[arch-commits] Commit in freeradius/repos (6 files)

Felix Yan felixonmars at archlinux.org
Fri Jan 11 07:45:45 UTC 2019 

    Date: Friday, January 11, 2019 @ 07:45:44
  Author: felixonmars
Revision: 422276

archrelease: copy trunk to community-staging-x86_64

Added:
  freeradius/repos/community-staging-x86_64/
  freeradius/repos/community-staging-x86_64/PKGBUILD
    (from rev 422275, freeradius/trunk/PKGBUILD)
  freeradius/repos/community-staging-x86_64/freeradius-sysusers.conf
    (from rev 422275, freeradius/trunk/freeradius-sysusers.conf)
  freeradius/repos/community-staging-x86_64/freeradius-tmpfiles.conf
    (from rev 422275, freeradius/trunk/freeradius-tmpfiles.conf)
  freeradius/repos/community-staging-x86_64/freeradius.service
    (from rev 422275, freeradius/trunk/freeradius.service)
  freeradius/repos/community-staging-x86_64/openssl-cve.patch
    (from rev 422275, freeradius/trunk/openssl-cve.patch)

--------------------------+
 PKGBUILD                 |   66 +++++++++++++++++++++++++++++++++++++++++++++
 freeradius-sysusers.conf |    1 
 freeradius-tmpfiles.conf |    8 +++++
 freeradius.service       |   19 ++++++++++++
 openssl-cve.patch        |   24 ++++++++++++++++
 5 files changed, 118 insertions(+)

Copied: freeradius/repos/community-staging-x86_64/PKGBUILD (from rev 422275, freeradius/trunk/PKGBUILD)
===================================================================
--- community-staging-x86_64/PKGBUILD	                        (rev 0)
+++ community-staging-x86_64/PKGBUILD	2019-01-11 07:45:44 UTC (rev 422276)
@@ -0,0 +1,66 @@
+# Maintainer: Sergej Pupykin <pupykin.s+arch at gmail.com>
+# Contributor: Jason R Begley (jayray at digitalgoat.com>
+# Contributor: Daniel Micay <danielmicay at gmail.com>
+
+pkgname=freeradius
+pkgver=3.0.17
+pkgrel=8
+pkgdesc='The premier open source RADIUS server'
+arch=('x86_64')
+url="https://freeradius.org/"
+license=('GPL')
+depends=('krb5' 'pth' 'net-snmp' 'postgresql-libs' 'libmariadbclient' 'talloc'
+         'libpcap' 'libwbclient')
+makedepends=('unixodbc' 'python2' 'curl' 'json-c' 'samba')
+optdepends=('unixodbc: for ODBC'
+            'python2: for Python'
+            'json-c: rlm_rest module'
+            'curl: for REST')
+options=('!makeflags')
+validpgpkeys=('BF2384EC6938B9744B03E2A620E37C25995B4F85') # FreeRADIUS - Package Signing [...] <packages at freeradius.org>
+source=("ftp://ftp.freeradius.org/pub/radius/freeradius-server-$pkgver.tar.bz2"{,.sig}
+        'openssl-cve.patch'
+        'freeradius-sysusers.conf'
+        'freeradius-tmpfiles.conf'
+        'freeradius.service')
+sha256sums=('3f03404b6e4a4f410e1f15ea2ababfec7f8a7ae8a49836d8a0c137436d913b96'
+            'SKIP'
+            '57cb7c8e446b914301c0ae42c01cdb7c0b9e56f32ef57e7ea7e6fd6bc0ccb4fc'
+            '573c05df429405d8647f5b52f68f7ad13bf7392314d30154df770ab170d793f8'
+            'f536a9aa972e3e42a6b1a6d8ee17166eb721c7cba2e80f60473811497c7bd8bc'
+            'c469e1a3f9edad769da01c324779babe783ee85a9b53ce4638d3d2d09c7c8d4b')
+
+prepare() {
+  cd "$srcdir"/freeradius-server-$pkgver
+
+  patch -Np1 < ../openssl-cve.patch
+}
+
+build() {
+  cd "$srcdir"/freeradius-server-$pkgver
+
+  ./configure \
+    --prefix=/usr \
+    --sbindir=/usr/bin \
+    --sysconfdir=/etc \
+    --libdir=/usr/lib/freeradius \
+    --localstatedir=/var \
+    --enable-heimdal-krb5 \
+    --with-system-libltdl \
+    --with-system-libtool \
+    --with-udpfromto
+  make
+}
+
+package() {
+  cd "$srcdir"/freeradius-server-$pkgver
+
+  make install R="$pkgdir"
+  chmod o+r "$pkgdir"/etc/raddb/*
+  mv "$pkgdir"/etc/raddb "$pkgdir"/etc/raddb.default
+  rm -rf "$pkgdir"/var/run
+
+  install -D -m0644 "$srcdir"/$pkgname.service "$pkgdir"/usr/lib/systemd/system/$pkgname.service
+  install -D -m0644 "$srcdir"/$pkgname-sysusers.conf "$pkgdir"/usr/lib/sysusers.d/$pkgname.conf
+  install -D -m0644 "$srcdir"/$pkgname-tmpfiles.conf "$pkgdir"/usr/lib/tmpfiles.d/$pkgname.conf
+}

Copied: freeradius/repos/community-staging-x86_64/freeradius-sysusers.conf (from rev 422275, freeradius/trunk/freeradius-sysusers.conf)
===================================================================
--- community-staging-x86_64/freeradius-sysusers.conf	                        (rev 0)
+++ community-staging-x86_64/freeradius-sysusers.conf	2019-01-11 07:45:44 UTC (rev 422276)
@@ -0,0 +1 @@
+u radiusd - "radius daemon" /var/lib/radiusd

Copied: freeradius/repos/community-staging-x86_64/freeradius-tmpfiles.conf (from rev 422275, freeradius/trunk/freeradius-tmpfiles.conf)
===================================================================
--- community-staging-x86_64/freeradius-tmpfiles.conf	                        (rev 0)
+++ community-staging-x86_64/freeradius-tmpfiles.conf	2019-01-11 07:45:44 UTC (rev 422276)
@@ -0,0 +1,8 @@
+# configuration directory
+C /etc/raddb 0755 radiusd radiusd - /etc/raddb.default
+
+# log file
+f /var/log/radius/radius.log 0644 radiusd radiusd -
+
+# run directory
+d /run/radiusd 0755 radiusd radiusd -

Copied: freeradius/repos/community-staging-x86_64/freeradius.service (from rev 422275, freeradius/trunk/freeradius.service)
===================================================================
--- community-staging-x86_64/freeradius.service	                        (rev 0)
+++ community-staging-x86_64/freeradius.service	2019-01-11 07:45:44 UTC (rev 422276)
@@ -0,0 +1,19 @@
+[Unit]
+Description=FreeRADIUS high performance RADIUS server.
+After=syslog.target network.target
+Documentation=man:radiusd(8) man:radiusd.conf(5) https://wiki.freeradius.org/Home https://networkradius.com/freeradius-documentation/
+
+[Service]
+Type=forking
+PIDFile=/run/radiusd/radiusd.pid
+ExecStartPre=/usr/bin/radiusd -C
+ExecStart=/usr/bin/radiusd -d /etc/raddb
+ExecReload=/usr/bin/radiusd -C
+ExecReload=/bin/kill -HUP $MAINPID
+Restart=on-failure
+RestartSec=2
+ProtectSystem=full
+ProtectHome=on
+
+[Install]
+WantedBy=multi-user.target

Copied: freeradius/repos/community-staging-x86_64/openssl-cve.patch (from rev 422275, freeradius/trunk/openssl-cve.patch)
===================================================================
--- community-staging-x86_64/openssl-cve.patch	                        (rev 0)
+++ community-staging-x86_64/openssl-cve.patch	2019-01-11 07:45:44 UTC (rev 422276)
@@ -0,0 +1,24 @@
+diff --git a/src/main/tls.c b/src/main/tls.c
+index 6ab4f2cb9a..6e9e4a6156 100644
+--- a/src/main/tls.c
++++ b/src/main/tls.c
+@@ -72,15 +72,15 @@ typedef struct libssl_defect {
+ static libssl_defect_t libssl_defects[] =
+ {
+ 	{
+-		.low		= 0x01010101f,		/* 1.1.0a */
+-		.high		= 0x01010101f,		/* 1.1.0a */
++		.low		= 0x01010001f,		/* 1.1.0a */
++		.high		= 0x01010001f,		/* 1.1.0a */
+ 		.id		= "CVE-2016-6309",
+ 		.name		= "OCSP status request extension",
+ 		.comment	= "For more information see https://www.openssl.org/news/secadv/20160926.txt"
+ 	},
+ 	{
+-		.low		= 0x01010100f,		/* 1.1.0  */
+-		.high		= 0x01010100f,		/* 1.1.0  */
++		.low		= 0x01010000f,		/* 1.1.0  */
++		.high		= 0x01010000f,		/* 1.1.0  */
+ 		.id		= "CVE-2016-6304",
+ 		.name		= "OCSP status request extension",
+ 		.comment	= "For more information see https://www.openssl.org/news/secadv/20160922.txt"

More information about the arch-commits mailing list