Received: by mail.netbsd.org (Postfix, from userid 605) id 83BDE84DE2; Mon, 30 Dec 2019 18:17:24 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by mail.netbsd.org (Postfix) with ESMTP id 098EC84D92 for ; Mon, 30 Dec 2019 18:17:24 +0000 (UTC) X-Virus-Scanned: amavisd-new at netbsd.org Received: from mail.netbsd.org ([127.0.0.1]) by localhost (mail.netbsd.org [127.0.0.1]) (amavisd-new, port 10025) with ESMTP id o03s68M6Gn2q for ; Mon, 30 Dec 2019 18:17:22 +0000 (UTC) Received: from cvs.NetBSD.org (ivanova.netbsd.org [199.233.217.197]) by mail.netbsd.org (Postfix) with ESMTP id D0D3284C2B for ; Mon, 30 Dec 2019 18:17:22 +0000 (UTC) Received: by cvs.NetBSD.org (Postfix, from userid 500) id C579DFA97; Mon, 30 Dec 2019 18:17:22 +0000 (UTC) Content-Transfer-Encoding: 7bit Content-Type: multipart/mixed; boundary="_----------=_1577729842247420" MIME-Version: 1.0 Date: Mon, 30 Dec 2019 18:17:22 +0000 From: "Adam Ciarcinski" Subject: CVS commit: pkgsrc/net To: pkgsrc-changes@NetBSD.org Reply-To: adam@netbsd.org X-Mailer: log_accum Message-Id: <20191230181722.C579DFA97@cvs.NetBSD.org> Sender: pkgsrc-changes-owner@NetBSD.org List-Id: pkgsrc-changes.NetBSD.org Precedence: bulk List-Unsubscribe: This is a multi-part message in MIME format. --_----------=_1577729842247420 Content-Disposition: inline Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset="US-ASCII" Module Name: pkgsrc Committed By: adam Date: Mon Dec 30 18:17:22 UTC 2019 Modified Files: pkgsrc/net/freeradius: DEINSTALL Makefile Makefile.common PLIST distinfo pkgsrc/net/freeradius-freetds: Makefile pkgsrc/net/freeradius-perl: Makefile pkgsrc/net/freeradius-rest: Makefile Log Message: freeradius: updated to 3.0.20 FreeRADIUS 3.0.20 Thu 14 Nov 2019 12:00:00 EDT urgency=medium Feature improvements * Add Jenkins continuous integration. Used to build http://packages.networkradius.com/ * Added Force10 dictionary. * Update dictionary.hp with new attributes. * Update dictionary.aruba with new attributes. * Update logrotate settings to rotate as non-root user. * Fix side-channel leak in EAP-PWD. Patch from Mathy Vanhoef. * Relax OpenSSL version checks, now that their API is both public, and stable. * Note that tls_min_version/tls_max_version also support "1.3" Since there is no standard yet for EAP with TLS 1.3, it will not work. * Added tripplite dictionary. * Switch to the async interface for rlm_sql_postgresql so that we can enforce query_timeout. * Added new LDAP option 'allow_dangling_group_ref'. * Updated documentation and functionality for EAP session caching. See "cache" section of mods-available/eap. * Tighten systemd unit file security. * Disable TLS 1.0 and TLS 1.1 support in the default configuration. We STRONGLY recommend doing this for all installations. * Add expansions for *outgoing* Radsec connections. "%{proxy_listen:TLS-...}" for TLS-Client-Cert-* and TLS-Cert-* attributes. * Add %{listen:tls} which returns "yes" or "no" for TLS or non-TLS connections. * Update dictionary.lancom with new attributes. * Added rlm_sql_mongo. See raddb/mods-available/sql. Note that this module is experimental. * Added more documentation in sites-available/robust-proxy-accounting * sqlippool now re-allocates unexpired leases, to prevent IP pool exhaustion when clients perform multiple reauthentication attempts. Patch from Terry Burton. * Add support to radmin keep the history in ~/.radmin_history * Add support for ENV and LD_PRELOAD in radiusd.conf. See the new ENV sub-section of radiusd.conf. * Update dictionary.aptilo. * Update dictionary.airespace. * Add sites-available/coa-relay, which makes CoA easier. Patch from Terry Burton. * Add example stored procedure for IP Pools in MySQL. See mods-config/sql/ippool/mysql/procedure.sql Patch from Terry Burton. * Update dictionary.dhcp dictionary with the recent hardware types. * Add experimental rlm_python3. This should largely work the same as rlm_python, which was Python2 only. * Add Dockerfiles for Debian10 and CentOS8. * Add RPM spec file compatibility for RHEL/CentOS 8. * Notes on iOS 13 certificate issues. See https://support.apple.com/en-us/HT210176. * Notes on certificate constraints. See raddb/certs/server.cnf. * Add NAIRealm example to raddb/certs/server.cnf, for RFC 7585. Bug fixes * Allow listen.ipaddr to reference an IPv6-only host. * ERX-Acct-Request-Reason is "integer". * Fix a slow memory leak in the file management code. * Try to fix file permissions if they get modified while the server is running. * Fix slow memory leak with clients. * Fix request and connection timeouts in rlm_rest. * Fix systemd issues. Patches from Daniele Rondina. * Fixes from clang analyzer. * Fix missing include for the dictionaries: alcatel.esam, altiga,alvarion.wimax.v2_2,aptis,asn,audiocodes,avaya,bristol, columbia_university,freedhcp,garderos,infoblox,motorola.illegal, starent.vsa1, telkom, wimax.wichorus. * Fix internal sanity check when running with "-Xx" * Allow "inner-tunnel" virtual servers to work better with "accept" and "reject" policies. * Fix dictionary.huawei data types for Huawei-DNS-Server-IPv6-address and Huawei-Framed-IPv6-Address. * Framed-Interface-ID in postgresql/queries.conf is string, not inet * Fix rlm_cache to complain on unknown attributes in the "update" section of its configuration. * Add configure checks for -latomic. This helps on armel, mips and mipsel. * Add support to Oracle 19 and 18. * Add support for decoding tags in rlm_rest. * Use correct passwords when updating CRLs in raddb/certs/ * Properly separate "originate-coa" packets when accounting packets are read from the detail file reader. * Use the correct virtual server for pre/post-proxy. * radsqlrelay fixes backported from "master" branch. Patches from Terry Burton. * Fix DoS issues due to multithreaded BN_CTX access. Patch from Mathy Vanhoef. CVE-2019-17185 To generate a diff of this commit: cvs rdiff -u -r1.2 -r1.3 pkgsrc/net/freeradius/DEINSTALL cvs rdiff -u -r1.102 -r1.103 pkgsrc/net/freeradius/Makefile cvs rdiff -u -r1.5 -r1.6 pkgsrc/net/freeradius/Makefile.common cvs rdiff -u -r1.31 -r1.32 pkgsrc/net/freeradius/PLIST cvs rdiff -u -r1.38 -r1.39 pkgsrc/net/freeradius/distinfo cvs rdiff -u -r1.8 -r1.9 pkgsrc/net/freeradius-freetds/Makefile cvs rdiff -u -r1.6 -r1.7 pkgsrc/net/freeradius-perl/Makefile cvs rdiff -u -r1.11 -r1.12 pkgsrc/net/freeradius-rest/Makefile Please note that diffs are not public domain; they are subject to the copyright notices on the relevant files. --_----------=_1577729842247420 Content-Disposition: inline Content-Length: 7954 Content-Transfer-Encoding: binary Content-Type: text/x-diff; charset=us-ascii Modified files: Index: pkgsrc/net/freeradius/DEINSTALL diff -u pkgsrc/net/freeradius/DEINSTALL:1.2 pkgsrc/net/freeradius/DEINSTALL:1.3 --- pkgsrc/net/freeradius/DEINSTALL:1.2 Thu Apr 12 01:21:07 2018 +++ pkgsrc/net/freeradius/DEINSTALL Mon Dec 30 18:17:22 2019 @@ -1,4 +1,4 @@ -# $NetBSD: DEINSTALL,v 1.2 2018/04/12 01:21:07 nonaka Exp $ +# $NetBSD: DEINSTALL,v 1.3 2019/12/30 18:17:22 adam Exp $ # # Remove default symlinks in ${PKG_SYSCONFDIR} for enabled modules/sites # @@ -20,5 +20,7 @@ DEINSTALL) done ${RMDIR} @PKG_SYSCONFDIR@/sites-enabled ${RMDIR} @PKG_SYSCONFDIR@/mods-enabled + ${RM} @PKG_SYSCONFDIR@/hints + ${RM} @PKG_SYSCONFDIR@/huntgroups ;; esac Index: pkgsrc/net/freeradius/Makefile diff -u pkgsrc/net/freeradius/Makefile:1.102 pkgsrc/net/freeradius/Makefile:1.103 --- pkgsrc/net/freeradius/Makefile:1.102 Sun Nov 3 11:45:34 2019 +++ pkgsrc/net/freeradius/Makefile Mon Dec 30 18:17:22 2019 @@ -1,6 +1,5 @@ -# $NetBSD: Makefile,v 1.102 2019/11/03 11:45:34 rillig Exp $ +# $NetBSD: Makefile,v 1.103 2019/12/30 18:17:22 adam Exp $ -PKGREVISION= 1 .include "Makefile.common" PKGNAME= ${DISTNAME:S/-server//} Index: pkgsrc/net/freeradius/Makefile.common diff -u pkgsrc/net/freeradius/Makefile.common:1.5 pkgsrc/net/freeradius/Makefile.common:1.6 --- pkgsrc/net/freeradius/Makefile.common:1.5 Thu Jul 4 07:44:52 2019 +++ pkgsrc/net/freeradius/Makefile.common Mon Dec 30 18:17:22 2019 @@ -1,13 +1,13 @@ -# $NetBSD: Makefile.common,v 1.5 2019/07/04 07:44:52 adam Exp $ +# $NetBSD: Makefile.common,v 1.6 2019/12/30 18:17:22 adam Exp $ # used by net/freeradius/Makefile.module -DISTNAME= freeradius-server-3.0.19 +DISTNAME= freeradius-server-3.0.20 CATEGORIES= net MASTER_SITES= ftp://ftp.freeradius.org/pub/freeradius/ EXTRACT_SUFX= .tar.bz2 MAINTAINER= pkgsrc-users@NetBSD.org -HOMEPAGE= http://www.freeradius.org/ +HOMEPAGE= https://freeradius.org/ LICENSE= gnu-gpl-v2 USE_LANGUAGES+= c c++ Index: pkgsrc/net/freeradius/PLIST diff -u pkgsrc/net/freeradius/PLIST:1.31 pkgsrc/net/freeradius/PLIST:1.32 --- pkgsrc/net/freeradius/PLIST:1.31 Thu Jul 4 07:44:52 2019 +++ pkgsrc/net/freeradius/PLIST Mon Dec 30 18:17:22 2019 @@ -1,4 +1,4 @@ -@comment $NetBSD: PLIST,v 1.31 2019/07/04 07:44:52 adam Exp $ +@comment $NetBSD: PLIST,v 1.32 2019/12/30 18:17:22 adam Exp $ bin/dhcpclient bin/map_unit bin/rad_counter @@ -384,6 +384,7 @@ share/examples/freeradius/mods-available share/examples/freeradius/mods-available/perl share/examples/freeradius/mods-available/preprocess share/examples/freeradius/mods-available/python +share/examples/freeradius/mods-available/python3 share/examples/freeradius/mods-available/radutmp share/examples/freeradius/mods-available/realm share/examples/freeradius/mods-available/redis @@ -440,6 +441,8 @@ share/examples/freeradius/mods-config/sq share/examples/freeradius/mods-config/sql/ippool-dhcp/oracle/schema.sql share/examples/freeradius/mods-config/sql/ippool-dhcp/sqlite/queries.conf share/examples/freeradius/mods-config/sql/ippool-dhcp/sqlite/schema.sql +share/examples/freeradius/mods-config/sql/ippool/mongo/queries.conf +share/examples/freeradius/mods-config/sql/ippool/mysql/procedure.sql share/examples/freeradius/mods-config/sql/ippool/mysql/queries.conf share/examples/freeradius/mods-config/sql/ippool/mysql/schema.sql share/examples/freeradius/mods-config/sql/ippool/oracle/procedures.sql @@ -450,6 +453,7 @@ share/examples/freeradius/mods-config/sq share/examples/freeradius/mods-config/sql/ippool/postgresql/schema.sql share/examples/freeradius/mods-config/sql/ippool/sqlite/queries.conf share/examples/freeradius/mods-config/sql/ippool/sqlite/schema.sql +share/examples/freeradius/mods-config/sql/main/mongo/queries.conf share/examples/freeradius/mods-config/sql/main/mssql/queries.conf share/examples/freeradius/mods-config/sql/main/mssql/schema.sql share/examples/freeradius/mods-config/sql/main/mysql/extras/wimax/queries.conf @@ -529,6 +533,7 @@ share/examples/freeradius/sites-availabl share/examples/freeradius/sites-available/channel_bindings share/examples/freeradius/sites-available/check-eap-tls share/examples/freeradius/sites-available/coa +share/examples/freeradius/sites-available/coa-relay share/examples/freeradius/sites-available/control-socket share/examples/freeradius/sites-available/copy-acct-to-home-server share/examples/freeradius/sites-available/decoupled-accounting @@ -626,6 +631,7 @@ share/freeradius/dictionary.erx share/freeradius/dictionary.extreme share/freeradius/dictionary.f5 share/freeradius/dictionary.fdxtended +share/freeradius/dictionary.force10 share/freeradius/dictionary.fortinet share/freeradius/dictionary.foundry share/freeradius/dictionary.freedhcp @@ -748,6 +754,7 @@ share/freeradius/dictionary.telkom share/freeradius/dictionary.terena share/freeradius/dictionary.trapeze share/freeradius/dictionary.travelping +share/freeradius/dictionary.tripplite share/freeradius/dictionary.tropos share/freeradius/dictionary.ukerna share/freeradius/dictionary.unix Index: pkgsrc/net/freeradius/distinfo diff -u pkgsrc/net/freeradius/distinfo:1.38 pkgsrc/net/freeradius/distinfo:1.39 --- pkgsrc/net/freeradius/distinfo:1.38 Thu Jul 4 07:44:52 2019 +++ pkgsrc/net/freeradius/distinfo Mon Dec 30 18:17:22 2019 @@ -1,9 +1,9 @@ -$NetBSD: distinfo,v 1.38 2019/07/04 07:44:52 adam Exp $ +$NetBSD: distinfo,v 1.39 2019/12/30 18:17:22 adam Exp $ -SHA1 (freeradius-server-3.0.19.tar.bz2) = 6bb57e634ad6e85f6c324f851296c688edbc3b11 -RMD160 (freeradius-server-3.0.19.tar.bz2) = 753b89e13b80312131149cdaf26b944bc802e338 -SHA512 (freeradius-server-3.0.19.tar.bz2) = 9bb3401a52288de541a2272149f4341840dc1df7203583746bef46c0b1b1f2b8886931c9f6f9ce3d92951e271ab5a84a50a8587a3acd69cc20bc86f5817d28e1 -Size (freeradius-server-3.0.19.tar.bz2) = 3127564 bytes +SHA1 (freeradius-server-3.0.20.tar.bz2) = 3dd0e18fa04aff410876309e4322313b700db2b7 +RMD160 (freeradius-server-3.0.20.tar.bz2) = eb38b754b745051bc2e16ba342f356df73a6d3e3 +SHA512 (freeradius-server-3.0.20.tar.bz2) = d5e0732a75268480092b46822a0e0fffb683adb93be13932eb170d2dc783a46d0daff4cadd0de69fd5ce4578083c9f69a9cccc485ea9c0c2eecf82c772f54b8e +Size (freeradius-server-3.0.20.tar.bz2) = 3161984 bytes SHA1 (patch-ai) = e32ffd24b93e2cef2e72ef9a8ea59d49e1571dc0 SHA1 (patch-configure.ac) = ffec1f851d23f560797c12eba5092f2940e4d662 SHA1 (patch-main_command.c) = 1c79b29eb13df341906c710c8dd41860a27473dd Index: pkgsrc/net/freeradius-freetds/Makefile diff -u pkgsrc/net/freeradius-freetds/Makefile:1.8 pkgsrc/net/freeradius-freetds/Makefile:1.9 --- pkgsrc/net/freeradius-freetds/Makefile:1.8 Sat Jul 20 22:46:37 2019 +++ pkgsrc/net/freeradius-freetds/Makefile Mon Dec 30 18:17:22 2019 @@ -1,6 +1,5 @@ -# $NetBSD: Makefile,v 1.8 2019/07/20 22:46:37 wiz Exp $ +# $NetBSD: Makefile,v 1.9 2019/12/30 18:17:22 adam Exp $ -PKGREVISION= 1 .include "../../net/freeradius/Makefile.module" PKGNAME= ${DISTNAME:S/-server/-freetds/} Index: pkgsrc/net/freeradius-perl/Makefile diff -u pkgsrc/net/freeradius-perl/Makefile:1.6 pkgsrc/net/freeradius-perl/Makefile:1.7 --- pkgsrc/net/freeradius-perl/Makefile:1.6 Sun Aug 11 13:22:08 2019 +++ pkgsrc/net/freeradius-perl/Makefile Mon Dec 30 18:17:22 2019 @@ -1,6 +1,5 @@ -# $NetBSD: Makefile,v 1.6 2019/08/11 13:22:08 wiz Exp $ +# $NetBSD: Makefile,v 1.7 2019/12/30 18:17:22 adam Exp $ -PKGREVISION= 1 .include "../../net/freeradius/Makefile.module" PKGNAME= ${DISTNAME:S/-server/-perl/} Index: pkgsrc/net/freeradius-rest/Makefile diff -u pkgsrc/net/freeradius-rest/Makefile:1.11 pkgsrc/net/freeradius-rest/Makefile:1.12 --- pkgsrc/net/freeradius-rest/Makefile:1.11 Thu Aug 22 12:23:39 2019 +++ pkgsrc/net/freeradius-rest/Makefile Mon Dec 30 18:17:22 2019 @@ -1,6 +1,5 @@ -# $NetBSD: Makefile,v 1.11 2019/08/22 12:23:39 ryoon Exp $ +# $NetBSD: Makefile,v 1.12 2019/12/30 18:17:22 adam Exp $ -PKGREVISION= 2 .include "../../net/freeradius/Makefile.module" PKGNAME= ${DISTNAME:S/-server/-rest/} --_----------=_1577729842247420--