Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-commits

From: Matt Turner <mattst88@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] repo/gentoo:master commit in: net-dialup/freeradius/files/, net-dialup/freeradius/
Date: Tue, 11 Feb 2020 19:13:43
Message-Id: 1581448393.2cc4267b345ed2589ecda8b7a35a0f68bff19bf8.mattst88@gentoo
1 commit: 2cc4267b345ed2589ecda8b7a35a0f68bff19bf8
2 Author: Daniele Rondina <geaaru <AT> gmail <DOT> com>
3 AuthorDate: Sun Feb 9 09:34:19 2020 +0000
4 Commit: Matt Turner <mattst88 <AT> gentoo <DOT> org>
5 CommitDate: Tue Feb 11 19:13:13 2020 +0000
6 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2cc4267b
7
8 net-dialup/freeradius: Bump v.3.0.20
9
10 Bug: https://bugs.gentoo.org/701822
11 Closes: https://bugs.gentoo.org/696458
12 Closes: https://bugs.gentoo.org/708970
13 Closes: https://github.com/gentoo/gentoo/pull/14488
14 Signed-off-by: Daniele Rondina <geaaru <AT> gmail.com>
15 Signed-off-by: Matt Turner <mattst88 <AT> gentoo.org>
16
17 net-dialup/freeradius/Manifest | 1 +
18 .../files/freeradius-3.0.20-py3-fixes.patch | 472 +++++++++++++++++++++
19 .../files/freeradius-3.0.20-systemd-service.patch | 57 +++
20 net-dialup/freeradius/freeradius-3.0.20.ebuild | 267 ++++++++++++
21 net-dialup/freeradius/metadata.xml | 3 +
22 5 files changed, 800 insertions(+)
23
24 diff --git a/net-dialup/freeradius/Manifest b/net-dialup/freeradius/Manifest
25 index c997772def9..9b65bbd2cbf 100644
26 --- a/net-dialup/freeradius/Manifest
27 +++ b/net-dialup/freeradius/Manifest
28 @@ -2,3 +2,4 @@ DIST freeradius-server-3.0.15.tar.gz 4818244 BLAKE2B 24cded2c4f0c6fc6a6135058c40
29 DIST freeradius-server-3.0.17.tar.gz 4843020 BLAKE2B 9e1f54a9f5ad8ede471881ffe4ec987c3ac655a3c39fcd920094760c006102be02f3b7f25b14379a0bac876ac0944e8698c2781bbd804cd22d8b915b6c13a693 SHA512 381222e452288c56a1bf68953be57379a5568f0c92de022abc3004cc6a15078d46535b867b31801de3eb096ba7af92e745e79decfa7cc8151a1ffb371b1aea79
30 DIST freeradius-server-3.0.18.tar.gz 4884192 BLAKE2B 21df490f5eba4e0eca42127181fa02a9451abf5fc2b0d7c5e6d0c5c287eda739585500a31f480dccc618c3bbb4096fbe9258c1b2d3a2047951abf85d68784862 SHA512 b81c40cd22170adb1126b9dde6dd84411dfafce33e27da6c4665cb4fc524aab854a7cd4c80757db50899604d7980aec7216e1c53b8184af482c7113692a26458
31 DIST freeradius-server-3.0.19.tar.gz 4886632 BLAKE2B 6e9b73eaa29344e4efca6ad19d8e86df8c625921441712b71cb54c2b0db78fc909748da42be837a9170fb6312be22f236956f0d2b169050a37ac8c4de143cc96 SHA512 8a914e2ad1fbeb4cf8c00aaf7eaa154ea17f70e4d58734716bfaf71b3ddef9f8f63a4d3217bdc07dfa776273e5bf090bc98f7bb16f5b565339ddc3b9c13e091f
32 +DIST freeradius-server-3.0.20.tar.gz 5002727 BLAKE2B f481ad22105694a4af3f0f0c1b4f6e395e8da0fe65274e32ebeed07e3c9b1869029e6ffbc655cfa41d5de2a1dcba54acee33a7a10d28bfbfce791b7ccd0fc57a SHA512 513ed0a5d9e6b9a8d89a9b02c86ff528a9ff14d928f4c1040ca44702465abd711588fe6afa35554cb2c8e8bd7f19dd5be3dbc78445c62c7b00bf5cbc4c621312
33
34 diff --git a/net-dialup/freeradius/files/freeradius-3.0.20-py3-fixes.patch b/net-dialup/freeradius/files/freeradius-3.0.20-py3-fixes.patch
35 new file mode 100644
36 index 00000000000..83dc20090ed
37 --- /dev/null
38 +++ b/net-dialup/freeradius/files/freeradius-3.0.20-py3-fixes.patch
39 @@ -0,0 +1,472 @@
40 +diff --git a/raddb/mods-available/python3 b/raddb/mods-available/python3
41 +index 246dfd74ce..0593c69f1a 100644
42 +--- a/raddb/mods-available/python3
43 ++++ b/raddb/mods-available/python3
44 +@@ -13,7 +13,7 @@ python3 {
45 + # item is GLOBAL TO THE SERVER. That is, you cannot have two
46 + # instances of the python module, each with a different path.
47 + #
48 +-# python_path="/path/to/python/files:/another_path/to/python_files/"
49 ++# python_path="${modconfdir}/${.:name}:/another_path/to/python_files"
50 +
51 + module = example
52 +
53 +diff --git a/src/modules/rlm_python3/configure.ac b/src/modules/rlm_python3/configure.ac
54 +index a00320fda4..295a2486d2 100644
55 +--- a/src/modules/rlm_python3/configure.ac
56 ++++ b/src/modules/rlm_python3/configure.ac
57 +@@ -8,128 +8,75 @@ if test x$with_[]modname != xno; then
58 + AC_PROG_CC
59 + AC_PROG_CPP
60 +
61 +- dnl extra argument: --with-rlm-python3-bin
62 +- PYTHON3_BIN=
63 +- AC_ARG_WITH(rlm-python3-bin,
64 +- [ --with-rlm-python3-bin=PATH Path to python3 binary []],
65 ++ dnl extra argument: --with-rlm-python3-config-bin
66 ++ PYTHON3_CONFIG_BIN=
67 ++ AC_ARG_WITH(rlm-python3-config-bin,
68 ++ [ --with-rlm-python3-config-bin=PATH Path to python-config3 binary []],
69 + [ case "$withval" in
70 + no)
71 +- AC_MSG_ERROR(Need rlm-python3-bin)
72 ++ AC_MSG_ERROR(Need rlm-python3-config-bin)
73 + ;;
74 + yes)
75 + ;;
76 + *)
77 +- PYTHON3_BIN="$withval"
78 ++ PYTHON3_CONFIG_BIN="$withval"
79 + ;;
80 + esac ]
81 + )
82 +
83 +- if test "x$PYTHON3_BIN" = x; then
84 +- AC_CHECK_PROGS(PYTHON3_BIN, [ python3 ], not-found, [${PATH}:/usr/bin:/usr/local/bin])
85 ++ if test "x$PYTHON3_CONFIG_BIN" = x; then
86 ++ AC_CHECK_PROGS(PYTHON3_CONFIG_BIN, [ python3-config ], not-found, [${PATH}:/usr/bin:/usr/local/bin])
87 + fi
88 +
89 +- if test "x$PYTHON3_BIN" = "xnot-found"; then
90 +- fail="python-binary"
91 +- fi
92 +-
93 +- dnl extra argument: --with-rlm-python3-lib-dir
94 +- PY_LIB_DIR=
95 +- AC_ARG_WITH(rlm-python3-lib-dir,
96 +- [ --with-rlm-python3-lib-dir=DIR Directory for Python library files []],
97 +- [ case "$withval" in
98 +- no)
99 +- AC_MSG_ERROR(Need rlm-python3-lib-dir)
100 +- ;;
101 +- yes)
102 +- ;;
103 +- *)
104 +- PY_LIB_DIR="$withval"
105 +- ;;
106 +- esac ]
107 +- )
108 +-
109 +- dnl extra argument: --with-rlm-python3-include-dir
110 +- PY_INC_DIR=
111 +- AC_ARG_WITH(rlm-python3-include-dir,
112 +- [ --with-rlm-python3-include-dir=DIR Directory for Python include files []],
113 +- [ case "$withval" in
114 +- no)
115 +- AC_MSG_ERROR(Need rlm-python3-include-dir)
116 +- ;;
117 +- yes)
118 +- ;;
119 +- *)
120 +- PY_INC_DIR="$withval"
121 +- ;;
122 +- esac ]
123 +- )
124 +-
125 +- if test x$fail = x; then
126 +- PY_PREFIX=`${PYTHON3_BIN} -c 'import sys ; print(sys.prefix)'`
127 +- AC_MSG_NOTICE([Python sys.prefix \"${PY_PREFIX}\"])
128 +-
129 +- PY_EXEC_PREFIX=`${PYTHON3_BIN} -c 'import sys ; print(sys.exec_prefix)'`
130 +- AC_MSG_NOTICE([Python sys.exec_prefix \"${PY_EXEC_PREFIX}\"])
131 +-
132 +- PY_SYS_VERSION=`${PYTHON3_BIN} -c 'import sys ; print(sys.version[[0:3]])'`
133 +- AC_MSG_NOTICE([Python sys.version \"${PY_SYS_VERSION}\"])
134 +-
135 +- if test "x$PY_LIB_DIR" = "x"; then
136 +- PY_LIB_DIR="$PY_EXEC_PREFIX/lib/python${PY_SYS_VERSION}/config"
137 +- PY_LIB_LOC="-L$PY_EXEC_PREFIX/lib/python${PY_SYS_VERSION}/config"
138 +- fi
139 +-
140 +- PY_MAKEFILE="$PY_EXEC_PREFIX/lib/python${PY_SYS_VERSION}/config/Makefile"
141 +- if test -f ${PY_MAKEFILE}; then
142 +- PY_LOCAL_MOD_LIBS=`sed -n -e 's/^LOCALMODLIBS=\(.*\)/\1/p' $PY_MAKEFILE | sed -e 's/[[[:blank:]]]/ /g;s/^ *//;s/ *$//'`
143 +- AC_MSG_NOTICE([Python local_mod_libs \"${PY_LOCAL_MOD_LIBS}\"])
144 +-
145 +- PY_BASE_MOD_LIBS=`sed -n -e 's/^BASEMODLIBS=\(.*\)/\1/p' $PY_MAKEFILE | sed -e 's/[[[:blank:]]]/ /g;s/^ *//;s/ *$//'`
146 +- AC_MSG_NOTICE([Python base_mod_libs \"${PY_BASE_MOD_LIBS}\"])
147 +-
148 +- PY_OTHER_LIBS=`sed -n -e 's/^LIBS=\(.*\)/\1/p' $PY_MAKEFILE | sed -e 's/[[[:blank:]]]/ /g;s/ / /g;s/^ *//;s/ *$//'`
149 +- PY_OTHER_LDFLAGS=`sed -n -e 's/^LINKFORSHARED=\(.*\)/\1/p' $PY_MAKEFILE | sed -e 's/[[[:blank:]]]/ /g;s/ / /g;s/^ *//;s/ *$//'`
150 +- AC_MSG_NOTICE([Python other_libs \"${PY_OTHER_LDFLAGS} ${PY_OTHER_LIBS}\"])
151 +- fi
152 +- PY_EXTRA_LIBS="$PY_LOCALMODLIBS $PY_BASE_MOD_LIBS $PY_OTHER_LIBS"
153 ++ if test "x$PYTHON3_CONFIG_BIN" = xnot-found; then
154 ++ fail="$fail python3-config"
155 ++ else
156 ++ dnl #
157 ++ dnl # It is necessary due to a weird behavior with 'python3-config'
158 ++ dnl #
159 ++ old_CFLAGS="$CFLAGS"
160 ++ unset CFLAGS
161 ++
162 ++ python3_cflags=`${PYTHON3_CONFIG_BIN} --cflags`
163 ++ AC_MSG_NOTICE([${PYTHON3_CONFIG_BIN}'s cflags were \"${python3_cflags}\"])
164 ++
165 ++ dnl # Convert -I to -isystem to get rid of warnings about issues in Python headers
166 ++ dnl # Strip -systemroot
167 ++ dnl # Strip optimisation flags (-O[0-9]?). We decide our optimisation level, not python.
168 ++ dnl # -D_FORTIFY_SOURCE needs -O.
169 ++ dnl # Strip debug symbol flags (-g[0-9]?). We decide on debugging symbols, not python
170 ++ dnl # Strip -W*, we decide what warnings are important
171 ++ dnl # Strip -DNDEBUG
172 ++ mod_cflags=`echo $python3_cflags | sed -e '\
173 ++ s/-I/-isystem/g;\
174 ++ s/-isysroot[[ =]]\{0,1\}[[^-]]*//g;\
175 ++ s/-O[[^[[:blank:]]]]*//g;\
176 ++ s/-Wp,-D_FORTIFY_SOURCE=[[[:digit:]]]//g;\
177 ++ s/-g[[^ ]]*//g;\
178 ++ s/-W[[^ ]]*//g;\
179 ++ s/-DNDEBUG[[[:blank:]]]*//g;
180 ++ '`
181 ++ AC_MSG_NOTICE([Sanitized cflags were \"${mod_cflags}\"])
182 ++
183 ++ python3_ldflags=`${PYTHON3_CONFIG_BIN} --ldflags`
184 ++ AC_MSG_NOTICE([${PYTHON3_CONFIG_BIN}'s ldflags were \"$python3_ldflags}\"])
185 ++
186 ++ dnl # Strip -Wl,-O1... Is -O even a valid linker flag??
187 ++ dnl # Strip -Wl,-Bsymbolic-functions as thats not always supported or required
188 ++ dnl # Strip -Xlinker -export-dynamic as it causes weird linking issues on Linux
189 ++ dnl # See: https://bugs.python.org/issue36508
190 ++ mod_ldflags=`echo $python3_ldflags | sed -e '\
191 ++ s/-Wl,-O[[[:digit:]]][[[:blank:]]]*//g;\
192 ++ s/-Wl,-Bsymbolic-functions[[[:blank:]]]*//g;\
193 ++ s/-Xlinker -export-dynamic//g;\
194 ++ s/-Wl,-stack_size,[[[:digit:]]]*[[[:blank:]]]//g;
195 ++ '`
196 ++ AC_MSG_NOTICE([Sanitized ldflags were \"${mod_ldflags}\"])
197 +
198 +- old_CFLAGS=$CFLAGS
199 +- CFLAGS="$CFLAGS $PY_CFLAGS"
200 +- smart_try_dir="$PY_PREFIX/include/python$PY_SYS_VERSION"
201 +- FR_SMART_CHECK_INCLUDE(Python.h)
202 + CFLAGS=$old_CFLAGS
203 +
204 +- if test "x$ac_cv_header_Python_h" = "xyes"; then
205 +- mod_cflags="$SMART_CPPFLAGS"
206 +- else
207 +- fail="$fail Python.h"
208 +- targetname=
209 +- fi
210 +-
211 +- old_LIBS=$LIBS
212 +- LIBS="$LIBS $PY_LIB_LOC $PY_EXTRA_LIBS -lm"
213 +- smart_try_dir=$PY_LIB_DIR
214 +- FR_SMART_CHECK_LIB(python${PY_SYS_VERSION}, Py_Initialize)
215 +- LIBS=$old_LIBS
216 +-
217 +- eval t=\${ac_cv_lib_${sm_lib_safe}_${sm_func_safe}}
218 +- if test "x$t" = "xyes"; then
219 +- mod_ldflags="$PY_LIB_LOC $PY_EXTRA_LIBS $SMART_LIBS -lm"
220 +- targetname=modname
221 +- else
222 +- FR_SMART_CHECK_LIB(python${PY_SYS_VERSION}m, Py_Initialize)
223 +- eval t=\${ac_cv_lib_${sm_lib_safe}_${sm_func_safe}}
224 +- if test "x$t" = "xyes"; then
225 +- mod_ldflags="$PY_LIB_LOC $PY_EXTRA_LIBS $SMART_LIBS -lm"
226 +- targetname=modname
227 +- else
228 +- targetname=
229 +- fail="$fail libpython$PY_SYS_VERSION"
230 +- fi
231 +- fi
232 ++ targetname="rlm_python3"
233 + fi
234 +-
235 +- AC_CHECK_FUNCS([dl_iterate_phdr])
236 + else
237 + targetname=
238 + echo \*\*\* module modname is disabled.
239 +diff --git a/src/modules/rlm_python3/rlm_python3.c b/src/modules/rlm_python3/rlm_python3.c
240 +index 06187e4ffa..8e893a0eaa 100644
241 +--- a/src/modules/rlm_python3/rlm_python3.c
242 ++++ b/src/modules/rlm_python3/rlm_python3.c
243 +@@ -67,8 +67,10 @@ static CONF_PARSER module_config[] = {
244 + A(preacct)
245 + A(accounting)
246 + A(checksimul)
247 ++#ifdef WITH_PROXY
248 + A(pre_proxy)
249 + A(post_proxy)
250 ++#endif
251 + A(post_auth)
252 + #ifdef WITH_COA
253 + A(recv_coa)
254 +@@ -98,7 +100,9 @@ static struct {
255 + A(L_AUTH)
256 + A(L_INFO)
257 + A(L_ERR)
258 ++#ifdef WITH_PROXY
259 + A(L_PROXY)
260 ++#endif
261 + A(L_ACCT)
262 + A(L_DBG_WARN)
263 + A(L_DBG_ERR)
264 +@@ -510,6 +514,7 @@ static rlm_rcode_t do_python_single(REQUEST *request, PyObject *pFunc, char cons
265 + goto finish;
266 + }
267 +
268 ++#ifdef WITH_PROXY
269 + /* fill proxy vps */
270 + if (request->proxy) {
271 + if (!mod_populate_vps(pArgs, 4, request->proxy->vps)) {
272 +@@ -517,10 +522,13 @@ static rlm_rcode_t do_python_single(REQUEST *request, PyObject *pFunc, char cons
273 + ret = RLM_MODULE_FAIL;
274 + goto finish;
275 + }
276 +- } else {
277 ++ } else
278 ++#endif
279 ++ {
280 + mod_populate_vps(pArgs, 4, NULL);
281 + }
282 +
283 ++#ifdef WITH_PROXY
284 + /* fill proxy_reply vps */
285 + if (request->proxy_reply) {
286 + if (!mod_populate_vps(pArgs, 5, request->proxy_reply->vps)) {
287 +@@ -528,7 +536,9 @@ static rlm_rcode_t do_python_single(REQUEST *request, PyObject *pFunc, char cons
288 + ret = RLM_MODULE_FAIL;
289 + goto finish;
290 + }
291 +- } else {
292 ++ } else
293 ++#endif
294 ++ {
295 + mod_populate_vps(pArgs, 5, NULL);
296 + }
297 +
298 +@@ -550,9 +560,14 @@ static rlm_rcode_t do_python_single(REQUEST *request, PyObject *pFunc, char cons
299 + PyDict_SetItemString(pDictInput, "request", PyTuple_GET_ITEM(pArgs, 0)) ||
300 + PyDict_SetItemString(pDictInput, "reply", PyTuple_GET_ITEM(pArgs, 1)) ||
301 + PyDict_SetItemString(pDictInput, "config", PyTuple_GET_ITEM(pArgs, 2)) ||
302 +- PyDict_SetItemString(pDictInput, "session-state", PyTuple_GET_ITEM(pArgs, 3)) ||
303 ++ PyDict_SetItemString(pDictInput, "session-state", PyTuple_GET_ITEM(pArgs, 3))
304 ++#ifdef WITH_PROXY
305 ++ ||
306 + PyDict_SetItemString(pDictInput, "proxy-request", PyTuple_GET_ITEM(pArgs, 4)) ||
307 +- PyDict_SetItemString(pDictInput, "proxy-reply", PyTuple_GET_ITEM(pArgs, 5))) {
308 ++ PyDict_SetItemString(pDictInput, "proxy-reply", PyTuple_GET_ITEM(pArgs, 5))
309 ++#endif
310 ++ ) {
311 ++
312 + ERROR("%s:%d, %s - PyDict_SetItemString failed", __func__, __LINE__, funcname);
313 + ret = RLM_MODULE_FAIL;
314 + goto finish;
315 +@@ -819,8 +834,10 @@ MOD_FUNC(authorize)
316 + MOD_FUNC(preacct)
317 + MOD_FUNC(accounting)
318 + MOD_FUNC(checksimul)
319 ++#ifdef WITH_PROXY
320 + MOD_FUNC(pre_proxy)
321 + MOD_FUNC(post_proxy)
322 ++#endif
323 + MOD_FUNC(post_auth)
324 + #ifdef WITH_COA
325 + MOD_FUNC(recv_coa)
326 +@@ -1102,7 +1119,7 @@ static int python_interpreter_init(rlm_python_t *inst, CONF_SECTION *conf)
327 + python_dlhandle = dlopen_libpython(RTLD_NOW | RTLD_GLOBAL);
328 + if (!python_dlhandle) WARN("Failed loading libpython symbols into global symbol table");
329 +
330 +-#if PY_VERSION_HEX > 0x03050000
331 ++#if PY_VERSION_HEX >= 0x03050000
332 + {
333 + wchar_t *name;
334 +
335 +@@ -1110,13 +1127,6 @@ static int python_interpreter_init(rlm_python_t *inst, CONF_SECTION *conf)
336 + Py_SetProgramName(name); /* The value of argv[0] as a wide char string */
337 + PyMem_RawFree(name);
338 + }
339 +-#elif PY_VERSION_HEX > 0x0300000
340 +- {
341 +- wchar_t *name;
342 +-
343 +- MEM(name = _Py_char2wchar(main_config.name, NULL));
344 +- Py_SetProgramName(inst->wide_name); /* The value of argv[0] as a wide char string */
345 +- }
346 + #else
347 + {
348 + char *name;
349 +@@ -1163,37 +1173,34 @@ static int python_interpreter_init(rlm_python_t *inst, CONF_SECTION *conf)
350 + * the lifetime of the module.
351 + */
352 + if (inst->python_path) {
353 ++ char *p, *path;
354 ++ PyObject *sys = PyImport_ImportModule("sys");
355 ++ PyObject *sys_path = PyObject_GetAttrString(sys, "path");
356 ++
357 ++ memcpy(&p, &inst->python_path, sizeof(path));
358 ++
359 ++ for (path = strtok(p, ":"); path != NULL; path = strtok(NULL, ":")) {
360 + #if PY_VERSION_HEX > 0x03050000
361 +- {
362 +- wchar_t *path;
363 +- PyObject* sys = PyImport_ImportModule("sys");
364 +- PyObject* sys_path = PyObject_GetAttrString(sys,"path");
365 +-
366 +- MEM(path = Py_DecodeLocale(inst->python_path, NULL));
367 +- PyList_Append(sys_path, PyUnicode_FromWideChar(path,-1));
368 +- PyObject_SetAttrString(sys,"path",sys_path);
369 +- PyMem_RawFree(path);
370 +- }
371 ++ wchar_t *py_path;
372 ++
373 ++ MEM(py_path = Py_DecodeLocale(path, NULL));
374 ++ PyList_Append(sys_path, PyUnicode_FromWideChar(py_path, -1));
375 ++ PyMem_RawFree(py_path);
376 + #elif PY_VERSION_HEX > 0x03000000
377 +- {
378 +- wchar_t *path;
379 +- PyObject* sys = PyImport_ImportModule("sys");
380 +- PyObject* sys_path = PyObject_GetAttrString(sys,"path");
381 +-
382 +- MEM(path = _Py_char2wchar(inst->python_path, NULL));
383 +- PyList_Append(sys_path, PyUnicode_FromWideChar(path,-1));
384 +- PyObject_SetAttrString(sys,"path",sys_path);
385 +- }
386 +-#else
387 +- {
388 +- char *path;
389 ++ wchar_t *py_path;
390 +
391 +- memcpy(&path, &inst->python_path, sizeof(path));
392 +- Py_SetPath(path);
393 +- }
394 ++ MEM(py_path = _Py_char2wchar(path, NULL));
395 ++ PyList_Append(sys_path, PyUnicode_FromWideChar(py_path, -1));
396 ++ PyMem_RawFree(py_path);
397 ++#else
398 ++ PyList_Append(sys_path, PyLong_FromString(path));
399 + #endif
400 +- }
401 ++ }
402 +
403 ++ PyObject_SetAttrString(sys, "path", sys_path);
404 ++ Py_DecRef(sys);
405 ++ Py_DecRef(sys_path);
406 ++ }
407 + } else {
408 + inst->module = main_module;
409 + Py_IncRef(inst->module);
410 +@@ -1220,7 +1227,7 @@ static int python_interpreter_init(rlm_python_t *inst, CONF_SECTION *conf)
411 + static int mod_instantiate(CONF_SECTION *conf, void *instance)
412 + {
413 + rlm_python_t *inst = instance;
414 +- int code = 0;
415 ++ int code = RLM_MODULE_OK;
416 +
417 + inst->name = cf_section_name2(conf);
418 + if (!inst->name) inst->name = cf_section_name1(conf);
419 +@@ -1245,8 +1252,10 @@ static int mod_instantiate(CONF_SECTION *conf, void *instance)
420 + PYTHON_FUNC_LOAD(preacct);
421 + PYTHON_FUNC_LOAD(accounting);
422 + PYTHON_FUNC_LOAD(checksimul);
423 ++#ifdef WITH_PROXY
424 + PYTHON_FUNC_LOAD(pre_proxy);
425 + PYTHON_FUNC_LOAD(post_proxy);
426 ++#endif
427 + PYTHON_FUNC_LOAD(post_auth);
428 + #ifdef WITH_COA
429 + PYTHON_FUNC_LOAD(recv_coa);
430 +@@ -1257,12 +1266,14 @@ static int mod_instantiate(CONF_SECTION *conf, void *instance)
431 + /*
432 + * Call the instantiate function.
433 + */
434 +- code = do_python_single(NULL, inst->instantiate.function, "instantiate", inst->pass_all_vps, inst->pass_all_vps_dict);
435 +- if (code < 0) {
436 +- error:
437 +- python_error_log(); /* Needs valid thread with GIL */
438 +- PyEval_SaveThread();
439 +- return -1;
440 ++ if (inst->instantiate.function) {
441 ++ code = do_python_single(NULL, inst->instantiate.function, "instantiate", inst->pass_all_vps, inst->pass_all_vps_dict);
442 ++ if (code < 0) {
443 ++ error:
444 ++ python_error_log(); /* Needs valid thread with GIL */
445 ++ PyEval_SaveThread();
446 ++ return -1;
447 ++ }
448 + }
449 + PyEval_SaveThread();
450 +
451 +@@ -1272,22 +1283,31 @@ static int mod_instantiate(CONF_SECTION *conf, void *instance)
452 + static int mod_detach(void *instance)
453 + {
454 + rlm_python_t *inst = instance;
455 +- int ret;
456 ++ int ret = RLM_MODULE_OK;
457 +
458 + /*
459 + * Call module destructor
460 + */
461 + PyEval_RestoreThread(inst->sub_interpreter);
462 +
463 +- ret = do_python_single(NULL, inst->detach.function, "detach", inst->pass_all_vps, inst->pass_all_vps_dict);
464 ++ if (inst->detach.function) ret = do_python_single(NULL, inst->detach.function, "detach", inst->pass_all_vps, inst->pass_all_vps_dict);
465 +
466 + #define PYTHON_FUNC_DESTROY(_x) python_function_destroy(&inst->_x)
467 + PYTHON_FUNC_DESTROY(instantiate);
468 +- PYTHON_FUNC_DESTROY(authorize);
469 + PYTHON_FUNC_DESTROY(authenticate);
470 ++ PYTHON_FUNC_DESTROY(authorize);
471 + PYTHON_FUNC_DESTROY(preacct);
472 + PYTHON_FUNC_DESTROY(accounting);
473 + PYTHON_FUNC_DESTROY(checksimul);
474 ++#ifdef WITH_PROXY
475 ++ PYTHON_FUNC_DESTROY(pre_proxy);
476 ++ PYTHON_FUNC_DESTROY(post_proxy);
477 ++#endif
478 ++ PYTHON_FUNC_DESTROY(post_auth);
479 ++#ifdef WITH_COA
480 ++ PYTHON_FUNC_DESTROY(recv_coa);
481 ++ PYTHON_FUNC_DESTROY(send_coa);
482 ++#endif
483 + PYTHON_FUNC_DESTROY(detach);
484 +
485 + Py_DecRef(inst->pythonconf_dict);
486 +@@ -1313,14 +1333,8 @@ static int mod_detach(void *instance)
487 + PyThreadState_Swap(main_interpreter); /* Swap to the main thread */
488 + Py_Finalize();
489 + dlclose(python_dlhandle);
490 +-
491 +-#if PY_VERSION_HEX > 0x03050000
492 +- //if (inst->wide_name) PyMem_RawFree(inst->wide_name);
493 +- //if (inst->wide_path) PyMem_RawFree(inst->wide_path);
494 +-#endif
495 + }
496 +
497 +-
498 + return ret;
499 + }
500 +
501 +@@ -1348,8 +1362,10 @@ module_t rlm_python3 = {
502 + [MOD_PREACCT] = mod_preacct,
503 + [MOD_ACCOUNTING] = mod_accounting,
504 + [MOD_SESSION] = mod_checksimul,
505 ++#ifdef WITH_PROXY
506 + [MOD_PRE_PROXY] = mod_pre_proxy,
507 + [MOD_POST_PROXY] = mod_post_proxy,
508 ++#endif
509 + [MOD_POST_AUTH] = mod_post_auth,
510 + #ifdef WITH_COA
511 + [MOD_RECV_COA] = mod_recv_coa,
512
513 diff --git a/net-dialup/freeradius/files/freeradius-3.0.20-systemd-service.patch b/net-dialup/freeradius/files/freeradius-3.0.20-systemd-service.patch
514 new file mode 100644
515 index 00000000000..04223657d5f
516 --- /dev/null
517 +++ b/net-dialup/freeradius/files/freeradius-3.0.20-systemd-service.patch
518 @@ -0,0 +1,57 @@
519 +diff --git a/debian/freeradius.service b/debian/freeradius.service
520 +index 378702d184..ee33c2a294 100644
521 +--- a/debian/freeradius.service
522 ++++ b/debian/freeradius.service
523 +@@ -7,7 +7,6 @@ Documentation=man:radiusd(8) man:radiusd.conf(5) http://wiki.freeradius.org/ htt
524 + Type=notify
525 + WatchdogSec=60
526 + NotifyAccess=all
527 +-EnvironmentFile=-/etc/default/freeradius
528 +
529 + # FreeRADIUS can do static evaluation of policy language rules based
530 + # on environmental variables which is very useful for doing per-host
531 +@@ -25,16 +24,15 @@ MemoryLimit=2G
532 + # Ensure the daemon can still write its pidfile after it drops
533 + # privileges. Combination of options that work on a variety of
534 + # systems. Test very carefully if you alter these lines.
535 +-RuntimeDirectory=freeradius
536 ++RuntimeDirectory=radiusd
537 + RuntimeDirectoryMode=0775
538 + # This does not work on Debian Jessie:
539 +-User=freerad
540 +-Group=freerad
541 +-# This does not work on Ubuntu Bionic:
542 +-ExecStartPre=/bin/chown freerad:freerad /var/run/freeradius
543 ++User=radius
544 ++Group=radius
545 +
546 +-ExecStartPre=/usr/sbin/freeradius $FREERADIUS_OPTIONS -Cx -lstdout
547 +-ExecStart=/usr/sbin/freeradius -f $FREERADIUS_OPTIONS
548 ++ExecStartPre=/usr/sbin/radiusd $RADIUSD_OPTIONS -Cx -lstdout
549 ++ExecStart=/usr/sbin/radiusd -f $RADIUSD_OPTIONS
550 ++ExecReload=/bin/kill -HUP $MAINPID
551 + Restart=on-failure
552 + RestartSec=5
553 +
554 +@@ -42,7 +40,7 @@ RestartSec=5
555 + NoNewPrivileges=true
556 +
557 + # Allow binding to secure ports, broadcast addresses, and raw interfaces.
558 +-#CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET_RAW CAP_SETUID CAP_SETGID CAP_CHOWN CAP_DAC_OVERRIDE
559 ++CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET_RAW CAP_SETUID CAP_SETGID CAP_CHOWN CAP_DAC_OVERRIDE
560 +
561 + # Private /tmp that isn't shared by other processes
562 + PrivateTmp=true
563 +@@ -60,10 +58,10 @@ ProtectKernelTunables=true
564 + SystemCallArchitectures=native
565 +
566 + # We shouldn't be writing to the configuration directory
567 +-ReadOnlyDirectories=/etc/freeradius/
568 ++ReadOnlyDirectories=/etc/raddb/
569 +
570 + # We can read and write to the log directory.
571 +-ReadWriteDirectories=/var/log/freeradius/
572 ++ReadWriteDirectories=/var/log/radius/
573 +
574 + [Install]
575 + WantedBy=multi-user.target
576
577 diff --git a/net-dialup/freeradius/freeradius-3.0.20.ebuild b/net-dialup/freeradius/freeradius-3.0.20.ebuild
578 new file mode 100644
579 index 00000000000..533b388bf6c
580 --- /dev/null
581 +++ b/net-dialup/freeradius/freeradius-3.0.20.ebuild
582 @@ -0,0 +1,267 @@
583 +# Copyright 1999-2020 Gentoo Authors
584 +# Distributed under the terms of the GNU General Public License v2
585 +
586 +EAPI=7
587 +
588 +PYTHON_COMPAT=( python3_{6,7,8} )
589 +inherit autotools pam python-single-r1 systemd
590 +
591 +MY_P="${PN}-server-${PV}"
592 +
593 +DESCRIPTION="Highly configurable free RADIUS server"
594 +SRC_URI="
595 + ftp://ftp.freeradius.org/pub/radius/${MY_P}.tar.gz
596 + ftp://ftp.freeradius.org/pub/radius/old/${MY_P}.tar.gz
597 +"
598 +HOMEPAGE="http://www.freeradius.org/"
599 +
600 +KEYWORDS="~amd64 ~arm ~arm64 ~ppc ~ppc64 ~sparc ~x86"
601 +LICENSE="GPL-2"
602 +SLOT="0"
603 +
604 +IUSE="
605 + debug firebird iodbc kerberos ldap libressl memcached mysql mongodb odbc oracle pam
606 + pcap postgres python readline redis rest samba sqlite ssl systemd
607 +"
608 +RESTRICT="test firebird? ( bindist )"
609 +
610 +# NOTE: Temporary freeradius doesn't support linking with mariadb client
611 +# libs also if code is compliant, will be available in the next release.
612 +# (http://lists.freeradius.org/pipermail/freeradius-devel/2018-October/013228.html)a
613 +
614 +# TODO: rlm_mschap works with both samba library or without. I need to avoid
615 +# linking of samba library if -samba is used.
616 +RDEPEND="acct-group/radius
617 + acct-user/radius
618 + !net-dialup/cistronradius
619 + dev-lang/perl:=
620 + sys-libs/gdbm:=
621 + sys-libs/talloc
622 + firebird? ( dev-db/firebird )
623 + iodbc? ( dev-db/libiodbc )
624 + kerberos? ( virtual/krb5 )
625 + ldap? ( net-nds/openldap )
626 + memcached? ( dev-libs/libmemcached )
627 + mysql? ( dev-db/mysql-connector-c )
628 + mongodb? ( >=dev-libs/mongo-c-driver-1.13.0-r1 )
629 + odbc? ( dev-db/unixODBC )
630 + oracle? ( dev-db/oracle-instantclient-basic )
631 + pam? ( sys-libs/pam )
632 + pcap? ( net-libs/libpcap )
633 + postgres? ( dev-db/postgresql:= )
634 + python? ( ${PYTHON_DEPS} )
635 + readline? ( sys-libs/readline:0= )
636 + redis? ( dev-libs/hiredis:= )
637 + rest? ( dev-libs/json-c:= )
638 + samba? ( net-fs/samba )
639 + sqlite? ( dev-db/sqlite:3 )
640 + ssl? (
641 + !libressl? ( dev-libs/openssl:0=[-bindist] )
642 + libressl? ( dev-libs/libressl:0= )
643 + )
644 + systemd? ( sys-apps/systemd )"
645 +DEPEND="${RDEPEND}"
646 +
647 +REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )"
648 +
649 +S="${WORKDIR}/${MY_P}"
650 +
651 +PATCHES=(
652 + "${FILESDIR}"/${PN}-3.0.18-libressl.patch
653 + "${FILESDIR}"/${P}-systemd-service.patch
654 + # Fix rlm_python3 build
655 + # Backport from rlm_python changes to rlm_python3
656 + "${FILESDIR}"/${P}-py3-fixes.patch
657 +)
658 +
659 +pkg_setup() {
660 + if use python ; then
661 + python-single-r1_pkg_setup
662 + export PYTHONBIN="${EPYTHON}"
663 + fi
664 +}
665 +
666 +src_prepare() {
667 + # most of the configuration options do not appear as ./configure
668 + # switches. Instead it identifies the directories that are available
669 + # and run through them. These might check for the presence of
670 + # various libraries, in which case they are not built. To avoid
671 + # automagic dependencies, we just remove all the modules that we're
672 + # not interested in using.
673 +
674 + eapply_user
675 +
676 + use ssl || { rm -r src/modules/rlm_eap/types/rlm_eap_{tls,ttls,peap} || die ; }
677 + use ldap || { rm -r src/modules/rlm_ldap || die ; }
678 + use kerberos || { rm -r src/modules/rlm_krb5 || die ; }
679 + use memcached || { rm -r src/modules/rlm_cache/drivers/rlm_cache_memcached || die ; }
680 + use pam || { rm -r src/modules/rlm_pam || die ; }
681 + # Drop support of python2
682 + rm -r src/modules/rlm_python || die
683 + use python || { rm -r src/modules/rlm_python3 || die ; }
684 + use rest || { rm -r src/modules/rlm_rest || die ; }
685 + use redis || { rm -r src/modules/rlm_redis{,who} || die ; }
686 + # Do not install ruby rlm module, bug #483108
687 + rm -r src/modules/rlm_ruby || die
688 +
689 + # these are all things we don't have in portage/I don't want to deal
690 + # with myself
691 + rm -r src/modules/rlm_eap/types/rlm_eap_tnc || die # requires TNCS library
692 + rm -r src/modules/rlm_eap/types/rlm_eap_ikev2 || die # requires libeap-ikev2
693 + rm -r src/modules/rlm_opendirectory || die # requires some membership.h
694 + rm -r src/modules/rlm_sql/drivers/rlm_sql_{db2,freetds} || die
695 +
696 + # sql drivers that are not part of experimental are loaded from a
697 + # file, so we have to remove them from the file itself when we
698 + # remove them.
699 + usesqldriver() {
700 + local flag=$1
701 + local driver=rlm_sql_${2:-${flag}}
702 +
703 + if ! use ${flag}; then
704 + rm -r src/modules/rlm_sql/drivers/${driver} || die
705 + sed -i -e /${driver}/d src/modules/rlm_sql/stable || die
706 + fi
707 + }
708 +
709 + sed -i \
710 + -e 's:^#\tuser = :\tuser = :g' \
711 + -e 's:^#\tgroup = :\tgroup = :g' \
712 + -e 's:/var/run/radiusd:/run/radiusd:g' \
713 + -e '/^run_dir/s:${localstatedir}::g' \
714 + raddb/radiusd.conf.in || die
715 +
716 + # verbosity
717 + # build shared libraries using jlibtool --shared
718 + sed -i \
719 + -e '/$(LIBTOOL)/s|--quiet ||g' \
720 + -e 's:--mode=\(compile\|link\):& --shared:g' \
721 + Make.inc.in || die
722 +
723 + sed -i \
724 + -e 's|--silent ||g' \
725 + -e 's:--mode=\(compile\|link\):& --shared:g' \
726 + scripts/libtool.mk || die
727 +
728 + # crude measure to stop jlibtool from running ranlib and ar
729 + sed -i \
730 + -e '/LIBRARIAN/s|".*"|"true"|g' \
731 + -e '/RANLIB/s|".*"|"true"|g' \
732 + scripts/jlibtool.c || die
733 +
734 + usesqldriver mysql
735 + usesqldriver postgres postgresql
736 + usesqldriver firebird
737 + usesqldriver iodbc
738 + usesqldriver odbc unixodbc
739 + usesqldriver oracle
740 + usesqldriver sqlite
741 + usesqldriver mongodb mongo
742 +
743 + default
744 +
745 + eautoreconf
746 +}
747 +
748 +src_configure() {
749 + # do not try to enable static with static-libs; upstream is a
750 + # massacre of libtool best practices so you also have to make sure
751 + # to --enable-shared explicitly.
752 + local myeconfargs=(
753 + --enable-shared
754 + --disable-static
755 + --disable-ltdl-install
756 + --with-system-libtool
757 + --with-system-libltdl
758 + --with-ascend-binary
759 + --with-udpfromto
760 + --with-dhcp
761 + --with-iodbc-include-dir=/usr/include/iodbc
762 + --with-experimental-modules
763 + --with-docdir=/usr/share/doc/${PF}
764 + --with-logdir=/var/log/radius
765 + $(use_enable debug developer)
766 + $(use_with ldap edir)
767 + $(use_with ssl openssl)
768 + $(use_with systemd systemd)
769 + )
770 + # fix bug #77613
771 + if has_version app-crypt/heimdal; then
772 + myeconfargs+=( --enable-heimdal-krb5 )
773 + fi
774 +
775 + if use python ; then
776 + myeconfargs+=(
777 + --with-rlm-python3-bin=${EPYTHON}
778 + --with-rlm-python3-config-bin=${EPYTHON}-config
779 + )
780 + fi
781 +
782 + use readline || export ac_cv_lib_readline=no
783 + use pcap || export ac_cv_lib_pcap_pcap_open_live=no
784 +
785 + econf "${myeconfargs[@]}"
786 +}
787 +
788 +src_compile() {
789 + # verbose, do not generate certificates
790 + emake \
791 + Q='' ECHO=true \
792 + LOCAL_CERT_PRODUCTS=''
793 +}
794 +
795 +src_install() {
796 + dodir /etc
797 + diropts -m0750 -o root -g radius
798 + dodir /etc/raddb
799 + diropts -m0750 -o radius -g radius
800 + dodir /var/log/radius
801 + keepdir /var/log/radius/radacct
802 + diropts
803 +
804 + # verbose, do not install certificates
805 + # Parallel install fails (#509498)
806 + emake -j1 \
807 + Q='' ECHO=true \
808 + LOCAL_CERT_PRODUCTS='' \
809 + R="${D}" \
810 + install
811 +
812 + pamd_mimic_system radiusd auth account password session
813 +
814 + dodoc CREDITS
815 +
816 + rm "${ED}/usr/sbin/rc.radiusd" || die
817 +
818 + newinitd "${FILESDIR}/radius.init-r3" radiusd
819 + newconfd "${FILESDIR}/radius.conf-r4" radiusd
820 +
821 + if ! use systemd ; then
822 + # If systemd builtin is not enabled we need use Type=Simple
823 + # as systemd .service
824 + sed -i -e 's:^Type=.*::g' \
825 + -e 's:^WatchdogSec=.*::g' -e 's:^NotifyAccess=all.*::g' \
826 + "${S}"/debian/freeradius.service
827 + fi
828 + systemd_newtmpfilesd "${FILESDIR}"/freeradius.tmpfiles freeradius.conf
829 + systemd_dounit "${S}"/debian/freeradius.service
830 +
831 + find "${ED}" \( -name "*.a" -o -name "*.la" \) -delete || die
832 +}
833 +
834 +pkg_config() {
835 + if use ssl; then
836 + cd "${ROOT}"/etc/raddb/certs || die
837 + ./bootstrap || die "Error while running ./bootstrap script."
838 + fowners root:radius "${ROOT}"/etc/raddb/certs
839 + fowners root:radius "${ROOT}"/etc/raddb/certs/ca.pem
840 + fowners root:radius "${ROOT}"/etc/raddb/certs/server.{key,crt,pem}
841 + fi
842 +}
843 +
844 +pkg_preinst() {
845 + if ! has_version ${CATEGORY}/${PN} && use ssl; then
846 + elog "You have to run \`emerge --config =${CATEGORY}/${PF}\` to be able"
847 + elog "to start the radiusd service."
848 + fi
849 +}
850
851 diff --git a/net-dialup/freeradius/metadata.xml b/net-dialup/freeradius/metadata.xml
852 index 0f82cd9f9ed..6d8b1cc6623 100644
853 --- a/net-dialup/freeradius/metadata.xml
854 +++ b/net-dialup/freeradius/metadata.xml
855 @@ -22,5 +22,8 @@
856 <flag name="redis">
857 Include support for Redis database
858 </flag>
859 + <flag name="mongodb">
860 + Include support for MongoDB database
861 + </flag>
862 </use>
863 </pkgmetadata>
Report Message
Find on MARC Find on Google Groups