forked from pool/freeradius-server
Marcus Meissner
b20155dc26
- update to 2.2.0 - see /usr/share/doc/packages/freeradius-server/ChangeLog for complete list of changes in this release - fixes CVE-2012-3547 (bnc#777834) - dropped freeradius-server-2.1.6-overflow.patch (upstream) - dropped freeradius-server-sha1-default.patch (upstream) - refreshed freeradius-server-fix-cert-bootstrap.patch OBS-URL: https://build.opensuse.org/request/show/133519 OBS-URL: https://build.opensuse.org/package/show/network/freeradius-server?expand=0&rev=43
53 lines
1.9 KiB
Diff
53 lines
1.9 KiB
Diff
Index: freeradius-server-2.2.0/raddb/certs/Makefile
|
|
===================================================================
|
|
--- freeradius-server-2.2.0.orig/raddb/certs/Makefile 2012-09-10 13:51:34.000000000 +0200
|
|
+++ freeradius-server-2.2.0/raddb/certs/Makefile 2012-09-10 15:46:54.505208498 +0200
|
|
@@ -51,7 +51,7 @@ dh:
|
|
# Create a new self-signed CA certificate
|
|
#
|
|
######################################################################
|
|
-ca.key ca.pem: ca.cnf index.txt serial
|
|
+ca.key ca.pem: index.txt serial
|
|
openssl req -new -x509 -keyout ca.key -out ca.pem \
|
|
-days $(CA_DEFAULT_DAYS) -config ./ca.cnf
|
|
|
|
@@ -63,7 +63,7 @@ ca.der: ca.pem
|
|
# Create a new server certificate, signed by the above CA.
|
|
#
|
|
######################################################################
|
|
-server.csr server.key: server.cnf
|
|
+server.csr server.key:
|
|
openssl req -new -out server.csr -keyout server.key -config ./server.cnf
|
|
|
|
server.crt: server.csr ca.key ca.pem
|
|
@@ -85,7 +85,7 @@ server.vrfy: ca.pem
|
|
# certificate.
|
|
#
|
|
######################################################################
|
|
-client.csr client.key: client.cnf
|
|
+client.csr client.key:
|
|
openssl req -new -out client.csr -keyout client.key -config ./client.cnf
|
|
|
|
client.crt: client.csr ca.pem ca.key
|
|
Index: freeradius-server-2.2.0/raddb/certs/bootstrap
|
|
===================================================================
|
|
--- freeradius-server-2.2.0.orig/raddb/certs/bootstrap 2012-09-10 13:51:34.000000000 +0200
|
|
+++ freeradius-server-2.2.0/raddb/certs/bootstrap 2012-11-10 15:34:07.926849849 +0100
|
|
@@ -21,7 +21,9 @@ make -h > /dev/null 2>&1
|
|
#
|
|
if [ "$?" = "0" ]; then
|
|
make all
|
|
- exit $?
|
|
+ ret=$?
|
|
+ chgrp radiusd *
|
|
+ exit $ret
|
|
fi
|
|
|
|
#
|
|
@@ -80,3 +82,5 @@ fi
|
|
if [ ! -f client.crt ]; then
|
|
openssl ca -batch -keyfile ca.key -cert ca.pem -in client.csr -key `grep output_password ca.cnf | sed 's/.*=//;s/^ *//'` -out client.crt -extensions xpclient_ext -extfile xpextensions -config ./client.cnf
|
|
fi
|
|
+
|
|
+chgrp radiusd *
|