[gentoo-commits] repo/gentoo:master commit in: net-dialup/freeradius/ - gentoo-commits

From:	Michael Palimaka <kensington@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] repo/gentoo:master commit in: net-dialup/freeradius/
Date:	Wed, 15 Nov 2017 12:07:06
Message-Id:	`1510747610.ab4cddf3a9a969fac7236dff8e61f4c4b05eb36e.kensington@gentoo`

1

commit:     ab4cddf3a9a969fac7236dff8e61f4c4b05eb36e

2

Author:     Michael Palimaka <kensington <AT> gentoo <DOT> org>

3

AuthorDate: Wed Nov 15 12:06:41 2017 +0000

4

Commit:     Michael Palimaka <kensington <AT> gentoo <DOT> org>

5

CommitDate: Wed Nov 15 12:06:50 2017 +0000

6

URL:        https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ab4cddf3

7

8

net-dialup/freeradius: remove vulnerable 3.0.14

9

10

Bug: https://bugs.gentoo.org/625410

11

Package-Manager: Portage-2.3.8, Repoman-2.3.4

12

13

 net-dialup/freeradius/Manifest                 |   1 -

14

 net-dialup/freeradius/freeradius-3.0.14.ebuild | 225 -------------------------

15

 2 files changed, 226 deletions(-)

16

17

diff --git a/net-dialup/freeradius/Manifest b/net-dialup/freeradius/Manifest

18

index 1ca03b85b15..01a35bde4e0 100644

19

--- a/net-dialup/freeradius/Manifest

20

+++ b/net-dialup/freeradius/Manifest

21

@@ -1,2 +1 @@

22

-DIST freeradius-server-3.0.14.tar.gz 4816144 SHA256 fcd6174d986a942db7a0defbccf6ffb6e692264a87915659493abb466c075909 SHA512 5f81f09a843bf59b16ed4c9c311013e3e839911ed926c56151502a00bb86cc3a593906059ec08b994cfbc4c36d1bc6005d62c5d253ddb5cc3894324c4aaeb308 WHIRLPOOL f679bd442ffc43fe6535a29e345290efa46837f2b31e5789920b9844b01a874ccc2bec6466bf99c6f60c587926a58cd537d4817def16fa89411ead9200c4a1e3

23

 DIST freeradius-server-3.0.15.tar.gz 4818244 SHA256 fd29c5eda3f69f2d823d07745d24a80197df3c1284f2efe6a15f76e16271cfe3 SHA512 9b92045b445032bde9d421499fdc0f6a08d602c501730c31a8d3974b21cc5c12c78abb024ed62a176c7aa7fe260fe1d19386aaf558e0fecfcd3a0ba7aa47499c WHIRLPOOL 102719d62417870bad1c698d3e999cf3829397f8b310c898d7cbb551a44bdbf302dd9e4e2610287c281318930f057446f20b3f994c56ceeadf0864795c92a5d0

24

25

diff --git a/net-dialup/freeradius/freeradius-3.0.14.ebuild b/net-dialup/freeradius/freeradius-3.0.14.ebuild

26

deleted file mode 100644

27

index e42fc8e3052..00000000000

28

--- a/net-dialup/freeradius/freeradius-3.0.14.ebuild

29

+++ /dev/null

30

@@ -1,225 +0,0 @@

31

-# Copyright 1999-2017 Gentoo Foundation

32

-# Distributed under the terms of the GNU General Public License v2

33

-

34

-EAPI=6

35

-

36

-PYTHON_COMPAT=( python2_7 )

37

-inherit autotools pam python-single-r1 systemd user

38

-

39

-MY_P="${PN}-server-${PV}"

40

-

41

-DESCRIPTION="Highly configurable free RADIUS server"

42

-SRC_URI="

43

-	ftp://ftp.freeradius.org/pub/radius/${MY_P}.tar.gz

44

-	ftp://ftp.freeradius.org/pub/radius/old/${MY_P}.tar.gz

45

-"

46

-HOMEPAGE="http://www.freeradius.org/"

47

-

48

-KEYWORDS="amd64 ~arm ~ppc ~ppc64 ~sparc x86 ~x86-fbsd"

49

-LICENSE="GPL-2"

50

-SLOT="0"

51

-

52

-IUSE="

53

-	debug firebird iodbc kerberos ldap mysql odbc oracle pam pcap

54

-	postgres python readline sqlite ssl

55

-"

56

-RESTRICT="test firebird? ( bindist )"

57

-

58

-RDEPEND="!net-dialup/cistronradius

59

-	!net-dialup/gnuradius

60

-	sys-devel/libtool

61

-	dev-lang/perl:=

62

-	sys-libs/gdbm

63

-	sys-libs/talloc

64

-	python? ( ${PYTHON_DEPS} )

65

-	readline? ( sys-libs/readline:0= )

66

-	pcap? ( net-libs/libpcap )

67

-	mysql? ( virtual/mysql )

68

-	postgres? ( dev-db/postgresql:= )

69

-	firebird? ( dev-db/firebird )

70

-	pam? ( virtual/pam )

71

-	ssl? ( dev-libs/openssl:0= )

72

-	ldap? ( net-nds/openldap )

73

-	kerberos? ( virtual/krb5 )

74

-	sqlite? ( dev-db/sqlite:3 )

75

-	odbc? ( dev-db/unixODBC )

76

-	iodbc? ( dev-db/libiodbc )

77

-	oracle? ( dev-db/oracle-instantclient-basic )"

78

-DEPEND="${RDEPEND}"

79

-

80

-REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )"

81

-

82

-S="${WORKDIR}/${MY_P}"

83

-

84

-pkg_setup() {

85

-	enewgroup radius

86

-	enewuser radius -1 -1 /var/log/radius radius

87

-

88

-	python-single-r1_pkg_setup

89

-	export PYTHONBIN="${EPYTHON}"

90

-}

91

-

92

-src_prepare() {

93

-	# most of the configuration options do not appear as ./configure

94

-	# switches. Instead it identifies the directories that are available

95

-	# and run through them. These might check for the presence of

96

-	# various libraries, in which case they are not built.  To avoid

97

-	# automagic dependencies, we just remove all the modules that we're

98

-	# not interested in using.

99

-

100

-	use ssl || { rm -r src/modules/rlm_eap/types/rlm_eap_{tls,ttls,peap} || die ; }

101

-	use ldap || { rm -r src/modules/rlm_ldap || die ; }

102

-	use kerberos || { rm -r src/modules/rlm_krb5 || die ; }

103

-	use pam || { rm -r src/modules/rlm_pam || die ; }

104

-	use python || { rm -r src/modules/rlm_python || die ; }

105

-	# Do not install ruby rlm module, bug #483108

106

-	rm -r src/modules/rlm_ruby || die

107

-

108

-	# these are all things we don't have in portage/I don't want to deal

109

-	# with myself

110

-	rm -r src/modules/rlm_eap/types/rlm_eap_tnc || die # requires TNCS library

111

-	rm -r src/modules/rlm_eap/types/rlm_eap_ikev2 || die # requires libeap-ikev2

112

-	rm -r src/modules/rlm_opendirectory || die # requires some membership.h

113

-	rm -r src/modules/rlm_redis{,who} || die # requires redis

114

-	rm -r src/modules/rlm_sql/drivers/rlm_sql_{db2,freetds} || die

115

-

116

-	# sql drivers that are not part of experimental are loaded from a

117

-	# file, so we have to remove them from the file itself when we

118

-	# remove them.

119

-	usesqldriver() {

120

-		local flag=$1

121

-		local driver=rlm_sql_${2:-${flag}}

122

-

123

-		if ! use ${flag}; then

124

-			rm -r src/modules/rlm_sql/drivers/${driver} || die

125

-			sed -i -e /${driver}/d src/modules/rlm_sql/stable || die

126

-		fi

127

-	}

128

-

129

-	sed -i \

130

-		-e 's:^#\tuser = :\tuser = :g' \

131

-		-e 's:^#\tgroup = :\tgroup = :g' \

132

-		-e 's:/var/run/radiusd:/run/radiusd:g' \

133

-		-e '/^run_dir/s:${localstatedir}::g' \

134

-		raddb/radiusd.conf.in || die

135

-

136

-	# verbosity

137

-	# build shared libraries using jlibtool --shared

138

-	sed -i \

139

-		-e '/$(LIBTOOL)/s|--quiet ||g' \

140

-		-e 's:--mode=\(compile\|link\):& --shared:g' \

141

-		Make.inc.in || die

142

-

143

-	sed -i \

144

-		-e 's|--silent ||g' \

145

-		-e 's:--mode=\(compile\|link\):& --shared:g' \

146

-		scripts/libtool.mk || die

147

-

148

-	# crude measure to stop jlibtool from running ranlib and ar

149

-	sed -i \

150

-		-e '/LIBRARIAN/s|".*"|"true"|g' \

151

-		-e '/RANLIB/s|".*"|"true"|g' \

152

-		scripts/jlibtool.c || die

153

-

154

-	usesqldriver mysql

155

-	usesqldriver postgres postgresql

156

-	usesqldriver firebird

157

-	usesqldriver iodbc

158

-	usesqldriver odbc unixodbc

159

-	usesqldriver oracle

160

-	usesqldriver sqlite

161

-

162

-	default

163

-

164

-	eautoreconf

165

-}

166

-

167

-src_configure() {

168

-	# fix bug #77613

169

-	local myeconfargs=()

170

-	if has_version app-crypt/heimdal; then

171

-		myeconfargs+=( --enable-heimdal-krb5 )

172

-	fi

173

-

174

-	use readline || export ac_cv_lib_readline=no

175

-	use pcap || export ac_cv_lib_pcap_pcap_open_live=no

176

-

177

-	# do not try to enable static with static-libs; upstream is a

178

-	# massacre of libtool best practices so you also have to make sure

179

-	# to --enable-shared explicitly.

180

-	myeconfargs+=(

181

-		--enable-shared

182

-		--disable-static

183

-		--disable-ltdl-install

184

-		--with-system-libtool

185

-		--with-system-libltdl

186

-		--with-ascend-binary

187

-		--with-udpfromto

188

-		--with-dhcp

189

-		--with-iodbc-include-dir=/usr/include/iodbc

190

-		--with-experimental-modules

191

-		--with-docdir=/usr/share/doc/${PF}

192

-		--with-logdir=/var/log/radius

193

-		$(use_enable debug developer)

194

-		$(use_with ldap edir)

195

-		$(use_with ssl openssl)

196

-	)

197

-	econf "${myeconfargs[@]}"

198

-}

199

-

200

-src_compile() {

201

-	# verbose, do not generate certificates

202

-	emake \

203

-		Q='' ECHO=true \

204

-		LOCAL_CERT_PRODUCTS=''

205

-}

206

-

207

-src_install() {

208

-	dodir /etc

209

-	diropts -m0750 -o root -g radius

210

-	dodir /etc/raddb

211

-	diropts -m0750 -o radius -g radius

212

-	dodir /var/log/radius

213

-	keepdir /var/log/radius/radacct

214

-	diropts

215

-

216

-	# verbose, do not install certificates

217

-	# Parallel install fails (#509498)

218

-	emake -j1 \

219

-		Q='' ECHO=true \

220

-		LOCAL_CERT_PRODUCTS='' \

221

-		R="${D}" \

222

-		install

223

-

224

-	fowners -R root:radius /etc/raddb

225

-

226

-	pamd_mimic_system radiusd auth account password session

227

-

228

-	dodoc CREDITS

229

-

230

-	rm "${D}/usr/sbin/rc.radiusd" || die

231

-

232

-	newinitd "${FILESDIR}/radius.init-r3" radiusd

233

-	newconfd "${FILESDIR}/radius.conf-r4" radiusd

234

-

235

-	systemd_newtmpfilesd "${FILESDIR}"/freeradius.tmpfiles freeradius.conf

236

-	systemd_dounit "${FILESDIR}"/freeradius.service

237

-

238

-	find "${ED}" \( -name "*.a" -o -name "*.la" \) -delete || die

239

-}

240

-

241

-pkg_config() {

242

-	if use ssl; then

243

-		cd "${ROOT}"/etc/raddb/certs

244

-		./bootstrap

245

-

246

-		chown -R root:radius "${ROOT}"/etc/raddb/certs

247

-	fi

248

-}

249

-

250

-pkg_preinst() {

251

-	if ! has_version ${CATEGORY}/${PN} && use ssl; then

252

-		elog "You have to run \`emerge --config =${CATEGORY}/${PF}\` to be able"

253

-		elog "to start the radiusd service."

254

-	fi

255

-}

1	commit: ab4cddf3a9a969fac7236dff8e61f4c4b05eb36e
2	Author: Michael Palimaka <kensington <AT> gentoo <DOT> org>
3	AuthorDate: Wed Nov 15 12:06:41 2017 +0000
4	Commit: Michael Palimaka <kensington <AT> gentoo <DOT> org>
5	CommitDate: Wed Nov 15 12:06:50 2017 +0000
6	URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ab4cddf3
7
8	net-dialup/freeradius: remove vulnerable 3.0.14
9
10	Bug: https://bugs.gentoo.org/625410
11	Package-Manager: Portage-2.3.8, Repoman-2.3.4
12
13	net-dialup/freeradius/Manifest \| 1 -
14	net-dialup/freeradius/freeradius-3.0.14.ebuild \| 225 -------------------------
15	2 files changed, 226 deletions(-)
16
17	diff --git a/net-dialup/freeradius/Manifest b/net-dialup/freeradius/Manifest
18	index 1ca03b85b15..01a35bde4e0 100644
19	--- a/net-dialup/freeradius/Manifest
20	+++ b/net-dialup/freeradius/Manifest
21	@@ -1,2 +1 @@
22	-DIST freeradius-server-3.0.14.tar.gz 4816144 SHA256 fcd6174d986a942db7a0defbccf6ffb6e692264a87915659493abb466c075909 SHA512 5f81f09a843bf59b16ed4c9c311013e3e839911ed926c56151502a00bb86cc3a593906059ec08b994cfbc4c36d1bc6005d62c5d253ddb5cc3894324c4aaeb308 WHIRLPOOL f679bd442ffc43fe6535a29e345290efa46837f2b31e5789920b9844b01a874ccc2bec6466bf99c6f60c587926a58cd537d4817def16fa89411ead9200c4a1e3
23	DIST freeradius-server-3.0.15.tar.gz 4818244 SHA256 fd29c5eda3f69f2d823d07745d24a80197df3c1284f2efe6a15f76e16271cfe3 SHA512 9b92045b445032bde9d421499fdc0f6a08d602c501730c31a8d3974b21cc5c12c78abb024ed62a176c7aa7fe260fe1d19386aaf558e0fecfcd3a0ba7aa47499c WHIRLPOOL 102719d62417870bad1c698d3e999cf3829397f8b310c898d7cbb551a44bdbf302dd9e4e2610287c281318930f057446f20b3f994c56ceeadf0864795c92a5d0
24
25	diff --git a/net-dialup/freeradius/freeradius-3.0.14.ebuild b/net-dialup/freeradius/freeradius-3.0.14.ebuild
26	deleted file mode 100644
27	index e42fc8e3052..00000000000
28	--- a/net-dialup/freeradius/freeradius-3.0.14.ebuild
29	+++ /dev/null
30	@@ -1,225 +0,0 @@
31	-# Copyright 1999-2017 Gentoo Foundation
32	-# Distributed under the terms of the GNU General Public License v2
33	-
34	-EAPI=6
35	-
36	-PYTHON_COMPAT=( python2_7 )
37	-inherit autotools pam python-single-r1 systemd user
38	-
39	-MY_P="${PN}-server-${PV}"
40	-
41	-DESCRIPTION="Highly configurable free RADIUS server"
42	-SRC_URI="
43	- ftp://ftp.freeradius.org/pub/radius/${MY_P}.tar.gz
44	- ftp://ftp.freeradius.org/pub/radius/old/${MY_P}.tar.gz
45	-"
46	-HOMEPAGE="http://www.freeradius.org/"
47	-
48	-KEYWORDS="amd64 ~arm ~ppc ~ppc64 ~sparc x86 ~x86-fbsd"
49	-LICENSE="GPL-2"
50	-SLOT="0"
51	-
52	-IUSE="
53	- debug firebird iodbc kerberos ldap mysql odbc oracle pam pcap
54	- postgres python readline sqlite ssl
55	-"
56	-RESTRICT="test firebird? ( bindist )"
57	-
58	-RDEPEND="!net-dialup/cistronradius
59	- !net-dialup/gnuradius
60	- sys-devel/libtool
61	- dev-lang/perl:=
62	- sys-libs/gdbm
63	- sys-libs/talloc
64	- python? ( ${PYTHON_DEPS} )
65	- readline? ( sys-libs/readline:0= )
66	- pcap? ( net-libs/libpcap )
67	- mysql? ( virtual/mysql )
68	- postgres? ( dev-db/postgresql:= )
69	- firebird? ( dev-db/firebird )
70	- pam? ( virtual/pam )
71	- ssl? ( dev-libs/openssl:0= )
72	- ldap? ( net-nds/openldap )
73	- kerberos? ( virtual/krb5 )
74	- sqlite? ( dev-db/sqlite:3 )
75	- odbc? ( dev-db/unixODBC )
76	- iodbc? ( dev-db/libiodbc )
77	- oracle? ( dev-db/oracle-instantclient-basic )"
78	-DEPEND="${RDEPEND}"
79	-
80	-REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )"
81	-
82	-S="${WORKDIR}/${MY_P}"
83	-
84	-pkg_setup() {
85	- enewgroup radius
86	- enewuser radius -1 -1 /var/log/radius radius
87	-
88	- python-single-r1_pkg_setup
89	- export PYTHONBIN="${EPYTHON}"
90	-}
91	-
92	-src_prepare() {
93	- # most of the configuration options do not appear as ./configure
94	- # switches. Instead it identifies the directories that are available
95	- # and run through them. These might check for the presence of
96	- # various libraries, in which case they are not built. To avoid
97	- # automagic dependencies, we just remove all the modules that we're
98	- # not interested in using.
99	-
100	- use ssl \|\| { rm -r src/modules/rlm_eap/types/rlm_eap_{tls,ttls,peap} \|\| die ; }
101	- use ldap \|\| { rm -r src/modules/rlm_ldap \|\| die ; }
102	- use kerberos \|\| { rm -r src/modules/rlm_krb5 \|\| die ; }
103	- use pam \|\| { rm -r src/modules/rlm_pam \|\| die ; }
104	- use python \|\| { rm -r src/modules/rlm_python \|\| die ; }
105	- # Do not install ruby rlm module, bug #483108
106	- rm -r src/modules/rlm_ruby \|\| die
107	-
108	- # these are all things we don't have in portage/I don't want to deal
109	- # with myself
110	- rm -r src/modules/rlm_eap/types/rlm_eap_tnc \|\| die # requires TNCS library
111	- rm -r src/modules/rlm_eap/types/rlm_eap_ikev2 \|\| die # requires libeap-ikev2
112	- rm -r src/modules/rlm_opendirectory \|\| die # requires some membership.h
113	- rm -r src/modules/rlm_redis{,who} \|\| die # requires redis
114	- rm -r src/modules/rlm_sql/drivers/rlm_sql_{db2,freetds} \|\| die
115	-
116	- # sql drivers that are not part of experimental are loaded from a
117	- # file, so we have to remove them from the file itself when we
118	- # remove them.
119	- usesqldriver() {
120	- local flag=$1
121	- local driver=rlm_sql_${2:-${flag}}
122	-
123	- if ! use ${flag}; then
124	- rm -r src/modules/rlm_sql/drivers/${driver} \|\| die
125	- sed -i -e /${driver}/d src/modules/rlm_sql/stable \|\| die
126	- fi
127	- }
128	-
129	- sed -i \
130	- -e 's:^#\tuser = :\tuser = :g' \
131	- -e 's:^#\tgroup = :\tgroup = :g' \
132	- -e 's:/var/run/radiusd:/run/radiusd:g' \
133	- -e '/^run_dir/s:${localstatedir}::g' \
134	- raddb/radiusd.conf.in \|\| die
135	-
136	- # verbosity
137	- # build shared libraries using jlibtool --shared
138	- sed -i \
139	- -e '/$(LIBTOOL)/s\|--quiet \|\|g' \
140	- -e 's:--mode=\(compile\\|link\):& --shared:g' \
141	- Make.inc.in \|\| die
142	-
143	- sed -i \
144	- -e 's\|--silent \|\|g' \
145	- -e 's:--mode=\(compile\\|link\):& --shared:g' \
146	- scripts/libtool.mk \|\| die
147	-
148	- # crude measure to stop jlibtool from running ranlib and ar
149	- sed -i \
150	- -e '/LIBRARIAN/s\|".*"\|"true"\|g' \
151	- -e '/RANLIB/s\|".*"\|"true"\|g' \
152	- scripts/jlibtool.c \|\| die
153	-
154	- usesqldriver mysql
155	- usesqldriver postgres postgresql
156	- usesqldriver firebird
157	- usesqldriver iodbc
158	- usesqldriver odbc unixodbc
159	- usesqldriver oracle
160	- usesqldriver sqlite
161	-
162	- default
163	-
164	- eautoreconf
165	-}
166	-
167	-src_configure() {
168	- # fix bug #77613
169	- local myeconfargs=()
170	- if has_version app-crypt/heimdal; then
171	- myeconfargs+=( --enable-heimdal-krb5 )
172	- fi
173	-
174	- use readline \|\| export ac_cv_lib_readline=no
175	- use pcap \|\| export ac_cv_lib_pcap_pcap_open_live=no
176	-
177	- # do not try to enable static with static-libs; upstream is a
178	- # massacre of libtool best practices so you also have to make sure
179	- # to --enable-shared explicitly.
180	- myeconfargs+=(
181	- --enable-shared
182	- --disable-static
183	- --disable-ltdl-install
184	- --with-system-libtool
185	- --with-system-libltdl
186	- --with-ascend-binary
187	- --with-udpfromto
188	- --with-dhcp
189	- --with-iodbc-include-dir=/usr/include/iodbc
190	- --with-experimental-modules
191	- --with-docdir=/usr/share/doc/${PF}
192	- --with-logdir=/var/log/radius
193	- $(use_enable debug developer)
194	- $(use_with ldap edir)
195	- $(use_with ssl openssl)
196	- )
197	- econf "${myeconfargs[@]}"
198	-}
199	-
200	-src_compile() {
201	- # verbose, do not generate certificates
202	- emake \
203	- Q='' ECHO=true \
204	- LOCAL_CERT_PRODUCTS=''
205	-}
206	-
207	-src_install() {
208	- dodir /etc
209	- diropts -m0750 -o root -g radius
210	- dodir /etc/raddb
211	- diropts -m0750 -o radius -g radius
212	- dodir /var/log/radius
213	- keepdir /var/log/radius/radacct
214	- diropts
215	-
216	- # verbose, do not install certificates
217	- # Parallel install fails (#509498)
218	- emake -j1 \
219	- Q='' ECHO=true \
220	- LOCAL_CERT_PRODUCTS='' \
221	- R="${D}" \
222	- install
223	-
224	- fowners -R root:radius /etc/raddb
225	-
226	- pamd_mimic_system radiusd auth account password session
227	-
228	- dodoc CREDITS
229	-
230	- rm "${D}/usr/sbin/rc.radiusd" \|\| die
231	-
232	- newinitd "${FILESDIR}/radius.init-r3" radiusd
233	- newconfd "${FILESDIR}/radius.conf-r4" radiusd
234	-
235	- systemd_newtmpfilesd "${FILESDIR}"/freeradius.tmpfiles freeradius.conf
236	- systemd_dounit "${FILESDIR}"/freeradius.service
237	-
238	- find "${ED}" \( -name ".a" -o -name ".la" \) -delete \|\| die
239	-}
240	-
241	-pkg_config() {
242	- if use ssl; then
243	- cd "${ROOT}"/etc/raddb/certs
244	- ./bootstrap
245	-
246	- chown -R root:radius "${ROOT}"/etc/raddb/certs
247	- fi
248	-}
249	-
250	-pkg_preinst() {
251	- if ! has_version ${CATEGORY}/${PN} && use ssl; then
252	- elog "You have to run \`emerge --config =${CATEGORY}/${PF}\` to be able"
253	- elog "to start the radiusd service."
254	- fi
255	-}

Gentoo Archives: gentoo-commits