Update to FreeRADIUS 2.1.4. This patch has been ready for a little while, but I was holding back in the hope that the overdue FreeRADIUS 2.1.5 would be released, fixing a few problems. With the imminent ports freeze, I am submitting this patch now. FreeBSD notes ============= Mark MAKE_JOBS_UNSAFE. Patch raddb/certs/Makefile for the full path to the openssl binary (so that ports OpenSSL is used to bootstrap the server if it is installed). Use the pkg-install mechanism to update the libdir line in radiusd.conf automatically. In this version of FreeRADIUS, it appears that radmin is broken on FreeBSD if you have gid (and/or uid, presumably) set in raddb/sites-available/control-socket. In this event, the call to getpeereid(3) in line 2096 of src/main/command.c fails with ENOTCONN, radiusd segfaults and radmin goes into a loop using 100% CPU time on one core. I hope to look further into this, but that is a low priority task for me. If you are affected, you'll have to unset uid and gid in raddb/sites-available/control-socket and rely purely on the file permissions of /var/run/radiusd/radiusd.sock for security. In any event, radmin is not for production use - see the warnings on the man page for radmin(1). This really is version 2.1.4 - VERSION is mistakenly set to 2.1.5 (see http://preview.tinyurl.com/dcnbsz for more details). Release notes ============= Feature improvements * Permit multiple "-e" in radmin. * Add support for originating CoA-Request and Disconnect-Request. See raddb/sites-available/originate-coa. * Added "lifetime" and "max_queries" to raddb/sql.conf. This helps address the problem of hung SQL sockets. * Allow packets to be injected via radmin. See "inject help" in radmin. * Answer VMPS reconfirmation request. Patch from Hermann Lauer. * Sample logrotate script in scripts/logrotate.freeradius * Add configurable poll interval for "detail" listeners * New "raddebug" command. This prints debugging information from a running server. See "man raddebug. * Add "require_message_authenticator" configuration to home_server configuration. This makes the server add Message-Authenticator to all outgoing Access-Request packets. * Added smsotp module, as contributed by Siemens. * Enabled the administration socket in the default install. See raddb/sites-available/control-socket, and "man radmin" * Handle duplicate clients, such as with replicated or load-balanced SQL servers and "readclients = yes" Bug fixes * Clean up control sockets when they are closed, so that we don't leak memory. * Define SUN_LEN for systems that don't have it. * Correct some boundary conditions in the conditional checker ("if") in "unlang". Bug noted by Arran Cudbard-Bell. * Work around minor building issues in gmake. This should only have affected developers. * Change how we manage unprivileged user/group, so that we do not create control sockets owned by root. * Fixed more minor issues found by Coverity. * Allow raddb/certs/bootstrap to run when there is no "make" command installed. * In radiusd.conf, run_dir depends on the name of the program, and isn't hard-coded to "..../radiusd" * Check for EOF in more places in the "detail" file reader. * Added Freeswitch dictionary. * Chop ethernet frames in VMPS, rather than droppping packets. * Fix EAP-TLS bug. Patch from Arnaud Ebalard * Don't lose string for regex-compares in the "users" file. * Expose more functions in rlm_sql to rlm_sqlippool, which helps on systems where RTLD_GLOBAL is off. * Fix typos in MySQL schemas for ippools. * Remove macro that was causing build issues on some platforms. * Fixed issues with dead home servers. Bug noted by Chris Moules. * Fixed "access after free" with some dynamic clients. INSTRUCTIONS ============ No files have been been deleted. files/patch-version and files/patch-bootstrap have been added. Fix: Patch attached with submission follows:
Responsible Changed From-To: freebsd-ports-bugs->amdmi3 I'll take it.
State Changed From-To: open->closed Committed. Thanks!
amdmi3 2009-04-09 23:54:04 UTC FreeBSD ports repository Modified files: net/freeradius2 Makefile distinfo pkg-plist net/freeradius2/files pkg-install.in Added files: net/freeradius2/files patch-bootstrap patch-version Log: - Update to 2.1.4. PR: 133532 Submitted by: David Wood <david at wood2 dot org dot uk> (maintainer) Revision Changes Path 1.76 +20 -5 ports/net/freeradius2/Makefile 1.28 +3 -3 ports/net/freeradius2/distinfo 1.1 +11 -0 ports/net/freeradius2/files/patch-bootstrap (new) 1.1 +5 -0 ports/net/freeradius2/files/patch-version (new) 1.3 +15 -1 ports/net/freeradius2/files/pkg-install.in 1.38 +11 -1 ports/net/freeradius2/pkg-plist _______________________________________________ cvs-all@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/cvs-all To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"