[gentoo-commits] repo/gentoo:master commit in: net-dialup/freeradius/files/

public inbox for gentoo-commits@lists.gentoo.org
 help / color / mirror / Atom feed

* [gentoo-commits] repo/gentoo:master commit in: net-dialup/freeradius/files/
@ 2021-05-03 18:46 Sam James
  0 siblings, 0 replies; 2+ messages in thread
From: Sam James @ 2021-05-03 18:46 UTC (permalink / raw
  To: gentoo-commits

commit:     a392cec2c172819242ab72e4b98409fc0e8e843c
Author:     Sam James <sam <AT> gentoo <DOT> org>
AuthorDate: Mon May  3 18:33:04 2021 +0000
Commit:     Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Mon May  3 18:45:39 2021 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a392cec2

net-dialup/freeradius: drop obsolete LibreSSL patch

Signed-off-by: Sam James <sam <AT> gentoo.org>

 .../files/freeradius-3.0.18-libressl.patch         | 63 ----------------------
 1 file changed, 63 deletions(-)

diff --git a/net-dialup/freeradius/files/freeradius-3.0.18-libressl.patch b/net-dialup/freeradius/files/freeradius-3.0.18-libressl.patch
deleted file mode 100644
index 129e251d87b..00000000000
--- a/net-dialup/freeradius/files/freeradius-3.0.18-libressl.patch
+++ /dev/null
@@ -1,63 +0,0 @@
-From 39e4ac0cf8d415b41dc2ff1fc329de0522b135ca Mon Sep 17 00:00:00 2001
-From: Stefan Strogin <stefan.strogin@gmail.com>
-Date: Wed, 24 Apr 2019 09:16:12 +0300
-Subject: [PATCH] Fix build to LibreSSL
-
-Upstream-Status: Inappropriate
-[https://github.com/FreeRADIUS/freeradius-server/commit/9652affe38f41ba2484e013cf9d2c0bcb8c80d67]
-Signed-off-by: Stefan Strogin <stefan.strogin@gmail.com>
----
- src/main/tls.c                                    | 9 ++++++---
- src/modules/rlm_eap/types/rlm_eap_fast/eap_fast.c | 3 ++-
- 2 files changed, 8 insertions(+), 4 deletions(-)
-
-diff --git a/src/main/tls.c b/src/main/tls.c
-index 9726953234..840724bf61 100644
---- a/src/main/tls.c
-+++ b/src/main/tls.c
-@@ -1579,7 +1579,8 @@ done:
- 	return 0;
- }
- 
--#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L || \
-+  (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x2090100fL)
- static SSL_SESSION *cbtls_get_session(SSL *ssl, unsigned char *data, int len, int *copy)
- #else
- static SSL_SESSION *cbtls_get_session(SSL *ssl, const unsigned char *data, int len, int *copy)
-@@ -3379,14 +3380,16 @@ post_ca:
- 		 */
- 		SSL_CTX_sess_set_cache_size(ctx, conf->session_cache_size);
- 
--#if OPENSSL_VERSION_NUMBER >= 0x10101000L
-+/* Not implemented in LibreSSL 2.9.1 */
-+#if OPENSSL_VERSION_NUMBER >= 0x10101000L && !defined(LIBRESSL_VERSION_NUMBER)
- 		SSL_CTX_set_num_tickets(ctx, 1);
- #endif
- 
- 	} else {
- 		SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF);
- 
--#if OPENSSL_VERSION_NUMBER >= 0x10101000L
-+/* Not implemented in LibreSSL 2.9.1 */
-+#if OPENSSL_VERSION_NUMBER >= 0x10101000L && !defined(LIBRESSL_VERSION_NUMBER)
- 		/*
- 		 *	This controls the number of stateful or stateless tickets
- 		 *	generated with TLS 1.3.  In OpenSSL 1.1.1 it's also
-diff --git a/src/modules/rlm_eap/types/rlm_eap_fast/eap_fast.c b/src/modules/rlm_eap/types/rlm_eap_fast/eap_fast.c
-index fa9c58f3c3..a53341fc20 100644
---- a/src/modules/rlm_eap/types/rlm_eap_fast/eap_fast.c
-+++ b/src/modules/rlm_eap/types/rlm_eap_fast/eap_fast.c
-@@ -44,7 +44,8 @@ static int openssl_get_keyblock_size(REQUEST *request, SSL *ssl)
- {
- 	const EVP_CIPHER *c;
- 	const EVP_MD *h;
--#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER)
-+#if OPENSSL_VERSION_NUMBER < 0x10100000L || \
-+  (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x2090100fL)
- 	int md_size;
- 
- 	if (ssl->enc_read_ctx == NULL || ssl->enc_read_ctx->cipher == NULL ||
--- 
-2.21.0
-


^ permalink raw reply related	[flat|nested] 2+ messages in thread

* [gentoo-commits] repo/gentoo:master commit in: net-dialup/freeradius/files/
@ 2022-11-25  5:23 Sam James
  0 siblings, 0 replies; 2+ messages in thread
From: Sam James @ 2022-11-25  5:23 UTC (permalink / raw
  To: gentoo-commits

commit:     ebef88938ec94e9bf3159dbbe54faa2aeb83beb5
Author:     Sam James <sam <AT> gentoo <DOT> org>
AuthorDate: Fri Nov 25 05:22:07 2022 +0000
Commit:     Sam James <sam <AT> gentoo <DOT> org>
CommitDate: Fri Nov 25 05:22:07 2022 +0000
URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ebef8893

net-dialup/freeradius: restore patch

Closes: https://bugs.gentoo.org/882883
Fixes: 85dea602dd8491d8b2457b933a36508bced8cb74
Signed-off-by: Sam James <sam <AT> gentoo.org>

 .../files/freeradius-3.0.20-systemd-service.patch  | 57 ++++++++++++++++++++++
 1 file changed, 57 insertions(+)

diff --git a/net-dialup/freeradius/files/freeradius-3.0.20-systemd-service.patch b/net-dialup/freeradius/files/freeradius-3.0.20-systemd-service.patch
new file mode 100644
index 000000000000..04223657d5f5
--- /dev/null
+++ b/net-dialup/freeradius/files/freeradius-3.0.20-systemd-service.patch
@@ -0,0 +1,57 @@
+diff --git a/debian/freeradius.service b/debian/freeradius.service
+index 378702d184..ee33c2a294 100644
+--- a/debian/freeradius.service
++++ b/debian/freeradius.service
+@@ -7,7 +7,6 @@ Documentation=man:radiusd(8) man:radiusd.conf(5) http://wiki.freeradius.org/ htt
+ Type=notify
+ WatchdogSec=60
+ NotifyAccess=all
+-EnvironmentFile=-/etc/default/freeradius
+ 
+ # FreeRADIUS can do static evaluation of policy language rules based
+ # on environmental variables which is very useful for doing per-host
+@@ -25,16 +24,15 @@ MemoryLimit=2G
+ # Ensure the daemon can still write its pidfile after it drops
+ # privileges. Combination of options that work on a variety of
+ # systems. Test very carefully if you alter these lines.
+-RuntimeDirectory=freeradius
++RuntimeDirectory=radiusd
+ RuntimeDirectoryMode=0775
+ # This does not work on Debian Jessie:
+-User=freerad
+-Group=freerad
+-# This does not work on Ubuntu Bionic:
+-ExecStartPre=/bin/chown freerad:freerad /var/run/freeradius
++User=radius
++Group=radius
+ 
+-ExecStartPre=/usr/sbin/freeradius $FREERADIUS_OPTIONS -Cx -lstdout
+-ExecStart=/usr/sbin/freeradius -f $FREERADIUS_OPTIONS
++ExecStartPre=/usr/sbin/radiusd $RADIUSD_OPTIONS -Cx -lstdout
++ExecStart=/usr/sbin/radiusd -f $RADIUSD_OPTIONS
++ExecReload=/bin/kill -HUP $MAINPID
+ Restart=on-failure
+ RestartSec=5
+ 
+@@ -42,7 +40,7 @@ RestartSec=5
+ NoNewPrivileges=true
+ 
+ # Allow binding to secure ports, broadcast addresses, and raw interfaces.
+-#CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET_RAW CAP_SETUID CAP_SETGID CAP_CHOWN CAP_DAC_OVERRIDE
++CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET_RAW CAP_SETUID CAP_SETGID CAP_CHOWN CAP_DAC_OVERRIDE
+ 
+ # Private /tmp that isn't shared by other processes
+ PrivateTmp=true
+@@ -60,10 +58,10 @@ ProtectKernelTunables=true
+ SystemCallArchitectures=native
+ 
+ # We shouldn't be writing to the configuration directory
+-ReadOnlyDirectories=/etc/freeradius/
++ReadOnlyDirectories=/etc/raddb/
+ 
+ # We can read and write to the log directory.
+-ReadWriteDirectories=/var/log/freeradius/
++ReadWriteDirectories=/var/log/radius/
+ 
+ [Install]
+ WantedBy=multi-user.target


^ permalink raw reply related	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2022-11-25  5:23 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2022-11-25  5:23 [gentoo-commits] repo/gentoo:master commit in: net-dialup/freeradius/files/ Sam James
  -- strict thread matches above, loose matches on Subject: below --
2021-05-03 18:46 Sam James

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox