1 |
commit: b3ba1ccdbb78b40fc07e108cd7a30f92bbc59d9f |
2 |
Author: Alarig Le Lay <alarig <AT> swordarmor <DOT> fr> |
3 |
AuthorDate: Mon Feb 27 08:28:14 2023 +0000 |
4 |
Commit: Joonas Niilola <juippis <AT> gentoo <DOT> org> |
5 |
CommitDate: Mon Feb 27 08:30:58 2023 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b3ba1ccd |
7 |
|
8 |
net-dialup/freeradius: add 3.2.1 |
9 |
|
10 |
Bug: https://bugs.gentoo.org/891265 |
11 |
Closes: https://bugs.gentoo.org/897082 |
12 |
Signed-off-by: Alarig Le Lay <alarig <AT> swordarmor.fr> |
13 |
Closes: https://github.com/gentoo/gentoo/pull/29342 |
14 |
Signed-off-by: Joonas Niilola <juippis <AT> gentoo.org> |
15 |
|
16 |
net-dialup/freeradius/Manifest | 1 + |
17 |
net-dialup/freeradius/freeradius-3.2.1.ebuild | 311 ++++++++++++++++++++++++++ |
18 |
2 files changed, 312 insertions(+) |
19 |
|
20 |
diff --git a/net-dialup/freeradius/Manifest b/net-dialup/freeradius/Manifest |
21 |
index 4580ae850f7a..43e60f45684a 100644 |
22 |
--- a/net-dialup/freeradius/Manifest |
23 |
+++ b/net-dialup/freeradius/Manifest |
24 |
@@ -1,3 +1,4 @@ |
25 |
DIST freeradius-3.0.25.tar.gz 5300245 BLAKE2B bf8908aa7bfabb9e15fa841457f176a4f2697bdec7994485516ef338908b46f2168260b7acf1a7120a687e543f0381bb787567bb4d564b9d14a3eb464a0e9ed6 SHA512 13382a53e6a1a4495c6f53e662ce21b80d73b6134a72f099f05495b64c56ae1a6c1cd1281311f1c3695d8532207fe5bd3d2026ed2c45f3cb5adb1011f1505ee7 |
26 |
DIST freeradius-3.0.26.tar.gz 5300930 BLAKE2B e8922182f69ff201af331a03ef109072d24fb169c14179c5e71910ed3f767526afd7efe6000fd8a3881fa2ddb0487ebd12f8fdf6845136fdc15fdcb8a83fdf39 SHA512 83825ce1dd3d2e005c11d10ebadd2b37884130c158d3ea43595fa52478e3d194725b15dc73633758b0b1e916e00ea9358d254c38c2b721c475c9a4235aa1a5a3 |
27 |
DIST freeradius-server-3.2.0.tar.bz2 3399380 BLAKE2B 103cb1faf7efd78520dd613da51671ff37b870fcd356d7d11454d655cf460bcb4132cd91b99be70557242907dd5e4d741b6a776de81c37a24ab9d04a4fe5866b SHA512 e7aa7bfc5a6968cdb860bb565ebd45bc1b3f78a665a9888a8b8dacaa1c5256755468aed33bdffe39465f8678c1fb9d6f47f0dbcf0178dfdcb38d99e3bc4b747d |
28 |
+DIST freeradius-server-3.2.1.tar.bz2 3399164 BLAKE2B d0e69d468736d2a5dd85b32bb8b1fa44f2e56725ae525a3895df1b926f5ce525c70af08c2b76b62a9479d00d02c3e4915586fb1e5c7d42955c6b9e5cdeda8f6e SHA512 0f9e98cbf0eff4c5af54731ec34a8c9070252eaf2f91ca0c87caae939f6356fa91a6e1ed98ba66dbf1c1bafecdfcf38603fb4f65a5955e88974f49a5b7885f7a |
29 |
|
30 |
diff --git a/net-dialup/freeradius/freeradius-3.2.1.ebuild b/net-dialup/freeradius/freeradius-3.2.1.ebuild |
31 |
new file mode 100644 |
32 |
index 000000000000..86036194b49c |
33 |
--- /dev/null |
34 |
+++ b/net-dialup/freeradius/freeradius-3.2.1.ebuild |
35 |
@@ -0,0 +1,311 @@ |
36 |
+# Copyright 1999-2023 Gentoo Authors |
37 |
+# Distributed under the terms of the GNU General Public License v2 |
38 |
+ |
39 |
+EAPI=8 |
40 |
+ |
41 |
+PYTHON_COMPAT=( python3_{9..11} ) |
42 |
+inherit autotools pam python-single-r1 systemd |
43 |
+ |
44 |
+MY_PN=${PN}-server |
45 |
+MY_P=${MY_PN}-${PV} |
46 |
+MY_PV=$(ver_rs 1- "_") |
47 |
+ |
48 |
+DESCRIPTION="Highly configurable free RADIUS server" |
49 |
+HOMEPAGE="https://freeradius.org/" |
50 |
+SRC_URI="https://github.com/FreeRADIUS/freeradius-server/releases/download/release_${MY_PV}/${MY_P}.tar.bz2" |
51 |
+S="${WORKDIR}"/${MY_P} |
52 |
+ |
53 |
+LICENSE="GPL-2" |
54 |
+SLOT="0" |
55 |
+KEYWORDS="~amd64 ~arm ~arm64 ~ppc ~ppc64 ~sparc ~x86" |
56 |
+ |
57 |
+IUSE=" |
58 |
+ debug firebird iodbc kerberos ldap memcached mysql mongodb odbc oracle pam |
59 |
+ postgres python readline redis samba sqlite ssl systemd |
60 |
+" |
61 |
+ |
62 |
+RESTRICT="firebird? ( bindist )" |
63 |
+ |
64 |
+# NOTE: Temporary freeradius doesn't support linking with mariadb client |
65 |
+# libs also if code is compliant, will be available in the next release. |
66 |
+# (http://lists.freeradius.org/pipermail/freeradius-devel/2018-October/013228.html)a |
67 |
+ |
68 |
+# TODO: rlm_mschap works with both samba library or without. I need to avoid |
69 |
+# linking of samba library if -samba is used. |
70 |
+ |
71 |
+# TODO: unconditional json-c for now as automagic dep despite efforts to stop it |
72 |
+# ditto libpcap. Can restore USE=rest, USE=pcap if/when fixed. |
73 |
+ |
74 |
+RDEPEND="acct-group/radius |
75 |
+ acct-user/radius |
76 |
+ !net-dialup/cistronradius |
77 |
+ dev-libs/libltdl |
78 |
+ dev-libs/libpcre |
79 |
+ dev-libs/json-c:= |
80 |
+ dev-lang/perl:= |
81 |
+ net-libs/libpcap |
82 |
+ sys-libs/gdbm:= |
83 |
+ sys-libs/libcap |
84 |
+ sys-libs/talloc |
85 |
+ virtual/libcrypt:= |
86 |
+ firebird? ( dev-db/firebird ) |
87 |
+ iodbc? ( dev-db/libiodbc ) |
88 |
+ kerberos? ( virtual/krb5 ) |
89 |
+ ldap? ( net-nds/openldap:= ) |
90 |
+ memcached? ( dev-libs/libmemcached ) |
91 |
+ mysql? ( dev-db/mysql-connector-c:= ) |
92 |
+ mongodb? ( >=dev-libs/mongo-c-driver-1.13.0-r1 ) |
93 |
+ odbc? ( dev-db/unixODBC ) |
94 |
+ oracle? ( dev-db/oracle-instantclient[sdk] ) |
95 |
+ pam? ( sys-libs/pam ) |
96 |
+ postgres? ( dev-db/postgresql:= ) |
97 |
+ python? ( ${PYTHON_DEPS} ) |
98 |
+ readline? ( sys-libs/readline:= ) |
99 |
+ redis? ( dev-libs/hiredis:= ) |
100 |
+ samba? ( net-fs/samba ) |
101 |
+ sqlite? ( dev-db/sqlite:3 ) |
102 |
+ ssl? ( >=dev-libs/openssl-1.0.2:=[-bindist(-)] ) |
103 |
+ systemd? ( sys-apps/systemd:= )" |
104 |
+DEPEND="${RDEPEND}" |
105 |
+ |
106 |
+REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )" |
107 |
+ |
108 |
+# bug #721040 |
109 |
+QA_SONAME="usr/lib.*/libfreeradius-.*.so" |
110 |
+ |
111 |
+PATCHES=( |
112 |
+ "${FILESDIR}"/${PN}-3.0.20-systemd-service.patch |
113 |
+) |
114 |
+ |
115 |
+pkg_setup() { |
116 |
+ if use python ; then |
117 |
+ python-single-r1_pkg_setup |
118 |
+ export PYTHONBIN="${EPYTHON}" |
119 |
+ fi |
120 |
+} |
121 |
+ |
122 |
+src_prepare() { |
123 |
+ default |
124 |
+ |
125 |
+ # Most of the configuration options do not appear as ./configure |
126 |
+ # switches. Instead it identifies the directories that are available |
127 |
+ # and run through them. These might check for the presence of |
128 |
+ # various libraries, in which case they are not built. To avoid |
129 |
+ # automagic dependencies, we just remove all the modules that we're |
130 |
+ # not interested in using. |
131 |
+ # TODO: shift more of these into configure args below as things |
132 |
+ # are a bit better now. |
133 |
+ use ssl || { rm -r src/modules/rlm_eap/types/rlm_eap_{tls,ttls,peap} || die ; } |
134 |
+ use ldap || { rm -r src/modules/rlm_ldap || die ; } |
135 |
+ use kerberos || { rm -r src/modules/rlm_krb5 || die ; } |
136 |
+ use memcached || { rm -r src/modules/rlm_cache/drivers/rlm_cache_memcached || die ; } |
137 |
+ use pam || { rm -r src/modules/rlm_pam || die ; } |
138 |
+ |
139 |
+ # Drop support for python2 |
140 |
+ rm -r src/modules/rlm_python || die |
141 |
+ |
142 |
+ use python || { rm -r src/modules/rlm_python3 || die ; } |
143 |
+ #use rest || { rm -r src/modules/rlm_rest || die ; } |
144 |
+ # Do not install ruby rlm module, bug #483108 |
145 |
+ rm -r src/modules/rlm_ruby || die |
146 |
+ |
147 |
+ # These are all things we don't have in portage/I don't want to deal |
148 |
+ # with myself. |
149 |
+ # |
150 |
+ # Requires TNCS library |
151 |
+ rm -r src/modules/rlm_eap/types/rlm_eap_tnc || die |
152 |
+ # Requires libeap-ikev2 |
153 |
+ rm -r src/modules/rlm_eap/types/rlm_eap_ikev2 || die |
154 |
+ # Requires some membership.h |
155 |
+ rm -r src/modules/rlm_opendirectory || die |
156 |
+ # ? |
157 |
+ rm -r src/modules/rlm_sql/drivers/rlm_sql_{db2,freetds} || die |
158 |
+ |
159 |
+ # SQL drivers that are not part of experimental are loaded from a |
160 |
+ # file, so we have to remove them from the file itself when we |
161 |
+ # remove them. |
162 |
+ usesqldriver() { |
163 |
+ local flag=$1 |
164 |
+ local driver=rlm_sql_${2:-${flag}} |
165 |
+ |
166 |
+ if ! use ${flag} ; then |
167 |
+ rm -r src/modules/rlm_sql/drivers/${driver} || die |
168 |
+ sed -i -e /${driver}/d src/modules/rlm_sql/stable || die |
169 |
+ fi |
170 |
+ } |
171 |
+ |
172 |
+ sed -i \ |
173 |
+ -e 's:^#\tuser = :\tuser = :g' \ |
174 |
+ -e 's:^#\tgroup = :\tgroup = :g' \ |
175 |
+ -e 's:/var/run/radiusd:/run/radiusd:g' \ |
176 |
+ -e '/^run_dir/s:${localstatedir}::g' \ |
177 |
+ raddb/radiusd.conf.in || die |
178 |
+ |
179 |
+ # - Verbosity |
180 |
+ # - B uild shared libraries using jlibtool -shared |
181 |
+ sed -i \ |
182 |
+ -e '/$(LIBTOOL)/s|--quiet ||g' \ |
183 |
+ -e 's:--mode=\(compile\|link\):& -shared:g' \ |
184 |
+ Make.inc.in || die |
185 |
+ sed -i \ |
186 |
+ -e 's|--silent ||g' \ |
187 |
+ -e 's:--mode=\(compile\|link\):& -shared:g' \ |
188 |
+ scripts/libtool.mk || die |
189 |
+ |
190 |
+ # Crude measure to stop jlibtool from running ranlib and ar |
191 |
+ sed -i \ |
192 |
+ -e '/LIBRARIAN/s|".*"|"true"|g' \ |
193 |
+ -e '/RANLIB/s|".*"|"true"|g' \ |
194 |
+ scripts/jlibtool.c || die |
195 |
+ |
196 |
+ usesqldriver mysql |
197 |
+ usesqldriver postgres postgresql |
198 |
+ usesqldriver firebird |
199 |
+ usesqldriver iodbc |
200 |
+ usesqldriver odbc unixodbc |
201 |
+ usesqldriver oracle |
202 |
+ usesqldriver sqlite |
203 |
+ usesqldriver mongodb mongo |
204 |
+ |
205 |
+ eautoreconf |
206 |
+} |
207 |
+ |
208 |
+src_configure() { |
209 |
+ # Do not try to enable static with static-libs; upstream is a |
210 |
+ # massacre of libtool best practices so you also have to make sure |
211 |
+ # to --enable-shared explicitly. |
212 |
+ local myeconfargs=( |
213 |
+ # Revisit confcache when not needing to use ac_cv anymore |
214 |
+ # for automagic deps. |
215 |
+ #--cache-file="${S}"/config.cache |
216 |
+ |
217 |
+ --enable-shared |
218 |
+ --disable-ltdl-install |
219 |
+ --disable-silent-rules |
220 |
+ --with-system-libtool |
221 |
+ --with-system-libltdl |
222 |
+ |
223 |
+ --enable-strict-dependencies |
224 |
+ --without-rlm_couchbase |
225 |
+ --without-rlm_securid |
226 |
+ --without-rlm_unbound |
227 |
+ --without-rlm_idn |
228 |
+ #--without-rlm_json |
229 |
+ #$(use_with rest libfreeradius-json) |
230 |
+ |
231 |
+ # Our OpenSSL should be patched. Avoid false-positive failures. |
232 |
+ --disable-openssl-version-check |
233 |
+ --with-ascend-binary |
234 |
+ --with-udpfromto |
235 |
+ --with-dhcp |
236 |
+ --with-pcre |
237 |
+ --with-iodbc-include-dir=/usr/include/iodbc |
238 |
+ --with-experimental-modules |
239 |
+ --with-docdir=/usr/share/doc/${PF} |
240 |
+ --with-logdir=/var/log/radius |
241 |
+ |
242 |
+ $(use_enable debug developer) |
243 |
+ $(use_with ldap edir) |
244 |
+ $(use_with redis rlm_cache_redis) |
245 |
+ $(use_with redis rlm_redis) |
246 |
+ $(use_with redis rlm_rediswho) |
247 |
+ $(use_with ssl openssl) |
248 |
+ $(use_with systemd systemd) |
249 |
+ ) |
250 |
+ |
251 |
+ # bug #77613 |
252 |
+ if has_version app-crypt/heimdal ; then |
253 |
+ myeconfargs+=( --enable-heimdal-krb5 ) |
254 |
+ fi |
255 |
+ |
256 |
+ if use python ; then |
257 |
+ myeconfargs+=( |
258 |
+ --with-rlm-python3-bin=${EPYTHON} |
259 |
+ --with-rlm-python3-config-bin=${EPYTHON}-config |
260 |
+ ) |
261 |
+ fi |
262 |
+ |
263 |
+ if ! use readline ; then |
264 |
+ export ac_cv_lib_readline=no |
265 |
+ fi |
266 |
+ |
267 |
+ #if ! use pcap ; then |
268 |
+ # export ac_cv_lib_pcap_pcap_open_live=no |
269 |
+ # export ac_cv_header_pcap_h=no |
270 |
+ #fi |
271 |
+ |
272 |
+ econf "${myeconfargs[@]}" |
273 |
+} |
274 |
+ |
275 |
+src_compile() { |
276 |
+ # Verbose, do not generate certificates |
277 |
+ emake \ |
278 |
+ Q='' ECHO=true \ |
279 |
+ LOCAL_CERT_PRODUCTS='' |
280 |
+} |
281 |
+ |
282 |
+src_install() { |
283 |
+ dodir /etc |
284 |
+ |
285 |
+ diropts -m0750 -o root -g radius |
286 |
+ dodir /etc/raddb |
287 |
+ |
288 |
+ diropts -m0750 -o radius -g radius |
289 |
+ dodir /var/log/radius |
290 |
+ |
291 |
+ keepdir /var/log/radius/radacct |
292 |
+ diropts |
293 |
+ |
294 |
+ # - Verbose, do not install certificates |
295 |
+ # - Parallel install fails (bug #509498) |
296 |
+ emake -j1 \ |
297 |
+ Q='' ECHO=true \ |
298 |
+ LOCAL_CERT_PRODUCTS='' \ |
299 |
+ R="${D}" \ |
300 |
+ install |
301 |
+ |
302 |
+ if use pam ; then |
303 |
+ pamd_mimic_system radiusd auth account password session |
304 |
+ fi |
305 |
+ |
306 |
+ # bug #711756 |
307 |
+ fowners -R radius:radius /etc/raddb |
308 |
+ fowners -R radius:radius /var/log/radius |
309 |
+ |
310 |
+ dodoc CREDITS |
311 |
+ |
312 |
+ rm "${ED}"/usr/sbin/rc.radiusd || die |
313 |
+ |
314 |
+ newinitd "${FILESDIR}"/radius.init-r4 radiusd |
315 |
+ newconfd "${FILESDIR}"/radius.conf-r6 radiusd |
316 |
+ |
317 |
+ if ! use systemd ; then |
318 |
+ # If systemd builtin is not enabled we need use Type=Simple |
319 |
+ # as systemd .service |
320 |
+ sed -i -e 's:^Type=.*::g' \ |
321 |
+ -e 's:^WatchdogSec=.*::g' -e 's:^NotifyAccess=all.*::g' \ |
322 |
+ "${S}"/debian/freeradius.service |
323 |
+ fi |
324 |
+ |
325 |
+ systemd_dounit "${S}"/debian/freeradius.service |
326 |
+ |
327 |
+ find "${ED}" \( -name "*.a" -o -name "*.la" \) -delete || die |
328 |
+} |
329 |
+ |
330 |
+pkg_config() { |
331 |
+ if use ssl ; then |
332 |
+ cd "${ROOT}"/etc/raddb/certs || die |
333 |
+ |
334 |
+ ./bootstrap || die "Error while running ./bootstrap script." |
335 |
+ chown root:radius "${ROOT}"/etc/raddb/certs || die |
336 |
+ chown root:radius "${ROOT}"/etc/raddb/certs/ca.pem || die |
337 |
+ chown root:radius "${ROOT}"/etc/raddb/certs/server.{key,crt,pem} || die |
338 |
+ fi |
339 |
+} |
340 |
+ |
341 |
+pkg_preinst() { |
342 |
+ if ! has_version ${CATEGORY}/${PN} && use ssl ; then |
343 |
+ elog "You have to run \`emerge --config =${CATEGORY}/${PF}\` to be able" |
344 |
+ elog "to start the radiusd service." |
345 |
+ fi |
346 |
+} |