head 1.14; access; symbols pkgsrc-2023Q1:1.13.0.40 pkgsrc-2023Q1-base:1.13 pkgsrc-2022Q4:1.13.0.38 pkgsrc-2022Q4-base:1.13 pkgsrc-2022Q3:1.13.0.36 pkgsrc-2022Q3-base:1.13 pkgsrc-2022Q2:1.13.0.34 pkgsrc-2022Q2-base:1.13 pkgsrc-2022Q1:1.13.0.32 pkgsrc-2022Q1-base:1.13 pkgsrc-2021Q4:1.13.0.30 pkgsrc-2021Q4-base:1.13 pkgsrc-2021Q3:1.13.0.28 pkgsrc-2021Q3-base:1.13 pkgsrc-2021Q2:1.13.0.26 pkgsrc-2021Q2-base:1.13 pkgsrc-2021Q1:1.13.0.24 pkgsrc-2021Q1-base:1.13 pkgsrc-2020Q4:1.13.0.22 pkgsrc-2020Q4-base:1.13 pkgsrc-2020Q3:1.13.0.20 pkgsrc-2020Q3-base:1.13 pkgsrc-2020Q2:1.13.0.18 pkgsrc-2020Q2-base:1.13 pkgsrc-2020Q1:1.13.0.14 pkgsrc-2020Q1-base:1.13 pkgsrc-2019Q4:1.13.0.16 pkgsrc-2019Q4-base:1.13 pkgsrc-2019Q3:1.13.0.12 pkgsrc-2019Q3-base:1.13 pkgsrc-2019Q2:1.13.0.10 pkgsrc-2019Q2-base:1.13 pkgsrc-2019Q1:1.13.0.8 pkgsrc-2019Q1-base:1.13 pkgsrc-2018Q4:1.13.0.6 pkgsrc-2018Q4-base:1.13 pkgsrc-2018Q3:1.13.0.4 pkgsrc-2018Q3-base:1.13 pkgsrc-2018Q2:1.13.0.2 pkgsrc-2018Q2-base:1.13 pkgsrc-2018Q1:1.12.0.8 pkgsrc-2018Q1-base:1.12 pkgsrc-2017Q4:1.12.0.6 pkgsrc-2017Q4-base:1.12 pkgsrc-2017Q3:1.12.0.4 pkgsrc-2017Q3-base:1.12 pkgsrc-2017Q2:1.10.0.84 pkgsrc-2017Q2-base:1.10 pkgsrc-2017Q1:1.10.0.82 pkgsrc-2017Q1-base:1.10 pkgsrc-2016Q4:1.10.0.80 pkgsrc-2016Q4-base:1.10 pkgsrc-2016Q3:1.10.0.78 pkgsrc-2016Q3-base:1.10 pkgsrc-2016Q2:1.10.0.76 pkgsrc-2016Q2-base:1.10 pkgsrc-2016Q1:1.10.0.74 pkgsrc-2016Q1-base:1.10 pkgsrc-2015Q4:1.10.0.72 pkgsrc-2015Q4-base:1.10 pkgsrc-2015Q3:1.10.0.70 pkgsrc-2015Q3-base:1.10 pkgsrc-2015Q2:1.10.0.68 pkgsrc-2015Q2-base:1.10 pkgsrc-2015Q1:1.10.0.66 pkgsrc-2015Q1-base:1.10 pkgsrc-2014Q4:1.10.0.64 pkgsrc-2014Q4-base:1.10 pkgsrc-2014Q3:1.10.0.62 pkgsrc-2014Q3-base:1.10 pkgsrc-2014Q2:1.10.0.60 pkgsrc-2014Q2-base:1.10 pkgsrc-2014Q1:1.10.0.58 pkgsrc-2014Q1-base:1.10 pkgsrc-2013Q4:1.10.0.56 pkgsrc-2013Q4-base:1.10 pkgsrc-2013Q3:1.10.0.54 pkgsrc-2013Q3-base:1.10 pkgsrc-2013Q2:1.10.0.52 pkgsrc-2013Q2-base:1.10 pkgsrc-2013Q1:1.10.0.50 pkgsrc-2013Q1-base:1.10 pkgsrc-2012Q4:1.10.0.48 pkgsrc-2012Q4-base:1.10 pkgsrc-2012Q3:1.10.0.46 pkgsrc-2012Q3-base:1.10 pkgsrc-2012Q2:1.10.0.44 pkgsrc-2012Q2-base:1.10 pkgsrc-2012Q1:1.10.0.42 pkgsrc-2012Q1-base:1.10 pkgsrc-2011Q4:1.10.0.40 pkgsrc-2011Q4-base:1.10 pkgsrc-2011Q3:1.10.0.38 pkgsrc-2011Q3-base:1.10 pkgsrc-2011Q2:1.10.0.36 pkgsrc-2011Q2-base:1.10 pkgsrc-2011Q1:1.10.0.34 pkgsrc-2011Q1-base:1.10 pkgsrc-2010Q4:1.10.0.32 pkgsrc-2010Q4-base:1.10 pkgsrc-2010Q3:1.10.0.30 pkgsrc-2010Q3-base:1.10 pkgsrc-2010Q2:1.10.0.28 pkgsrc-2010Q2-base:1.10 pkgsrc-2010Q1:1.10.0.26 pkgsrc-2010Q1-base:1.10 pkgsrc-2009Q4:1.10.0.24 pkgsrc-2009Q4-base:1.10 pkgsrc-2009Q3:1.10.0.22 pkgsrc-2009Q3-base:1.10 pkgsrc-2009Q2:1.10.0.20 pkgsrc-2009Q2-base:1.10 pkgsrc-2009Q1:1.10.0.18 pkgsrc-2009Q1-base:1.10 pkgsrc-2008Q4:1.10.0.16 pkgsrc-2008Q4-base:1.10 pkgsrc-2008Q3:1.10.0.14 pkgsrc-2008Q3-base:1.10 cube-native-xorg:1.10.0.12 cube-native-xorg-base:1.10 pkgsrc-2008Q2:1.10.0.10 pkgsrc-2008Q2-base:1.10 cwrapper:1.10.0.8 pkgsrc-2008Q1:1.10.0.6 pkgsrc-2008Q1-base:1.10 pkgsrc-2007Q4:1.10.0.4 pkgsrc-2007Q4-base:1.10 pkgsrc-2007Q3:1.10.0.2 pkgsrc-2007Q3-base:1.10 pkgsrc-2007Q2:1.9.0.4 pkgsrc-2007Q2-base:1.9 pkgsrc-2007Q1:1.9.0.2 pkgsrc-2007Q1-base:1.9 pkgsrc-2006Q4:1.8.0.4 pkgsrc-2006Q4-base:1.8 pkgsrc-2006Q3:1.8.0.2 pkgsrc-2006Q3-base:1.8 pkgsrc-2006Q2:1.6.0.4 pkgsrc-2006Q2-base:1.6 pkgsrc-2006Q1:1.6.0.2 pkgsrc-2006Q1-base:1.6 pkgsrc-2005Q4:1.4.0.8 pkgsrc-2005Q4-base:1.4 pkgsrc-2005Q3:1.4.0.6 pkgsrc-2005Q3-base:1.4 pkgsrc-2005Q2:1.4.0.4 pkgsrc-2005Q2-base:1.4 pkgsrc-2005Q1:1.4.0.2 pkgsrc-2005Q1-base:1.4 pkgsrc-2004Q4:1.3.0.2 pkgsrc-2004Q4-base:1.3 pkgsrc-2004Q3:1.1.0.2; locks; strict; comment @# @; 1.14 date 2023.06.17.18.19.06; author adam; state dead; branches; next 1.13; commitid bXDO67jTiEOutktE; 1.13 date 2018.04.12.01.21.07; author nonaka; state Exp; branches; next 1.12; commitid 2uajUC4PvG5wE5yA; 1.12 date 2017.09.09.22.46.57; author joerg; state Exp; branches; next 1.11; commitid 9mMQvODQNNZtGz6A; 1.11 date 2017.08.26.10.07.28; author fhajny; state Exp; branches; next 1.10; commitid vpfzObW5AlnzSH4A; 1.10 date 2007.09.18.22.15.08; author adrianp; state Exp; branches; next 1.9; 1.9 date 2007.02.17.18.36.23; author adrianp; state Exp; branches; next 1.8; 1.8 date 2006.09.10.22.35.22; author adrianp; state Exp; branches; next 1.7; 1.7 date 2006.07.14.22.10.01; author adrianp; state Exp; branches; next 1.6; 1.6 date 2006.03.22.20.53.41; author joerg; state Exp; branches; next 1.5; 1.5 date 2006.03.21.23.08.08; author adrianp; state Exp; branches; next 1.4; 1.4 date 2005.02.18.16.59.57; author adrianp; state Exp; branches; next 1.3; 1.3 date 2004.11.16.13.51.45; author adrianp; state Exp; branches; next 1.2; 1.2 date 2004.11.10.22.27.32; author adrianp; state dead; branches; next 1.1; 1.1 date 2004.09.23.19.51.22; author adrianp; state Exp; branches 1.1.2.1; next ; 1.1.2.1 date 2004.09.23.19.51.22; author agc; state dead; branches; next 1.1.2.2; 1.1.2.2 date 2004.10.19.12.51.58; author agc; state Exp; branches; next ; desc @@ 1.14 log @freeradius: updated to 3.2.3 Version 3.2.3 has been released. The focus of this release is stability. @ text @$NetBSD: patch-ai,v 1.13 2018/04/12 01:21:07 nonaka Exp $ Portable test syntax --- configure.orig 2017-07-17 12:43:00.000000000 +0000 +++ configure @@@@ -10133,7 +10133,49 @@@@ $as_echo "no" >&6; } eval "ac_cv_type_${ac_safe_type}_has_ipi_addr=" fi -if test "x$ac_cv_type_struct_in_pktinfo_has_ipi_addr" = "xyes"; then + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for ipi_spec_dst in struct in_pktinfo" >&5 +$as_echo_n "checking for ipi_spec_dst in struct in_pktinfo... " >&6; } + + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +#include +#ifdef HAVE_STDDEF_H +#include +#endif +#ifndef offsetof +#define offsetof(TYPE, MEMBER) ((int) &((TYPE *)0)->MEMBER) +#endif + +int +main () +{ + int foo = offsetof(struct in_pktinfo, ipi_spec_dst) + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + has_element=" " +else + has_element= +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + + ac_safe_type=`echo "struct in_pktinfo" | sed 'y% %_%'` + if test "x$has_element" != "x"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } + eval "ac_cv_type_${ac_safe_type}_has_ipi_spec_dst=yes" + else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } + eval "ac_cv_type_${ac_safe_type}_has_ipi_spec_dst=" + fi + +if test "$ac_cv_type_struct_in_pktinfo_has_ipi_addr" = "yes" && test "$ac_cv_type_struct_in_pktinfo_has_ipi_spec_dst" = "yes"; then $as_echo "#define HAVE_IP_PKTINFO /**/" >>confdefs.h @ 1.13 log @freeradius: Updated to 3.0.16 2018.01.11 Version 3.0.16 has been released. The focus of this release is stability. Feature Improvements * rlm_python now supports multiple lists. From #2031. * Add trust router re-keying. From #2007. * Add support for Samba / AD LDAP schema See doc/schemas/ldap/samba/README.txt and doc/schemas/ldap/samba/. * Add "tls_min_version" and "tls_max_version" to EAP module for Debian OpenSSL issues. * Better documentation for client certificates in PEAP and TTLS: it usually doesn't work. Fixes #2068. * Distinguish login failure from AD unavailable. Fixes #2069. * Update RH spec files. Fixes #2070. * Run Post-Proxy-Type if all home servers are dead Fixes #2072. * Print offending IP addresses when EAP sessions come from two upstream home servers, and rate-limit the messages. * Minor packaging updates. * Better documentation for rlm_rest. * EAP-FAST now has it's own "cipher_list", so that it is easier to configure. * EAP-FAST now forcibly disables TLS1.2, until such time as we implement the new keying mechanism from TLS1.2. * Add documentation for allow_expired_crl. * Update Debian logrotation. #2093 and #2101. * DHCP relay can now drop responses. #2095. * rlm_sqlippool can now assign Delegated-IPv6-Prefix It also now can assign any IPv4 or IPv6 address Based on patches from maximumG. #2094 See raddb/mods-available/sqlippool for changes. * radeapclient can now use EAP-SIM-Ki to dynamically create the necessary triplets. * Explain why many LDAP connections are closed Fixes #1969. * Debian build / package issues fixed by Matthew Newton. * dictionary.patton updates from Brice Schaffner. Fixes #2137. * Added scripts to build "inner-server.pem", and updated mods-config/inner-eap and certs/README to match. * Added provisions for using an external CA. See raddb/certs/. * Include dhcpclient binary in freeradius-dhcp debian packge. Bug Fixes * Bind the lifetime of program name and python path to the module FR-AD-002 (redone). * Pass correct statement length into sqlite3_prepare[_v2] FR-AD-003 (redone). * Allow 100-Continue responses with additional headers in rlm_rest. * fix corner case where detail files were not being locked correctly. * Fix (SQL-Group == "%{...}") checks, and same for LDAP-Group Fixes #1947. * Clean up exfile code. Which should help to avoid issues with reading / writing 100's of detail files. * Fix build for winbind. Patch from Alex Clouter. * Fix checkrad for Mikrotik. Patch from Muchael Ducharme. * Fix home server stats lookup. Patch from Phil Mayers. * Add libjson-c3 as an optional dependency. * Require LTB OpenLDAP on CentOS / Redhat, to avoid linking against NSS, which breaks the server. Fixes #2040. * rlm_python fixes. Fixes #2041. * Typos in "man" pages. Fixes #2045. * Expand "next" in %{%{...}:-%{...}}. Fixes #2048. * Don't add TLS attributes twice. Fixes #2050. * Fix memory allocation in rlm_rest. Fixes #2051. * Update trustrouter for new API. Fixes #2059. * Fix SQLite issues on FreeBSD. Fixes #2060. * Don't do debug logging of bad passwords. Fixes #2064. * More graceful handling of "die" in rlm_perl. Fixes #2073. * Fix occasional crash when using cisco_accounting_username_bug = yes. * EAP-FAST fixes from Isaac Boukris #2078, #2076, and #2082, #2126. * DHCP fixes, relay, #2092, add run-time check, #2028. * Decode multiple RADIUS packets at a time in highly loaded RadSec connections. Patch from Jan Tomasek. #2106. * TunnelPassword is not "single value" in LDAP schema Fixes #2061. * sql log now opens the expanded filename, not the input one This was a regression introduced in 3.0.15. * Remove unnecessary UNIQUE constrain in Oracle schemas. * Fix SSL thread and locking issues when modules also use SSL Fixes #2125 and #2129. * Re-add dhcpclient "raw packet" changes. Patches from Nicolas Chaigne and Matthew Newton. Fixes #2155. @ text @d1 1 a1 1 $NetBSD: patch-ai,v 1.12 2017/09/09 22:46:57 joerg Exp $ @ 1.12 log @Fix build on NetBSD 8+. Fix Perl use. @ text @d1 1 a1 1 $NetBSD: patch-ai,v 1.11 2017/08/26 10:07:28 fhajny Exp $ a6 27 @@@@ -9047,7 +9047,7 @@@@ fi smart_prefix= - if test "x$ac_cv_header_pcap_h" == "xyes"; then + if test "x$ac_cv_header_pcap_h" = "xyes"; then $as_echo "#define HAVE_PCAP_H 1" >>confdefs.h @@@@ -9290,7 +9290,7 @@@@ fi smart_prefix= - if test "x$ac_cv_header_collectd_client_h" == "xyes"; then + if test "x$ac_cv_header_collectd_client_h" = "xyes"; then $as_echo "#define HAVE_COLLECTDC_H 1" >>confdefs.h @@@@ -9533,7 +9533,7 @@@@ fi smart_prefix= - if test "x$ac_cv_header_sys_capability_h" == "xyes"; then + if test "x$ac_cv_header_sys_capability_h" = "xyes"; then $as_echo "#define HAVE_CAPABILITY_H 1" >>confdefs.h a57 9 @@@@ -12656,7 +12698,7 @@@@ subdirs="$subdirs $mysubdirs" -if test "x$werror" == "xyes"; then +if test "x$werror" = "xyes"; then CFLAGS="-Werror $CFLAGS" fi @ 1.11 log @Update net/freeradius to 3.0.15. Based on a PR from @@coyhile (https://github.com/joyent/pkgsrc/issues/18). Splits modules with external dependencies into separate packages. The 1.1.x branch was EOL'd in 2008. No upgrade guide from 1.1.x to 3.0.x seem to exist. Summary of improvements in 3.x: - Moved configuration entries in radiusd.conf to make more sense. - Added the "integer64" and "ipv4prefix" data types. - Added RADIUS over TLS (i.e. RadSec). See raddb/sites-available/tls. - Updated internal API to support new attributes and formats. - Added code to send SNMP Traps. See raddb/trigger.conf. - Added preliminary support for Apple's Grand Central Dispatch. - Added provisions for raddb/dictionary.local, for local changes See raddb/dictionary for more details. - Added packet/s tracking. See max_pps in the "listen" section. - The %{} expansions and "unlang" conditions are now parsed at server start. Descriptive errors are produced for syntax and format errors. - Casting is now supported for "unlang" comparisons. See "man unlang" e.g. 127.0.0.1 == Framed-IP-Address. - Direct comparison of attribute references is now supported e.g. &Foo == &Bar. This avoids stringification of the attributes. - Direct assignment of attributes is now supported e.g. Foo := &Bar. It also works for "octets" data types. - Comparisons of IPv4 and IPv6 prefixes are now supported The "<" operator means "within the prefix" for comparisons. - New sha1 xlat expansion (thanks to Alan Buxey). - Colourised log messages when logging to stdout. Look for yellow warnings and red errors. Doing this will save you a LOT of grief. - If the PCRE library is available, use it (insted of the POSIX functions) to process regular expressions (thanks to Phil Mayers). - -xv now displays all the features the server was built with, and the versions of the core libraries (libtalloc, libssl). Summary of improvements in 2.x: - simple policy language (see "man unlang") - virtual servers ("raddb/sites-available/README") - IPv6 support - better proxy support ("raddb/proxy.conf") - More EAP types - Debugging output should be much easier to understand - VMPS support - More modules have been moved to "stable" status (python, etc.) - SQL configuration has been cleaned up (see "raddb/sql/*") - limited support for HUP. (The configuration for some modules is re-loaded on HUP. Nothing else is reloaded.) - check configuration and exit ("radiusd -C") - Server core is now event based (simpler, more powerful) @ text @d1 1 a1 1 $NetBSD$ d5 1 a5 1 --- configure.orig 2016-09-29 15:19:48.000000000 +0000 d7 1 a7 1 @@@@ -9031,7 +9031,7 @@@@ fi d16 1 a16 1 @@@@ -9274,7 +9274,7 @@@@ fi d25 1 a25 1 @@@@ -9517,7 +9517,7 @@@@ fi d34 52 a85 1 @@@@ -12640,7 +12640,7 @@@@ subdirs="$subdirs $mysubdirs" @ 1.10 log @Update to 1.1.7 Feature Improvements * Updated LDAP documentation. * Added note on DH parameters in eap.conf, and debugging messages which complain if DH is used, but not configured properly. * Updated the Mikrotik dictionary. Added a note that the sample dictionary they supply is broken. * Output more information on blocked threads, which should help narrow down which modules is causing the problem. * Added more eDirectory support. * rlm_ldap now prints out attributes in the standard format * Enabled server-side handling of procedures in MySQL Bug Fixes * Added NT-Hash support for mschap_xlat. * Corrected documentation to point to correct location of files. * Checks for more recent FreeBSD versions. * uses -DLDAP_DEPRECATED to avoid OpenLDAP crashes. * Use correct value for authentication name in rlm_mschap. * Fix over-ride for usernames when use_tunneled_reply = yes. @ text @d3 3 a5 1 --- configure.orig 2007-07-21 15:01:34.000000000 +0100 d7 1 a7 2 @@@@ -20022,13 +20022,13 @@@@ fi done d9 33 a42 49 - { echo "$as_me:$LINENO: checking for pthread_create in -lpthread" >&5 -echo $ECHO_N "checking for pthread_create in -lpthread... $ECHO_C" >&6; } + { echo "$as_me:$LINENO: checking for pthread_create in ${PTHREAD_LDFLAGS} ${PTHREAD_LIBS}" >&5 +echo $ECHO_N "checking for pthread_create in ${PTHREAD_LDFLAGS} ${PTHREAD_LIBS}... $ECHO_C" >&6; } if test "${ac_cv_lib_pthread_pthread_create+set}" = set; then echo $ECHO_N "(cached) $ECHO_C" >&6 else ac_check_lib_save_LIBS=$LIBS -LIBS="-lpthread $LIBS" +LIBS="${PTHREAD_LDFLAGS} ${PTHREAD_LIBS} $LIBS" cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF @@@@ -20085,7 +20085,7 @@@@ fi echo "${ECHO_T}$ac_cv_lib_pthread_pthread_create" >&6; } if test $ac_cv_lib_pthread_pthread_create = yes; then CFLAGS="$CFLAGS -D_REENTRANT -D_POSIX_PTHREAD_SEMANTICS" - LIBS="$LIBS -lpthread" + LIBS="$LIBS ${PTHREAD_LDFLAGS} ${PTHREAD_LIBS}" else { echo "$as_me:$LINENO: checking for pthread_create in -lc_r" >&5 echo $ECHO_N "checking for pthread_create in -lc_r... $ECHO_C" >&6; } @@@@ -20194,7 +20194,7 @@@@ return sem_init (); return 0; } _ACEOF -for ac_lib in '' pthread sem posix4 rt; do +for ac_lib in '' pthread sem posix4 rt semaphore; do if test -z "$ac_lib"; then ac_res="none required" else @@@@ -20552,7 +20552,7 @@@@ if test "${ac_cv_lib_ssl_SSL_new+set}" = echo $ECHO_N "(cached) $ECHO_C" >&6 else ac_check_lib_save_LIBS=$LIBS -LIBS="-lssl $LIBS" +LIBS="-lssl -lcrypto $LIBS" cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ _ACEOF @@@@ -23623,7 +23623,7 @@@@ gethostbyaddrrstyle="" { echo "$as_me:$LINENO: checking gethostbyaddr_r() syntax" >&5 echo $ECHO_N "checking gethostbyaddr_r() syntax... $ECHO_C" >&6; } case "$host" in -*-freebsd*) +*-freebsd* | *-dragonfly*) { echo "$as_me:$LINENO: checking whether gethostbyaddr_r is declared" >&5 echo $ECHO_N "checking whether gethostbyaddr_r is declared... $ECHO_C" >&6; } if test "${ac_cv_have_decl_gethostbyaddr_r+set}" = set; then @ 1.9 log @Update to 1.1.4 * Major enhancements to rlm_pap, that make "encryption_scheme" a think of the past. See "man rlm_pap" for details. * Added SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS flag to use work-arounds that enable Windows Vista clients to work. * Added preliminary code to support Firebird. Use at your own risk! * Send MS-CHAP2-Success, which makes EAP-TTLS/MSCHAP work on more platforms. * Add a new "reply-name" directive in rlm_sqlcounter to define the name of the reply attribute. * Added more dictionaries and attributes * Print ntlm_auth failure reason in Module-Failure-Message * radsqlrelay is able to get the DB password from a file instead of command line. Bug fixes * Fix a parse error in the digest module, where malformed digest requests would result in the user being accepted. Oops... * VALUEs can only be defined for 'integer', to catch mistakes with setting VALUEs for type 'string'. * Better parsing of VALUE names, so that values starting with a digit work correctly. * Check return from malloc * Fix a double free() in rlm_eap_tls.c * Check return code of malloc() during initialization. * Fix a corner case where the proxy port isn't set either in radiusd.conf or in proxy.conf. @ text @d3 1 a3 1 --- configure.orig 2007-01-04 23:42:11.000000000 +0000 d5 2 a6 1 @@@@ -19990,14 +19990,13 @@@@ fi a7 1 done a8 1 - d22 1 a22 1 @@@@ -20054,7 +20053,7 @@@@ fi d31 1 a31 1 @@@@ -20163,7 +20162,7 @@@@ return sem_init (); d40 1 a40 1 @@@@ -20520,7 +20519,7 @@@@ if test "${ac_cv_lib_ssl_SSL_new+set}" = d45 1 a45 1 +LIBS="-lssl -lcrypto $LIBS" d49 1 a49 1 @@@@ -23588,7 +23587,7 @@@@ gethostbyaddrrstyle="" d55 3 a57 3 cat >>confdefs.h <<\_ACEOF #define GETHOSTBYADDRRSTYLE BSDSTYLE _ACEOF @ 1.8 log @Update to 1.1.3: This version has been released to fix build issues in 1.1.2. The build tools (autoconf, libtool, libltld) have been upgraded to a recent version, and the server now builds "out of the box" on more platforms. Other fixes include: * More dictionary updates * Oracle support for radsqlrelay * Security and portability fixes to rlm_otp * Experimental module to store IP's in an SQL table. * Miscellaneous bug fixes @ text @d3 1 a3 1 --- configure.orig 2006-07-15 18:14:54.000000000 +0100 d5 2 a6 1 @@@@ -19321,13 +19321,13 @@@@ fi d9 5 a13 5 - echo "$as_me:$LINENO: checking for pthread_create in -lpthread" >&5 -echo $ECHO_N "checking for pthread_create in -lpthread... $ECHO_C" >&6 + echo "$as_me:$LINENO: checking for pthread_create in ${PTHREAD_LDFLAGS} ${PTHREAD_LIBS}" >&5 +echo $ECHO_N "checking for pthread_create in ${PTHREAD_LDFLAGS} ${PTHREAD_LIBS}... $ECHO_C" >&6 d19 1 a19 1 +LIBS="${PTHREAD_LDFLAGS} ${PTHREAD_LIBS} $LIBS" d23 2 a24 2 @@@@ -19386,7 +19386,7 @@@@ echo "$as_me:$LINENO: result: $ac_cv_lib echo "${ECHO_T}$ac_cv_lib_pthread_pthread_create" >&6 d30 12 a41 12 echo "$as_me:$LINENO: checking for pthread_create in -lc_r" >&5 echo $ECHO_N "checking for pthread_create in -lc_r... $ECHO_C" >&6 @@@@ -19528,7 +19528,7 @@@@ fi rm -f conftest.err conftest.$ac_objext \ conftest$ac_exeext conftest.$ac_ext if test "$ac_cv_search_sem_init" = no; then - for ac_lib in pthread sem posix4 rt; do + for ac_lib in pthread sem posix4 rt semaphore; do LIBS="-l$ac_lib $ac_func_search_save_LIBS" cat >conftest.$ac_ext <<_ACEOF /* confdefs.h. */ @@@@ -19903,7 +19903,7 @@@@ if test "${ac_cv_lib_ssl_SSL_new+set}" = d50 3 a52 3 @@@@ -23156,7 +23156,7 @@@@ gethostbyaddrrstyle="" echo "$as_me:$LINENO: checking gethostbyaddr_r() syntax" >&5 echo $ECHO_N "checking gethostbyaddr_r() syntax... $ECHO_C" >&6 @ 1.7 log @Update to 1.1.2 * Updated dictionaries (as always), * Extended Ascend "abinary" support for Juniper, * Configurable "cipher_list" for EAP methods that use TLS, * Additional checks on cert issuer validation for EAP methods that use TLS, * SQL IODBC bug fixes, * Updates to the LDAP module, * Better catching of errors in the config files, * Miscellaneous other fixes In addition to this add an extra option to options.mk which is "freeradius-simul-use". This will enable Simultaneous-Use and is enabled by default. If you disable it freeradius can be built without depending on the net-snmp package. Original idea from John Nemeth. @ text @d3 1 a3 1 --- configure.orig 2006-05-21 18:35:25.000000000 +0100 d5 1 a5 35 @@@@ -1936,13 +1936,13 @@@@ darwin* | rhapsody*) esac ;; -freebsd*) +freebsd*|dragonfly*) if echo __ELF__ | $CC -E - | grep __ELF__ > /dev/null; then case $host_cpu in i*86 ) # Not sure whether the presence of OpenBSD here was a mistake. # Let's accept both of them until this is cleared up. - lt_cv_deplibs_check_method='file_magic (FreeBSD|OpenBSD)/i[3-9]86 (compact )?demand paged shared library' + lt_cv_deplibs_check_method='file_magic (FreeBSD|DragonFly|OpenBSD)/i[3-9]86 (compact )?demand paged shared library' lt_cv_file_magic_cmd=/usr/bin/file lt_cv_file_magic_test_file=`echo /usr/lib/libc.so.*` ;; @@@@ -3702,7 +3702,7 @@@@ else ;; # FreeBSD 3 and greater uses gcc -shared to do shared libraries. - freebsd*) + freebsd*|dragonfly*) archive_cmds='$CC -shared -o $lib $libobjs $deplibs $compiler_flags' hardcode_libdir_flag_spec='-R$libdir' hardcode_direct=yes @@@@ -4157,7 +4157,7 @@@@ freebsd1*) dynamic_linker=no ;; -freebsd*) +freebsd*|dragonfly*) objformat=`test -x /usr/bin/objformat && /usr/bin/objformat || echo aout` version_type=freebsd-$objformat case $version_type in @@@@ -6266,14 +6266,14 @@@@ fi d9 6 a14 7 - echo $ac_n "checking for pthread_create in -lpthread""... $ac_c" 1>&6 -echo "configure:6271: checking for pthread_create in -lpthread" >&5 + echo $ac_n "checking for pthread_create in ${PTHREAD_LDFLAGS} ${PTHREAD_LIBS}""... $ac_c" 1>&6 +echo "configure:6271: checking for pthread_create in ${PTHREAD_LDFLAGS} ${PTHREAD_LIBS}" >&5 ac_lib_var=`echo pthread'_'pthread_create | sed 'y%./+-%__p_%'` if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then echo $ac_n "(cached) $ac_c" 1>&6 d16 1 a16 1 ac_save_LIBS="$LIBS" d18 7 a24 7 +LIBS="${PTHREAD_LDFLAGS} ${PTHREAD_LIBS} $LIBS" cat > conftest.$ac_ext <&6 d26 2 a27 2 - LIBS="$LIBS -lpthread" + LIBS="$LIBS ${PTHREAD_LDFLAGS} ${PTHREAD_LIBS}" d29 13 a41 13 echo "$ac_t""no" 1>&6 echo $ac_n "checking for pthread_create in -lc_r""... $ac_c" 1>&6 @@@@ -6386,7 +6386,7 @@@@ else cat conftest.$ac_ext >&5 fi rm -f conftest* -test "$ac_cv_search_sem_init" = "no" && for i in pthread sem posix4 rt; do +test "$ac_cv_search_sem_init" = "no" && for i in pthread sem posix4 rt semaphore; do LIBS="-l$i $ac_func_search_save_LIBS" cat > conftest.$ac_ext <&6 d43 1 a43 1 ac_save_LIBS="$LIBS" d45 7 a51 7 +LIBS="-lssl -lcrypto $LIBS" cat > conftest.$ac_ext <&6 echo "configure:8425: checking gethostbyaddr_r() syntax" >&5 d55 1 a55 1 cat >> confdefs.h <<\EOF d57 1 a57 1 EOF @ 1.6 log @Use libtool PLIST handling, it works now. Add some missing symlinks for libtool archives, remove the .a and .so entries. Bump revision. Add DragonFly detection for shared libraries. Always try to find -lssl with -lcrypto, unbreaking the test at least on DragonFly, but should not harm elsewhere. @ text @d3 1 a3 1 --- configure.orig 2006-02-06 12:55:53.000000000 +0000 d5 1 a5 1 @@@@ -1934,13 +1934,13 @@@@ darwin* | rhapsody*) d21 1 a21 1 @@@@ -3700,7 +3700,7 @@@@ else d30 1 a30 1 @@@@ -4155,7 +4155,7 @@@@ freebsd1*) d39 1 a39 1 @@@@ -6252,14 +6252,14 @@@@ fi d44 1 a44 1 -echo "configure:6257: checking for pthread_create in -lpthread" >&5 d46 1 a46 1 +echo "configure:6257: checking for pthread_create in ${PTHREAD_LDFLAGS} ${PTHREAD_LIBS}" >&5 d55 1 a55 1 #line 6265 "configure" d57 1 a57 1 @@@@ -6288,7 +6288,7 @@@@ fi d66 1 a66 1 @@@@ -6372,7 +6372,7 @@@@ else d74 2 a75 2 #line 6379 "configure" @@@@ -6605,7 +6605,7 @@@@ if eval "test \"`echo '$''{'ac_cv_lib_$a d80 1 a80 1 +LIBS="-lssl -lcrypto $LIBS" d82 1 a82 1 #line 6611 "configure" d84 1 a84 1 @@@@ -8407,7 +8407,7 @@@@ gethostbyaddrrstyle="" d86 1 a86 1 echo "configure:8409: checking gethostbyaddr_r() syntax" >&5 @ 1.5 log @Remove some old hacks that are no longer needed Use our libtool Update to 1.1.1 Fixes security issue (DoS): http://secunia.com/advisories/19300/ > Security fixes > * Additional state checking in the EAP-MSCHAPv2 module. > Bug found by Steffen Schuster. > > Feature improvements > * More dictionary updates > * Additional tests and fixes for Digest module from Phillipe Sultan. > * Add new "phone" response mode to rlm_otp/cryptocard. > * Put the eap sessions into a tree, so that looking them up is very > fast, and no longer O(n) in the number of sessions. > * Install the schema examples for a set of backends with the rest > of the documentation. > * Add support for xlat expansion of attributes from LDAP. > > Bug fixes > * Fix rlm_perl crash. (closes: #348) > * Fix handling of CoA-Request packets (close #344). Also correct > name of CoA packets. > * Fix an error on x86_64 machines when reading dictionaries. > (closes: #312) > * Fix compilation errors on FreeBSD and NetBSD because of rlm_otp > module. (closes: #314 #328) > * Workaround Cisco bug in State attribute handling in rlm_otp. > * Support LP64 for async mode in rlm_otp. > * Fix libtool problems on Debian with rlm_eap_peap and rlm_eap_ttls > modules. (closes: #75) > * Make "use_tunneled_reply" work properly for PEAP. > * Copy the whole string when getting a one-to-one-mapped attribute > from LDAP (closes: #261) > * Fix net-snmp's ucd-snmp compatibility mode. @ text @d5 61 d75 18 @ 1.4 log @- Update freeradius to 1.0.2 - Fix for PR #29437 opened by luiszuccolo(at)ciudad.com.ar, thanks for the PR ! > FreeRADIUS 1.0.2 ; $Date: 2005/02/13 01:03:20 $, urgency=medium > * Novell eDirectoty support. Patch from Novell. > * localweb & Trapeze dictionary updates. > * EAP-SIM fixes. > * Make "Strip-User-Name = No" work. > * Don't declare zero-length arrays in rlm_passwd > * Bug fix to make udpfromto code work > * radrelay shouldn't dump core if it can't read a VP from the > detail file. > * Only initialize the random pool once. > * In rlm_sql, don't escape characters twice. > * Fix MD4 calculation on big-endian machines. > * In rlm_ldap, only claim Auth-Type if a plain text password is present. > * Treat Quintium VSAs like Cisco VSAs > * Locking fixes in threading code > * rlm_krb5 includes /usr/include/et for Fedora Core > * Fix post-auth REJECT stanza processing for rejections from external > processes or home RADIUS servers > * Fix building on gcc-4.0 by not trying to access static auth_port from > other files. > * Fix building SNMP support on Solaris 9, which needs -lkstat @ text @d3 1 a3 1 --- configure.orig 2005-02-18 15:41:34.000000000 +0000 d5 1 a5 1 @@@@ -6373,7 +6373,7 @@@@ else d13 1 a13 1 #line 6380 "configure" @ 1.3 log @- Fix pthread issues on 1.6.x - Fix builds with LDAP support - Bump PKGREVISION Thanks to Dave.Tyson (at) liverpool.ac.uk for testing a lot of these patches on the 1.6 branch. @ text @d3 3 a5 3 --- configure.orig Fri Nov 12 20:52:22 2004 +++ configure Fri Nov 12 20:53:02 2004 @@@@ -6272,7 +6272,7 @@@@ d13 1 a13 1 #line 6279 "configure" @ 1.2 log @- Update options.mk because of mySQL buildlink changes - Add a fix for crashes when processing EAP-PEAP requests PR 28095 Konstantin.Kabassanov (at) lip6.fr - Fix pthreads enabled builds on NetBSD systems < 2.0 - Replace patch-ai, patch-aj and patch-ak with SUBST_* (suggested by juan@@) @ text @d1 1 a1 1 $NetBSD: patch-ai,v 1.1 2004/09/23 19:51:22 adrianp Exp $ d3 11 a13 11 --- src/modules/rlm_counter/Makefile.in.orig 2004-09-23 19:27:35.000000000 +0100 +++ src/modules/rlm_counter/Makefile.in 2004-09-23 19:29:22.000000000 +0100 @@@@ -2,7 +2,7 @@@@ SRCS = rlm_counter.c HEADERS = RLM_CFLAGS = @@counter_cflags@@ -RLM_LIBS = @@counter_ldflags@@ +RLM_LIBS = @@counter_ldflags@@ -L${LOCALBASE}/lib -Wl,-R${LOCALBASE}/lib RLM_INSTALL = include ../rules.mak @ 1.1 log @- Update freeradius to 1.0.1 - Fix builds on 1.6 and 2.0_BETA - ok'ed wiz@@ - Addresses PR 26987 opened by Rui Paulo, thanks. - Fix startup script using the wrong options - Lots of changes including - Denial-of-Service Security Fix. - Make IPv6 support work better. - Many, many minor bug fixes and feature enhancements. - EAP-module feature improvements. @ text @d1 1 a1 1 $NetBSD$ @ 1.1.2.1 log @file patch-ai was added on branch pkgsrc-2004Q3 on 2004-09-23 19:51:22 +0000 @ text @d1 13 @ 1.1.2.2 log @Pullup ticket 118 - requested by Adrian Portelli build and security fixes for freeradius Based on patches provided by Adrian. @ text @a0 13 $NetBSD: patch-ai,v 1.1.2.1 2004/10/19 12:51:58 agc Exp $ --- src/modules/rlm_counter/Makefile.in.orig 2004-09-23 19:27:35.000000000 +0100 +++ src/modules/rlm_counter/Makefile.in 2004-09-23 19:29:22.000000000 +0100 @@@@ -2,7 +2,7 @@@@ SRCS = rlm_counter.c HEADERS = RLM_CFLAGS = @@counter_cflags@@ -RLM_LIBS = @@counter_ldflags@@ +RLM_LIBS = @@counter_ldflags@@ -L${LOCALBASE}/lib -Wl,-R${LOCALBASE}/lib RLM_INSTALL = include ../rules.mak @