Received: by mail.netbsd.org (Postfix, from userid 605) id D20E484EB4; Thu, 12 Apr 2018 01:21:10 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by mail.netbsd.org (Postfix) with ESMTP id CAE5684D95 for ; Thu, 12 Apr 2018 01:21:09 +0000 (UTC) X-Virus-Scanned: amavisd-new at netbsd.org Received: from mail.netbsd.org ([IPv6:::1]) by localhost (mail.netbsd.org [IPv6:::1]) (amavisd-new, port 10025) with ESMTP id UmCE5WUQlnzP for ; Thu, 12 Apr 2018 01:21:07 +0000 (UTC) Received: from cvs.NetBSD.org (ivanova.NetBSD.org [IPv6:2001:470:a085:999:28c:faff:fe03:5984]) by mail.netbsd.org (Postfix) with ESMTP id CAA9984D04 for ; Thu, 12 Apr 2018 01:21:07 +0000 (UTC) Received: by cvs.NetBSD.org (Postfix, from userid 500) id B9CF2FBEC; Thu, 12 Apr 2018 01:21:07 +0000 (UTC) Content-Transfer-Encoding: 7bit Content-Type: multipart/mixed; boundary="_----------=_1523496067284890" MIME-Version: 1.0 Date: Thu, 12 Apr 2018 01:21:07 +0000 From: "NONAKA Kimihiro" Subject: CVS commit: pkgsrc/net/freeradius To: pkgsrc-changes@NetBSD.org Reply-To: nonaka@netbsd.org X-Mailer: log_accum Message-Id: <20180412012107.B9CF2FBEC@cvs.NetBSD.org> Sender: pkgsrc-changes-owner@NetBSD.org List-Id: pkgsrc-changes.NetBSD.org Precedence: bulk List-Unsubscribe: This is a multi-part message in MIME format. --_----------=_1523496067284890 Content-Disposition: inline Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset="US-ASCII" Module Name: pkgsrc Committed By: nonaka Date: Thu Apr 12 01:21:07 UTC 2018 Modified Files: pkgsrc/net/freeradius: DEINSTALL INSTALL Makefile Makefile.common PLIST distinfo pkgsrc/net/freeradius/patches: patch-ai patch-configure.ac Removed Files: pkgsrc/net/freeradius/patches: patch-rlm_krb5_configure patch-rlm_perl_configure patch-rlm_yubikey_configure Log Message: freeradius: Updated to 3.0.16 2018.01.11 Version 3.0.16 has been released. The focus of this release is stability. Feature Improvements * rlm_python now supports multiple lists. From #2031. * Add trust router re-keying. From #2007. * Add support for Samba / AD LDAP schema See doc/schemas/ldap/samba/README.txt and doc/schemas/ldap/samba/. * Add "tls_min_version" and "tls_max_version" to EAP module for Debian OpenSSL issues. * Better documentation for client certificates in PEAP and TTLS: it usually doesn't work. Fixes #2068. * Distinguish login failure from AD unavailable. Fixes #2069. * Update RH spec files. Fixes #2070. * Run Post-Proxy-Type if all home servers are dead Fixes #2072. * Print offending IP addresses when EAP sessions come from two upstream home servers, and rate-limit the messages. * Minor packaging updates. * Better documentation for rlm_rest. * EAP-FAST now has it's own "cipher_list", so that it is easier to configure. * EAP-FAST now forcibly disables TLS1.2, until such time as we implement the new keying mechanism from TLS1.2. * Add documentation for allow_expired_crl. * Update Debian logrotation. #2093 and #2101. * DHCP relay can now drop responses. #2095. * rlm_sqlippool can now assign Delegated-IPv6-Prefix It also now can assign any IPv4 or IPv6 address Based on patches from maximumG. #2094 See raddb/mods-available/sqlippool for changes. * radeapclient can now use EAP-SIM-Ki to dynamically create the necessary triplets. * Explain why many LDAP connections are closed Fixes #1969. * Debian build / package issues fixed by Matthew Newton. * dictionary.patton updates from Brice Schaffner. Fixes #2137. * Added scripts to build "inner-server.pem", and updated mods-config/inner-eap and certs/README to match. * Added provisions for using an external CA. See raddb/certs/. * Include dhcpclient binary in freeradius-dhcp debian packge. Bug Fixes * Bind the lifetime of program name and python path to the module FR-AD-002 (redone). * Pass correct statement length into sqlite3_prepare[_v2] FR-AD-003 (redone). * Allow 100-Continue responses with additional headers in rlm_rest. * fix corner case where detail files were not being locked correctly. * Fix (SQL-Group == "%{...}") checks, and same for LDAP-Group Fixes #1947. * Clean up exfile code. Which should help to avoid issues with reading / writing 100's of detail files. * Fix build for winbind. Patch from Alex Clouter. * Fix checkrad for Mikrotik. Patch from Muchael Ducharme. * Fix home server stats lookup. Patch from Phil Mayers. * Add libjson-c3 as an optional dependency. * Require LTB OpenLDAP on CentOS / Redhat, to avoid linking against NSS, which breaks the server. Fixes #2040. * rlm_python fixes. Fixes #2041. * Typos in "man" pages. Fixes #2045. * Expand "next" in %{%{...}:-%{...}}. Fixes #2048. * Don't add TLS attributes twice. Fixes #2050. * Fix memory allocation in rlm_rest. Fixes #2051. * Update trustrouter for new API. Fixes #2059. * Fix SQLite issues on FreeBSD. Fixes #2060. * Don't do debug logging of bad passwords. Fixes #2064. * More graceful handling of "die" in rlm_perl. Fixes #2073. * Fix occasional crash when using cisco_accounting_username_bug = yes. * EAP-FAST fixes from Isaac Boukris #2078, #2076, and #2082, #2126. * DHCP fixes, relay, #2092, add run-time check, #2028. * Decode multiple RADIUS packets at a time in highly loaded RadSec connections. Patch from Jan Tomasek. #2106. * TunnelPassword is not "single value" in LDAP schema Fixes #2061. * sql log now opens the expanded filename, not the input one This was a regression introduced in 3.0.15. * Remove unnecessary UNIQUE constrain in Oracle schemas. * Fix SSL thread and locking issues when modules also use SSL Fixes #2125 and #2129. * Re-add dhcpclient "raw packet" changes. Patches from Nicolas Chaigne and Matthew Newton. Fixes #2155. To generate a diff of this commit: cvs rdiff -u -r1.1 -r1.2 pkgsrc/net/freeradius/DEINSTALL \ pkgsrc/net/freeradius/INSTALL pkgsrc/net/freeradius/Makefile.common cvs rdiff -u -r1.94 -r1.95 pkgsrc/net/freeradius/Makefile cvs rdiff -u -r1.28 -r1.29 pkgsrc/net/freeradius/PLIST cvs rdiff -u -r1.34 -r1.35 pkgsrc/net/freeradius/distinfo cvs rdiff -u -r1.12 -r1.13 pkgsrc/net/freeradius/patches/patch-ai cvs rdiff -u -r1.1 -r1.2 pkgsrc/net/freeradius/patches/patch-configure.ac cvs rdiff -u -r1.1 -r0 pkgsrc/net/freeradius/patches/patch-rlm_krb5_configure \ pkgsrc/net/freeradius/patches/patch-rlm_perl_configure \ pkgsrc/net/freeradius/patches/patch-rlm_yubikey_configure Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. --_----------=_1523496067284890 Content-Disposition: inline Content-Length: 12532 Content-Transfer-Encoding: binary Content-Type: text/x-diff; charset=us-ascii Modified files: Index: pkgsrc/net/freeradius/DEINSTALL diff -u pkgsrc/net/freeradius/DEINSTALL:1.1 pkgsrc/net/freeradius/DEINSTALL:1.2 --- pkgsrc/net/freeradius/DEINSTALL:1.1 Sat Aug 26 10:07:27 2017 +++ pkgsrc/net/freeradius/DEINSTALL Thu Apr 12 01:21:07 2018 @@ -1,11 +1,11 @@ -# $NetBSD: DEINSTALL,v 1.1 2017/08/26 10:07:27 fhajny Exp $ +# $NetBSD: DEINSTALL,v 1.2 2018/04/12 01:21:07 nonaka Exp $ # # Remove default symlinks in ${PKG_SYSCONFDIR} for enabled modules/sites # SITES_ENABLED="default inner-tunnel" MODS_ENABLED="always attr_filter cache_eap chap date detail detail.log - dhcp digest dynamic_clients eap echo exec expiration expr + digest dynamic_clients eap echo exec expiration expr files linelog logintime mschap ntlm_auth pap passwd preprocess radutmp realm replicate soh sradutmp unix unpack utf8" Index: pkgsrc/net/freeradius/INSTALL diff -u pkgsrc/net/freeradius/INSTALL:1.1 pkgsrc/net/freeradius/INSTALL:1.2 --- pkgsrc/net/freeradius/INSTALL:1.1 Sat Aug 26 10:07:27 2017 +++ pkgsrc/net/freeradius/INSTALL Thu Apr 12 01:21:07 2018 @@ -1,11 +1,11 @@ -# $NetBSD: INSTALL,v 1.1 2017/08/26 10:07:27 fhajny Exp $ +# $NetBSD: INSTALL,v 1.2 2018/04/12 01:21:07 nonaka Exp $ # # Create default symlinks in ${PKG_SYSCONFDIR} for enabled modules/sites # SITES_ENABLED="default inner-tunnel" MODS_ENABLED="always attr_filter cache_eap chap date detail detail.log - dhcp digest dynamic_clients eap echo exec expiration expr + digest dynamic_clients eap echo exec expiration expr files linelog logintime mschap ntlm_auth pap passwd preprocess radutmp realm replicate soh sradutmp unix unpack utf8" Index: pkgsrc/net/freeradius/Makefile.common diff -u pkgsrc/net/freeradius/Makefile.common:1.1 pkgsrc/net/freeradius/Makefile.common:1.2 --- pkgsrc/net/freeradius/Makefile.common:1.1 Sat Aug 26 10:07:28 2017 +++ pkgsrc/net/freeradius/Makefile.common Thu Apr 12 01:21:07 2018 @@ -1,7 +1,7 @@ -# $NetBSD: Makefile.common,v 1.1 2017/08/26 10:07:28 fhajny Exp $ +# $NetBSD: Makefile.common,v 1.2 2018/04/12 01:21:07 nonaka Exp $ # used by net/freeradius/Makefile.module -DISTNAME= freeradius-server-3.0.15 +DISTNAME= freeradius-server-3.0.16 CATEGORIES= net MASTER_SITES= ftp://ftp.freeradius.org/pub/freeradius/ EXTRACT_SUFX= .tar.bz2 Index: pkgsrc/net/freeradius/Makefile diff -u pkgsrc/net/freeradius/Makefile:1.94 pkgsrc/net/freeradius/Makefile:1.95 --- pkgsrc/net/freeradius/Makefile:1.94 Sun Jan 28 20:10:58 2018 +++ pkgsrc/net/freeradius/Makefile Thu Apr 12 01:21:07 2018 @@ -1,6 +1,5 @@ -# $NetBSD: Makefile,v 1.94 2018/01/28 20:10:58 wiz Exp $ +# $NetBSD: Makefile,v 1.95 2018/04/12 01:21:07 nonaka Exp $ -PKGREVISION= 1 .include "Makefile.common" PKGNAME= ${DISTNAME:S/-server//} @@ -30,6 +29,7 @@ CONFIGURE_ARGS+= --without-rlm_sql_oracl CONFIGURE_ARGS+= --without-rlm_sql_postgresql CONFIGURE_ARGS+= --without-rlm_sql_unixodbc +RCD_SCRIPTS= radiusd RADIUS_GROUP?= radiusd RADIUS_USER?= radiusd PKG_GROUPS= ${RADIUS_GROUP} @@ -53,10 +53,10 @@ MESSAGE_SUBST+= BOOTSTRAP=${PKG_SYSCONF EGDIR= ${PREFIX}/share/examples/freeradius -EGFILES= certs/ca.cnf certs/client.cnf certs/Makefile \ - certs/README certs/server.cnf certs/xpextensions \ +EGFILES= certs/ca.cnf certs/client.cnf certs/inner-server.cnf \ + certs/Makefile certs/README certs/server.cnf \ + certs/xpextensions \ clients.conf dictionary experimental.conf \ - hints huntgroups \ mods-available/abfab_psk_sql mods-available/always \ mods-available/attr_filter mods-available/cache \ mods-available/cache_eap mods-available/chap \ @@ -147,7 +147,6 @@ EGFILES= certs/ca.cnf certs/client.cnf mods-config/sql/main/oracle/queries.conf \ mods-config/sql/main/oracle/schema.sql \ mods-config/sql/main/postgresql/extras/cisco_h323_db_schema.sql \ - mods-config/sql/main/postgresql/extras/update_radacct_group.sql \ mods-config/sql/main/postgresql/extras/voip-postpaid.conf \ mods-config/sql/main/postgresql/queries.conf \ mods-config/sql/main/postgresql/schema.sql \ Index: pkgsrc/net/freeradius/PLIST diff -u pkgsrc/net/freeradius/PLIST:1.28 pkgsrc/net/freeradius/PLIST:1.29 --- pkgsrc/net/freeradius/PLIST:1.28 Tue Jan 23 15:31:23 2018 +++ pkgsrc/net/freeradius/PLIST Thu Apr 12 01:21:07 2018 @@ -1,4 +1,4 @@ -@comment $NetBSD: PLIST,v 1.28 2018/01/23 15:31:23 jperkin Exp $ +@comment $NetBSD: PLIST,v 1.29 2018/04/12 01:21:07 nonaka Exp $ bin/dhcpclient bin/map_unit bin/rad_counter @@ -303,6 +303,12 @@ share/doc/freeradius/schemas/ldap/openld share/doc/freeradius/schemas/ldap/openldap/freeradius-clients.schema share/doc/freeradius/schemas/ldap/openldap/freeradius.ldif share/doc/freeradius/schemas/ldap/openldap/freeradius.schema +share/doc/freeradius/schemas/ldap/samba/README.txt +share/doc/freeradius/schemas/ldap/samba/freeradius-attrs.ldif +share/doc/freeradius/schemas/ldap/samba/freeradius-classes.ldif +share/doc/freeradius/schemas/ldap/samba/freeradius-clients-attrs.ldif +share/doc/freeradius/schemas/ldap/samba/freeradius-clients-classes.ldif +share/doc/freeradius/schemas/ldap/samba/freeradius-user.ldif share/doc/freeradius/schemas/logstash/README share/doc/freeradius/schemas/logstash/kibana4-dashboard.json share/doc/freeradius/schemas/logstash/log-courier.conf @@ -319,6 +325,7 @@ share/examples/freeradius/certs/README share/examples/freeradius/certs/bootstrap share/examples/freeradius/certs/ca.cnf share/examples/freeradius/certs/client.cnf +share/examples/freeradius/certs/inner-server.cnf share/examples/freeradius/certs/server.cnf share/examples/freeradius/certs/xpextensions share/examples/freeradius/clients.conf @@ -449,7 +456,6 @@ share/examples/freeradius/mods-config/sq share/examples/freeradius/mods-config/sql/main/oracle/queries.conf share/examples/freeradius/mods-config/sql/main/oracle/schema.sql share/examples/freeradius/mods-config/sql/main/postgresql/extras/cisco_h323_db_schema.sql -share/examples/freeradius/mods-config/sql/main/postgresql/extras/update_radacct_group.sql share/examples/freeradius/mods-config/sql/main/postgresql/extras/voip-postpaid.conf share/examples/freeradius/mods-config/sql/main/postgresql/queries.conf share/examples/freeradius/mods-config/sql/main/postgresql/schema.sql @@ -470,7 +476,6 @@ share/examples/freeradius/mods-enabled/c share/examples/freeradius/mods-enabled/date share/examples/freeradius/mods-enabled/detail share/examples/freeradius/mods-enabled/detail.log -share/examples/freeradius/mods-enabled/dhcp share/examples/freeradius/mods-enabled/digest share/examples/freeradius/mods-enabled/dynamic_clients share/examples/freeradius/mods-enabled/eap Index: pkgsrc/net/freeradius/distinfo diff -u pkgsrc/net/freeradius/distinfo:1.34 pkgsrc/net/freeradius/distinfo:1.35 --- pkgsrc/net/freeradius/distinfo:1.34 Sat Mar 31 20:10:49 2018 +++ pkgsrc/net/freeradius/distinfo Thu Apr 12 01:21:07 2018 @@ -1,14 +1,11 @@ -$NetBSD: distinfo,v 1.34 2018/03/31 20:10:49 joerg Exp $ +$NetBSD: distinfo,v 1.35 2018/04/12 01:21:07 nonaka Exp $ -SHA1 (freeradius-server-3.0.15.tar.bz2) = f651142a31b514fc80d888fe8ab5040cbfdd546e -RMD160 (freeradius-server-3.0.15.tar.bz2) = 46d2d491b71516c6db7659e46e1ec44c7fbf9d1f -SHA512 (freeradius-server-3.0.15.tar.bz2) = a2808f0b70b73f11c4c7d00edcb4a56a2ab8f73ce0ff74a9834c8b613ce5ed75ece372f852b0891f68c6a33f50c1bababb76d2eff9326a7fc29fe6b45ec9af88 -Size (freeradius-server-3.0.15.tar.bz2) = 3038070 bytes -SHA1 (patch-ai) = 834fea0886410de30ed489fa39be066fa3fb3186 -SHA1 (patch-configure.ac) = 2e1a979f51122f4c214f11574116a9a7695387d0 +SHA1 (freeradius-server-3.0.16.tar.bz2) = a7d1a88e112ce41ad08bd8beb66a5bdf36cac755 +RMD160 (freeradius-server-3.0.16.tar.bz2) = 0acbc54bc135ac18dc22c09f492b57eef8160a7b +SHA512 (freeradius-server-3.0.16.tar.bz2) = fc26e8655e8155ad8b3d4e796a43fa9954f413195f0210e7e94c6b67e0b43d765e7886d9835fe56de0a70d13bba47868dd274f9e8a5669fdb2478a269b48ed10 +Size (freeradius-server-3.0.16.tar.bz2) = 3054887 bytes +SHA1 (patch-ai) = e32ffd24b93e2cef2e72ef9a8ea59d49e1571dc0 +SHA1 (patch-configure.ac) = ffec1f851d23f560797c12eba5092f2940e4d662 SHA1 (patch-main_command.c) = 1c79b29eb13df341906c710c8dd41860a27473dd SHA1 (patch-main_util.c) = b9cefdb9bc30df0906184e8c0bb883e5258767c3 -SHA1 (patch-rlm_krb5_configure) = e97f0efe85c449d3b8a9aa450b6b7d1d0e4c6b89 -SHA1 (patch-rlm_perl_configure) = 577d6f0df7322ee12a99aafcdcc2d0b40e89eb69 -SHA1 (patch-rlm_yubikey_configure) = ea62cc0e87da014befbd0ad79f68dc852dc0f254 SHA1 (patch-src_lib_udpfromto.c) = c8fce29e2b481820f1cc2196577f7d38bb549e1c Index: pkgsrc/net/freeradius/patches/patch-ai diff -u pkgsrc/net/freeradius/patches/patch-ai:1.12 pkgsrc/net/freeradius/patches/patch-ai:1.13 --- pkgsrc/net/freeradius/patches/patch-ai:1.12 Sat Sep 9 22:46:57 2017 +++ pkgsrc/net/freeradius/patches/patch-ai Thu Apr 12 01:21:07 2018 @@ -1,36 +1,9 @@ -$NetBSD: patch-ai,v 1.12 2017/09/09 22:46:57 joerg Exp $ +$NetBSD: patch-ai,v 1.13 2018/04/12 01:21:07 nonaka Exp $ Portable test syntax --- configure.orig 2017-07-17 12:43:00.000000000 +0000 +++ configure -@@ -9047,7 +9047,7 @@ fi - - smart_prefix= - -- if test "x$ac_cv_header_pcap_h" == "xyes"; then -+ if test "x$ac_cv_header_pcap_h" = "xyes"; then - - $as_echo "#define HAVE_PCAP_H 1" >>confdefs.h - -@@ -9290,7 +9290,7 @@ fi - - smart_prefix= - -- if test "x$ac_cv_header_collectd_client_h" == "xyes"; then -+ if test "x$ac_cv_header_collectd_client_h" = "xyes"; then - - $as_echo "#define HAVE_COLLECTDC_H 1" >>confdefs.h - -@@ -9533,7 +9533,7 @@ fi - - smart_prefix= - -- if test "x$ac_cv_header_sys_capability_h" == "xyes"; then -+ if test "x$ac_cv_header_sys_capability_h" = "xyes"; then - - $as_echo "#define HAVE_CAPABILITY_H 1" >>confdefs.h - @@ -10133,7 +10133,49 @@ $as_echo "no" >&6; } eval "ac_cv_type_${ac_safe_type}_has_ipi_addr=" fi @@ -82,12 +55,3 @@ Portable test syntax $as_echo "#define HAVE_IP_PKTINFO /**/" >>confdefs.h -@@ -12656,7 +12698,7 @@ subdirs="$subdirs $mysubdirs" - - - --if test "x$werror" == "xyes"; then -+if test "x$werror" = "xyes"; then - CFLAGS="-Werror $CFLAGS" - fi - Index: pkgsrc/net/freeradius/patches/patch-configure.ac diff -u pkgsrc/net/freeradius/patches/patch-configure.ac:1.1 pkgsrc/net/freeradius/patches/patch-configure.ac:1.2 --- pkgsrc/net/freeradius/patches/patch-configure.ac:1.1 Sat Sep 9 22:46:57 2017 +++ pkgsrc/net/freeradius/patches/patch-configure.ac Thu Apr 12 01:21:07 2018 @@ -1,37 +1,10 @@ -$NetBSD: patch-configure.ac,v 1.1 2017/09/09 22:46:57 joerg Exp $ +$NetBSD: patch-configure.ac,v 1.2 2018/04/12 01:21:07 nonaka Exp $ Check if in_pkt_info has ipi_spec_dst before trying to use (NetBSD 8 doesn't). Fix test syntax. --- configure.ac.orig 2017-07-17 12:43:00.000000000 +0000 +++ configure.ac -@@ -1213,7 +1213,7 @@ else - dnl # - smart_try_dir="$pcap_include_dir" - FR_SMART_CHECK_INCLUDE([pcap.h]) -- if test "x$ac_cv_header_pcap_h" == "xyes"; then -+ if test "x$ac_cv_header_pcap_h" = "xyes"; then - AC_DEFINE(HAVE_PCAP_H, 1, [Define to 1 if you have the header file.]) - AC_SUBST(PCAP_LIBS) - AC_SUBST(PCAP_LDFLAGS) -@@ -1231,7 +1231,7 @@ else - dnl # - smart_try_dir="$collectdclient_include_dir" - FR_SMART_CHECK_INCLUDE([collectd/client.h]) -- if test "x$ac_cv_header_collectd_client_h" == "xyes"; then -+ if test "x$ac_cv_header_collectd_client_h" = "xyes"; then - AC_DEFINE(HAVE_COLLECTDC_H, 1, [Define to 1 if you have the `collectdclient' library (-lcollectdclient).]) - AC_SUBST(COLLECTDC_LIBS) - AC_SUBST(COLLECTDC_LDFLAGS) -@@ -1251,7 +1251,7 @@ else - dnl # - smart_try_dir="$cap_include_dir" - FR_SMART_CHECK_INCLUDE([sys/capability.h]) -- if test "x$ac_cv_header_sys_capability_h" == "xyes"; then -+ if test "x$ac_cv_header_sys_capability_h" = "xyes"; then - AC_DEFINE(HAVE_CAPABILITY_H, 1, [Define to 1 if you have the header file.]) - else - AC_MSG_WARN([cap headers not found, will not perform debugger checks. Use --with-cap-include-dir=.]) @@ -1511,7 +1511,8 @@ dnl # dnl # struct ip_pktinfo dnl # @@ -42,12 +15,3 @@ Fix test syntax. AC_DEFINE(HAVE_IP_PKTINFO, [], [define if you have IP_PKTINFO (Linux)]) fi -@@ -2217,7 +2218,7 @@ dnl # Add -Werror last, so it doesn't i - dnl # test programs. - dnl # - dnl ############################################################# --if test "x$werror" == "xyes"; then -+if test "x$werror" = "xyes"; then - CFLAGS="-Werror $CFLAGS" - fi - --_----------=_1523496067284890--