rpms/freeradius
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Upgrade to upstream 3.0.4rc2 release

Browse Source 
Resolves Bug#1133959.
This commit is contained in:
Nikolai Kondrashov 2014-09-08 13:04:08 +03:00
parent 9bfd6e3a48
commit 29de2eaf88
8 changed files with 47 additions and 582 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -9,3 +9,4 @@
/freeradius-server-3.0.1.tar.bz2
/freeradius-server-3.0.2.tar.bz2
/freeradius-server-3.0.3.tar.bz2
/freeradius-server-3.0.4rc2.tar.bz2

396
freeradius-case-insensitive-matching.patch
View File

@ -1,396 +0,0 @@
commit dd648b44760b9041d5ea4279e78ee7fb4e5aa13d
Author: Arran Cudbard-Bell <a.cudbardb@freeradius.org>
Date: Tue May 13 11:52:21 2014 +0100
Fix case insensitive matching in compiled regular expressions
diff --git a/src/include/map.h b/src/include/map.h
index ed73093..59732a1 100644
--- a/src/include/map.h
+++ b/src/include/map.h
@@ -155,11 +155,14 @@ typedef struct value_pair_tmpl_t {
union {
struct {
- value_data_t const *value; //!< actual data
- size_t length; //!< of the vpd data
+ value_data_t const *value; //!< actual data
+ size_t length; //!< of the vpd data
} literal;
xlat_exp_t *xlat; //!< pre-parsed xlat_exp_t
- regex_t *preg; //!< pre-parsed regex_t
+ struct {
+ regex_t *comp; //!< pre-parsed regex_t
+ bool iflag; //!< Case insensitive
+ } preg;
} data;
} value_pair_tmpl_t;
@@ -170,7 +173,9 @@ typedef struct value_pair_tmpl_t {
#define vpt_tag attribute.tag
#define vpt_xlat data.xlat
-#define vpt_preg data.preg
+
+#define vpt_preg data.preg.comp
+#define vpt_iflag data.preg.iflag
#define vpt_value data.literal.value
#define vpt_length data.literal.length
diff --git a/src/include/parser.h b/src/include/parser.h
index 5126edd..6aa858a 100644
--- a/src/include/parser.h
+++ b/src/include/parser.h
@@ -73,7 +73,6 @@ struct fr_cond_t {
fr_cond_t *child;
} data;
- int regex_i;
int negate;
int pass2_fixup;
diff --git a/src/main/evaluate.c b/src/main/evaluate.c
index 60351c9..c21ed4f 100644
--- a/src/main/evaluate.c
+++ b/src/main/evaluate.c
@@ -240,16 +240,13 @@ int radius_evaluate_tmpl(REQUEST *request, int modreturn, UNUSED int depth,
}
-static int do_regex(REQUEST *request, value_pair_map_t const *map, bool iflag)
+static int do_regex(REQUEST *request, value_pair_map_t const *map)
{
int compare, rcode, ret;
- int cflags = REG_EXTENDED;
regex_t reg, *preg;
char *lhs, *rhs;
regmatch_t rxmatch[REQUEST_MAX_REGEX + 1];
- if (iflag) cflags |= REG_ICASE;
-
/*
* Expand and then compile it.
*/
@@ -262,7 +259,7 @@ static int do_regex(REQUEST *request, value_pair_map_t const *map, bool iflag)
}
rad_assert(rhs != NULL);
- compare = regcomp(&reg, rhs, cflags);
+ compare = regcomp(&reg, rhs, REG_EXTENDED | (map->src->vpt_iflag ? REG_ICASE : 0));
if (compare != 0) {
if (debug_flag) {
char errbuf[128];
@@ -635,7 +632,7 @@ int radius_evaluate_map(REQUEST *request, UNUSED int modreturn, UNUSED int depth
*/
if ((map->src->type == VPT_TYPE_REGEX) ||
(map->src->type == VPT_TYPE_REGEX_STRUCT)) {
- return do_regex(request, map, c->regex_i);
+ return do_regex(request, map);
}
#endif
diff --git a/src/main/modcall.c b/src/main/modcall.c
index 22ab00b..915c370 100644
--- a/src/main/modcall.c
+++ b/src/main/modcall.c
@@ -2829,7 +2829,7 @@ static bool pass2_regex_compile(CONF_ITEM const *ci, value_pair_tmpl_t *vpt)
talloc_set_destructor(preg, _free_compiled_regex);
if (!preg) return false;
- rcode = regcomp(preg, vpt->name, REG_EXTENDED);
+ rcode = regcomp(preg, vpt->name, REG_EXTENDED | (vpt->vpt_iflag ? REG_ICASE : 0));
if (rcode != 0) {
char buffer[256];
regerror(rcode, preg, buffer, sizeof(buffer));
diff --git a/src/main/parser.c b/src/main/parser.c
index fcfd16e..738ca7f 100644
--- a/src/main/parser.c
+++ b/src/main/parser.c
@@ -340,7 +340,8 @@ static ssize_t condition_tokenize_cast(char const *start, DICT_ATTR const **pda,
* @param[out] error the parse error (if any)
* @return length of the string skipped, or when negative, the offset to the offending error
*/
-static ssize_t condition_tokenize(TALLOC_CTX *ctx, CONF_ITEM *ci, char const *start, int brace, fr_cond_t **pcond, char const **error, int flags)
+static ssize_t condition_tokenize(TALLOC_CTX *ctx, CONF_ITEM *ci, char const *start, int brace,
+ fr_cond_t **pcond, char const **error, int flags)
{
ssize_t slen;
char const *p = start;
@@ -477,7 +478,8 @@ static ssize_t condition_tokenize(TALLOC_CTX *ctx, CONF_ITEM *ci, char const *st
rad_assert(c->data.vpt->type != VPT_TYPE_REGEX);
} else { /* it's an operator */
- int regex;
+ bool regex;
+ bool i_flag = false;
/*
* The next thing should now be a comparison operator.
@@ -613,7 +615,7 @@ static ssize_t condition_tokenize(TALLOC_CTX *ctx, CONF_ITEM *ci, char const *st
* Allow /foo/i
*/
if (p[slen] == 'i') {
- c->regex_i = true;
+ i_flag = true;
slen++;
}
@@ -637,6 +639,10 @@ static ssize_t condition_tokenize(TALLOC_CTX *ctx, CONF_ITEM *ci, char const *st
return_0("Syntax error");
}
+ if (c->data.map->src->type == VPT_TYPE_REGEX) {
+ c->data.map->src->vpt_iflag = i_flag;
+ }
+
/*
* Could have been a reference to an attribute which is registered later.
* Mark it as being checked in pass2.
@@ -1074,7 +1080,6 @@ done:
rcode = radius_evaluate_map(NULL, 0, 0, c);
TALLOC_FREE(c->data.map);
c->cast = NULL;
- c->regex_i = false;
if (rcode) {
c->type = COND_TYPE_TRUE;
} else {
@@ -1097,7 +1102,6 @@ done:
int rcode;
rad_assert(c->cast == NULL);
- rad_assert(c->regex_i == false);
rcode = radius_evaluate_map(NULL, 0, 0, c);
if (rcode) {
diff --git a/src/tests/keywords/if-regex-match b/src/tests/keywords/if-regex-match
index f15e74f..f3e6aa9 100644
--- a/src/tests/keywords/if-regex-match
+++ b/src/tests/keywords/if-regex-match
@@ -1,16 +1,96 @@
# PRE: if
#
-# May as well exercise the regular expression engine
-if (User-Name !~ /^([0-9])_([0-9])?_([0-9]*)_([0-9]+)_([^_])_(6)_([7-8])/) {
- reject
+
+# Non matching on attribute ref
+if (User-Name !~ /^([0-9])_([0-9])?_([0-9]*)_([0-9]+)_([^_])_(6)_([7-8])%{Tmp-String-0}/) {
+ update reply {
+ Filter-Id += 'Fail 0'
+ }
}
-if ("%{User-Name}" !~ /^([0-9])_([0-9])?_([0-9]*)_([0-9]+)_([^_])_(6)_([7-8])/) {
- reject
+# Matching on xlat expanded value
+if ("%{User-Name}" !~ /^([0-9])_([0-9])?_([0-9]*)_([0-9]+)_([^_])_(6)_([7-8])%{Tmp-String-0}/) {
+ update reply {
+ Filter-Id += 'Fail 1'
+ }
}
-if (User-Name =~ /^([0-9])_([0-9])?_([0-9]*)_([0-9]+)_([^_])_(6)_([7-8])/) {
+# Matching on attribute ref with capture groups
+if (User-Name =~ /^([0-9])_([0-9])?_([0-9]*)_([0-9]+)_([^_])_(6)_([7-8])%{Tmp-String-0}/) {
+ # Test all the capture groups
update {
reply:User-Name := "%{7}_%{6}_%{5}_%{4}_%{3}_%{2}_%{1}_%{0}"
}
}
+else {
+ update reply {
+ Filter-Id += 'Fail 2'
+ }
+}
+
+# Checking capture groups are cleared out correctly
+if (User-Name =~ /^([0-9])_%{Tmp-String-0}/) {
+ if ("%{0}%{1}%{2}%{3}%{4}%{5}%{6}%{7}" != '1_1') {
+ update reply {
+ Filter-Id += 'Fail 3'
+ }
+ }
+}
+else {
+ update reply {
+ Filter-Id += 'Fail 3.5'
+ }
+}
+
+# Checking capture groups are cleared out correctly when there are no matches
+if (User-Name =~ /^.%{Tmp-String-0}/) {
+ if ("%{0}%{1}%{2}%{3}%{4}%{5}%{6}%{7}" != '1') {
+ update reply {
+ Filter-Id += 'Fail 4'
+ }
+ }
+}
+else {
+ update reply {
+ Filter-Id += 'Fail 4.5'
+ }
+}
+
+# compiled - ref - insensitive
+if (Calling-Station-Id !~ /:roamyroam%{Tmp-String-0}$/i) {
+ update reply {
+ Filter-Id += 'Fail 5'
+ }
+}
+
+# compiled - expansion - insensitive
+if ("%{Calling-Station-Id}" !~ /:roamyroam%{Tmp-String-0}$/i) {
+ update reply {
+ Filter-Id += 'Fail 6'
+ }
+}
+
+# compiled - enum - ref - insensitive
+if (Service-Type !~ /^framed-user%{Tmp-String-0}$/i) {
+ update reply {
+ Filter-Id += 'Fail 7'
+ }
+}
+
+# compiled - enum - expansion - insensitive
+if ("%{Service-Type}" !~ /^framed-user%{Tmp-String-0}$/i) {
+ update reply {
+ Filter-Id += 'Fail 8'
+ }
+}
+
+# compiled - enum - ref
+if (Service-Type =~ /^framed-user%{Tmp-String-0}$/) {
+ update reply {
+ Filter-Id += 'Fail 9'
+ }
+}
+
+
+
+
diff --git a/src/tests/keywords/if-regex-match-comp b/src/tests/keywords/if-regex-match-comp
new file mode 100644
index 0000000..8d68142
--- /dev/null
+++ b/src/tests/keywords/if-regex-match-comp
@@ -0,0 +1,94 @@
+# PRE: if
+#
+
+# Non matching on attribute ref
+if (User-Name !~ /^([0-9])_([0-9])?_([0-9]*)_([0-9]+)_([^_])_(6)_([7-8])/) {
+ update reply {
+ Filter-Id += 'Fail 0'
+ }
+}
+
+# Matching on xlat expanded value
+if ("%{User-Name}" !~ /^([0-9])_([0-9])?_([0-9]*)_([0-9]+)_([^_])_(6)_([7-8])/) {
+ update reply {
+ Filter-Id += 'Fail 1'
+ }
+}
+
+# Matching on attribute ref with capture groups
+if (User-Name =~ /^([0-9])_([0-9])?_([0-9]*)_([0-9]+)_([^_])_(6)_([7-8])/) {
+ # Test all the capture groups
+ update {
+ reply:User-Name := "%{7}_%{6}_%{5}_%{4}_%{3}_%{2}_%{1}_%{0}"
+ }
+}
+else {
+ update reply {
+ Filter-Id += 'Fail 2'
+ }
+}
+
+# Checking capture groups are cleared out correctly
+if (User-Name =~ /^([0-9])_/) {
+ if ("%{0}%{1}%{2}%{3}%{4}%{5}%{6}%{7}" != '1_1') {
+ update reply {
+ Filter-Id += 'Fail 3'
+ }
+ }
+}
+else {
+ update reply {
+ Filter-Id += 'Fail 3.5'
+ }
+}
+
+# Checking capture groups are cleared out correctly when there are no matches
+if (User-Name =~ /^./) {
+ if ("%{0}%{1}%{2}%{3}%{4}%{5}%{6}%{7}" != '1') {
+ update reply {
+ Filter-Id += 'Fail 4'
+ }
+ }
+}
+else {
+ update reply {
+ Filter-Id += 'Fail 4.5'
+ }
+}
+
+# compiled - ref - insensitive
+if (Calling-Station-Id !~ /:roamyroam$/i) {
+ update reply {
+ Filter-Id += 'Fail 5'
+ }
+}
+
+# compiled - expansion - insensitive
+if ("%{Calling-Station-Id}" !~ /:roamyroam$/i) {
+ update reply {
+ Filter-Id += 'Fail 6'
+ }
+}
+
+# compiled - enum - ref - insensitive
+if (Service-Type !~ /^framed-user$/i) {
+ update reply {
+ Filter-Id += 'Fail 7'
+ }
+}
+
+# compiled - enum - expansion - insensitive
+if ("%{Service-Type}" !~ /^framed-user$/i) {
+ update reply {
+ Filter-Id += 'Fail 8'
+ }
+}
+
+# compiled - enum - ref
+if (Service-Type =~ /^framed-user$/) {
+ update reply {
+ Filter-Id += 'Fail 9'
+ }
+}
+
+
diff --git a/src/tests/keywords/if-regex-match-comp.attrs b/src/tests/keywords/if-regex-match-comp.attrs
new file mode 100644
index 0000000..ba7188d
--- /dev/null
+++ b/src/tests/keywords/if-regex-match-comp.attrs
@@ -0,0 +1,7 @@
+User-Name = '1_2_3_4_5_6_7'
+User-Password = 'hello'
+Service-Type := 'Framed-User'
+Calling-Station-ID := '00:11:22:33:44:55:66:ROAMYROAM'
+
+Response-Packet-Type == Access-Accept
+User-Name == '7_6_5_4_3_2_1_1_2_3_4_5_6_7'
diff --git a/src/tests/keywords/if-regex-match.attrs b/src/tests/keywords/if-regex-match.attrs
index ab03050..ba7188d 100644
--- a/src/tests/keywords/if-regex-match.attrs
+++ b/src/tests/keywords/if-regex-match.attrs
@@ -1,5 +1,7 @@
User-Name = '1_2_3_4_5_6_7'
User-Password = 'hello'
+Service-Type := 'Framed-User'
+Calling-Station-ID := '00:11:22:33:44:55:66:ROAMYROAM'
Response-Packet-Type == Access-Accept
User-Name == '7_6_5_4_3_2_1_1_2_3_4_5_6_7'

107
freeradius-foreach.patch
View File

@ -1,107 +0,0 @@
commit c0f670c233e9562118648af641d4f8d182350f31
Author: Arran Cudbard-Bell <a.cudbardb@freeradius.org>
Date: Fri May 16 11:38:22 2014 +0100
Make the foreach code slightly more sane. Reliably reproduces the issue described by #639
diff --git a/src/main/modcall.c b/src/main/modcall.c
index 3dd0828..7a44bf2 100644
--- a/src/main/modcall.c
+++ b/src/main/modcall.c
@@ -608,9 +608,9 @@ redo:
*/
if (c->type == MOD_FOREACH) {
int i, foreach_depth = -1;
- VALUE_PAIR *vps, **tail, *vp;
+ VALUE_PAIR *vps, *vp;
modcall_stack_entry_t *next = NULL;
- vp_cursor_t cursor;
+ vp_cursor_t cursor, copy;
modgroup *g = mod_callabletogroup(c);
if (depth >= MODCALL_STACK_MAX) {
@@ -645,31 +645,35 @@ redo:
}
/*
- * Copy the VPs from the original request.
+ * Copy the VPs from the original request, this ensures deterministic
+ * behaviour if someone decides to add or remove VPs in the set were
+ * iterating over.
*/
- fr_cursor_init(&cursor, &vp);
- /* Prime the cursor. */
- cursor.found = cursor.current;
-
vps = NULL;
- tail = &vps;
- while (vp) {
- *tail = paircopyvp(request, vp);
- if (!*tail) break;
+ fr_cursor_init(&cursor, &vp);
- tail = &((*tail)->next); /* really should be using cursors... */
+ /* Prime the cursor. */
+ cursor.found = cursor.current;
+ for (fr_cursor_init(&copy, &vps);
+ vp;
+ vp = fr_cursor_next_by_da(&cursor, vp->da, g->vpt->attribute.tag)) {
+ VALUE_PAIR *tmp;
- vp = fr_cursor_next_by_da(&cursor, vp->da, g->vpt->attribute.tag);
+ MEM(tmp = paircopyvp(request, vp));
+ fr_cursor_insert(&copy, tmp);
}
- RDEBUG2("%.*sforeach %s ", depth + 1, modcall_spaces,
- c->name);
+ RDEBUG2("%.*sforeach %s ", depth + 1, modcall_spaces, c->name);
+
rad_assert(vps != NULL);
- for (vp = fr_cursor_init(&cursor, &vps);
+ /*
+ * This is the actual body of the foreach loop
+ */
+ for (vp = fr_cursor_first(&copy);
vp != NULL;
- vp = fr_cursor_next(&cursor)) {
+ vp = fr_cursor_next(&copy)) {
#ifndef NDEBUG
if (fr_debug_flag >= 2) {
char buffer[1024];
@@ -709,7 +713,7 @@ redo:
}
} /* loop over VPs */
- talloc_free(vps);
+ pairfree(&vps);
rad_assert(next != NULL);
result = next->result;
commit 860f645668b9604c897c4ee1338ecfeb88cdd75a
Author: Arran Cudbard-Bell <a.cudbardb@freeradius.org>
Date: Fri May 16 12:32:12 2014 +0100
Don't free foreach VPs on break #639
Wwe go back up the stack in an orderly way and don't need this hack anymore
diff --git a/src/main/modcall.c b/src/main/modcall.c
index 7a44bf2..5785643 100644
--- a/src/main/modcall.c
+++ b/src/main/modcall.c
@@ -732,9 +732,7 @@ redo:
for (i = 8; i >= 0; i--) {
copy_p = request_data_get(request, radius_get_vp, i);
if (copy_p) {
- RDEBUG2("%.*s # break Foreach-Variable-%d", depth + 1,
- modcall_spaces, i);
- pairfree(copy_p);
+ RDEBUG2("%.*s # break Foreach-Variable-%d", depth + 1, modcall_spaces, i);
break;
}
}

28
freeradius-perl-string-escaping.patch
View File

@ -1,28 +0,0 @@
commit ff8b26e0cdad5d2579dcf64edbe2fab2b10aecd4
Author: Alan T. DeKok <aland@freeradius.org>
Date: Wed May 14 13:32:42 2014 -0400
Fix typo. Closes #635
diff --git a/src/modules/rlm_perl/rlm_perl.c b/src/modules/rlm_perl/rlm_perl.c
index 65cd971..a45daec 100644
--- a/src/modules/rlm_perl/rlm_perl.c
+++ b/src/modules/rlm_perl/rlm_perl.c
@@ -617,7 +617,7 @@ static void perl_store_vps(TALLOC_CTX *ctx, REQUEST *request, VALUE_PAIR *vps, H
for (vp = fr_cursor_first(&cursor);
vp;
vp = fr_cursor_next(&cursor)) {
- if (vp->da->type != PW_TYPE_INVALID) {
+ if (vp->da->type != PW_TYPE_STRING) {
len = vp_prints_value(buffer, sizeof(buffer), vp, 0);
av_push(av, newSVpv(buffer, truncate_len(len, sizeof(buffer))));
RDEBUG("<-- %s = %s", vp->da->name, buffer);
@@ -634,7 +634,7 @@ static void perl_store_vps(TALLOC_CTX *ctx, REQUEST *request, VALUE_PAIR *vps, H
*/
} else if (sublist) {
- if (sublist->da->type != PW_TYPE_INVALID) {
+ if (sublist->da->type != PW_TYPE_STRING) {
len = vp_prints_value(buffer, sizeof(buffer), sublist, 0);
(void)hv_store(rad_hv, name, strlen(name), newSVpv(buffer, truncate_len(len, sizeof(buffer))), 0);
RDEBUG("<-- %s = %s", sublist->da->name, buffer);

53
freeradius-redhat-config.patch
View File

@ -1,38 +1,50 @@
diff -r -u freeradius-server-3.0.0.orig/raddb/mods-available/eap freeradius-server-3.0.0/raddb/mods-available/eap
--- freeradius-server-3.0.0.orig/raddb/mods-available/eap 2013-10-07 15:49:47.000000000 -0400
+++ freeradius-server-3.0.0/raddb/mods-available/eap 2013-11-26 17:48:56.081183431 -0500
@@ -435,7 +435,7 @@
From af06b80f84b5e95153abc7ef55dedaa614eb6b04 Mon Sep 17 00:00:00 2001
From: Nikolai Kondrashov <Nikolai.Kondrashov@redhat.com>
Date: Mon, 8 Sep 2014 12:32:13 +0300
Subject: [PATCH 1/1] Adjust configuration to fit Red Hat specifics
---
raddb/mods-available/eap | 4 ++--
raddb/radiusd.conf.in | 7 +++----
2 files changed, 5 insertions(+), 6 deletions(-)
diff --git a/raddb/mods-available/eap b/raddb/mods-available/eap
index 9ac2a74..86141d6 100644
--- a/raddb/mods-available/eap
+++ b/raddb/mods-available/eap
@@ -435,7 +435,7 @@ eap {
#
# You should also delete all of the files
# in the directory when the server starts.
- # tmpdir = /tmp/radiusd
+ # tmpdir = /var/run/radiusd/tmp
- # tmpdir = /tmp/radiusd
+ # tmpdir = /var/run/radiusd/tmp
# The command used to verify the client cert.
# We recommend using the OpenSSL command-line
@@ -449,7 +449,7 @@
@@ -449,7 +449,7 @@ eap {
# in PEM format. This file is automatically
# deleted by the server when the command
# returns.
- # client = "/path/to/openssl verify -CApath ${..ca_path} %{TLS-Client-Cert-Filename}"
+ # client = "/usr/bin/openssl verify -CApath ${..ca_path} %{TLS-Client-Cert-Filename}"
- # client = "/path/to/openssl verify -CApath ${..ca_path} %{TLS-Client-Cert-Filename}"
+ # client = "/usr/bin/openssl verify -CApath ${..ca_path} %{TLS-Client-Cert-Filename}"
}
#
diff -r -u freeradius-server-3.0.0.orig/raddb/radiusd.conf.in freeradius-server-3.0.0/raddb/radiusd.conf.in
--- freeradius-server-3.0.0.orig/raddb/radiusd.conf.in 2013-10-07 15:49:47.000000000 -0400
+++ freeradius-server-3.0.0/raddb/radiusd.conf.in 2013-11-26 17:24:52.263467793 -0500
@@ -71,8 +71,7 @@
diff --git a/raddb/radiusd.conf.in b/raddb/radiusd.conf.in
index 307ae10..7cf71be 100644
--- a/raddb/radiusd.conf.in
+++ b/raddb/radiusd.conf.in
@@ -70,8 +70,7 @@ certdir = ${confdir}/certs
cadir = ${confdir}/certs
run_dir = ${localstatedir}/run/${name}
-# Should likely be ${localstatedir}/lib/radiusd
-db_dir = ${raddbdir}
+db_dir = ${localstatedir}/lib/radiusd
#
# libdir: Where to find the rlm_* modules.
@@ -376,8 +375,8 @@
@@ -415,8 +414,8 @@ security {
# member. This can allow for some finer-grained access
# controls.
#
@ -40,6 +52,9 @@ diff -r -u freeradius-server-3.0.0.orig/raddb/radiusd.conf.in freeradius-server-
-# group = radius
+ user = radiusd
+ group = radiusd
# Core dumps are a bad thing. This should only be set to
# 'yes' if you're debugging a problem with the server.
--
2.1.0

19
freeradius-segfault-on-config-parse.patch
View File

@ -1,19 +0,0 @@
commit f9e2d539599345b03dde495a36d4ec8bd90d78a5
Author: Alan T. DeKok <aland@freeradius.org>
Date: Thu May 15 10:31:23 2014 -0400
Use the correct data type. Closes #634
diff --git a/src/main/mainconfig.c b/src/main/mainconfig.c
index 86757df..4564778 100644
--- a/src/main/mainconfig.c
+++ b/src/main/mainconfig.c
@@ -83,7 +83,7 @@ static char const *radlog_dest = NULL;
*/
static char const *localstatedir = NULL;
static char const *prefix = NULL;
-static char my_name;
+static char const *my_name = NULL;
static char const *sbindir = NULL;
static char const *run_dir = NULL;
static char *syslog_facility = NULL;

23
freeradius.spec
View File

@ -1,7 +1,7 @@
Summary: High-performance and highly configurable free RADIUS server
Name: freeradius
Version: 3.0.3
Release: 5%{?dist}
Version: 3.0.4
Release: 0.1.rc2%{?dist}
License: GPLv2+ and LGPLv2+
Group: System Environment/Daemons
URL: http://www.freeradius.org/
@ -13,7 +13,7 @@ URL: http://www.freeradius.org/
%global HAVE_EC_CRYPTO 0
%endif
%global dist_base freeradius-server-%{version}
%global dist_base freeradius-server-%{version}rc2
Source0: ftp://ftp.freeradius.org/pub/radius/%{dist_base}.tar.bz2
Source100: radiusd.service
@ -23,11 +23,7 @@ Source104: freeradius-tmpfiles.conf
Patch1: freeradius-redhat-config.patch
Patch2: freeradius-postgres-sql.patch
Patch3: freeradius-case-insensitive-matching.patch
Patch4: freeradius-perl-string-escaping.patch
Patch5: freeradius-segfault-on-config-parse.patch
Patch6: freeradius-foreach.patch
Patch7: freeradius-heartbleed-confirm.patch
Patch3: freeradius-heartbleed-confirm.patch
%global docdir %{?_pkgdocdir}%{!?_pkgdocdir:%{_docdir}/%{name}-%{version}}
@ -187,10 +183,6 @@ This plugin provides the unixODBC support for the FreeRADIUS server project.
%patch1 -p1
%patch2 -p1
%patch3 -p1
%patch4 -p1
%patch5 -p1
%patch6 -p1
%patch7 -p1
%build
# Force compile/link options, extra security for network facing daemon
@ -265,6 +257,7 @@ rm -rf $RPM_BUILD_ROOT/etc/raddb/mods-config/sql/main/oracle
rm $RPM_BUILD_ROOT/%{_sysconfdir}/raddb/mods-available/unbound
rm $RPM_BUILD_ROOT/%{_sysconfdir}/raddb/mods-config/unbound/default.conf
rm $RPM_BUILD_ROOT/%{_sysconfdir}/raddb/mods-available/couchbase
# remove unsupported config files
rm -f $RPM_BUILD_ROOT/%{_sysconfdir}/raddb/experimental.conf
@ -412,6 +405,7 @@ exit 0
%attr(640,root,radiusd) %config(noreplace) /etc/raddb/sites-available/copy-acct-to-home-server
%attr(640,root,radiusd) %config(noreplace) /etc/raddb/sites-available/buffered-sql
%attr(640,root,radiusd) %config(noreplace) /etc/raddb/sites-available/tls
%attr(640,root,radiusd) %config(noreplace) /etc/raddb/sites-available/channel_bindings
# sites-enabled
# symlink: /etc/raddb/sites-enabled/xxx -> ../sites-available/xxx
@ -671,6 +665,7 @@ exit 0
%files python
%dir %attr(750,root,radiusd) /etc/raddb/mods-config/python
/etc/raddb/mods-config/python/example.py*
/etc/raddb/mods-config/python/radiusd.py*
%{_libdir}/freeradius/rlm_python.so
%files mysql
@ -768,6 +763,10 @@ exit 0
%{_libdir}/freeradius/rlm_sql_unixodbc.so
%changelog
* Mon Sep 8 2014 Nikolai Kondrashov <Nikolai.Kondrashov@redhat.com> - 3.0.4-0.1.rc2
- Upgrade to upstream 3.0.4-rc2 release.
See upstream ChangeLog for details (in freeradius-doc subpackage).
* Tue Aug 26 2014 Jitka Plesnikova <jplesnik@redhat.com> - 3.0.3-5
- Perl 5.20 rebuild

2
sources
View File

@ -1 +1 @@
6093be8d2a962035d6b1111789b3447c freeradius-server-3.0.3.tar.bz2
5035eb3a28aeba1fc20da9b2c01ce16e freeradius-server-3.0.4rc2.tar.bz2