Rebase to FreeRADIUS 3.2.5
Resolves: RHEL-46784 Signed-off-by: Antonio Torres <antorres@redhat.com>
This commit is contained in:
parent
d8e14017e6
commit
58d6a6708a
1
.gitignore
vendored
1
.gitignore
vendored
@ -42,3 +42,4 @@ freeradius-*.src.rpm
|
||||
/freeradius-server-3.2.1.tar.bz2
|
||||
/freeradius-server-3.2.2.tar.bz2
|
||||
/freeradius-server-3.2.3.tar.bz2
|
||||
/freeradius-server-3.2.5.tar.bz2
|
||||
|
55
freeradius-disable-openssl-engine.patch
Normal file
55
freeradius-disable-openssl-engine.patch
Normal file
@ -0,0 +1,55 @@
|
||||
From: Antonio Torres <antorres@redhat.com>
|
||||
Date: Wed, 10 Jul 2024
|
||||
Subject: Remove OpenSSL Engine usage
|
||||
|
||||
Engine functionality from OpenSSL is deprecated and shouldn't be used.
|
||||
|
||||
Related: https://gitlab.com/redhat/centos-stream/rpms/openssl/-/merge_requests/144
|
||||
Signed-off-by: Antonio Torres <antorres@redhat.com>
|
||||
---
|
||||
configure | 2 +-
|
||||
configure.ac | 3 +--
|
||||
src/include/tls-h | 3 ---
|
||||
3 files changed, 2 insertions(+), 6 deletions(-)
|
||||
|
||||
diff --git a/configure b/configure
|
||||
index 5041ca264f..5ccb061a4c 100755
|
||||
--- a/configure
|
||||
+++ b/configure
|
||||
@@ -10515,7 +10515,7 @@ smart_prefix=
|
||||
printf "%s\n" "#define HAVE_OPENSSL_SSL_H 1" >>confdefs.h
|
||||
|
||||
|
||||
- for ac_header in openssl/asn1.h openssl/conf.h openssl/crypto.h openssl/err.h openssl/evp.h openssl/hmac.h openssl/md5.h openssl/md4.h openssl/rand.h openssl/sha.h openssl/ssl.h openssl/ocsp.h openssl/engine.h
|
||||
+ for ac_header in openssl/asn1.h openssl/conf.h openssl/crypto.h openssl/err.h openssl/evp.h openssl/hmac.h openssl/md5.h openssl/md4.h openssl/rand.h openssl/sha.h openssl/ssl.h openssl/ocsp.h
|
||||
do :
|
||||
as_ac_Header=`printf "%s\n" "ac_cv_header_$ac_header" | $as_tr_sh`
|
||||
ac_fn_c_check_header_compile "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default"
|
||||
diff --git a/configure.ac b/configure.ac
|
||||
index a24a8061f6..f6074f694e 100644
|
||||
--- a/configure.ac
|
||||
+++ b/configure.ac
|
||||
@@ -1446,8 +1446,7 @@ if test "x$WITH_OPENSSL" = xyes; then
|
||||
openssl/rand.h \
|
||||
openssl/sha.h \
|
||||
openssl/ssl.h \
|
||||
- openssl/ocsp.h \
|
||||
- openssl/engine.h,
|
||||
+ openssl/ocsp.h,
|
||||
[ OPENSSL_CPPFLAGS="$smart_include" ],
|
||||
[
|
||||
AC_MSG_FAILURE([failed locating OpenSSL headers. Use --with-openssl-include-dir=<path>, or --with-openssl=no (builds without OpenSSL)])
|
||||
diff --git a/src/include/tls-h b/src/include/tls-h
|
||||
index 506fb19778..b195ec9fdb 100644
|
||||
--- a/src/include/tls-h
|
||||
+++ b/src/include/tls-h
|
||||
@@ -37,9 +37,6 @@ RCSIDH(tls_h, "$Id$")
|
||||
# define OPENSSL_NO_KRB5
|
||||
#endif
|
||||
#include <openssl/err.h>
|
||||
-#ifdef HAVE_OPENSSL_ENGINE_H
|
||||
-# include <openssl/engine.h>
|
||||
-#endif
|
||||
#include <openssl/ssl.h>
|
||||
|
||||
#ifdef __cplusplus
|
File diff suppressed because it is too large
Load Diff
@ -1,7 +1,7 @@
|
||||
Summary: High-performance and highly configurable free RADIUS server
|
||||
Name: freeradius
|
||||
Version: 3.2.3
|
||||
Release: 7%{?dist}
|
||||
Version: 3.2.5
|
||||
Release: 1%{?dist}
|
||||
License: GPL-2.0-or-later AND LGPL-2.0-or-later
|
||||
URL: http://www.freeradius.org/
|
||||
|
||||
@ -31,6 +31,7 @@ Patch7: freeradius-ease-openssl-version-check.patch
|
||||
Patch8: freeradius-configure-c99.patch
|
||||
Patch9: freeradius-no-antora-docs.patch
|
||||
Patch10: freeradius-no-sql-scripts.patch
|
||||
Patch11: freeradius-disable-openssl-engine.patch
|
||||
|
||||
%global docdir %{?_pkgdocdir}%{!?_pkgdocdir:%{_docdir}/%{name}-%{version}}
|
||||
|
||||
@ -217,6 +218,7 @@ This plugin provides the REST support for the FreeRADIUS server project.
|
||||
%patch 8 -p1
|
||||
%patch 9 -p1
|
||||
%patch 10 -p1
|
||||
%patch 11 -p1
|
||||
|
||||
%build
|
||||
# Force compile/link options, extra security for network facing daemon
|
||||
@ -225,6 +227,9 @@ This plugin provides the REST support for the FreeRADIUS server project.
|
||||
# Enable FIPS support
|
||||
%global build_cflags %{build_cflags} -DWITH_FIPS
|
||||
|
||||
# No OpenSSL Engine as it's deprecated
|
||||
%global build_cflags %{build_cflags} -UHAVE_OPENSSL_ENGINE_H
|
||||
|
||||
%global build_ldflags %{build_ldflags} $(python3-config --embed --libs)
|
||||
export PY3_LIB_DIR="$(python3-config --configdir)"
|
||||
export PY3_INC_DIR="$(python3 -c 'import sysconfig; print(sysconfig.get_config_var("INCLUDEPY"))')"
|
||||
@ -422,6 +427,7 @@ EOF
|
||||
%config(noreplace) /etc/raddb/certs/Makefile
|
||||
%config(noreplace) /etc/raddb/certs/passwords.mk
|
||||
/etc/raddb/certs/README.md
|
||||
/etc/raddb/certs/realms/README.md
|
||||
%config(noreplace) /etc/raddb/certs/xpextensions
|
||||
%attr(640,root,radiusd) %config(noreplace) /etc/raddb/certs/*.cnf
|
||||
%attr(750,root,radiusd) /etc/raddb/certs/bootstrap
|
||||
@ -548,6 +554,7 @@ EOF
|
||||
%attr(640,root,radiusd) %config(noreplace) /etc/raddb/mods-available/utf8
|
||||
%attr(640,root,radiusd) %config(noreplace) /etc/raddb/mods-available/wimax
|
||||
%attr(640,root,radiusd) %config(noreplace) /etc/raddb/mods-available/yubikey
|
||||
%attr(640,root,radiusd) %config(noreplace) /etc/raddb/mods-available/dpsk
|
||||
|
||||
# mods-enabled
|
||||
# symlink: /etc/raddb/mods-enabled/xxx -> ../mods-available/xxx
|
||||
@ -673,6 +680,8 @@ EOF
|
||||
%{_libdir}/freeradius/rlm_utf8.so
|
||||
%{_libdir}/freeradius/rlm_wimax.so
|
||||
%{_libdir}/freeradius/rlm_yubikey.so
|
||||
%{_libdir}/freeradius/rlm_dpsk.so
|
||||
%{_libdir}/freeradius/rlm_eap_teap.so
|
||||
|
||||
# main man pages
|
||||
%doc %{_mandir}/man5/clients.conf.5.gz
|
||||
@ -903,6 +912,10 @@ EOF
|
||||
%attr(640,root,radiusd) %config(noreplace) /etc/raddb/mods-available/rest
|
||||
|
||||
%changelog
|
||||
* Tue Jul 09 2024 Antonio Torres <antorres@redhat.com> - 3.2.5-1
|
||||
- Rebase to release 3.2.5
|
||||
Resolves: RHEL-46784
|
||||
|
||||
* Mon Jun 24 2024 Troy Dawson <tdawson@redhat.com> - 3.2.3-7
|
||||
- Bump release for June 2024 mass rebuild
|
||||
|
||||
|
2
sources
2
sources
@ -1 +1 @@
|
||||
SHA512 (freeradius-server-3.2.3.tar.bz2) = 06767153e262a2baa2d0cc74099bc13c23b33c2316348b5dc8ec0f5834c028571bd09b8c01726a6eabeaab8fdc3050f40bfeba2d5b1c299585d1689abad365ce
|
||||
SHA512 (freeradius-server-3.2.5.tar.bz2) = 55e653630674a957dcd52ae58e5fd7b5a510b84aaa80e0552bce8089221e02f652618b53753f438981472a5f47df7c8426b9a5ecda0b06ad9f4c25b23604c86b
|
||||
|
Loading…
Reference in New Issue
Block a user