1
|
||||
-15 0 1 * * /usr/local/dialup_admin/bin/clean_radacct >/dev/null 2>&1
|
||||
+1 0 * * * /usr/share/dialup_admin/bin/tot_stats >/dev/null 2>&1
|
||||
+5 0 * * * /usr/share/dialup_admin/bin/monthly_tot_stats >/dev/null 2>&1
|
||||
+10 0 1 * * /usr/share/dialup_admin/bin/truncate_radacct >/dev/null 2>&1
|
||||
+15 0 1 * * /usr/share/dialup_admin/bin/clean_radacct >/dev/null 2>&1
|
||||
--- dialup_admin/bin/log_badlogins
|
||||
+++ dialup_admin/bin/log_badlogins
|
||||
@@ -17,7 +17,7 @@
|
||||
$|=1;
|
||||
|
||||
$file=shift||'none';
|
||||
-$conf=shift||'/usr/local/dialup_admin/conf/admin.conf';
|
||||
+$conf=shift||'/usr/share/dialup_admin/conf/admin.conf';
|
||||
$all_file=shift||'no';
|
||||
#
|
||||
# Uncomment to force inserts even if there are sql errors. That can
|
||||
--- dialup_admin/bin/monthly_tot_stats
|
||||
+++ dialup_admin/bin/monthly_tot_stats
|
||||
@@ -8,7 +8,7 @@
|
||||
# Works only with mysql and postgresql
|
||||
#
|
||||
|
||||
-$conf=shift||'/usr/local/dialup_admin/conf/admin.conf';
|
||||
+$conf=shift||'/usr/sharel/dialup_admin/conf/admin.conf';
|
||||
|
||||
|
||||
open CONF, "<$conf"
|
||||
--- dialup_admin/bin/showmodem
|
||||
+++ dialup_admin/bin/showmodem
|
||||
@@ -7,7 +7,7 @@
|
||||
$comm=shift || "public";
|
||||
$type=shift|| "xml";
|
||||
|
||||
-$conf='/usr/local/dialup_admin/conf/admin.conf';
|
||||
+$conf='/usr/share/dialup_admin/conf/admin.conf';
|
||||
open CONF, "<$conf"
|
||||
or die "Could not open configuration file\n";
|
||||
while(<CONF>){
|
||||
--- dialup_admin/bin/snmpfinger
|
||||
+++ dialup_admin/bin/snmpfinger
|
||||
@@ -6,7 +6,7 @@
|
||||
$comm=shift || 'public';
|
||||
$type=shift || 'cisco';
|
||||
|
||||
-$conf='/usr/local/dialup_admin/conf/admin.conf';
|
||||
+$conf='/usr/share/dialup_admin/conf/admin.conf';
|
||||
open CONF, "<$conf"
|
||||
or die "Could not open configuration file\n";
|
||||
while(<CONF>){
|
||||
--- dialup_admin/bin/tot_stats
|
||||
+++ dialup_admin/bin/tot_stats
|
||||
@@ -7,7 +7,7 @@
|
||||
# Works with mysql and postgresql
|
||||
#
|
||||
|
||||
-$conf=shift||'/usr/local/dialup_admin/conf/admin.conf';
|
||||
+$conf=shift||'/usr/share/dialup_admin/conf/admin.conf';
|
||||
|
||||
|
||||
open CONF, "<$conf"
|
||||
--- dialup_admin/bin/truncate_radacct
|
||||
+++ dialup_admin/bin/truncate_radacct
|
||||
@@ -6,7 +6,7 @@
|
||||
#
|
||||
use POSIX;
|
||||
|
||||
-$conf=shift||'/usr/local/dialup_admin/conf/admin.conf';
|
||||
+$conf=shift||'/usr/share/dialup_admin/conf/admin.conf';
|
||||
$back_days = 90;
|
||||
|
||||
|
||||
--- dialup_admin/conf/admin.conf
|
||||
+++ dialup_admin/conf/admin.conf
|
||||
@@ -19,11 +19,11 @@
|
||||
#
|
||||
# The directory where dialupadmin is installed
|
||||
#
|
||||
-general_base_dir: /usr/local/dialup_admin
|
||||
+general_base_dir: /usr/share/dialup_admin
|
||||
#
|
||||
# The base directory of the freeradius radius installation
|
||||
#
|
||||
-general_radiusd_base_dir: /usr/local/radiusd
|
||||
+general_radiusd_base_dir: /
|
||||
general_domain: company.com
|
||||
#
|
||||
# Set it to yes to use sessions and cache the various mappings
|
||||
@@ -66,8 +66,8 @@
|
||||
general_raddb_dir: %{general_radiusd_base_dir}/etc/raddb
|
||||
general_ldap_attrmap: %{general_raddb_dir}/ldap.attrmap
|
||||
# Need to fix admin.conf file parser
|
||||
-#general_clients_conf: %{general_raddb_dir}/clients.conf
|
||||
-general_clients_conf: /usr/local/etc/raddb/clients.conf
|
||||
+general_clients_conf: %{general_raddb_dir}/clients.conf
|
||||
+#general_clients_conf: /usr/local/etc/raddb/clients.conf
|
||||
general_sql_attrmap: %{general_base_dir}/conf/sql.attrmap
|
||||
general_accounting_attrs_file: %{general_base_dir}/conf/accounting.attrs
|
||||
general_extra_ldap_attrmap: %{general_base_dir}/conf/extra.ldap-attrmap
|
||||
@@ -260,7 +260,7 @@
|
||||
# This variable is used by the scripts in the bin folder
|
||||
# It should contain the path to the sql binary used to run
|
||||
# sql commands (mysql, psql, oracle and sqlrelay are only supported for now)
|
||||
-sql_command: /usr/local/bin/mysql
|
||||
+sql_command: /usr/bin/mysql
|
||||
#sql_command: /usr/bin/psql
|
||||
#sql_command: /usr/bin/sqlplus
|
||||
#
|
||||
@@ -269,12 +269,12 @@
|
||||
# used to run snmp commands.
|
||||
# (ucd = UCD-Snmp and net = Net-Snmp are only supported for now)
|
||||
general_snmp_type: net
|
||||
-general_snmpwalk_command: /usr/local/bin/snmpwalk
|
||||
-general_snmpget_command: /usr/local/bin/snmpget
|
||||
+general_snmpwalk_command: /usr/bin/snmpwalk
|
||||
+general_snmpget_command: /usr/bin/snmpget
|
||||
#
|
||||
# Uncomment to enable sql debug
|
||||
#
|
||||
-sql_debug: true
|
||||
+#sql_debug: true
|
||||
#
|
||||
# If set to yes then the HTTP credentials (http authentication)
|
||||
# will be used to connect to the sql server instead of sql_username
|
45
freeradius-server-2.0.1-ltdl.patch
Normal file
45
freeradius-server-2.0.1-ltdl.patch
Normal file
@ -0,0 +1,45 @@
|
||||
--- src/main/modules.c
|
||||
+++ src/main/modules.c
|
||||
@@ -202,7 +202,11 @@
|
||||
/*
|
||||
* Keep the handle around so we can dlclose() it.
|
||||
*/
|
||||
- handle = lt_dlopenext(module_name);
|
||||
+ char *tmp = malloc(strlen(module_name) + 4);
|
||||
+ strcpy(tmp, module_name);
|
||||
+ strcat(tmp, ".so");
|
||||
+ handle = lt_dlopenext(tmp);
|
||||
+ free(tmp);
|
||||
if (handle == NULL) {
|
||||
cf_log_err(cf_sectiontoitem(cs),
|
||||
"Failed to link to module '%s': %s\n",
|
||||
--- src/modules/rlm_eap/eap.c
|
||||
+++ src/modules/rlm_eap/eap.c
|
||||
@@ -83,7 +83,11 @@
|
||||
snprintf(buffer, sizeof(buffer), "rlm_eap_%s", eaptype_name);
|
||||
|
||||
/* Link the loaded EAP-Type */
|
||||
- handle = lt_dlopenext(buffer);
|
||||
+ char *tmp = malloc(strlen(buffer) + 4);
|
||||
+ strcpy(tmp, buffer);
|
||||
+ strcat(tmp, ".so");
|
||||
+ handle = lt_dlopenext(tmp);
|
||||
+ free(tmp);
|
||||
if (handle == NULL) {
|
||||
radlog(L_ERR, "rlm_eap: Failed to link EAP-Type/%s: %s",
|
||||
eaptype_name, lt_dlerror());
|
||||
--- src/modules/rlm_sql/rlm_sql.c
|
||||
+++ src/modules/rlm_sql/rlm_sql.c
|
||||
@@ -820,7 +820,11 @@
|
||||
return -1;
|
||||
}
|
||||
|
||||
- inst->handle = lt_dlopenext(inst->config->sql_driver);
|
||||
+ char *tmp = malloc(strlen(inst->config->sql_driver) + 4);
|
||||
+ strcpy(tmp, inst->config->sql_driver);
|
||||
+ strcat(tmp, ".so");
|
||||
+ inst->handle = lt_dlopenext(tmp);
|
||||
+ free(tmp);
|
||||
if (inst->handle == NULL) {
|
||||
radlog(L_ERR, "rlm_sql (%s): Could not link driver %s: %s",
|
||||
inst->config->xlat_name, inst->config->sql_driver,
|
22
freeradius-server-2.0.1-rcradiusd.patch
Normal file
22
freeradius-server-2.0.1-rcradiusd.patch
Normal file
@ -0,0 +1,22 @@
|
||||
--- suse/rcradius-relayd
|
||||
+++ suse/rcradius-relayd
|
||||
@@ -12,7 +12,7 @@
|
||||
#
|
||||
### BEGIN INIT INFO
|
||||
# Provides: radius-relayd
|
||||
-# Required-Start: $network $syslog $remotefs
|
||||
+# Required-Start: $network $syslog $remote_fs
|
||||
# Required-Stop:
|
||||
# Default-Start: 3 5
|
||||
# Default-Stop: 0 1 2 6
|
||||
--- suse/rcradiusd
|
||||
+++ suse/rcradiusd
|
||||
@@ -12,7 +12,7 @@
|
||||
#
|
||||
### BEGIN INIT INFO
|
||||
# Provides: radiusd
|
||||
-# Required-Start: $network $syslog $remotefs
|
||||
+# Required-Start: $network $syslog $remote_fs
|
||||
# Required-Stop:
|
||||
# Default-Start: 3 5
|
||||
# Default-Stop: 0 1 2 6
|
38
freeradius-server-2.0.1-strncat.patch
Normal file
38
freeradius-server-2.0.1-strncat.patch
Normal file
@ -0,0 +1,38 @@
|
||||
--- src/modules/rlm_sim_files/rlm_sim_files.c
|
||||
+++ src/modules/rlm_sim_files/rlm_sim_files.c
|
||||
@@ -163,7 +163,7 @@
|
||||
if(f)
|
||||
{
|
||||
imsi[0]='\0';
|
||||
- strncat(imsi, f, sizeof(imsi));
|
||||
+ strncat(imsi, f, sizeof(imsi)-1);
|
||||
fieldcount++;
|
||||
}
|
||||
|
||||
@@ -177,7 +177,7 @@
|
||||
if(f)
|
||||
{
|
||||
chal[2]='\0';
|
||||
- strncat(chal+2, f, sizeof(chal)-2);
|
||||
+ strncat(chal+2, f, sizeof(chal)-3);
|
||||
fieldcount++;
|
||||
}
|
||||
|
||||
@@ -185,7 +185,7 @@
|
||||
if(f)
|
||||
{
|
||||
sres[2]='\0';
|
||||
- strncat(sres+2, f, sizeof(sres)-2);
|
||||
+ strncat(sres+2, f, sizeof(sres)-3);
|
||||
fieldcount++;
|
||||
}
|
||||
|
||||
@@ -193,7 +193,7 @@
|
||||
if(f)
|
||||
{
|
||||
kc[2]='\0';
|
||||
- strncat(kc+2, f, sizeof(kc)-2);
|
||||
+ strncat(kc+2, f, sizeof(kc)-3);
|
||||
fieldcount++;
|
||||
}
|
||||
|
3
freeradius-server-2.0.1.tar.bz2
Normal file
3
freeradius-server-2.0.1.tar.bz2
Normal file
@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:d5e1cd96762cc2091d64198bc50d03690f94dfd4d96b36a042dda1490b8143df
|
||||
size 2270018
|
629
freeradius-server.changes
Normal file
629
freeradius-server.changes
Normal file
@ -0,0 +1,629 @@
|
||||
-------------------------------------------------------------------
|
||||
Tue Jan 29 14:33:35 CET 2008 - prusnak@suse.cz
|
||||
|
||||
- replace obsoleted call to conf_read with cf_file_read (conf_read.patch)
|
||||
- split off -doc subpackage
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Jan 24 16:39:37 CET 2008 - prusnak@suse.cz
|
||||
|
||||
- fix strncat usage (strncat.patch)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Jan 22 16:23:12 CET 2008 - prusnak@suse.cz
|
||||
|
||||
- updated to 2.0.1
|
||||
* improve unlang
|
||||
* update acct_module
|
||||
* fix parsing of syslog logging
|
||||
* minor fixes over 2.0.0
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Jan 22 13:58:25 CET 2008 - prusnak@suse.cz
|
||||
|
||||
- renamed to freeradius-server (to follow upstream change)
|
||||
- updated to 2.0.0:
|
||||
o Feature improvements
|
||||
* Debugging mode is much clearer and easier to read.
|
||||
* A new policy language makes many configurations trivial.
|
||||
See "man unlang" for a complete description.
|
||||
* Virtual servers are now supported. This permits clear separation
|
||||
of policies. See raddb/sites-available/README
|
||||
* EAP-TLS (PEAP, EAP-TTLS) and OpenSSL certificates "just work".
|
||||
See raddb/certs/README for details.
|
||||
* Proxying is much more configurable than before.
|
||||
See proxy.conf for documentation on pools, and new config items.
|
||||
* Full support for IPv6.
|
||||
* Much more complete support for the RADIUS SNMP MIBs.
|
||||
* HUP now works. Only some modules are re-loaded,
|
||||
and the server configuation is *not* reloaded.
|
||||
* "check config" option now works. See "man radiusd"
|
||||
* radrelay functionality is now included in the server core.
|
||||
See raddb/sites-available/copy-acct-to-home-server
|
||||
* VMPS support. It is minimal, but functional.
|
||||
* Cleaned up internal API's and names, including library names.
|
||||
o Bug fixes
|
||||
* Many.
|
||||
- removed obsolete patch:
|
||||
* type_punning.patch
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Dec 4 18:08:41 CET 2007 - prusnak@suse.cz
|
||||
|
||||
- remove openldap2 from BuildRequires
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Nov 6 13:16:58 CET 2007 - prusnak@suse.cz
|
||||
|
||||
- updated to 1.1.7
|
||||
Feature Improvements
|
||||
* Updated LDAP documentation.
|
||||
* Added note on DH parameters in eap.conf, and debugging messages
|
||||
which complain if DH is used, but not configured properly.
|
||||
* Updated the Mikrotik dictionary. Added a note that the sample
|
||||
dictionary they supply is broken.
|
||||
* Output more information on blocked threads, which should help
|
||||
narrow down which modules is causing the problem.
|
||||
* Added more eDirectory support.
|
||||
* rlm_ldap now prints out attributes in the standard format
|
||||
* Enabled server-side handling of procedures in MySQL
|
||||
Bug Fixes
|
||||
* Added NT-Hash support for mschap_xlat.
|
||||
* Corrected documentation to point to correct location of files.
|
||||
* Checks for more recent FreeBSD versions.
|
||||
* uses -DLDAP_DEPRECATED to avoid OpenLDAP crashes.
|
||||
* Use correct value for authentication name in rlm_mschap.
|
||||
* Fix over-ride for usernames when use_tunneled_reply = yes.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Apr 20 15:10:28 CEST 2007 - pth@suse.de
|
||||
|
||||
- Update to 1.1.6. Changes since 1.1.3:
|
||||
Feature improvements
|
||||
* Added dictionary.rfc4372 (Chargeable User Identity)
|
||||
* Added dictionary.rfc4675 (VLAN and Priority)
|
||||
* Added dictionary.rfc4679 (ADSL Forum)
|
||||
NOTE some name differences from the RFC, due to dictionary.redback
|
||||
* Updated rlm_python to something usable
|
||||
* Added experimental sql "HPW" IPPools.
|
||||
* Added more dictionaries
|
||||
* Dictionary files now MUST NOT be globally writable.
|
||||
* Configuration files now MUST NOT be globally readable,
|
||||
or globally writable.
|
||||
* Be more aggressive about freeing memory on clean exit.
|
||||
This helps track down run-time leaks.
|
||||
* Updated rlm_python to something usable
|
||||
* Added experimental sql "HPW" IPPools.
|
||||
* Major enhancements to rlm_pap, that make "encryption_scheme"
|
||||
a thing of the past. See "man rlm_pap" for details.
|
||||
* Added SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS flag to use
|
||||
work-arounds that enable Windows Vista clients to work.
|
||||
* Added preliminary code to support Firebird.
|
||||
Use at your own risk!
|
||||
* Send MS-CHAP2-Success, which makes EAP-TTLS/MSCHAP work on more
|
||||
platforms.
|
||||
* Add a new "reply-name" directive in rlm_sqlcounter to define the
|
||||
name of the reply attribute.
|
||||
* Added more dictionaries and attributes
|
||||
* Print ntlm_auth failure reason in Module-Failure-Message
|
||||
* radsqlrelay is able to get the DB password from a file instead
|
||||
of command line.
|
||||
|
||||
Bug fixes
|
||||
* Corrected typo in rlm_pap.c
|
||||
* Corrected typo in src/main/auth.c
|
||||
* Suppress SSL error messages if error is zero.
|
||||
* Don't complain about "Error in read client certificate A"
|
||||
if we expect to read it in the next packet. Fix based on patch
|
||||
by Dan Lukes.
|
||||
* Corrected nearly 30 bugs found by Coverity
|
||||
See also http://scan.coverity.com
|
||||
* Don't die on HUP. Instead leak memory (sorry). After a few
|
||||
hundred HUP's, the server will have leaked a few megabytes of
|
||||
memory, and you should probably re-start it. It's ugly, but
|
||||
better than dying.
|
||||
* Corrected a few double free's
|
||||
* Corrected typo in radrelay, which prevented it from working
|
||||
* Made Firebird module build
|
||||
* Fixed bug in PostgreSQL module that caused server crash.
|
||||
* Fixed bug in SQL module that could cause server to crash.
|
||||
* Corrected base64 decoding in rlm_pap
|
||||
* Don't retransmit accounting packets. The NAS should do this.
|
||||
* Handle Client-Error in EAP-SIM.
|
||||
* Port OpenSSL locking fixes from CVS head. This makes PEAP
|
||||
more stable on some systems.
|
||||
* Require Message-Authenticator in Status-Server packets
|
||||
* Correct Tunnel-Medium-Type VALUEs in dictionary.rfc2868
|
||||
* Be more aggressibe about freeing memory on clean exit.
|
||||
This isn't strictly a bug fix, but it makes it easier to
|
||||
find memory leaks
|
||||
* Increase buffer size for dynamic expansion, which allows
|
||||
longer SQL qeuries.
|
||||
* Use correct line number when there's a parse error in one
|
||||
of the configuration sections.
|
||||
* Terminate SSL sessions in EAP on error, rather than continuing
|
||||
in some cases.
|
||||
* Increase buffer size to allow parsing of long octet strings
|
||||
* Fix string termination on xlat in rlm_perl
|
||||
* Fix a parse error in the digest module, where malformed
|
||||
digest requests would result in the user being accepted. Oops...
|
||||
* VALUEs can only be defined for 'integer', to catch mistakes
|
||||
with setting VALUEs for type 'string'.
|
||||
* Better parsing of VALUE names, so that values starting with
|
||||
a digit work correctly.
|
||||
* Check return from malloc.
|
||||
* Fix a double free() in rlm_eap_tls.c
|
||||
* Check return code of malloc() during initialization.
|
||||
* Fix a corner case where the proxy port isn't set either in
|
||||
radiusd.conf or in proxy.conf.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Mar 26 12:45:29 CEST 2007 - rguenther@suse.de
|
||||
|
||||
- add gdbm-devel BuildRequires
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Sun Feb 11 18:33:47 CET 2007 - ro@suse.de
|
||||
|
||||
- one oversight in last change, build tested
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Sun Feb 11 12:00:25 CET 2007 - ro@suse.de
|
||||
|
||||
- fix build as non-root
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Sep 4 11:18:59 CEST 2006 - kukuk@suse.de
|
||||
|
||||
- Make sure that pam_nologin.so will always be executed.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Aug 23 20:34:55 CEST 2006 - stark@suse.de
|
||||
|
||||
- update to version 1.1.3
|
||||
* autoconf updates
|
||||
* More dictionary updates
|
||||
* Security and portability fixes to rlm_otp
|
||||
* Miscellaneous bug fixes
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Jun 5 22:31:04 CEST 2006 - stark@suse.de
|
||||
|
||||
- update to version 1.1.2
|
||||
* Allow tagged VSA's for Juniper.
|
||||
* Allow Ascend "abinary" format to be specified as octets,
|
||||
(e.g. Ascend-Data-Filter = 0x010203...)
|
||||
* Added "cipher_list" configuration to the EAP-TLS module.
|
||||
See "eap.conf" and "man 1 cipher" for details.
|
||||
* Added "check_cert_issuer" configuration to the EAP-TLS module.
|
||||
See "eap.conf" for details.
|
||||
* Added "suppress" configuration entry to rlm_detail,
|
||||
to suppress certain attributes (e.g. User-Password).
|
||||
* Write SSL errors to log file, rather than stderr.
|
||||
* Allow a core dump on uid change on Linux
|
||||
* Bugfixes
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed May 24 15:58:41 CEST 2006 - schwab@suse.de
|
||||
|
||||
- Don't strip binaries.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Mar 28 20:22:34 CEST 2006 - stark@suse.de
|
||||
|
||||
- fixed an error on x86_64 machines when reading dictionaries
|
||||
(#161503)
|
||||
- make "use_tunneled_reply" work properly for PEAP
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Mar 27 14:32:09 CEST 2006 - ro@suse.de
|
||||
|
||||
- also use fPIC on s390*
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Mar 23 20:39:02 CET 2006 - stark@suse.de
|
||||
|
||||
- fixed validation issue with the EAP-MSCHAPv2 module (#160249)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jan 25 21:36:01 CET 2006 - mls@suse.de
|
||||
|
||||
- converted neededforbuild to BuildRequires
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Jan 20 18:19:32 CET 2006 - stark@suse.de
|
||||
|
||||
- fixed directory permissions (#141153)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Jan 19 01:23:36 CET 2006 - ro@suse.de
|
||||
|
||||
- changed php requires to generic ones (for php5)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Sat Jan 14 16:40:53 CET 2006 - stark@suse.de
|
||||
|
||||
- use --with-udpfromto useful for systems with multiple addresses
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Jan 12 22:48:30 CET 2006 - stark@suse.de
|
||||
|
||||
- update to version 1.1.0
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jan 11 16:03:44 CET 2006 - stark@suse.de
|
||||
|
||||
- adding stack-protector to CFLAGS
|
||||
- don't package *.la files for now (#141207)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Dec 21 10:14:01 CET 2005 - stark@suse.de
|
||||
|
||||
- fixed realloc() in rlm_pam
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Nov 15 21:49:18 CET 2005 - stark@suse.de
|
||||
|
||||
- moved dialup_admin to subpackage and integrate it into
|
||||
Apache 2 configuration
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Sep 26 01:35:29 CEST 2005 - ro@suse.de
|
||||
|
||||
- added LDAP_DEPRECATED to CFLAGS
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Sep 23 06:09:08 CEST 2005 - stark@suse.de
|
||||
|
||||
- update to version 1.0.5
|
||||
- updated eDirectory integration documentation
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Sep 23 01:38:53 CEST 2005 - ro@suse.de
|
||||
|
||||
- fix build-dir references in .la files
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Aug 30 12:50:30 CEST 2005 - stark@suse.de
|
||||
|
||||
- fixed some issues from security audit (#104195)
|
||||
(is already upstream for 1.0.5 release)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Aug 15 19:34:18 CEST 2005 - stark@suse.de
|
||||
|
||||
- fix mysql creation script (#104752)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Sat Jun 18 19:37:56 CEST 2005 - stark@suse.de
|
||||
|
||||
- update to version 1.0.4
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Sun Jun 5 00:36:51 CEST 2005 - stark@suse.de
|
||||
|
||||
- update to version 1.0.3
|
||||
- link radiusd with -pie
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Apr 11 11:29:05 CEST 2005 - stark@suse.de
|
||||
|
||||
- start daemon correctly (#75979)
|
||||
- fixed packaging on x86-64 (#75979)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Mar 2 07:19:27 CET 2005 - stark@suse.de
|
||||
|
||||
- com_err.h patch not needed anymore
|
||||
- modified spec-file to work with older distributions
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Feb 18 11:05:35 CET 2005 - stark@suse.de
|
||||
|
||||
- enabled eDirectory support and added documentation
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Feb 17 08:34:12 CET 2005 - stark@suse.de
|
||||
|
||||
- update to 1.0.2
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Sat Nov 27 13:44:09 CET 2004 - stark@suse.de
|
||||
|
||||
- fixed installation of radeapclient (#48549)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Sat Nov 20 12:57:22 CET 2004 - stark@suse.de
|
||||
|
||||
- don't use heimdal for distributions newer than 9.2
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Nov 15 14:53:25 CET 2004 - kukuk@suse.de
|
||||
|
||||
- Use common-* PAM configuration
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Sat Oct 23 20:53:51 CEST 2004 - stark@suse.de
|
||||
|
||||
- update to version 1.0.1
|
||||
- moved *.la files to devel package
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Sat Aug 28 13:33:35 CEST 2004 - stark@suse.de
|
||||
|
||||
- modify logrotate config (#44436)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Aug 17 23:55:38 CEST 2004 - sndirsch@suse.de
|
||||
|
||||
- fixed syntax error (Typo?) in init script
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Aug 13 07:10:34 CEST 2004 - stark@suse.de
|
||||
|
||||
- added some sample scripts to documentation
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Aug 10 09:35:03 CEST 2004 - stark@suse.de
|
||||
|
||||
- update to 1.0.0
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Jun 24 00:03:59 CEST 2004 - ro@suse.de
|
||||
|
||||
- update to 1.0.0pre3 (version set as 0.9.9)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Feb 5 13:36:54 CET 2004 - stark@suse.de
|
||||
|
||||
- disabled rlm_sql_iodbc and enabled rlm_sql_unixodb
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Jan 16 13:38:13 CET 2004 - kukuk@suse.de
|
||||
|
||||
- Add pam-devel to neededforbuild
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Jan 12 10:26:25 CET 2004 - adrian@suse.de
|
||||
|
||||
- add %defattr
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Nov 28 06:56:46 CET 2003 - stark@suse.de
|
||||
|
||||
- security update to 0.9.3
|
||||
* Fix a remote DoS and possible exploit due to mis-handling
|
||||
of tagged attributes, and Tunnel-Password attribute.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Oct 16 09:02:57 CEST 2003 - stark@suse.de
|
||||
|
||||
- update to 0.9.2
|
||||
(see /usr/share/doc/packages/freeradius/ChangeLog)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Aug 1 16:02:14 CEST 2003 - ro@suse.de
|
||||
|
||||
- fix include path for com_err.h
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Jul 31 06:18:03 CEST 2003 - stark@suse.de
|
||||
|
||||
- use stop/restart macros
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jul 23 10:53:20 CEST 2003 - stark@suse.de
|
||||
|
||||
- use special user for running radiusd
|
||||
- modify default configuration to work without changes
|
||||
(Auth-Type = Local)
|
||||
- added README.SuSE explaining about radiusd user
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Jul 21 08:56:54 CEST 2003 - stark@suse.de
|
||||
|
||||
- update to 0.9.0
|
||||
- build against libiodbc to enable iodbc module
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jun 4 19:47:02 CEST 2003 - schwab@suse.de
|
||||
|
||||
- Add db-devel to neededforbuild.
|
||||
- Don't use system libtool.
|
||||
- Fix use of sort.
|
||||
- Avoid running autoconf.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Apr 15 23:46:08 CEST 2003 - ro@suse.de
|
||||
|
||||
- fixed neededforbuild
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Mar 3 18:20:50 CET 2003 - kukuk@suse.de
|
||||
|
||||
- removed %ghost stuff from filelist
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Feb 7 13:31:05 CET 2003 - kukuk@suse.de
|
||||
|
||||
- Use pam_unix2.so instead of pam_unix.so
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jan 15 15:53:21 CET 2003 - ro@suse.de
|
||||
|
||||
- use sasl2
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Jan 14 11:42:24 CET 2003 - nadvornik@suse.cz
|
||||
|
||||
- fixed multi-line string literals
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Dec 12 10:28:13 CET 2002 - stark@suse.de
|
||||
|
||||
- update to 0.8.1
|
||||
* minor bugfixes
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Dec 2 07:20:10 CET 2002 - stark@suse.de
|
||||
|
||||
- removed radwatch from package
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Nov 19 08:33:36 CET 2002 - stark@suse.de
|
||||
|
||||
- update to 0.8
|
||||
* Support for Status-Server packets
|
||||
* Fixed memory leak when proxying
|
||||
* Round-robin load balancing when proxying
|
||||
* Many bug fixes
|
||||
* (/usr/share/doc/packages/ChangeLog)
|
||||
- moved modules to /usr/lib/freeradius
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Aug 19 00:06:38 CEST 2002 - ro@suse.de
|
||||
|
||||
- don't overwrite README's with each other
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Aug 16 09:06:03 CEST 2002 - stark@suse.de
|
||||
|
||||
- added PreReq (Bug #17838)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Jun 20 01:06:41 CEST 2002 - ro@suse.de
|
||||
|
||||
- hack ltconfig for ppc64
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Apr 8 11:11:56 CEST 2002 - stark@suse.de
|
||||
|
||||
- fixed packaging on 64bit platforms
|
||||
- added logrotate config
|
||||
- added some sample scripts to doc-dir
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Mar 22 15:01:10 CET 2002 - stark@suse.de
|
||||
|
||||
- update to 0.5
|
||||
* MS-CHAP and MS-CHAPv2 MPPE support,
|
||||
* EAP/MD5 and experimental EAP/TLS,
|
||||
* Experimental PHP web administration interface,
|
||||
* Fixes for *BSD,
|
||||
* Configurable database queries, executed per packet
|
||||
(e.g. %{ldap:ldap:///dc=company,dc=com?uid?sub?uid=%u}),
|
||||
* Fix logic bug which would cause occasional server crashes,
|
||||
* Server-side quenching of DoS attacks,
|
||||
* Experimental Python module,
|
||||
* Aptis, Quintum, and Foundry dictionaries,
|
||||
* Limited support for IPv6.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Feb 25 16:19:26 CET 2002 - stark@suse.de
|
||||
|
||||
- moved *.la back to main-package as it is needed for
|
||||
dynamic loading of modules
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Feb 25 07:44:11 CET 2002 - stark@suse.de
|
||||
|
||||
- added patch to work with heimdal-krb5
|
||||
- moved *.so to -devel package
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Feb 8 14:24:51 CET 2002 - stark@suse.de
|
||||
|
||||
- deactivated kerberos support
|
||||
(seems to be not compatible with heimdal :-()
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Feb 7 13:27:47 CET 2002 - stark@suse.de
|
||||
|
||||
- changed heimdal libdir
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Dec 13 07:33:45 CET 2001 - stark@suse.de
|
||||
|
||||
- update to 0.4
|
||||
- better use of fillup_and_insserv
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Dec 3 11:42:15 CET 2001 - stark@suse.de
|
||||
|
||||
- don't use START_RADIUSD anymore
|
||||
- make use of new fillup_and_insserv macro
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Oct 12 07:03:07 CEST 2001 - stark@suse.de
|
||||
|
||||
- update to version 0.3
|
||||
- packed source-archive as bz2
|
||||
- branched package -> devel
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Fri Aug 3 07:53:54 CEST 2001 - stark@suse.de
|
||||
|
||||
- removed use of watcher-script
|
||||
- removed config-check (-C) in init script
|
||||
(it's not supported in freeradius)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Aug 2 12:22:00 CEST 2001 - stark@suse.de
|
||||
|
||||
- status fix in init script
|
||||
- renamed pam-configfile: radius -> radiusd
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Aug 1 09:57:53 CEST 2001 - stark@suse.de
|
||||
|
||||
- updated to 0.2
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Jul 26 10:06:01 CEST 2001 - kukuk@suse.de
|
||||
|
||||
- Fix needed for build
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Jul 10 15:05:52 CEST 2001 - stark@suse.de
|
||||
|
||||
- added %{suse_update_config}
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Sat Jun 23 20:52:07 CEST 2001 - schwab@suse.de
|
||||
|
||||
- Fix preprocessor directives inside macro arguments.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Jun 18 07:58:08 CEST 2001 - stark@suse.de
|
||||
|
||||
- removed absolute paths from pam-config
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed May 23 13:32:20 CEST 2001 - stark@suse.de
|
||||
|
||||
- first official beta-version 0.1
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Mar 21 13:11:34 CET 2001 - stark@suse.de
|
||||
|
||||
- new snapshot 20010321 (pre-BETA)
|
||||
- replaced start- and killproc to avoid problems with Kernel 2.4
|
||||
using the radwatch shell-script
|
||||
- added built of LDAP and MySQL modules
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Jan 29 09:58:23 CET 2001 - stark@suse.de
|
||||
|
||||
- %files: /etc/raddb/bay.vendor -> /etc/raddb/dictionary.bay
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Jan 15 10:52:42 CET 2001 - stark@suse.de
|
||||
|
||||
- new snapshot 20010115
|
||||
- initial BETA package (sources are ALPHA!)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Jan 4 13:32:26 CET 2001 - stark@suse.de
|
||||
|
||||
- CVS snapshot 20010104
|
||||
|
787
freeradius-server.spec
Normal file
787
freeradius-server.spec
Normal file
@ -0,0 +1,787 @@
|
||||
#
|
||||
# spec file for package freeradius-server (Version 2.0.1)
|
||||
#
|
||||
# Copyright (c) 2008 SUSE LINUX Products GmbH, Nuernberg, Germany.
|
||||
# This file and all modifications and additions to the pristine
|
||||
# package are under the same license as the package itself.
|
||||
#
|
||||
# Please submit bugfixes or comments via http://bugs.opensuse.org/
|
||||
#
|
||||
|
||||
|
||||
Name: freeradius-server
|
||||
Version: 2.0.1
|
||||
Release: 2
|
||||
License: GPL v2 only; LGPL v2.1 only
|
||||
Group: Productivity/Networking/Radius/Servers
|
||||
Provides: radiusd
|
||||
Provides: freeradius = %{version}
|
||||
Obsoletes: freeradius < %{version}
|
||||
Conflicts: radiusd-livingston radiusd-cistron icradius
|
||||
Url: http://www.freeradius.org/
|
||||
Summary: Very Highly Configurable Radius Server
|
||||
Source0: %{name}-%{version}.tar.bz2
|
||||
Source1: radqkstart.pdf
|
||||
Source2: radadmin.pdf
|
||||
Patch0: %{name}-%{version}-ltdl.patch
|
||||
Patch1: %{name}-%{version}-dialup_admin.patch
|
||||
Patch2: %{name}-%{version}-rcradiusd.patch
|
||||
Patch3: %{name}-%{version}-strncat.patch
|
||||
Patch4: %{name}-%{version}-conf_read.patch
|
||||
PreReq: %{_sbindir}/useradd %{_sbindir}/groupadd
|
||||
PreReq: perl
|
||||
PreReq: %insserv_prereq %fillup_prereq
|
||||
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
||||
%define _oracle_support 0
|
||||
%define apxs2 apxs2-prefork
|
||||
%define apache2_sysconfdir %(%{_sbindir}/%{apxs2} -q SYSCONFDIR)
|
||||
Requires: %{name}-libs = %{version}
|
||||
Requires: python
|
||||
BuildRequires: db-devel e2fsprogs-devel gcc-c++ gdbm-devel gettext-devel glibc-devel libtool ncurses-devel
|
||||
BuildRequires: libpcap net-snmp-devel openldap2-devel openssl-devel pam-devel perl postgresql-devel
|
||||
BuildRequires: python-devel sed unixODBC-devel zlib-devel
|
||||
BuildRequires: apache2-devel bind-libs cyrus-sasl-devel krb5-devel libapr1-devel libcom_err libmysqlclient-devel
|
||||
|
||||
%description
|
||||
The FreeRADIUS server has a number of features found in other servers
|
||||
and additional features not found in any other server. The server's
|
||||
features are:
|
||||
|
||||
* Support for RFC and VSA attributes
|
||||
|
||||
* Additional server configuration attributes
|
||||
|
||||
* Selection of a particular configuration
|
||||
|
||||
* Authentication methods
|
||||
|
||||
* Accounting methods
|
||||
|
||||
|
||||
|
||||
Authors:
|
||||
--------
|
||||
Miquel van Smoorenburg <miquels@cistron.nl>
|
||||
Alan DeKok <aland@ox.org>
|
||||
Mike Machado <mike@innercite.com>
|
||||
Alan Curry
|
||||
various other people
|
||||
|
||||
%if %_oracle_support == 1
|
||||
|
||||
%package oracle
|
||||
BuildRequires: oracle-instantclient-basic oracle-instantclient-devel
|
||||
Group: Productivity/Networking/Radius/Servers
|
||||
Summary: FreeRADIUS Oracle database support
|
||||
Requires: oracle-instantclient-basic
|
||||
Requires: %{name}-libs = %{version}
|
||||
Requires: %{name} = %{version}
|
||||
|
||||
%description oracle
|
||||
The FreeRADIUS server has a number of features found in other servers,
|
||||
and additional features not found in any other server. Rather than
|
||||
doing a feature by feature comparison, we will simply list the features
|
||||
of the server, and let you decide if they satisfy your needs.
|
||||
|
||||
Support for RFC and VSA Attributes Additional server configuration
|
||||
attributes Selecting a particular configuration Authentication methods
|
||||
%endif
|
||||
|
||||
%package libs
|
||||
Group: Productivity/Networking/Radius/Servers
|
||||
Summary: FreeRADIUS shared library
|
||||
|
||||
%description libs
|
||||
The FreeRADIUS shared library
|
||||
|
||||
|
||||
|
||||
Authors:
|
||||
--------
|
||||
Miquel van Smoorenburg <miquels@cistron.nl>
|
||||
Alan DeKok <aland@ox.org>
|
||||
Mike Machado <mike@innercite.com>
|
||||
Alan Curry
|
||||
various other people
|
||||
|
||||
%package utils
|
||||
Group: Productivity/Networking/Radius/Servers
|
||||
Summary: FreeRADIUS Clients
|
||||
Requires: %{name}-libs = %{version}
|
||||
|
||||
%description utils
|
||||
The FreeRADIUS server has a number of features found in other servers
|
||||
and additional features not found in any other server. The server's
|
||||
features are:
|
||||
|
||||
* Support for RFC and VSA attributes
|
||||
|
||||
* Additional server configuration attributes
|
||||
|
||||
* Selection of a particular configuration
|
||||
|
||||
* Authentication methods
|
||||
|
||||
* Accounting methods
|
||||
|
||||
|
||||
|
||||
Authors:
|
||||
--------
|
||||
Miquel van Smoorenburg <miquels@cistron.nl>
|
||||
Alan DeKok <aland@ox.org>
|
||||
Mike Machado <mike@innercite.com>
|
||||
Alan Curry
|
||||
various other people
|
||||
|
||||
%package dialupadmin
|
||||
Group: Productivity/Networking/Radius/Servers
|
||||
Summary: Web management for FreeRADIUS
|
||||
Requires: http_daemon mod_php_any php
|
||||
Requires: php-ldap php-mysql perl-DateManip
|
||||
Requires: php-pgsql php-session
|
||||
|
||||
%description dialupadmin
|
||||
Dialup Admin supports users either in SQL (MySQL or PostgreSQL are
|
||||
supported) or in LDAP. Apart from the web pages, it also includes a
|
||||
number of scripts to make the administrator's life a lot easier.
|
||||
|
||||
|
||||
|
||||
Authors:
|
||||
--------
|
||||
Kostas Kalevras <kkalev at noc.ntua.gr>
|
||||
Basilis Pappas <vpappas at noc.ntua.gr>
|
||||
Panagiotis Christias <christia at noc.ntua.gr>
|
||||
Thanasis Duitsis <aduitsis at noc.ntua.gr>
|
||||
|
||||
%package devel
|
||||
Group: Development/Libraries/C and C++
|
||||
Summary: FreeRADIUS Development Files (static libs)
|
||||
Requires: %{name}-libs = %{version}
|
||||
|
||||
%description devel
|
||||
These are the static libraries for the FreeRADIUS package.
|
||||
|
||||
|
||||
|
||||
Authors:
|
||||
--------
|
||||
Miquel van Smoorenburg <miquels@cistron.nl>
|
||||
Alan DeKok <aland@ox.org>
|
||||
Mike Machado <mike@innercite.com>
|
||||
Alan Curry
|
||||
various other people
|
||||
|
||||
%package doc
|
||||
Group: Productivity/Networking/Radius/Servers
|
||||
Summary: FreeRADIUS Documentation
|
||||
Requires: %{name}
|
||||
|
||||
%description doc
|
||||
FreeRADIUS Documentation
|
||||
|
||||
|
||||
|
||||
Authors:
|
||||
--------
|
||||
Miquel van Smoorenburg <miquels@cistron.nl>
|
||||
Alan DeKok <aland@ox.org>
|
||||
Mike Machado <mike@innercite.com>
|
||||
Alan Curry
|
||||
various other people
|
||||
|
||||
%prep
|
||||
%setup -q
|
||||
%patch0
|
||||
%patch1
|
||||
%patch2
|
||||
%patch3
|
||||
%patch4
|
||||
mkdir novell
|
||||
cp -f %{SOURCE1} %{SOURCE2} novell/
|
||||
|
||||
%build
|
||||
export CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing -DLDAP_DEPRECATED -fstack-protector"
|
||||
%ifarch x86_64 ppc ppc64 s390 s390x
|
||||
export CFLAGS="$CFLAGS -fPIC -DPIC"
|
||||
%endif
|
||||
export LDFLAGS="-pie"
|
||||
%configure \
|
||||
--libdir=%{_libdir}/freeradius \
|
||||
--disable-ltdl-install \
|
||||
--enable-strict-dependencies \
|
||||
--with-edir \
|
||||
--with-experimental-modules \
|
||||
--with-gnu-ld \
|
||||
--with-system-libtool \
|
||||
--with-udpfromto \
|
||||
--without-rlm_eap_ikev2 \
|
||||
--with-rlm-krb5-lib-dir=%{_libdir} \
|
||||
--without-rlm_opendirectory \
|
||||
--without-rlm_sql_db2 \
|
||||
--without-rlm_sql_firebird \
|
||||
--without-rlm_sql_iodbc \
|
||||
%if %{_oracle_support} == 1
|
||||
--with-rlm_sql_oracle \
|
||||
--with-oracle-lib-dir=%{_libdir}/oracle/10.1.0.3/client/lib/
|
||||
%else
|
||||
--without-rlm_sql_oracle
|
||||
%endif
|
||||
# no parallel build possible
|
||||
make
|
||||
|
||||
%install
|
||||
mkdir -p $RPM_BUILD_ROOT%{_localstatedir}/lib/radiusd
|
||||
make install R=$RPM_BUILD_ROOT INSTALLSTRIP=
|
||||
# modify default configuration
|
||||
RADDB=$RPM_BUILD_ROOT%{_sysconfdir}/raddb
|
||||
perl -i -pe 's/^#user =.*$/user = radiusd/' $RADDB/radiusd.conf
|
||||
perl -i -pe 's/^#group =.*$/group = radiusd/' $RADDB/radiusd.conf
|
||||
perl -i -pe 's/^#user =.*$/user = radiusd/' $RADDB/radrelay.conf
|
||||
perl -i -pe 's/^#group =.*$/group = radiusd/' $RADDB/radrelay.conf
|
||||
/sbin/ldconfig -n $RPM_BUILD_ROOT%{_libdir}/freeradius
|
||||
# logs
|
||||
touch $RPM_BUILD_ROOT%{_localstatedir}/log/radius/radutmp
|
||||
touch $RPM_BUILD_ROOT%{_localstatedir}/log/radius/radius.log
|
||||
# SuSE
|
||||
install -d $RPM_BUILD_ROOT%{_sysconfdir}/pam.d
|
||||
install -d $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d
|
||||
install -m 644 suse/radiusd-pam $RPM_BUILD_ROOT%{_sysconfdir}/pam.d/radiusd
|
||||
install -m 644 suse/radiusd-logrotate $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/radiusd
|
||||
install -d -m 755 $RPM_BUILD_ROOT%{_sysconfdir}/init.d
|
||||
install -m 744 suse/rcradiusd $RPM_BUILD_ROOT%{_sysconfdir}/init.d/freeradius
|
||||
ln -sf ../..%{_sysconfdir}/init.d/freeradius $RPM_BUILD_ROOT%{_sbindir}/rcfreeradius
|
||||
cp $RPM_BUILD_ROOT%{_sbindir}/radiusd $RPM_BUILD_ROOT%{_sbindir}/radrelay
|
||||
install -m 744 suse/rcradius-relayd $RPM_BUILD_ROOT%{_sysconfdir}/init.d/freeradius-relay
|
||||
ln -sf ../..%{_sysconfdir}/init.d/freeradius-relay $RPM_BUILD_ROOT%{_sbindir}/rcfreeradius-relay
|
||||
mv -v doc/README doc/README.doc
|
||||
# install dialup_admin
|
||||
DIALUPADMIN=$RPM_BUILD_ROOT%{_datadir}/dialup_admin
|
||||
mkdir -p $DIALUPADMIN
|
||||
cp -r dialup_admin/* $RPM_BUILD_ROOT%{_datadir}/dialup_admin
|
||||
# apache2 config
|
||||
install -d -m 755 $RPM_BUILD_ROOT%{apache2_sysconfdir}/conf.d
|
||||
install -m 644 suse/admin-httpd.conf $RPM_BUILD_ROOT%{apache2_sysconfdir}/conf.d/radius.conf
|
||||
# remove unneeded stuff
|
||||
rm -rf doc/00-OLD
|
||||
rm -f $RPM_BUILD_ROOT%{_sbindir}/rc.radiusd
|
||||
rm -rf $RPM_BUILD_ROOT%{_datadir}/doc/freeradius*
|
||||
rm -rf $RPM_BUILD_ROOT%{_libdir}/freeradius/*.la
|
||||
rm -f $RPM_BUILD_ROOT%{_datadir}/dialup_admin/Makefile
|
||||
rm -f $RPM_BUILD_ROOT%{_defaultdocdir}/%{name}/Makefile
|
||||
rm -f $RPM_BUILD_ROOT%{_defaultdocdir}/%{name}/examples/Makefile
|
||||
|
||||
%pre
|
||||
%{_sbindir}/groupadd -r radiusd 2> /dev/null || :
|
||||
%{_sbindir}/useradd -r -g radiusd -s /bin/false -c "Radius daemon" -d \
|
||||
%{_localstatedir}/lib/radiusd radiusd 2> /dev/null || :
|
||||
|
||||
%post
|
||||
%{fillup_and_insserv -s freeradius START_RADIUSD }
|
||||
|
||||
%preun
|
||||
%stop_on_removal freeradius
|
||||
|
||||
%postun
|
||||
%restart_on_update freeradius
|
||||
%insserv_cleanup
|
||||
|
||||
%clean
|
||||
rm -rf $RPM_BUILD_ROOT
|
||||
|
||||
%files doc
|
||||
%defattr(-,root,root)
|
||||
%doc doc/*
|
||||
|
||||
%files
|
||||
%defattr(-,root,root)
|
||||
# doc
|
||||
%doc suse/README.SuSE
|
||||
%doc COPYRIGHT CREDITS LICENSE README doc/ChangeLog
|
||||
#%doc scripts/create-users.pl scripts/CA.* scripts/certs.sh
|
||||
#%doc scripts/users2mysql.pl scripts/xpextensions
|
||||
#%doc scripts/cryptpasswd scripts/exec-program-wait scripts/radiusd2ldif.pl
|
||||
# SuSE
|
||||
%{_sysconfdir}/init.d/freeradius
|
||||
%{_sysconfdir}/init.d/freeradius-relay
|
||||
%config %{_sysconfdir}/pam.d/radiusd
|
||||
%config %{_sysconfdir}/logrotate.d/radiusd
|
||||
%{_sbindir}/rcfreeradius
|
||||
%{_sbindir}/rcfreeradius-relay
|
||||
%dir %attr(755,radiusd,radiusd) %{_localstatedir}/lib/radiusd
|
||||
# configs
|
||||
%dir %attr(750,root,radiusd) %{_sysconfdir}/raddb
|
||||
%defattr(-,root,radiusd)
|
||||
%config(noreplace) %{_sysconfdir}/raddb/dictionary
|
||||
%config(noreplace) %{_sysconfdir}/raddb/acct_users
|
||||
%config(noreplace) %{_sysconfdir}/raddb/attrs
|
||||
%config(noreplace) %{_sysconfdir}/raddb/attrs.access_reject
|
||||
%config(noreplace) %{_sysconfdir}/raddb/attrs.accounting_response
|
||||
%config(noreplace) %{_sysconfdir}/raddb/attrs.pre-proxy
|
||||
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/clients.conf
|
||||
%config(noreplace) %{_sysconfdir}/raddb/hints
|
||||
%config(noreplace) %{_sysconfdir}/raddb/huntgroups
|
||||
%config(noreplace) %{_sysconfdir}/raddb/ldap.attrmap
|
||||
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/sqlippool.conf
|
||||
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/preproxy_users
|
||||
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/proxy.conf
|
||||
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/radiusd.conf
|
||||
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/snmp.conf
|
||||
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/sql.conf
|
||||
%dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/sql
|
||||
%dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/sql/mssql
|
||||
%dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/sql/mysql
|
||||
%dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/sql/oracle
|
||||
%dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/sql/postgresql
|
||||
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/sql/*/*.conf
|
||||
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/sql/*/*.sql
|
||||
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/users
|
||||
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/experimental.conf
|
||||
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/otp.conf
|
||||
%dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/certs
|
||||
%{_sysconfdir}/raddb/certs/Makefile
|
||||
%{_sysconfdir}/raddb/certs/README
|
||||
%{_sysconfdir}/raddb/certs/xpextensions
|
||||
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/certs/*.cnf
|
||||
%attr(750,root,radiusd) %{_sysconfdir}/raddb/certs/bootstrap
|
||||
%attr(750,root,radiusd) %config %{_sysconfdir}/raddb/sites-available/example
|
||||
%dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/sites-available
|
||||
%attr(640,root,radiusd) %{_sysconfdir}/raddb/sites-available/*
|
||||
%dir %attr(750,root,radiusd) %{_sysconfdir}/raddb/sites-enabled
|
||||
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/sites-enabled/*
|
||||
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/eap.conf
|
||||
%attr(640,root,radiusd) %{_sysconfdir}/raddb/example.pl
|
||||
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/policy.conf
|
||||
%{_sysconfdir}/raddb/policy.txt
|
||||
%attr(640,root,radiusd) %config(noreplace) %{_sysconfdir}/raddb/templates.conf
|
||||
%attr(700,radiusd,radiusd) %dir %{_localstatedir}/run/radiusd/
|
||||
# binaries
|
||||
%defattr(-,root,root)
|
||||
%{_sbindir}/check-radiusd-config
|
||||
%{_sbindir}/checkrad
|
||||
%{_sbindir}/radiusd
|
||||
%{_sbindir}/radrelay
|
||||
%{_sbindir}/radwatch
|
||||
# man-pages
|
||||
%doc %{_mandir}/man1/*
|
||||
%doc %{_mandir}/man5/*
|
||||
%doc %{_mandir}/man8/*
|
||||
# dictionaries
|
||||
%attr(755,root,root) %dir %{_datadir}/freeradius
|
||||
%{_datadir}/freeradius/*
|
||||
# logs
|
||||
%attr(700,radiusd,radiusd) %dir %{_localstatedir}/log/radius/
|
||||
%attr(700,radiusd,radiusd) %dir %{_localstatedir}/log/radius/radacct/
|
||||
%attr(644,radiusd,radiusd) %{_localstatedir}/log/radius/radutmp
|
||||
%config(noreplace) %attr(600,radiusd,radiusd) /var/log/radius/radius.log
|
||||
# RADIUS Loadable Modules
|
||||
%attr(755,root,root) %dir %{_libdir}/freeradius
|
||||
%attr(755,root,root) %{_libdir}/freeradius/rlm_*.so*
|
||||
|
||||
%files utils
|
||||
%defattr(-,root,root)
|
||||
%{_bindir}/*
|
||||
|
||||
%files libs
|
||||
# RADIUS shared libs
|
||||
%attr(755,root,root) %dir %{_libdir}/freeradius
|
||||
%attr(755,root,root) %{_libdir}/freeradius/lib*.so*
|
||||
%if %{_oracle_support} == 1
|
||||
|
||||
%files oracle
|
||||
%defattr(-,root,root)
|
||||
%attr(755,root,root) %dir %{_libdir}/freeradius
|
||||
%attr(755,root,root) %{_libdir}/freeradius/rlm_sql_oracle*.so*
|
||||
%endif
|
||||
|
||||
%files dialupadmin
|
||||
%defattr(-,root,root)
|
||||
%dir %{_datadir}/dialup_admin/
|
||||
%{_datadir}/dialup_admin/bin/
|
||||
%{_datadir}/dialup_admin/doc/
|
||||
%{_datadir}/dialup_admin/htdocs/
|
||||
%{_datadir}/dialup_admin/html/
|
||||
%{_datadir}/dialup_admin/lib/
|
||||
%{_datadir}/dialup_admin/sql/
|
||||
%dir %{_datadir}/dialup_admin/conf/
|
||||
%config(noreplace) %{_datadir}/dialup_admin/conf/*
|
||||
%config(noreplace) %{apache2_sysconfdir}/conf.d/radius.conf
|
||||
%{_datadir}/dialup_admin/Changelog
|
||||
%{_datadir}/dialup_admin/README
|
||||
|
||||
%files devel
|
||||
%defattr(-,root,root)
|
||||
%attr(644,root,root) %{_libdir}/freeradius/*.a
|
||||
#%attr(644,root,root) %{_libdir}/freeradius/*.la
|
||||
%dir %attr(755,root,root) %{_includedir}/freeradius
|
||||
%attr(644,root,root) %{_includedir}/freeradius/*.h
|
||||
|
||||
%changelog
|
||||
* Tue Jan 29 2008 prusnak@suse.cz
|
||||
- replace obsoleted call to conf_read with cf_file_read (conf_read.patch)
|
||||
- split off -doc subpackage
|
||||
* Thu Jan 24 2008 prusnak@suse.cz
|
||||
- fix strncat usage (strncat.patch)
|
||||
* Tue Jan 22 2008 prusnak@suse.cz
|
||||
- updated to 2.0.1
|
||||
* improve unlang
|
||||
* update acct_module
|
||||
* fix parsing of syslog logging
|
||||
* minor fixes over 2.0.0
|
||||
* Tue Jan 22 2008 prusnak@suse.cz
|
||||
- renamed to freeradius-server (to follow upstream change)
|
||||
- updated to 2.0.0:
|
||||
o Feature improvements
|
||||
* Debugging mode is much clearer and easier to read.
|
||||
* A new policy language makes many configurations trivial.
|
||||
See "man unlang" for a complete description.
|
||||
* Virtual servers are now supported. This permits clear separation
|
||||
of policies. See raddb/sites-available/README
|
||||
* EAP-TLS (PEAP, EAP-TTLS) and OpenSSL certificates "just work".
|
||||
See raddb/certs/README for details.
|
||||
* Proxying is much more configurable than before.
|
||||
See proxy.conf for documentation on pools, and new config items.
|
||||
* Full support for IPv6.
|
||||
* Much more complete support for the RADIUS SNMP MIBs.
|
||||
* HUP now works. Only some modules are re-loaded,
|
||||
and the server configuation is *not* reloaded.
|
||||
* "check config" option now works. See "man radiusd"
|
||||
* radrelay functionality is now included in the server core.
|
||||
See raddb/sites-available/copy-acct-to-home-server
|
||||
* VMPS support. It is minimal, but functional.
|
||||
* Cleaned up internal API's and names, including library names.
|
||||
o Bug fixes
|
||||
* Many.
|
||||
- removed obsolete patch:
|
||||
* type_punning.patch
|
||||
* Tue Dec 04 2007 prusnak@suse.cz
|
||||
- remove openldap2 from BuildRequires
|
||||
* Tue Nov 06 2007 prusnak@suse.cz
|
||||
- updated to 1.1.7
|
||||
Feature Improvements
|
||||
* Updated LDAP documentation.
|
||||
* Added note on DH parameters in eap.conf, and debugging messages
|
||||
which complain if DH is used, but not configured properly.
|
||||
* Updated the Mikrotik dictionary. Added a note that the sample
|
||||
dictionary they supply is broken.
|
||||
* Output more information on blocked threads, which should help
|
||||
narrow down which modules is causing the problem.
|
||||
* Added more eDirectory support.
|
||||
* rlm_ldap now prints out attributes in the standard format
|
||||
* Enabled server-side handling of procedures in MySQL
|
||||
Bug Fixes
|
||||
* Added NT-Hash support for mschap_xlat.
|
||||
* Corrected documentation to point to correct location of files.
|
||||
* Checks for more recent FreeBSD versions.
|
||||
* uses -DLDAP_DEPRECATED to avoid OpenLDAP crashes.
|
||||
* Use correct value for authentication name in rlm_mschap.
|
||||
* Fix over-ride for usernames when use_tunneled_reply = yes.
|
||||
* Fri Apr 20 2007 pth@suse.de
|
||||
- Update to 1.1.6. Changes since 1.1.3:
|
||||
Feature improvements
|
||||
* Added dictionary.rfc4372 (Chargeable User Identity)
|
||||
* Added dictionary.rfc4675 (VLAN and Priority)
|
||||
* Added dictionary.rfc4679 (ADSL Forum)
|
||||
NOTE some name differences from the RFC, due to dictionary.redback
|
||||
* Updated rlm_python to something usable
|
||||
* Added experimental sql "HPW" IPPools.
|
||||
* Added more dictionaries
|
||||
* Dictionary files now MUST NOT be globally writable.
|
||||
* Configuration files now MUST NOT be globally readable,
|
||||
or globally writable.
|
||||
* Be more aggressive about freeing memory on clean exit.
|
||||
This helps track down run-time leaks.
|
||||
* Updated rlm_python to something usable
|
||||
* Added experimental sql "HPW" IPPools.
|
||||
* Major enhancements to rlm_pap, that make "encryption_scheme"
|
||||
a thing of the past. See "man rlm_pap" for details.
|
||||
* Added SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS flag to use
|
||||
work-arounds that enable Windows Vista clients to work.
|
||||
* Added preliminary code to support Firebird.
|
||||
Use at your own risk!
|
||||
* Send MS-CHAP2-Success, which makes EAP-TTLS/MSCHAP work on more
|
||||
platforms.
|
||||
* Add a new "reply-name" directive in rlm_sqlcounter to define the
|
||||
name of the reply attribute.
|
||||
* Added more dictionaries and attributes
|
||||
* Print ntlm_auth failure reason in Module-Failure-Message
|
||||
* radsqlrelay is able to get the DB password from a file instead
|
||||
of command line.
|
||||
Bug fixes
|
||||
* Corrected typo in rlm_pap.c
|
||||
* Corrected typo in src/main/auth.c
|
||||
* Suppress SSL error messages if error is zero.
|
||||
* Don't complain about "Error in read client certificate A"
|
||||
if we expect to read it in the next packet. Fix based on patch
|
||||
by Dan Lukes.
|
||||
* Corrected nearly 30 bugs found by Coverity
|
||||
See also http://scan.coverity.com
|
||||
* Don't die on HUP. Instead leak memory (sorry). After a few
|
||||
hundred HUP's, the server will have leaked a few megabytes of
|
||||
memory, and you should probably re-start it. It's ugly, but
|
||||
better than dying.
|
||||
* Corrected a few double free's
|
||||
* Corrected typo in radrelay, which prevented it from working
|
||||
* Made Firebird module build
|
||||
* Fixed bug in PostgreSQL module that caused server crash.
|
||||
* Fixed bug in SQL module that could cause server to crash.
|
||||
* Corrected base64 decoding in rlm_pap
|
||||
* Don't retransmit accounting packets. The NAS should do this.
|
||||
* Handle Client-Error in EAP-SIM.
|
||||
* Port OpenSSL locking fixes from CVS head. This makes PEAP
|
||||
more stable on some systems.
|
||||
* Require Message-Authenticator in Status-Server packets
|
||||
* Correct Tunnel-Medium-Type VALUEs in dictionary.rfc2868
|
||||
* Be more aggressibe about freeing memory on clean exit.
|
||||
This isn't strictly a bug fix, but it makes it easier to
|
||||
find memory leaks
|
||||
* Increase buffer size for dynamic expansion, which allows
|
||||
longer SQL qeuries.
|
||||
* Use correct line number when there's a parse error in one
|
||||
of the configuration sections.
|
||||
* Terminate SSL sessions in EAP on error, rather than continuing
|
||||
in some cases.
|
||||
* Increase buffer size to allow parsing of long octet strings
|
||||
* Fix string termination on xlat in rlm_perl
|
||||
* Fix a parse error in the digest module, where malformed
|
||||
digest requests would result in the user being accepted. Oops...
|
||||
* VALUEs can only be defined for 'integer', to catch mistakes
|
||||
with setting VALUEs for type 'string'.
|
||||
* Better parsing of VALUE names, so that values starting with
|
||||
a digit work correctly.
|
||||
* Check return from malloc.
|
||||
* Fix a double free() in rlm_eap_tls.c
|
||||
* Check return code of malloc() during initialization.
|
||||
* Fix a corner case where the proxy port isn't set either in
|
||||
radiusd.conf or in proxy.conf.
|
||||
* Mon Mar 26 2007 rguenther@suse.de
|
||||
- add gdbm-devel BuildRequires
|
||||
* Sun Feb 11 2007 ro@suse.de
|
||||
- one oversight in last change, build tested
|
||||
* Sun Feb 11 2007 ro@suse.de
|
||||
- fix build as non-root
|
||||
* Mon Sep 04 2006 kukuk@suse.de
|
||||
- Make sure that pam_nologin.so will always be executed.
|
||||
* Wed Aug 23 2006 stark@suse.de
|
||||
- update to version 1.1.3
|
||||
* autoconf updates
|
||||
* More dictionary updates
|
||||
* Security and portability fixes to rlm_otp
|
||||
* Miscellaneous bug fixes
|
||||
* Mon Jun 05 2006 stark@suse.de
|
||||
- update to version 1.1.2
|
||||
* Allow tagged VSA's for Juniper.
|
||||
* Allow Ascend "abinary" format to be specified as octets,
|
||||
(e.g. Ascend-Data-Filter = 0x010203...)
|
||||
* Added "cipher_list" configuration to the EAP-TLS module.
|
||||
See "eap.conf" and "man 1 cipher" for details.
|
||||
* Added "check_cert_issuer" configuration to the EAP-TLS module.
|
||||
See "eap.conf" for details.
|
||||
* Added "suppress" configuration entry to rlm_detail,
|
||||
to suppress certain attributes (e.g. User-Password).
|
||||
* Write SSL errors to log file, rather than stderr.
|
||||
* Allow a core dump on uid change on Linux
|
||||
* Bugfixes
|
||||
* Wed May 24 2006 schwab@suse.de
|
||||
- Don't strip binaries.
|
||||
* Tue Mar 28 2006 stark@suse.de
|
||||
- fixed an error on x86_64 machines when reading dictionaries
|
||||
(#161503)
|
||||
- make "use_tunneled_reply" work properly for PEAP
|
||||
* Mon Mar 27 2006 ro@suse.de
|
||||
- also use fPIC on s390*
|
||||
* Thu Mar 23 2006 stark@suse.de
|
||||
- fixed validation issue with the EAP-MSCHAPv2 module (#160249)
|
||||
* Wed Jan 25 2006 mls@suse.de
|
||||
- converted neededforbuild to BuildRequires
|
||||
* Fri Jan 20 2006 stark@suse.de
|
||||
- fixed directory permissions (#141153)
|
||||
* Thu Jan 19 2006 ro@suse.de
|
||||
- changed php requires to generic ones (for php5)
|
||||
* Sat Jan 14 2006 stark@suse.de
|
||||
- use --with-udpfromto useful for systems with multiple addresses
|
||||
* Thu Jan 12 2006 stark@suse.de
|
||||
- update to version 1.1.0
|
||||
* Wed Jan 11 2006 stark@suse.de
|
||||
- adding stack-protector to CFLAGS
|
||||
- don't package *.la files for now (#141207)
|
||||
* Wed Dec 21 2005 stark@suse.de
|
||||
- fixed realloc() in rlm_pam
|
||||
* Tue Nov 15 2005 stark@suse.de
|
||||
- moved dialup_admin to subpackage and integrate it into
|
||||
Apache 2 configuration
|
||||
* Mon Sep 26 2005 ro@suse.de
|
||||
- added LDAP_DEPRECATED to CFLAGS
|
||||
* Fri Sep 23 2005 stark@suse.de
|
||||
- update to version 1.0.5
|
||||
- updated eDirectory integration documentation
|
||||
* Fri Sep 23 2005 ro@suse.de
|
||||
- fix build-dir references in .la files
|
||||
* Tue Aug 30 2005 stark@suse.de
|
||||
- fixed some issues from security audit (#104195)
|
||||
(is already upstream for 1.0.5 release)
|
||||
* Mon Aug 15 2005 stark@suse.de
|
||||
- fix mysql creation script (#104752)
|
||||
* Sat Jun 18 2005 stark@suse.de
|
||||
- update to version 1.0.4
|
||||
* Sun Jun 05 2005 stark@suse.de
|
||||
- update to version 1.0.3
|
||||
- link radiusd with -pie
|
||||
* Mon Apr 11 2005 stark@suse.de
|
||||
- start daemon correctly (#75979)
|
||||
- fixed packaging on x86-64 (#75979)
|
||||
* Wed Mar 02 2005 stark@suse.de
|
||||
- com_err.h patch not needed anymore
|
||||
- modified spec-file to work with older distributions
|
||||
* Fri Feb 18 2005 stark@suse.de
|
||||
- enabled eDirectory support and added documentation
|
||||
* Thu Feb 17 2005 stark@suse.de
|
||||
- update to 1.0.2
|
||||
* Sat Nov 27 2004 stark@suse.de
|
||||
- fixed installation of radeapclient (#48549)
|
||||
* Sat Nov 20 2004 stark@suse.de
|
||||
- don't use heimdal for distributions newer than 9.2
|
||||
* Mon Nov 15 2004 kukuk@suse.de
|
||||
- Use common-* PAM configuration
|
||||
* Sat Oct 23 2004 stark@suse.de
|
||||
- update to version 1.0.1
|
||||
- moved *.la files to devel package
|
||||
* Sat Aug 28 2004 stark@suse.de
|
||||
- modify logrotate config (#44436)
|
||||
* Wed Aug 18 2004 sndirsch@suse.de
|
||||
- fixed syntax error (Typo?) in init script
|
||||
* Fri Aug 13 2004 stark@suse.de
|
||||
- added some sample scripts to documentation
|
||||
* Tue Aug 10 2004 stark@suse.de
|
||||
- update to 1.0.0
|
||||
* Thu Jun 24 2004 ro@suse.de
|
||||
- update to 1.0.0pre3 (version set as 0.9.9)
|
||||
* Thu Feb 05 2004 stark@suse.de
|
||||
- disabled rlm_sql_iodbc and enabled rlm_sql_unixodb
|
||||
* Fri Jan 16 2004 kukuk@suse.de
|
||||
- Add pam-devel to neededforbuild
|
||||
* Mon Jan 12 2004 adrian@suse.de
|
||||
- add %%defattr
|
||||
* Fri Nov 28 2003 stark@suse.de
|
||||
- security update to 0.9.3
|
||||
* Fix a remote DoS and possible exploit due to mis-handling
|
||||
of tagged attributes, and Tunnel-Password attribute.
|
||||
* Thu Oct 16 2003 stark@suse.de
|
||||
- update to 0.9.2
|
||||
(see /usr/share/doc/packages/freeradius/ChangeLog)
|
||||
* Fri Aug 01 2003 ro@suse.de
|
||||
- fix include path for com_err.h
|
||||
* Thu Jul 31 2003 stark@suse.de
|
||||
- use stop/restart macros
|
||||
* Wed Jul 23 2003 stark@suse.de
|
||||
- use special user for running radiusd
|
||||
- modify default configuration to work without changes
|
||||
(Auth-Type = Local)
|
||||
- added README.SuSE explaining about radiusd user
|
||||
* Mon Jul 21 2003 stark@suse.de
|
||||
- update to 0.9.0
|
||||
- build against libiodbc to enable iodbc module
|
||||
* Wed Jun 04 2003 schwab@suse.de
|
||||
- Add db-devel to neededforbuild.
|
||||
- Don't use system libtool.
|
||||
- Fix use of sort.
|
||||
- Avoid running autoconf.
|
||||
* Wed Apr 16 2003 ro@suse.de
|
||||
- fixed neededforbuild
|
||||
* Mon Mar 03 2003 kukuk@suse.de
|
||||
- removed %%ghost stuff from filelist
|
||||
* Fri Feb 07 2003 kukuk@suse.de
|
||||
- Use pam_unix2.so instead of pam_unix.so
|
||||
* Wed Jan 15 2003 ro@suse.de
|
||||
- use sasl2
|
||||
* Tue Jan 14 2003 nadvornik@suse.cz
|
||||
- fixed multi-line string literals
|
||||
* Thu Dec 12 2002 stark@suse.de
|
||||
- update to 0.8.1
|
||||
* minor bugfixes
|
||||
* Mon Dec 02 2002 stark@suse.de
|
||||
- removed radwatch from package
|
||||
* Tue Nov 19 2002 stark@suse.de
|
||||
- update to 0.8
|
||||
* Support for Status-Server packets
|
||||
* Fixed memory leak when proxying
|
||||
* Round-robin load balancing when proxying
|
||||
* Many bug fixes
|
||||
* (/usr/share/doc/packages/ChangeLog)
|
||||
- moved modules to /usr/lib/freeradius
|
||||
* Mon Aug 19 2002 ro@suse.de
|
||||
- don't overwrite README's with each other
|
||||
* Fri Aug 16 2002 stark@suse.de
|
||||
- added PreReq (Bug #17838)
|
||||
* Thu Jun 20 2002 ro@suse.de
|
||||
- hack ltconfig for ppc64
|
||||
* Mon Apr 08 2002 stark@suse.de
|
||||
- fixed packaging on 64bit platforms
|
||||
- added logrotate config
|
||||
- added some sample scripts to doc-dir
|
||||
* Fri Mar 22 2002 stark@suse.de
|
||||
- update to 0.5
|
||||
* MS-CHAP and MS-CHAPv2 MPPE support,
|
||||
* EAP/MD5 and experimental EAP/TLS,
|
||||
* Experimental PHP web administration interface,
|
||||
* Fixes for *BSD,
|
||||
* Configurable database queries, executed per packet
|
||||
(e.g. %%{ldap:ldap:///dc=company,dc=com?uid?sub?uid=%%u}),
|
||||
* Fix logic bug which would cause occasional server crashes,
|
||||
* Server-side quenching of DoS attacks,
|
||||
* Experimental Python module,
|
||||
* Aptis, Quintum, and Foundry dictionaries,
|
||||
* Limited support for IPv6.
|
||||
* Mon Feb 25 2002 stark@suse.de
|
||||
- moved *.la back to main-package as it is needed for
|
||||
dynamic loading of modules
|
||||
* Mon Feb 25 2002 stark@suse.de
|
||||
- added patch to work with heimdal-krb5
|
||||
- moved *.so to -devel package
|
||||
* Fri Feb 08 2002 stark@suse.de
|
||||
- deactivated kerberos support
|
||||
(seems to be not compatible with heimdal :-()
|
||||
* Thu Feb 07 2002 stark@suse.de
|
||||
- changed heimdal libdir
|
||||
* Thu Dec 13 2001 stark@suse.de
|
||||
- update to 0.4
|
||||
- better use of fillup_and_insserv
|
||||
* Mon Dec 03 2001 stark@suse.de
|
||||
- don't use START_RADIUSD anymore
|
||||
- make use of new fillup_and_insserv macro
|
||||
* Fri Oct 12 2001 stark@suse.de
|
||||
- update to version 0.3
|
||||
- packed source-archive as bz2
|
||||
- branched package -> devel
|
||||
* Fri Aug 03 2001 stark@suse.de
|
||||
- removed use of watcher-script
|
||||
- removed config-check (-C) in init script
|
||||
(it's not supported in freeradius)
|
||||
* Thu Aug 02 2001 stark@suse.de
|
||||
- status fix in init script
|
||||
- renamed pam-configfile: radius -> radiusd
|
||||
* Wed Aug 01 2001 stark@suse.de
|
||||
- updated to 0.2
|
||||
* Thu Jul 26 2001 kukuk@suse.de
|
||||
- Fix needed for build
|
||||
* Tue Jul 10 2001 stark@suse.de
|
||||
- added %%{suse_update_config}
|
||||
* Sat Jun 23 2001 schwab@suse.de
|
||||
- Fix preprocessor directives inside macro arguments.
|
||||
* Mon Jun 18 2001 stark@suse.de
|
||||
- removed absolute paths from pam-config
|
||||
* Wed May 23 2001 stark@suse.de
|
||||
- first official beta-version 0.1
|
||||
* Wed Mar 21 2001 stark@suse.de
|
||||
- new snapshot 20010321 (pre-BETA)
|
||||
- replaced start- and killproc to avoid problems with Kernel 2.4
|
||||
using the radwatch shell-script
|
||||
- added built of LDAP and MySQL modules
|
||||
* Mon Jan 29 2001 stark@suse.de
|
||||
- %%files: /etc/raddb/bay.vendor -> /etc/raddb/dictionary.bay
|
||||
* Mon Jan 15 2001 stark@suse.de
|
||||
- new snapshot 20010115
|
||||
- initial BETA package (sources are ALPHA!)
|
||||
* Thu Jan 04 2001 stark@suse.de
|
||||
- CVS snapshot 20010104
|
3
radadmin.pdf
Normal file
3
radadmin.pdf
Normal file
@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:e1abcf10cd89bc4f314bf537a2e1ddb071d471db3f4cdc67966998fe722d6d45
|
||||
size 647389
|
3
radqkstart.pdf
Normal file
3
radqkstart.pdf
Normal file
@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:0cfd1329edbae1296bd1250f52bc569da0cf277b84b21cc80b4528179e5f7745
|
||||
size 207020
|
Loading…
Reference in New Issue
Block a user