Bug 133532 - [maintainer update] update net/freeradius2 to 2.1.4
Summary: [maintainer update] update net/freeradius2 to 2.1.4
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: Normal Affects Only Me
Assignee: Dmitry Marakasov
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2009-04-09 05:10 UTC by David Wood
Modified: 2009-04-10 01:00 UTC (History)
0 users

See Also:


Attachments
file.diff (7.82 KB, patch)
2009-04-09 05:10 UTC, David Wood
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description David Wood 2009-04-09 05:10:02 UTC
Update to FreeRADIUS 2.1.4.

This patch has been ready for a little while, but I was holding
back in the hope that the overdue FreeRADIUS 2.1.5 would be
released, fixing a few problems. With the imminent ports freeze, I
am submitting this patch now.


FreeBSD notes
=============

Mark MAKE_JOBS_UNSAFE.

Patch raddb/certs/Makefile for the full path to the openssl binary
(so that ports OpenSSL is used to bootstrap the server if it is
installed).

Use the pkg-install mechanism to update the libdir line in
radiusd.conf automatically.


In this version of FreeRADIUS, it appears that radmin is broken on
FreeBSD if you have gid (and/or uid, presumably) set in
raddb/sites-available/control-socket. In this event, the call to
getpeereid(3) in line 2096 of src/main/command.c fails with
ENOTCONN, radiusd segfaults and radmin goes into a loop using 100%
CPU time on one core. I hope to look further into this, but that
is a low priority task for me. If you are affected, you'll have to
unset uid and gid in raddb/sites-available/control-socket and rely
purely on the file permissions of /var/run/radiusd/radiusd.sock
for security. In any event, radmin is not for production use - see
the warnings on the man page for radmin(1).


This really is version 2.1.4 - VERSION is mistakenly set to 2.1.5
(see http://preview.tinyurl.com/dcnbsz for more details).


Release notes
=============

Feature improvements

* Permit multiple "-e" in radmin.
* Add support for originating CoA-Request and Disconnect-Request.
  See raddb/sites-available/originate-coa.
* Added "lifetime" and "max_queries" to raddb/sql.conf.
  This helps address the problem of hung SQL sockets.
* Allow packets to be injected via radmin.  See "inject help"
  in radmin.
* Answer VMPS reconfirmation request.  Patch from Hermann Lauer.
* Sample logrotate script in scripts/logrotate.freeradius
* Add configurable poll interval for "detail" listeners
* New "raddebug" command.  This prints debugging information from
  a running server.  See "man raddebug.
* Add "require_message_authenticator" configuration to home_server
  configuration.  This makes the server add Message-Authenticator
  to all outgoing Access-Request packets.
* Added smsotp module, as contributed by Siemens.
* Enabled the administration socket in the default install.
  See raddb/sites-available/control-socket, and "man radmin"
* Handle duplicate clients, such as with replicated or
  load-balanced SQL servers and "readclients = yes"


Bug fixes

* Clean up control sockets when they are closed, so that we don't
  leak memory.
* Define SUN_LEN for systems that don't have it.
* Correct some boundary conditions in the conditional checker ("if")
  in "unlang".  Bug noted by Arran Cudbard-Bell.
* Work around minor building issues in gmake.  This should only
  have affected developers.
* Change how we manage unprivileged user/group, so that we do not
  create control sockets owned by root.
* Fixed more minor issues found by Coverity.
* Allow raddb/certs/bootstrap to run when there is no "make"
  command installed.
* In radiusd.conf, run_dir depends on the name of the program,
  and isn't hard-coded to "..../radiusd"
* Check for EOF in more places in the "detail" file reader.
* Added Freeswitch dictionary.
* Chop ethernet frames in VMPS, rather than droppping packets.
* Fix EAP-TLS bug.  Patch from Arnaud Ebalard
* Don't lose string for regex-compares in the "users" file.
* Expose more functions in rlm_sql to rlm_sqlippool, which
  helps on systems where RTLD_GLOBAL is off.
* Fix typos in MySQL schemas for ippools.
* Remove macro that was causing build issues on some platforms.
* Fixed issues with dead home servers.  Bug noted by Chris Moules.
* Fixed "access after free" with some dynamic clients.

INSTRUCTIONS
============

No files have been been deleted.

files/patch-version and files/patch-bootstrap have been added.

Fix: Patch attached with submission follows:
Comment 1 Dmitry Marakasov freebsd_committer 2009-04-09 14:25:51 UTC
Responsible Changed
From-To: freebsd-ports-bugs->amdmi3

I'll take it.
Comment 2 Dmitry Marakasov freebsd_committer 2009-04-10 00:54:13 UTC
State Changed
From-To: open->closed

Committed. Thanks!
Comment 3 dfilter service freebsd_committer 2009-04-10 00:54:32 UTC
amdmi3      2009-04-09 23:54:04 UTC

  FreeBSD ports repository

  Modified files:
    net/freeradius2      Makefile distinfo pkg-plist 
    net/freeradius2/files pkg-install.in 
  Added files:
    net/freeradius2/files patch-bootstrap patch-version 
  Log:
  - Update to 2.1.4.
  
  PR:             133532
  Submitted by:   David Wood <david at wood2 dot org dot uk> (maintainer)
  
  Revision  Changes    Path
  1.76      +20 -5     ports/net/freeradius2/Makefile
  1.28      +3 -3      ports/net/freeradius2/distinfo
  1.1       +11 -0     ports/net/freeradius2/files/patch-bootstrap (new)
  1.1       +5 -0      ports/net/freeradius2/files/patch-version (new)
  1.3       +15 -1     ports/net/freeradius2/files/pkg-install.in
  1.38      +11 -1     ports/net/freeradius2/pkg-plist
_______________________________________________
cvs-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/cvs-all
To unsubscribe, send any mail to "cvs-all-unsubscribe@freebsd.org"