Almost as soon as all the wrinkles were worked out of ports/117161 and net/freeradius-devel was committed, the final version of FreeRADIUS 2.0.0 was released. You can't win sometimes! Can I suggest that: * net/freeradius is repocopied to net/freeradius2 * The attached patch is applied to net/freeradius as it is currently in the tree to create a final net/freeradius2 port. * net/freeradius-devel is retired again. In the form it was committed, with PKGNAMESUFFIX=-devel, it's forbidden by vuxml, which hasn't been updated to allow for the 'new' freeradius-devel having essentially nothing in common with the old, vulnerable one. * /usr/ports/MOVED is updated to point anyone who had installed net/freeradius-devel to net/freeradius2. If the change to MASTER_SITES in Makefile (and just that change) is committed to net/freeradius before the repocopy, that would be even better. (If not, I'll either create a separate PR for it, or wait for the next need to touch net/freeradius). The reason that I'd rather have a repocopy of net/freeradius to net/freeradius2 (which I believe is a more appropriate name as this is no longer a development version) is that this way we get proper CVS history (which we can't get via the resurrected net/freeradius-devel). We also lose the issues with the (in my opinion) superfluous PKGNAMESUFFIX. I have used some of lwhsu@'s ideas from the net/freeradius-devel commit, whilst refining things further. In particular, I've ripped out all the slave port related stuff. It was a worthwhile exercise to create that port. Release notes ============= FreeRADIUS 2.0.0 has been released. The focus of this release is functionality. Feature Improvements * simple policy language (see man unlang) * virtual servers (raddb/sites-available/README) * IPv6 support * better proxy support (raddb/proxy.conf) * More EAP types * Debugging output should be much easier to understand * VMPS support * More modules have been moved to "stable" status (python, etc.) * SQL configuration has been cleaned up (see raddb/sql/*) * limited support for HUP. (The configuration for some modules is re-loaded on HUP. Nothing else is reloaded.) * check configuration and exit (radiusd -C) * Server core is now event based (simpler, more powerful) Bug Fixes * The server re-design has resulted in simple fixes for many issues that were too difficult to correct in Version 1.1.x. Please add the following note to /usr/ports/UPDATING: --- BEGINS --- AFFECTS: users of net/freeradius AUTHOR: David Wood <david@wood2.org.uk> FreeRADIUS 2.0 is now available as the net/freeradius2 port. All FreeRADIUS users are advised to consider upgrading to 2.0. It is the FreeRADIUS team's intention to put the 1.x server into 'maintenance' mode with just critical bug fixes.[1] 2.0 has many improvements including numerous bug fixes that were too difficult for the 1.x server, as well as many new features. Before uninstalling 1.x, it is recommended that you backup your configuration, which is typically in /usr/local/etc/raddb, then move it out of the way. It is also worth backing up the default configuration, which is typically in /usr/local/share/examples/freeradius/raddb. 1.x configurations should work with the 2.0 server [2]. However the port automatically upgrades any unedited files in the configuration when you install a new version of FreeRADIUS. Installing 2.0 with the residue of a 1.x configuration in the default location will result in a mixed 1.x and 2.0 configuration that may not work. The recommended approach is to diff your 1.x configuration against the default 1.x configuration, then make corresponding changes to a copy of the default 2.0 configuration. If you moved your 1.x configuration out of the way before upgrading, you will have a 2.0 configuration ready to edit in the default location. It is worth reading man 5 unlang for details of the new FreeRADIUS 'un-language' before starting. Alternatively, you can move your 1.x configuration to another location, such as /usr/local/etc/raddb_v1, then edit /etc/rc.conf to point the rc.d script to that location. For example: radiusd_flags="-d /usr/local/etc/raddb_v1" I cannot guarantee that all 1.x configurations will work with the 2.0 server, and I only recommend using a 1.x configuration as an interim measure. [1] - http://www.freeradius.org/business/roadmap.html [2] - http://preview.tinyurl.com/ysrr6a --- ENDS --- Fix: Patch attached with submission follows:
Responsible Changed From-To: freebsd-ports-bugs->beech I'll take it
For clarity - the patch deletes files/patch-radiusd-no-pie Apologies for leaving this out of the original PR.
State Changed From-To: open->closed Repocopy complete
State Changed From-To: closed->open Wrong pr
beech 2008-01-18 21:13:38 UTC FreeBSD ports repository Modified files: net/freeradius2 Makefile distinfo pkg-descr pkg-plist net/freeradius2/files patch-pthread Removed files: net/freeradius2/files patch-radiusd-no-pie Log: - Update to 2.0.0 PR: ports/119582 Submitted by: David Wood <david@wood2.org.uk> (maintainer) Approved by: linimon (mentor) Revision Changes Path 1.66 +48 -53 ports/net/freeradius2/Makefile 1.23 +3 -3 ports/net/freeradius2/distinfo 1.2 +7 -7 ports/net/freeradius2/files/patch-pthread 1.2 +0 -11 ports/net/freeradius2/files/patch-radiusd-no-pie (dead) 1.6 +5 -19 ports/net/freeradius2/pkg-descr 1.34 +160 -66 ports/net/freeradius2/pkg-plist _______________________________________________ cvs-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/cvs-all To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
beech 2008-01-18 21:19:47 UTC FreeBSD ports repository Modified files: . MOVED Log: -Add entry for net/freeradius2 PR: ports/119582 Approved by: linimon (mentor) Revision Changes Path 1.1529 +2 -1 ports/MOVED _______________________________________________ cvs-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/cvs-all To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
beech 2008-01-18 21:25:19 UTC FreeBSD ports repository Removed files: net/freeradius-devel Makefile distinfo pkg-descr pkg-plist net/freeradius-devel/files patch-pthread patch-radiusd-no-pie patch-src-main-listen.c radiusd.sh.in Log: - Send to attic PR: ports/119582 Submitted by: David Wood <david@wood2.org.uk> (maintainer) Approved by: linimon (mentor) Revision Changes Path 1.7 +0 -254 ports/net/freeradius-devel/Makefile (dead) 1.4 +0 -3 ports/net/freeradius-devel/distinfo (dead) 1.2 +0 -157 ports/net/freeradius-devel/files/patch-pthread (dead) 1.2 +0 -11 ports/net/freeradius-devel/files/patch-radiusd-no-pie (dead) 1.2 +0 -37 ports/net/freeradius-devel/files/patch-src-main-listen.c (dead) 1.2 +0 -32 ports/net/freeradius-devel/files/radiusd.sh.in (dead) 1.4 +0 -29 ports/net/freeradius-devel/pkg-descr (dead) 1.4 +0 -610 ports/net/freeradius-devel/pkg-plist (dead) _______________________________________________ cvs-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/cvs-all To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
beech 2008-01-18 21:46:51 UTC FreeBSD ports repository Modified files: . UPDATING Log: - Add entry for net/radius2 PR: ports/119582 Submitted by: David Wood <david@wood2.org.uk> (maintainer) Approved by: linimon (mentor) Revision Changes Path 1.575 +41 -1 ports/UPDATING _______________________________________________ cvs-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/cvs-all To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"
State Changed From-To: open->closed All Committed, Thanks!
lwhsu 2008-01-20 02:28:26 UTC FreeBSD ports repository Modified files: security/vuxml vuln.xml Log: - Fix freeradius-devel entry, narrow down range to prevent affect later versions PR: ports/119582 Submitted by: David Wood <david AT wood2.org.uk> Reviewed by: pav Revision Changes Path 1.1544 +2 -2 ports/security/vuxml/vuln.xml _______________________________________________ cvs-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/cvs-all To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"