Fix five issues
This commit is contained in:
parent
4004751c5f
commit
d2cf93dd4f
401
freeradius-access-union-consistently.patch
Normal file
401
freeradius-access-union-consistently.patch
Normal file
@ -0,0 +1,401 @@
|
||||
From 5e8a69d547461c757abe2870ecbff2aa7a1fea55 Mon Sep 17 00:00:00 2001
|
||||
From: Nikolai Kondrashov <Nikolai.Kondrashov@redhat.com>
|
||||
Date: Wed, 1 Oct 2014 11:51:51 -0400
|
||||
Subject: [PATCH 2/4] Access union value_data members consistently
|
||||
|
||||
Use the same, appropriate union value_data member for each access of
|
||||
BOOLEAN, BYTE and SHORT PW_TYPEs, without assuming they're
|
||||
interchangeable with "integer", as that is only true on little-endian
|
||||
architectures.
|
||||
|
||||
This fixes at least this wimax unit test failure on s390x and ppc64:
|
||||
|
||||
Mismatch in line 11 of src/tests/unit/wimax.txt, got: 1a 0c 00 00 60 b5 01 06 00 02 03 00 expected: 1a 0c 00 00 60 b5 01 06 00 02 03 01
|
||||
---
|
||||
src/lib/print.c | 56 ++++++++++++------
|
||||
src/lib/radius.c | 8 +--
|
||||
src/lib/valuepair.c | 83 +++++++++++++++++++--------
|
||||
src/main/evaluate.c | 4 +-
|
||||
src/main/valuepair.c | 4 ++
|
||||
src/main/xlat.c | 4 +-
|
||||
src/modules/rlm_couchbase/mod.c | 17 +++++-
|
||||
src/modules/rlm_eap/types/rlm_eap_ttls/ttls.c | 4 +-
|
||||
8 files changed, 128 insertions(+), 52 deletions(-)
|
||||
|
||||
diff --git a/src/lib/print.c b/src/lib/print.c
|
||||
index 67263bc..fc1ae42 100644
|
||||
--- a/src/lib/print.c
|
||||
+++ b/src/lib/print.c
|
||||
@@ -314,6 +314,7 @@ size_t vp_data_prints_value(char *out, size_t outlen,
|
||||
char const *a = NULL;
|
||||
time_t t;
|
||||
struct tm s_tm;
|
||||
+ unsigned int i;
|
||||
|
||||
size_t len = 0, freespace = outlen;
|
||||
|
||||
@@ -365,15 +366,24 @@ size_t vp_data_prints_value(char *out, size_t outlen,
|
||||
return fr_print_string(data->strvalue, data_len, out, outlen);
|
||||
|
||||
case PW_TYPE_INTEGER:
|
||||
- case PW_TYPE_BYTE:
|
||||
+ i = data->integer;
|
||||
+ goto print_int;
|
||||
+
|
||||
case PW_TYPE_SHORT:
|
||||
+ i = data->ushort;
|
||||
+ goto print_int;
|
||||
+
|
||||
+ case PW_TYPE_BYTE:
|
||||
+ i = data->byte;
|
||||
+
|
||||
+print_int:
|
||||
/* Normal, non-tagged attribute */
|
||||
- if ((v = dict_valbyattr(da->attr, da->vendor, data->integer)) != NULL) {
|
||||
+ if ((v = dict_valbyattr(da->attr, da->vendor, i)) != NULL) {
|
||||
a = v->name;
|
||||
len = strlen(a);
|
||||
} else {
|
||||
/* should never be truncated */
|
||||
- len = snprintf(buf, sizeof(buf), "%u", data->integer);
|
||||
+ len = snprintf(buf, sizeof(buf), "%u", i);
|
||||
a = buf;
|
||||
}
|
||||
break;
|
||||
@@ -590,12 +600,20 @@ size_t vp_prints_value_json(char *out, size_t outlen, VALUE_PAIR const *vp)
|
||||
if (!vp->da->flags.has_tag) {
|
||||
switch (vp->da->type) {
|
||||
case PW_TYPE_INTEGER:
|
||||
- case PW_TYPE_BYTE:
|
||||
- case PW_TYPE_SHORT:
|
||||
if (vp->da->flags.has_value) break;
|
||||
|
||||
return snprintf(out, freespace, "%u", vp->vp_integer);
|
||||
|
||||
+ case PW_TYPE_SHORT:
|
||||
+ if (vp->da->flags.has_value) break;
|
||||
+
|
||||
+ return snprintf(out, freespace, "%u", (unsigned int) vp->vp_short);
|
||||
+
|
||||
+ case PW_TYPE_BYTE:
|
||||
+ if (vp->da->flags.has_value) break;
|
||||
+
|
||||
+ return snprintf(out, freespace, "%u", (unsigned int) vp->vp_byte);
|
||||
+
|
||||
case PW_TYPE_SIGNED:
|
||||
return snprintf(out, freespace, "%d", vp->vp_signed);
|
||||
|
||||
@@ -834,6 +852,8 @@ void vp_printlist(FILE *fp, VALUE_PAIR const *vp)
|
||||
char *vp_aprint_value(TALLOC_CTX *ctx, VALUE_PAIR const *vp, bool escape)
|
||||
{
|
||||
char *p;
|
||||
+ unsigned int i;
|
||||
+ DICT_VALUE const *dv;
|
||||
|
||||
switch (vp->da->type) {
|
||||
case PW_TYPE_STRING:
|
||||
@@ -860,19 +880,23 @@ char *vp_aprint_value(TALLOC_CTX *ctx, VALUE_PAIR const *vp, bool escape)
|
||||
break;
|
||||
}
|
||||
|
||||
- case PW_TYPE_BYTE:
|
||||
- case PW_TYPE_SHORT:
|
||||
case PW_TYPE_INTEGER:
|
||||
- {
|
||||
- DICT_VALUE *dv;
|
||||
+ i = vp->vp_integer;
|
||||
+ goto print_int;
|
||||
|
||||
- dv = dict_valbyattr(vp->da->attr, vp->da->vendor,
|
||||
- vp->vp_integer);
|
||||
- if (dv) {
|
||||
- p = talloc_typed_strdup(ctx, dv->name);
|
||||
- } else {
|
||||
- p = talloc_typed_asprintf(ctx, "%u", vp->vp_integer);
|
||||
- }
|
||||
+ case PW_TYPE_SHORT:
|
||||
+ i = vp->vp_short;
|
||||
+ goto print_int;
|
||||
+
|
||||
+ case PW_TYPE_BYTE:
|
||||
+ i = vp->vp_byte;
|
||||
+
|
||||
+ print_int:
|
||||
+ dv = dict_valbyattr(vp->da->attr, vp->da->vendor, i);
|
||||
+ if (dv) {
|
||||
+ p = talloc_typed_strdup(ctx, dv->name);
|
||||
+ } else {
|
||||
+ p = talloc_typed_asprintf(ctx, "%u", i);
|
||||
}
|
||||
break;
|
||||
|
||||
diff --git a/src/lib/radius.c b/src/lib/radius.c
|
||||
index 0a40682..aabc545 100644
|
||||
--- a/src/lib/radius.c
|
||||
+++ b/src/lib/radius.c
|
||||
@@ -3984,18 +3984,18 @@ ssize_t rad_vp2data(uint8_t const **out, VALUE_PAIR const *vp)
|
||||
}
|
||||
|
||||
case PW_TYPE_BOOLEAN:
|
||||
- buffer[0] = vp->vp_integer & 0x01;
|
||||
+ buffer[0] = vp->vp_byte & 0x01;
|
||||
*out = buffer;
|
||||
break;
|
||||
|
||||
case PW_TYPE_BYTE:
|
||||
- buffer[0] = vp->vp_integer & 0xff;
|
||||
+ buffer[0] = vp->vp_byte & 0xff;
|
||||
*out = buffer;
|
||||
break;
|
||||
|
||||
case PW_TYPE_SHORT:
|
||||
- buffer[0] = (vp->vp_integer >> 8) & 0xff;
|
||||
- buffer[1] = vp->vp_integer & 0xff;
|
||||
+ buffer[0] = (vp->vp_short >> 8) & 0xff;
|
||||
+ buffer[1] = vp->vp_short & 0xff;
|
||||
*out = buffer;
|
||||
break;
|
||||
|
||||
diff --git a/src/lib/valuepair.c b/src/lib/valuepair.c
|
||||
index 9dcae70..7d6ee88 100644
|
||||
--- a/src/lib/valuepair.c
|
||||
+++ b/src/lib/valuepair.c
|
||||
@@ -1369,65 +1369,100 @@ int pairparsevalue(VALUE_PAIR *vp, char const *value, size_t inlen)
|
||||
case PW_TYPE_BYTE:
|
||||
{
|
||||
char *p;
|
||||
- vp->length = 1;
|
||||
+ unsigned int i;
|
||||
|
||||
/*
|
||||
* Note that ALL integers are unsigned!
|
||||
*/
|
||||
- vp->vp_integer = fr_strtoul(value, &p);
|
||||
- if (!*p) {
|
||||
- if (vp->vp_integer > 255) {
|
||||
+ i = fr_strtoul(value, &p);
|
||||
+
|
||||
+ /*
|
||||
+ * Look for the named value for the given
|
||||
+ * attribute.
|
||||
+ */
|
||||
+ if (*p && !is_whitespace(p)) {
|
||||
+ if ((dval = dict_valbyname(vp->da->attr, vp->da->vendor, value)) == NULL) {
|
||||
+ fr_strerror_printf("Unknown value '%s' for attribute '%s'", value, vp->da->name);
|
||||
+ return -1;
|
||||
+ }
|
||||
+
|
||||
+ vp->vp_byte = dval->value;
|
||||
+ } else {
|
||||
+ if (i > 255) {
|
||||
fr_strerror_printf("Byte value \"%s\" is larger than 255", value);
|
||||
return -1;
|
||||
}
|
||||
- break;
|
||||
+
|
||||
+ vp->vp_byte = i;
|
||||
}
|
||||
- if (is_whitespace(p)) break;
|
||||
+
|
||||
+ vp->length = 1;
|
||||
+ break;
|
||||
}
|
||||
- goto check_for_value;
|
||||
|
||||
case PW_TYPE_SHORT:
|
||||
{
|
||||
char *p;
|
||||
+ unsigned int i;
|
||||
|
||||
/*
|
||||
* Note that ALL integers are unsigned!
|
||||
*/
|
||||
- vp->vp_integer = fr_strtoul(value, &p);
|
||||
- vp->length = 2;
|
||||
- if (!*p) {
|
||||
- if (vp->vp_integer > 65535) {
|
||||
- fr_strerror_printf("Byte value \"%s\" is larger than 65535", value);
|
||||
+ i = fr_strtoul(value, &p);
|
||||
+
|
||||
+ /*
|
||||
+ * Look for the named value for the given
|
||||
+ * attribute.
|
||||
+ */
|
||||
+ if (*p && !is_whitespace(p)) {
|
||||
+ if ((dval = dict_valbyname(vp->da->attr, vp->da->vendor, value)) == NULL) {
|
||||
+ fr_strerror_printf("Unknown value '%s' for attribute '%s'", value, vp->da->name);
|
||||
return -1;
|
||||
}
|
||||
- break;
|
||||
+
|
||||
+ vp->vp_short = dval->value;
|
||||
+ } else {
|
||||
+ if (i > 65535) {
|
||||
+ fr_strerror_printf("Short value \"%s\" is larger than 65535", value);
|
||||
+ return -1;
|
||||
+ }
|
||||
+
|
||||
+ vp->vp_short = i;
|
||||
}
|
||||
- if (is_whitespace(p)) break;
|
||||
+
|
||||
+ vp->length = 2;
|
||||
+ break;
|
||||
}
|
||||
- goto check_for_value;
|
||||
|
||||
case PW_TYPE_INTEGER:
|
||||
{
|
||||
char *p;
|
||||
+ unsigned int i;
|
||||
|
||||
/*
|
||||
* Note that ALL integers are unsigned!
|
||||
*/
|
||||
- vp->vp_integer = fr_strtoul(value, &p);
|
||||
- vp->length = 4;
|
||||
- if (!*p) break;
|
||||
- if (is_whitespace(p)) break;
|
||||
+ i = fr_strtoul(value, &p);
|
||||
|
||||
- check_for_value:
|
||||
/*
|
||||
* Look for the named value for the given
|
||||
* attribute.
|
||||
*/
|
||||
- if ((dval = dict_valbyname(vp->da->attr, vp->da->vendor, value)) == NULL) {
|
||||
- fr_strerror_printf("Unknown value '%s' for attribute '%s'", value, vp->da->name);
|
||||
- return -1;
|
||||
+ if (*p && !is_whitespace(p)) {
|
||||
+ if ((dval = dict_valbyname(vp->da->attr, vp->da->vendor, value)) == NULL) {
|
||||
+ fr_strerror_printf("Unknown value '%s' for attribute '%s'", value, vp->da->name);
|
||||
+ return -1;
|
||||
+ }
|
||||
+
|
||||
+ vp->vp_integer = dval->value;
|
||||
+ } else {
|
||||
+ /*
|
||||
+ * Value is always within the limits
|
||||
+ */
|
||||
+ vp->vp_integer = i;
|
||||
}
|
||||
- vp->vp_integer = dval->value;
|
||||
+
|
||||
+ vp->length = 4;
|
||||
}
|
||||
break;
|
||||
|
||||
diff --git a/src/main/evaluate.c b/src/main/evaluate.c
|
||||
index 5cf597d..a100c70 100644
|
||||
--- a/src/main/evaluate.c
|
||||
+++ b/src/main/evaluate.c
|
||||
@@ -485,11 +485,11 @@ static int do_cast_copy(VALUE_PAIR *dst, VALUE_PAIR const *src)
|
||||
break;
|
||||
|
||||
case PW_TYPE_SHORT:
|
||||
- dst->vp_integer = ntohs(*(uint16_t const *) src->vp_octets);
|
||||
+ dst->vp_short = ntohs(*(uint16_t const *) src->vp_octets);
|
||||
break;
|
||||
|
||||
case PW_TYPE_BYTE:
|
||||
- dst->vp_integer = src->vp_octets[0];
|
||||
+ dst->vp_byte = src->vp_octets[0];
|
||||
break;
|
||||
|
||||
default:
|
||||
diff --git a/src/main/valuepair.c b/src/main/valuepair.c
|
||||
index dc2bfc7..2dd517a 100644
|
||||
--- a/src/main/valuepair.c
|
||||
+++ b/src/main/valuepair.c
|
||||
@@ -180,7 +180,11 @@ int radius_compare_vps(UNUSED REQUEST *request, VALUE_PAIR *check, VALUE_PAIR *v
|
||||
break;
|
||||
|
||||
case PW_TYPE_BYTE:
|
||||
+ ret = vp->vp_byte - check->vp_byte;
|
||||
+ break;
|
||||
case PW_TYPE_SHORT:
|
||||
+ ret = vp->vp_short - check->vp_short;
|
||||
+ break;
|
||||
case PW_TYPE_INTEGER:
|
||||
ret = vp->vp_integer - check->vp_integer;
|
||||
break;
|
||||
diff --git a/src/main/xlat.c b/src/main/xlat.c
|
||||
index f2c8aff..a069919 100644
|
||||
--- a/src/main/xlat.c
|
||||
+++ b/src/main/xlat.c
|
||||
@@ -177,9 +177,11 @@ static ssize_t xlat_integer(UNUSED void *instance, REQUEST *request,
|
||||
|
||||
case PW_TYPE_INTEGER:
|
||||
case PW_TYPE_DATE:
|
||||
+ return snprintf(out, outlen, "%u", vp->vp_integer);
|
||||
case PW_TYPE_BYTE:
|
||||
+ return snprintf(out, outlen, "%u", (unsigned int) vp->vp_byte);
|
||||
case PW_TYPE_SHORT:
|
||||
- return snprintf(out, outlen, "%u", vp->vp_integer);
|
||||
+ return snprintf(out, outlen, "%u", (unsigned int) vp->vp_short);
|
||||
|
||||
/*
|
||||
* Ethernet is weird... It's network related, so we assume to it should be
|
||||
diff --git a/src/modules/rlm_couchbase/mod.c b/src/modules/rlm_couchbase/mod.c
|
||||
index cc14677..36406a0 100644
|
||||
--- a/src/modules/rlm_couchbase/mod.c
|
||||
+++ b/src/modules/rlm_couchbase/mod.c
|
||||
@@ -296,22 +296,33 @@ json_object *mod_value_pair_to_json_object(REQUEST *request, VALUE_PAIR *vp)
|
||||
|
||||
/* add this attribute/value pair to our json output */
|
||||
if (!vp->da->flags.has_tag) {
|
||||
+ unsigned int i;
|
||||
+
|
||||
switch (vp->da->type) {
|
||||
case PW_TYPE_INTEGER:
|
||||
- case PW_TYPE_BYTE:
|
||||
+ i = vp->vp_integer;
|
||||
+ goto print_int;
|
||||
+
|
||||
case PW_TYPE_SHORT:
|
||||
+ i = vp->vp_short;
|
||||
+ goto print_int;
|
||||
+
|
||||
+ case PW_TYPE_BYTE:
|
||||
+ i = vp->vp_byte;
|
||||
+
|
||||
+ print_int:
|
||||
/* skip if we have flags */
|
||||
if (vp->da->flags.has_value) break;
|
||||
#ifdef HAVE_JSON_OBJECT_NEW_INT64
|
||||
/* debug */
|
||||
RDEBUG3("creating new int64 for unsigned 32 bit int/byte/short '%s'", vp->da->name);
|
||||
/* return as 64 bit int - JSON spec does not support unsigned ints */
|
||||
- return json_object_new_int64(vp->vp_integer);
|
||||
+ return json_object_new_int64(i);
|
||||
#else
|
||||
/* debug */
|
||||
RDEBUG3("creating new int for unsigned 32 bit int/byte/short '%s'", vp->da->name);
|
||||
/* return as 64 bit int - JSON spec does not support unsigned ints */
|
||||
- return json_object_new_int(vp->vp_integer);
|
||||
+ return json_object_new_int(i);
|
||||
#endif
|
||||
break;
|
||||
case PW_TYPE_SIGNED:
|
||||
diff --git a/src/modules/rlm_eap/types/rlm_eap_ttls/ttls.c b/src/modules/rlm_eap/types/rlm_eap_ttls/ttls.c
|
||||
index 152f4ca..55e8e14 100644
|
||||
--- a/src/modules/rlm_eap/types/rlm_eap_ttls/ttls.c
|
||||
+++ b/src/modules/rlm_eap/types/rlm_eap_ttls/ttls.c
|
||||
@@ -325,12 +325,12 @@ static VALUE_PAIR *diameter2vp(REQUEST *request, REQUEST *fake, SSL *ssl,
|
||||
|
||||
case PW_TYPE_BYTE:
|
||||
if (size != vp->length) goto raw;
|
||||
- vp->vp_integer = data[0];
|
||||
+ vp->vp_byte = data[0];
|
||||
break;
|
||||
|
||||
case PW_TYPE_SHORT:
|
||||
if (size != vp->length) goto raw;
|
||||
- vp->vp_integer = (data[0] * 256) + data[1];
|
||||
+ vp->vp_short = (data[0] * 256) + data[1];
|
||||
break;
|
||||
|
||||
case PW_TYPE_SIGNED:
|
||||
--
|
||||
2.1.0
|
||||
|
50
freeradius-dont-detach-after-perl_parse.patch
Normal file
50
freeradius-dont-detach-after-perl_parse.patch
Normal file
@ -0,0 +1,50 @@
|
||||
From fa9b2cd01fb5dbe583f5063f611a45c9d033a54a Mon Sep 17 00:00:00 2001
|
||||
From: Nikolai Kondrashov <Nikolai.Kondrashov@redhat.com>
|
||||
Date: Tue, 30 Sep 2014 16:19:47 +0300
|
||||
Subject: [PATCH 1/1] perl: Don't call detach after failed perl_parse
|
||||
|
||||
Don't call "detach" callback in rlm_perl, if perl_parse of the Perl
|
||||
module failed.
|
||||
|
||||
This fixes segfault when the module file cannot be read:
|
||||
|
||||
Can't open perl script "/etc/raddb/mods-config/perl/example.pl": Permission denied
|
||||
rlm_perl: perl_parse failed: /etc/raddb/mods-config/perl/example.pl not found or has syntax errors.
|
||||
/etc/raddb/mods-enabled/perl[7]: Instantiation failed for module "perl"
|
||||
Segmentation fault
|
||||
---
|
||||
src/modules/rlm_perl/rlm_perl.c | 4 +++-
|
||||
1 file changed, 3 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/modules/rlm_perl/rlm_perl.c b/src/modules/rlm_perl/rlm_perl.c
|
||||
index d423524..039d7c8 100644
|
||||
--- a/src/modules/rlm_perl/rlm_perl.c
|
||||
+++ b/src/modules/rlm_perl/rlm_perl.c
|
||||
@@ -73,6 +73,7 @@ typedef struct rlm_perl_t {
|
||||
char const *xlat_name;
|
||||
char const *perl_flags;
|
||||
PerlInterpreter *perl;
|
||||
+ bool perl_parsed;
|
||||
pthread_key_t *thread_key;
|
||||
|
||||
#ifdef USE_ITHREADS
|
||||
@@ -538,6 +539,7 @@ static int mod_instantiate(CONF_SECTION *conf, void *instance)
|
||||
PL_endav = (AV *)NULL;
|
||||
|
||||
if(!exitstatus) {
|
||||
+ inst->perl_parsed = true;
|
||||
perl_run(inst->perl);
|
||||
} else {
|
||||
ERROR("rlm_perl: perl_parse failed: %s not found or has syntax errors. \n", inst->module);
|
||||
@@ -1012,7 +1014,7 @@ static int mod_detach(void *instance)
|
||||
}
|
||||
#endif
|
||||
|
||||
- if (inst->func_detach) {
|
||||
+ if (inst->perl_parsed && inst->func_detach) {
|
||||
dTHXa(inst->perl);
|
||||
PERL_SET_CONTEXT(inst->perl);
|
||||
{
|
||||
--
|
||||
2.1.0
|
||||
|
46
freeradius-dont-swap-uint128-printing-on-be.patch
Normal file
46
freeradius-dont-swap-uint128-printing-on-be.patch
Normal file
@ -0,0 +1,46 @@
|
||||
From 168275c3f4ffe9d0e09ed7a3789b45b440416f73 Mon Sep 17 00:00:00 2001
|
||||
From: Nikolai Kondrashov <Nikolai.Kondrashov@redhat.com>
|
||||
Date: Wed, 1 Oct 2014 16:32:11 +0300
|
||||
Subject: [PATCH 4/4] Don't assume little-endian in fr_prints_uint128
|
||||
|
||||
Add handling of big-endian architectures to fr_prints_uint128.
|
||||
---
|
||||
src/lib/misc.c | 13 ++++++++++---
|
||||
1 file changed, 10 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/src/lib/misc.c b/src/lib/misc.c
|
||||
index 66171ff..d0ccd6c 100644
|
||||
--- a/src/lib/misc.c
|
||||
+++ b/src/lib/misc.c
|
||||
@@ -1366,6 +1366,13 @@ size_t fr_prints_uint128(char *out, size_t outlen, uint128_t const num)
|
||||
uint64_t n[2];
|
||||
char *p = buff;
|
||||
int i;
|
||||
+#ifdef RADIUS_LITTLE_ENDIAN
|
||||
+ const size_t l = 0;
|
||||
+ const size_t h = 1;
|
||||
+#else
|
||||
+ const size_t l = 1;
|
||||
+ const size_t h = 0;
|
||||
+#endif
|
||||
|
||||
memset(buff, '0', sizeof(buff) - 1);
|
||||
buff[sizeof(buff) - 1] = '\0';
|
||||
@@ -1376,11 +1383,11 @@ size_t fr_prints_uint128(char *out, size_t outlen, uint128_t const num)
|
||||
ssize_t j;
|
||||
int carry;
|
||||
|
||||
- carry = (n[1] >= 0x8000000000000000);
|
||||
+ carry = (n[h] >= 0x8000000000000000);
|
||||
|
||||
// Shift n[] left, doubling it
|
||||
- n[1] = ((n[1] << 1) & 0xffffffffffffffff) + (n[0] >= 0x8000000000000000);
|
||||
- n[0] = ((n[0] << 1) & 0xffffffffffffffff);
|
||||
+ n[h] = ((n[h] << 1) & 0xffffffffffffffff) + (n[l] >= 0x8000000000000000);
|
||||
+ n[l] = ((n[l] << 1) & 0xffffffffffffffff);
|
||||
|
||||
// Add s[] to itself in decimal, doubling it
|
||||
for (j = sizeof(buff) - 2; j >= 0; j--) {
|
||||
--
|
||||
2.1.0
|
||||
|
27
freeradius-dont-truncate-uint64.patch
Normal file
27
freeradius-dont-truncate-uint64.patch
Normal file
@ -0,0 +1,27 @@
|
||||
From de77beacf1c0bd64335f0f949af9da71437d3ba5 Mon Sep 17 00:00:00 2001
|
||||
From: Nikolai Kondrashov <Nikolai.Kondrashov@redhat.com>
|
||||
Date: Tue, 30 Sep 2014 22:27:36 +0300
|
||||
Subject: [PATCH 1/4] Don't truncate 64-bit integers in do_cast_copy
|
||||
|
||||
Assign converted octets to vp_integer64, instead of vp_integer to avoid
|
||||
truncation in do_cast_copy.
|
||||
---
|
||||
src/main/evaluate.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/main/evaluate.c b/src/main/evaluate.c
|
||||
index f91d482..5cf597d 100644
|
||||
--- a/src/main/evaluate.c
|
||||
+++ b/src/main/evaluate.c
|
||||
@@ -475,7 +475,7 @@ static int do_cast_copy(VALUE_PAIR *dst, VALUE_PAIR const *src)
|
||||
do_octets:
|
||||
switch (dst->da->type) {
|
||||
case PW_TYPE_INTEGER64:
|
||||
- dst->vp_integer = ntohll(*(uint64_t const *) src->vp_octets);
|
||||
+ dst->vp_integer64 = ntohll(*(uint64_t const *) src->vp_octets);
|
||||
break;
|
||||
|
||||
case PW_TYPE_INTEGER:
|
||||
--
|
||||
2.1.0
|
||||
|
40
freeradius-fix-dhcp-dictionary-loading.patch
Normal file
40
freeradius-fix-dhcp-dictionary-loading.patch
Normal file
@ -0,0 +1,40 @@
|
||||
From dda57af171687d60e21e8e2620e87b25939d0c29 Mon Sep 17 00:00:00 2001
|
||||
From: Nikolai Kondrashov <Nikolai.Kondrashov@redhat.com>
|
||||
Date: Mon, 6 Oct 2014 17:00:25 +0300
|
||||
Subject: [PATCH 1/1] dhcpclient: Load dictionary.dhcp from DICTDIR.
|
||||
|
||||
Load dictionary.dhcp from DICTDIR instead of RADDBDIR in dhcpclient.c,
|
||||
as it is found only in the former.
|
||||
|
||||
This fixes the following error printed when invoking dhcpclient:
|
||||
|
||||
Failed reading dictionary.dhcp: dict_init: Couldn't open dictionary
|
||||
"/etc/raddb/dictionary.dhcp": No such file or directory
|
||||
---
|
||||
src/modules/proto_dhcp/dhcpclient.c | 3 ++-
|
||||
1 file changed, 2 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/modules/proto_dhcp/dhcpclient.c b/src/modules/proto_dhcp/dhcpclient.c
|
||||
index b29b9a2..ac52ffd 100644
|
||||
--- a/src/modules/proto_dhcp/dhcpclient.c
|
||||
+++ b/src/modules/proto_dhcp/dhcpclient.c
|
||||
@@ -264,6 +264,7 @@ int main(int argc, char **argv)
|
||||
char *p;
|
||||
int c;
|
||||
char const *radius_dir = RADDBDIR;
|
||||
+ char const *dict_dir = DICTDIR;
|
||||
char const *filename = NULL;
|
||||
DICT_ATTR const *da;
|
||||
|
||||
@@ -315,7 +316,7 @@ int main(int argc, char **argv)
|
||||
*/
|
||||
da = dict_attrbyname("DHCP-Message-Type");
|
||||
if (!da) {
|
||||
- if (dict_read(radius_dir, "dictionary.dhcp") < 0) {
|
||||
+ if (dict_read(dict_dir, "dictionary.dhcp") < 0) {
|
||||
fprintf(stderr, "Failed reading dictionary.dhcp: %s",
|
||||
fr_strerror());
|
||||
return -1;
|
||||
--
|
||||
2.1.1
|
||||
|
168
freeradius-prefix-endian-macros.patch
Normal file
168
freeradius-prefix-endian-macros.patch
Normal file
@ -0,0 +1,168 @@
|
||||
From 4a906c702ac31da5977eba6698fa5435474cb47f Mon Sep 17 00:00:00 2001
|
||||
From: Nikolai Kondrashov <Nikolai.Kondrashov@redhat.com>
|
||||
Date: Wed, 1 Oct 2014 15:11:12 +0300
|
||||
Subject: [PATCH 3/4] Prefix *_ENDIAN macros with RADIUS_
|
||||
|
||||
Rename LITTLE_ENDIAN and BIG_ENDIAN macros to RADIUS_LITTLE_ENDIAN and
|
||||
RADIUS_BIG_ENDIAN respectively to avoid clashes with
|
||||
/usr/include/endian.h defines, which result in always assuming
|
||||
little-endian architecture.
|
||||
---
|
||||
configure | 4 ++--
|
||||
configure.ac | 4 ++--
|
||||
src/include/autoconf.h.in | 16 ++++++++--------
|
||||
src/include/build.h | 6 +++---
|
||||
src/include/missing-h | 4 ++--
|
||||
src/lib/missing.c | 2 +-
|
||||
src/main/version.c | 4 ++--
|
||||
7 files changed, 20 insertions(+), 20 deletions(-)
|
||||
|
||||
diff --git a/configure b/configure
|
||||
index f15072d..1b54efd 100755
|
||||
--- a/configure
|
||||
+++ b/configure
|
||||
@@ -4771,11 +4771,11 @@ $as_echo "$ac_cv_c_bigendian" >&6; }
|
||||
case $ac_cv_c_bigendian in #(
|
||||
yes)
|
||||
|
||||
-$as_echo "#define BIG_ENDIAN 1" >>confdefs.h
|
||||
+$as_echo "#define RADIUS_BIG_ENDIAN 1" >>confdefs.h
|
||||
;; #(
|
||||
no)
|
||||
|
||||
-$as_echo "#define LITTLE_ENDIAN 1" >>confdefs.h
|
||||
+$as_echo "#define RADIUS_LITTLE_ENDIAN 1" >>confdefs.h
|
||||
|
||||
;; #(
|
||||
universal)
|
||||
diff --git a/configure.ac b/configure.ac
|
||||
index 76466ec..30b226b 100644
|
||||
--- a/configure.ac
|
||||
+++ b/configure.ac
|
||||
@@ -167,8 +167,8 @@ dnl # check for system bytesex
|
||||
dnl # AC_DEFINES WORDS_BIGENDIAN
|
||||
dnl #
|
||||
AC_C_BIGENDIAN(
|
||||
- [AC_DEFINE(BIG_ENDIAN, 1, [Define if your processor stores words with the most significant byte first])],
|
||||
- [AC_DEFINE(LITTLE_ENDIAN, 1, [Define if your processor stores words with the least significant byte first])]
|
||||
+ [AC_DEFINE(RADIUS_BIG_ENDIAN, 1, [Define if your processor stores words with the most significant byte first])],
|
||||
+ [AC_DEFINE(RADIUS_LITTLE_ENDIAN, 1, [Define if your processor stores words with the least significant byte first])]
|
||||
)
|
||||
|
||||
dnl #
|
||||
diff --git a/src/include/autoconf.h.in b/src/include/autoconf.h.in
|
||||
index 6e6e355..c313bca 100644
|
||||
--- a/src/include/autoconf.h.in
|
||||
+++ b/src/include/autoconf.h.in
|
||||
@@ -3,10 +3,6 @@
|
||||
/* Define if building universal (internal helper macro) */
|
||||
#undef AC_APPLE_UNIVERSAL_BUILD
|
||||
|
||||
-/* Define if your processor stores words with the most significant byte first
|
||||
- */
|
||||
-#undef BIG_ENDIAN
|
||||
-
|
||||
/* BSD-Style get*byaddr_r */
|
||||
#undef BSDSTYLE
|
||||
|
||||
@@ -443,10 +439,6 @@
|
||||
/* compiler specific 128 bit unsigned integer */
|
||||
#undef HAVE___UINT128_T
|
||||
|
||||
-/* Define if your processor stores words with the least significant byte first
|
||||
- */
|
||||
-#undef LITTLE_ENDIAN
|
||||
-
|
||||
/* define if you have OSFC2 authentication */
|
||||
#undef OSFC2
|
||||
|
||||
@@ -483,6 +475,14 @@
|
||||
/* Raw version string from VERSION file */
|
||||
#undef RADIUSD_VERSION_STRING
|
||||
|
||||
+/* Define if your processor stores words with the most significant byte first
|
||||
+ */
|
||||
+#undef RADIUS_BIG_ENDIAN
|
||||
+
|
||||
+/* Define if your processor stores words with the least significant byte first
|
||||
+ */
|
||||
+#undef RADIUS_LITTLE_ENDIAN
|
||||
+
|
||||
/* Define as the return type of signal handlers (`int' or `void'). */
|
||||
#undef RETSIGTYPE
|
||||
|
||||
diff --git a/src/include/build.h b/src/include/build.h
|
||||
index 66c3087..4c1bf1a 100644
|
||||
--- a/src/include/build.h
|
||||
+++ b/src/include/build.h
|
||||
@@ -105,13 +105,13 @@ extern "C" {
|
||||
* Here at least the endianess can be set explicitly with
|
||||
* -DLITTLE_ENDIAN or -DBIG_ENDIAN.
|
||||
*/
|
||||
-#if !defined(LITTLE_ENDIAN) && !defined(BIG_ENDIAN)
|
||||
+#if !defined(RADIUS_LITTLE_ENDIAN) && !defined(RADIUS_BIG_ENDIAN)
|
||||
# if defined(__LITTLE_ENDIAN__) || \
|
||||
(defined(__BYTE_ORDER__) && (__BYTE_ORDER__ == __ORDER_LITTLE_ENDIAN__))
|
||||
-# define LITTLE_ENDIAN 1
|
||||
+# define RADIUS_LITTLE_ENDIAN 1
|
||||
# elif defined(__BIG_ENDIAN__) || \
|
||||
(defined(__BYTE_ORDER__) && (__BYTE_ORDER__ == __ORDER_BIG_ENDIAN__))
|
||||
-# define BIG_ENDIAN 1
|
||||
+# define RADIUS_BIG_ENDIAN 1
|
||||
# else
|
||||
# error Failed determining endianness of system
|
||||
# endif
|
||||
diff --git a/src/include/missing-h b/src/include/missing-h
|
||||
index 3f286a4..7136172 100644
|
||||
--- a/src/include/missing-h
|
||||
+++ b/src/include/missing-h
|
||||
@@ -424,7 +424,7 @@ typedef struct int128_t { uint8_t v[16]; } int128_t;
|
||||
|
||||
/* abcd efgh -> dcba hgfe -> hgfe dcba */
|
||||
#ifndef HAVE_HTON_LL
|
||||
-# ifdef LITTLE_ENDIAN
|
||||
+# ifdef RADIUS_LITTLE_ENDIAN
|
||||
# ifdef HAVE_BUILTIN_BSWAP64
|
||||
# define ntohll(x) __builtin_bswap64(x)
|
||||
# else
|
||||
@@ -437,7 +437,7 @@ typedef struct int128_t { uint8_t v[16]; } int128_t;
|
||||
#endif
|
||||
|
||||
#ifndef HAVE_HTON_LLL
|
||||
-# ifdef LITTLE_ENDIAN
|
||||
+# ifdef RADIUS_LITTLE_ENDIAN
|
||||
# ifdef HAVE_128BIT_INTEGERS
|
||||
# define ntohlll(x) (((uint128_t)ntohll((uint64_t)(x >> 64))) | (((uint128_t)ntohll(((uint64_t) x)) << 64)))
|
||||
# else
|
||||
diff --git a/src/lib/missing.c b/src/lib/missing.c
|
||||
index 4598c8f..efd5461 100644
|
||||
--- a/src/lib/missing.c
|
||||
+++ b/src/lib/missing.c
|
||||
@@ -273,7 +273,7 @@ ntp2timeval(struct timeval *tv, char const *ntp)
|
||||
tv->tv_usec = usec / 4295; /* close enough */
|
||||
}
|
||||
|
||||
-#if !defined(HAVE_128BIT_INTEGERS) && defined(LITTLE_ENDIAN)
|
||||
+#if !defined(HAVE_128BIT_INTEGERS) && defined(RADIUS_LITTLE_ENDIAN)
|
||||
/** Swap byte order of 128 bit integer
|
||||
*
|
||||
* @param num 128bit integer to swap.
|
||||
diff --git a/src/main/version.c b/src/main/version.c
|
||||
index 0aba383..8b56ffa 100644
|
||||
--- a/src/main/version.c
|
||||
+++ b/src/main/version.c
|
||||
@@ -276,9 +276,9 @@ void version(void)
|
||||
DEBUG3(" 0x%llx", (unsigned long long) libmagic);
|
||||
|
||||
DEBUG3("Endianess:");
|
||||
-#if defined(LITTLE_ENDIAN)
|
||||
+#if defined(RADIUS_LITTLE_ENDIAN)
|
||||
DEBUG3(" little");
|
||||
-#elif defined(BIG_ENDIAN)
|
||||
+#elif defined(RADIUS_BIG_ENDIAN)
|
||||
DEBUG3(" big");
|
||||
#else
|
||||
DEBUG3(" unknown");
|
||||
--
|
||||
2.1.0
|
||||
|
48
freeradius-talloc-dummy-request.patch
Normal file
48
freeradius-talloc-dummy-request.patch
Normal file
@ -0,0 +1,48 @@
|
||||
From 03c5915208234255484ece4c233c9e252776e3a3 Mon Sep 17 00:00:00 2001
|
||||
From: Nikolai Kondrashov <Nikolai.Kondrashov@redhat.com>
|
||||
Date: Mon, 29 Sep 2014 17:40:10 +0300
|
||||
Subject: [PATCH 1/1] process: Talloc home_trigger dummy request
|
||||
|
||||
Allocate the dummy request in home_trigger with talloc, instead of
|
||||
allocating it on the stack, as the rest of the code expects it to be a
|
||||
valid talloc context.
|
||||
|
||||
This fixes a talloc_abort resulting from xlat_tokenize_request invoking
|
||||
talloc_typed_strdup with the dummy request as the talloc context.
|
||||
---
|
||||
src/main/process.c | 17 +++++++++--------
|
||||
1 file changed, 9 insertions(+), 8 deletions(-)
|
||||
|
||||
diff --git a/src/main/process.c b/src/main/process.c
|
||||
index 76ce4ea..7e1a51e 100644
|
||||
--- a/src/main/process.c
|
||||
+++ b/src/main/process.c
|
||||
@@ -3212,16 +3212,17 @@ static void ping_home_server(void *ctx)
|
||||
|
||||
static void home_trigger(home_server_t *home, char const *trigger)
|
||||
{
|
||||
- REQUEST my_request;
|
||||
- RADIUS_PACKET my_packet;
|
||||
+ REQUEST *my_request;
|
||||
+ RADIUS_PACKET *my_packet;
|
||||
|
||||
- memset(&my_request, 0, sizeof(my_request));
|
||||
- memset(&my_packet, 0, sizeof(my_packet));
|
||||
- my_request.proxy = &my_packet;
|
||||
- my_packet.dst_ipaddr = home->ipaddr;
|
||||
- my_packet.src_ipaddr = home->src_ipaddr;
|
||||
+ my_request = talloc_zero(NULL, REQUEST);
|
||||
+ my_packet = talloc_zero(my_request, RADIUS_PACKET);
|
||||
+ my_request->proxy = my_packet;
|
||||
+ my_packet->dst_ipaddr = home->ipaddr;
|
||||
+ my_packet->src_ipaddr = home->src_ipaddr;
|
||||
|
||||
- exec_trigger(&my_request, home->cs, trigger, false);
|
||||
+ exec_trigger(my_request, home->cs, trigger, false);
|
||||
+ talloc_free(my_request);
|
||||
}
|
||||
|
||||
static void mark_home_server_zombie(home_server_t *home, struct timeval *now, struct timeval *response_window)
|
||||
--
|
||||
2.1.0
|
||||
|
@ -1,7 +1,7 @@
|
||||
Summary: High-performance and highly configurable free RADIUS server
|
||||
Name: freeradius
|
||||
Version: 3.0.4
|
||||
Release: 1%{?dist}
|
||||
Release: 2%{?dist}
|
||||
License: GPLv2+ and LGPLv2+
|
||||
Group: System Environment/Daemons
|
||||
URL: http://www.freeradius.org/
|
||||
@ -24,6 +24,13 @@ Source104: freeradius-tmpfiles.conf
|
||||
Patch1: freeradius-redhat-config.patch
|
||||
Patch2: freeradius-postgres-sql.patch
|
||||
Patch3: freeradius-heartbleed-confirm.patch
|
||||
Patch4: freeradius-talloc-dummy-request.patch
|
||||
Patch5: freeradius-dont-detach-after-perl_parse.patch
|
||||
Patch6: freeradius-access-union-consistently.patch
|
||||
Patch7: freeradius-dont-truncate-uint64.patch
|
||||
Patch8: freeradius-prefix-endian-macros.patch
|
||||
Patch9: freeradius-dont-swap-uint128-printing-on-be.patch
|
||||
Patch10: freeradius-fix-dhcp-dictionary-loading.patch
|
||||
|
||||
%global docdir %{?_pkgdocdir}%{!?_pkgdocdir:%{_docdir}/%{name}-%{version}}
|
||||
|
||||
@ -183,6 +190,13 @@ This plugin provides the unixODBC support for the FreeRADIUS server project.
|
||||
%patch1 -p1
|
||||
%patch2 -p1
|
||||
%patch3 -p1
|
||||
%patch4 -p1
|
||||
%patch5 -p1
|
||||
%patch6 -p1
|
||||
%patch7 -p1
|
||||
%patch8 -p1
|
||||
%patch9 -p1
|
||||
%patch10 -p1
|
||||
|
||||
%build
|
||||
# Force compile/link options, extra security for network facing daemon
|
||||
@ -658,7 +672,7 @@ exit 0
|
||||
%attr(640,root,radiusd) %config(noreplace) /etc/raddb/mods-available/perl
|
||||
|
||||
%dir %attr(750,root,radiusd) /etc/raddb/mods-config/perl
|
||||
/etc/raddb/mods-config/perl/example.pl
|
||||
%attr(640,root,radiusd) /etc/raddb/mods-config/perl/example.pl
|
||||
|
||||
%{_libdir}/freeradius/rlm_perl.so
|
||||
|
||||
@ -764,6 +778,13 @@ exit 0
|
||||
%{_libdir}/freeradius/rlm_sql_unixodbc.so
|
||||
|
||||
%changelog
|
||||
* Mon Oct 6 2014 Nikolai Kondrashov <Nikolai.Kondrashov@redhat.com> - 3.0.4-2
|
||||
- Fix abort on home server triggers.
|
||||
- Fix segfault upon example.pl read failure.
|
||||
- Fix example.pl permissions.
|
||||
- Fix integer handling in various cases.
|
||||
- Fix dhcpclient's dictionary.dhcp loading.
|
||||
|
||||
* Mon Sep 15 2014 Nikolai Kondrashov <Nikolai.Kondrashov@redhat.com> - 3.0.4-1
|
||||
- Upgrade to upstream 3.0.4 release.
|
||||
See upstream ChangeLog for details (in freeradius-doc subpackage).
|
||||
|
Loading…
Reference in New Issue
Block a user