1 |
commit: ab4cddf3a9a969fac7236dff8e61f4c4b05eb36e |
2 |
Author: Michael Palimaka <kensington <AT> gentoo <DOT> org> |
3 |
AuthorDate: Wed Nov 15 12:06:41 2017 +0000 |
4 |
Commit: Michael Palimaka <kensington <AT> gentoo <DOT> org> |
5 |
CommitDate: Wed Nov 15 12:06:50 2017 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ab4cddf3 |
7 |
|
8 |
net-dialup/freeradius: remove vulnerable 3.0.14 |
9 |
|
10 |
Bug: https://bugs.gentoo.org/625410 |
11 |
Package-Manager: Portage-2.3.8, Repoman-2.3.4 |
12 |
|
13 |
net-dialup/freeradius/Manifest | 1 - |
14 |
net-dialup/freeradius/freeradius-3.0.14.ebuild | 225 ------------------------- |
15 |
2 files changed, 226 deletions(-) |
16 |
|
17 |
diff --git a/net-dialup/freeradius/Manifest b/net-dialup/freeradius/Manifest |
18 |
index 1ca03b85b15..01a35bde4e0 100644 |
19 |
--- a/net-dialup/freeradius/Manifest |
20 |
+++ b/net-dialup/freeradius/Manifest |
21 |
@@ -1,2 +1 @@ |
22 |
-DIST freeradius-server-3.0.14.tar.gz 4816144 SHA256 fcd6174d986a942db7a0defbccf6ffb6e692264a87915659493abb466c075909 SHA512 5f81f09a843bf59b16ed4c9c311013e3e839911ed926c56151502a00bb86cc3a593906059ec08b994cfbc4c36d1bc6005d62c5d253ddb5cc3894324c4aaeb308 WHIRLPOOL f679bd442ffc43fe6535a29e345290efa46837f2b31e5789920b9844b01a874ccc2bec6466bf99c6f60c587926a58cd537d4817def16fa89411ead9200c4a1e3 |
23 |
DIST freeradius-server-3.0.15.tar.gz 4818244 SHA256 fd29c5eda3f69f2d823d07745d24a80197df3c1284f2efe6a15f76e16271cfe3 SHA512 9b92045b445032bde9d421499fdc0f6a08d602c501730c31a8d3974b21cc5c12c78abb024ed62a176c7aa7fe260fe1d19386aaf558e0fecfcd3a0ba7aa47499c WHIRLPOOL 102719d62417870bad1c698d3e999cf3829397f8b310c898d7cbb551a44bdbf302dd9e4e2610287c281318930f057446f20b3f994c56ceeadf0864795c92a5d0 |
24 |
|
25 |
diff --git a/net-dialup/freeradius/freeradius-3.0.14.ebuild b/net-dialup/freeradius/freeradius-3.0.14.ebuild |
26 |
deleted file mode 100644 |
27 |
index e42fc8e3052..00000000000 |
28 |
--- a/net-dialup/freeradius/freeradius-3.0.14.ebuild |
29 |
+++ /dev/null |
30 |
@@ -1,225 +0,0 @@ |
31 |
-# Copyright 1999-2017 Gentoo Foundation |
32 |
-# Distributed under the terms of the GNU General Public License v2 |
33 |
- |
34 |
-EAPI=6 |
35 |
- |
36 |
-PYTHON_COMPAT=( python2_7 ) |
37 |
-inherit autotools pam python-single-r1 systemd user |
38 |
- |
39 |
-MY_P="${PN}-server-${PV}" |
40 |
- |
41 |
-DESCRIPTION="Highly configurable free RADIUS server" |
42 |
-SRC_URI=" |
43 |
- ftp://ftp.freeradius.org/pub/radius/${MY_P}.tar.gz |
44 |
- ftp://ftp.freeradius.org/pub/radius/old/${MY_P}.tar.gz |
45 |
-" |
46 |
-HOMEPAGE="http://www.freeradius.org/" |
47 |
- |
48 |
-KEYWORDS="amd64 ~arm ~ppc ~ppc64 ~sparc x86 ~x86-fbsd" |
49 |
-LICENSE="GPL-2" |
50 |
-SLOT="0" |
51 |
- |
52 |
-IUSE=" |
53 |
- debug firebird iodbc kerberos ldap mysql odbc oracle pam pcap |
54 |
- postgres python readline sqlite ssl |
55 |
-" |
56 |
-RESTRICT="test firebird? ( bindist )" |
57 |
- |
58 |
-RDEPEND="!net-dialup/cistronradius |
59 |
- !net-dialup/gnuradius |
60 |
- sys-devel/libtool |
61 |
- dev-lang/perl:= |
62 |
- sys-libs/gdbm |
63 |
- sys-libs/talloc |
64 |
- python? ( ${PYTHON_DEPS} ) |
65 |
- readline? ( sys-libs/readline:0= ) |
66 |
- pcap? ( net-libs/libpcap ) |
67 |
- mysql? ( virtual/mysql ) |
68 |
- postgres? ( dev-db/postgresql:= ) |
69 |
- firebird? ( dev-db/firebird ) |
70 |
- pam? ( virtual/pam ) |
71 |
- ssl? ( dev-libs/openssl:0= ) |
72 |
- ldap? ( net-nds/openldap ) |
73 |
- kerberos? ( virtual/krb5 ) |
74 |
- sqlite? ( dev-db/sqlite:3 ) |
75 |
- odbc? ( dev-db/unixODBC ) |
76 |
- iodbc? ( dev-db/libiodbc ) |
77 |
- oracle? ( dev-db/oracle-instantclient-basic )" |
78 |
-DEPEND="${RDEPEND}" |
79 |
- |
80 |
-REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )" |
81 |
- |
82 |
-S="${WORKDIR}/${MY_P}" |
83 |
- |
84 |
-pkg_setup() { |
85 |
- enewgroup radius |
86 |
- enewuser radius -1 -1 /var/log/radius radius |
87 |
- |
88 |
- python-single-r1_pkg_setup |
89 |
- export PYTHONBIN="${EPYTHON}" |
90 |
-} |
91 |
- |
92 |
-src_prepare() { |
93 |
- # most of the configuration options do not appear as ./configure |
94 |
- # switches. Instead it identifies the directories that are available |
95 |
- # and run through them. These might check for the presence of |
96 |
- # various libraries, in which case they are not built. To avoid |
97 |
- # automagic dependencies, we just remove all the modules that we're |
98 |
- # not interested in using. |
99 |
- |
100 |
- use ssl || { rm -r src/modules/rlm_eap/types/rlm_eap_{tls,ttls,peap} || die ; } |
101 |
- use ldap || { rm -r src/modules/rlm_ldap || die ; } |
102 |
- use kerberos || { rm -r src/modules/rlm_krb5 || die ; } |
103 |
- use pam || { rm -r src/modules/rlm_pam || die ; } |
104 |
- use python || { rm -r src/modules/rlm_python || die ; } |
105 |
- # Do not install ruby rlm module, bug #483108 |
106 |
- rm -r src/modules/rlm_ruby || die |
107 |
- |
108 |
- # these are all things we don't have in portage/I don't want to deal |
109 |
- # with myself |
110 |
- rm -r src/modules/rlm_eap/types/rlm_eap_tnc || die # requires TNCS library |
111 |
- rm -r src/modules/rlm_eap/types/rlm_eap_ikev2 || die # requires libeap-ikev2 |
112 |
- rm -r src/modules/rlm_opendirectory || die # requires some membership.h |
113 |
- rm -r src/modules/rlm_redis{,who} || die # requires redis |
114 |
- rm -r src/modules/rlm_sql/drivers/rlm_sql_{db2,freetds} || die |
115 |
- |
116 |
- # sql drivers that are not part of experimental are loaded from a |
117 |
- # file, so we have to remove them from the file itself when we |
118 |
- # remove them. |
119 |
- usesqldriver() { |
120 |
- local flag=$1 |
121 |
- local driver=rlm_sql_${2:-${flag}} |
122 |
- |
123 |
- if ! use ${flag}; then |
124 |
- rm -r src/modules/rlm_sql/drivers/${driver} || die |
125 |
- sed -i -e /${driver}/d src/modules/rlm_sql/stable || die |
126 |
- fi |
127 |
- } |
128 |
- |
129 |
- sed -i \ |
130 |
- -e 's:^#\tuser = :\tuser = :g' \ |
131 |
- -e 's:^#\tgroup = :\tgroup = :g' \ |
132 |
- -e 's:/var/run/radiusd:/run/radiusd:g' \ |
133 |
- -e '/^run_dir/s:${localstatedir}::g' \ |
134 |
- raddb/radiusd.conf.in || die |
135 |
- |
136 |
- # verbosity |
137 |
- # build shared libraries using jlibtool --shared |
138 |
- sed -i \ |
139 |
- -e '/$(LIBTOOL)/s|--quiet ||g' \ |
140 |
- -e 's:--mode=\(compile\|link\):& --shared:g' \ |
141 |
- Make.inc.in || die |
142 |
- |
143 |
- sed -i \ |
144 |
- -e 's|--silent ||g' \ |
145 |
- -e 's:--mode=\(compile\|link\):& --shared:g' \ |
146 |
- scripts/libtool.mk || die |
147 |
- |
148 |
- # crude measure to stop jlibtool from running ranlib and ar |
149 |
- sed -i \ |
150 |
- -e '/LIBRARIAN/s|".*"|"true"|g' \ |
151 |
- -e '/RANLIB/s|".*"|"true"|g' \ |
152 |
- scripts/jlibtool.c || die |
153 |
- |
154 |
- usesqldriver mysql |
155 |
- usesqldriver postgres postgresql |
156 |
- usesqldriver firebird |
157 |
- usesqldriver iodbc |
158 |
- usesqldriver odbc unixodbc |
159 |
- usesqldriver oracle |
160 |
- usesqldriver sqlite |
161 |
- |
162 |
- default |
163 |
- |
164 |
- eautoreconf |
165 |
-} |
166 |
- |
167 |
-src_configure() { |
168 |
- # fix bug #77613 |
169 |
- local myeconfargs=() |
170 |
- if has_version app-crypt/heimdal; then |
171 |
- myeconfargs+=( --enable-heimdal-krb5 ) |
172 |
- fi |
173 |
- |
174 |
- use readline || export ac_cv_lib_readline=no |
175 |
- use pcap || export ac_cv_lib_pcap_pcap_open_live=no |
176 |
- |
177 |
- # do not try to enable static with static-libs; upstream is a |
178 |
- # massacre of libtool best practices so you also have to make sure |
179 |
- # to --enable-shared explicitly. |
180 |
- myeconfargs+=( |
181 |
- --enable-shared |
182 |
- --disable-static |
183 |
- --disable-ltdl-install |
184 |
- --with-system-libtool |
185 |
- --with-system-libltdl |
186 |
- --with-ascend-binary |
187 |
- --with-udpfromto |
188 |
- --with-dhcp |
189 |
- --with-iodbc-include-dir=/usr/include/iodbc |
190 |
- --with-experimental-modules |
191 |
- --with-docdir=/usr/share/doc/${PF} |
192 |
- --with-logdir=/var/log/radius |
193 |
- $(use_enable debug developer) |
194 |
- $(use_with ldap edir) |
195 |
- $(use_with ssl openssl) |
196 |
- ) |
197 |
- econf "${myeconfargs[@]}" |
198 |
-} |
199 |
- |
200 |
-src_compile() { |
201 |
- # verbose, do not generate certificates |
202 |
- emake \ |
203 |
- Q='' ECHO=true \ |
204 |
- LOCAL_CERT_PRODUCTS='' |
205 |
-} |
206 |
- |
207 |
-src_install() { |
208 |
- dodir /etc |
209 |
- diropts -m0750 -o root -g radius |
210 |
- dodir /etc/raddb |
211 |
- diropts -m0750 -o radius -g radius |
212 |
- dodir /var/log/radius |
213 |
- keepdir /var/log/radius/radacct |
214 |
- diropts |
215 |
- |
216 |
- # verbose, do not install certificates |
217 |
- # Parallel install fails (#509498) |
218 |
- emake -j1 \ |
219 |
- Q='' ECHO=true \ |
220 |
- LOCAL_CERT_PRODUCTS='' \ |
221 |
- R="${D}" \ |
222 |
- install |
223 |
- |
224 |
- fowners -R root:radius /etc/raddb |
225 |
- |
226 |
- pamd_mimic_system radiusd auth account password session |
227 |
- |
228 |
- dodoc CREDITS |
229 |
- |
230 |
- rm "${D}/usr/sbin/rc.radiusd" || die |
231 |
- |
232 |
- newinitd "${FILESDIR}/radius.init-r3" radiusd |
233 |
- newconfd "${FILESDIR}/radius.conf-r4" radiusd |
234 |
- |
235 |
- systemd_newtmpfilesd "${FILESDIR}"/freeradius.tmpfiles freeradius.conf |
236 |
- systemd_dounit "${FILESDIR}"/freeradius.service |
237 |
- |
238 |
- find "${ED}" \( -name "*.a" -o -name "*.la" \) -delete || die |
239 |
-} |
240 |
- |
241 |
-pkg_config() { |
242 |
- if use ssl; then |
243 |
- cd "${ROOT}"/etc/raddb/certs |
244 |
- ./bootstrap |
245 |
- |
246 |
- chown -R root:radius "${ROOT}"/etc/raddb/certs |
247 |
- fi |
248 |
-} |
249 |
- |
250 |
-pkg_preinst() { |
251 |
- if ! has_version ${CATEGORY}/${PN} && use ssl; then |
252 |
- elog "You have to run \`emerge --config =${CATEGORY}/${PF}\` to be able" |
253 |
- elog "to start the radiusd service." |
254 |
- fi |
255 |
-} |