commit: a50726125d40c90f6a65462e7d04506af800f121 Author: orbea <orbea <AT> riseup <DOT> net> AuthorDate: Fri May 6 21:50:22 2022 +0000 Commit: Quentin Retornaz <gentoo <AT> retornaz <DOT> com> CommitDate: Sat May 7 01:31:21 2022 +0000 URL: https://gitweb.gentoo.org/repo/proj/libressl.git/commit/?id=a5072612
net-dialup/freeradius: Remove old version Signed-off-by: orbea <orbea <AT> riseup.net> Closes: https://github.com/gentoo/libressl/pull/405 Signed-off-by: Quentin Retornaz <gentoo <AT> retornaz.com> net-dialup/freeradius/Manifest | 1 - .../files/freeradius-3.0.18-libressl.patch | 63 --- .../files/freeradius-3.0.20-py3-fixes.patch | 472 --------------------- net-dialup/freeradius/files/radius.conf-r4 | 16 - net-dialup/freeradius/files/radius.init-r3 | 31 -- net-dialup/freeradius/freeradius-3.0.20-r1.ebuild | 267 ------------ 6 files changed, 850 deletions(-) diff --git a/net-dialup/freeradius/Manifest b/net-dialup/freeradius/Manifest index 849cc39..9237577 100644 --- a/net-dialup/freeradius/Manifest +++ b/net-dialup/freeradius/Manifest @@ -1,2 +1 @@ DIST freeradius-3.0.25.tar.gz 5300245 BLAKE2B bf8908aa7bfabb9e15fa841457f176a4f2697bdec7994485516ef338908b46f2168260b7acf1a7120a687e543f0381bb787567bb4d564b9d14a3eb464a0e9ed6 SHA512 13382a53e6a1a4495c6f53e662ce21b80d73b6134a72f099f05495b64c56ae1a6c1cd1281311f1c3695d8532207fe5bd3d2026ed2c45f3cb5adb1011f1505ee7 -DIST freeradius-server-3.0.20.tar.gz 5002727 BLAKE2B f481ad22105694a4af3f0f0c1b4f6e395e8da0fe65274e32ebeed07e3c9b1869029e6ffbc655cfa41d5de2a1dcba54acee33a7a10d28bfbfce791b7ccd0fc57a SHA512 513ed0a5d9e6b9a8d89a9b02c86ff528a9ff14d928f4c1040ca44702465abd711588fe6afa35554cb2c8e8bd7f19dd5be3dbc78445c62c7b00bf5cbc4c621312 diff --git a/net-dialup/freeradius/files/freeradius-3.0.18-libressl.patch b/net-dialup/freeradius/files/freeradius-3.0.18-libressl.patch deleted file mode 100644 index 129e251..0000000 --- a/net-dialup/freeradius/files/freeradius-3.0.18-libressl.patch +++ /dev/null @@ -1,63 +0,0 @@ -From 39e4ac0cf8d415b41dc2ff1fc329de0522b135ca Mon Sep 17 00:00:00 2001 -From: Stefan Strogin <stefan.stro...@gmail.com> -Date: Wed, 24 Apr 2019 09:16:12 +0300 -Subject: [PATCH] Fix build to LibreSSL - -Upstream-Status: Inappropriate -[https://github.com/FreeRADIUS/freeradius-server/commit/9652affe38f41ba2484e013cf9d2c0bcb8c80d67] -Signed-off-by: Stefan Strogin <stefan.stro...@gmail.com> ---- - src/main/tls.c | 9 ++++++--- - src/modules/rlm_eap/types/rlm_eap_fast/eap_fast.c | 3 ++- - 2 files changed, 8 insertions(+), 4 deletions(-) - -diff --git a/src/main/tls.c b/src/main/tls.c -index 9726953234..840724bf61 100644 ---- a/src/main/tls.c -+++ b/src/main/tls.c -@@ -1579,7 +1579,8 @@ done: - return 0; - } - --#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) -+#if OPENSSL_VERSION_NUMBER < 0x10100000L || \ -+ (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x2090100fL) - static SSL_SESSION *cbtls_get_session(SSL *ssl, unsigned char *data, int len, int *copy) - #else - static SSL_SESSION *cbtls_get_session(SSL *ssl, const unsigned char *data, int len, int *copy) -@@ -3379,14 +3380,16 @@ post_ca: - */ - SSL_CTX_sess_set_cache_size(ctx, conf->session_cache_size); - --#if OPENSSL_VERSION_NUMBER >= 0x10101000L -+/* Not implemented in LibreSSL 2.9.1 */ -+#if OPENSSL_VERSION_NUMBER >= 0x10101000L && !defined(LIBRESSL_VERSION_NUMBER) - SSL_CTX_set_num_tickets(ctx, 1); - #endif - - } else { - SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF); - --#if OPENSSL_VERSION_NUMBER >= 0x10101000L -+/* Not implemented in LibreSSL 2.9.1 */ -+#if OPENSSL_VERSION_NUMBER >= 0x10101000L && !defined(LIBRESSL_VERSION_NUMBER) - /* - * This controls the number of stateful or stateless tickets - * generated with TLS 1.3. In OpenSSL 1.1.1 it's also -diff --git a/src/modules/rlm_eap/types/rlm_eap_fast/eap_fast.c b/src/modules/rlm_eap/types/rlm_eap_fast/eap_fast.c -index fa9c58f3c3..a53341fc20 100644 ---- a/src/modules/rlm_eap/types/rlm_eap_fast/eap_fast.c -+++ b/src/modules/rlm_eap/types/rlm_eap_fast/eap_fast.c -@@ -44,7 +44,8 @@ static int openssl_get_keyblock_size(REQUEST *request, SSL *ssl) - { - const EVP_CIPHER *c; - const EVP_MD *h; --#if OPENSSL_VERSION_NUMBER < 0x10100000L || defined(LIBRESSL_VERSION_NUMBER) -+#if OPENSSL_VERSION_NUMBER < 0x10100000L || \ -+ (defined(LIBRESSL_VERSION_NUMBER) && LIBRESSL_VERSION_NUMBER < 0x2090100fL) - int md_size; - - if (ssl->enc_read_ctx == NULL || ssl->enc_read_ctx->cipher == NULL || --- -2.21.0 - diff --git a/net-dialup/freeradius/files/freeradius-3.0.20-py3-fixes.patch b/net-dialup/freeradius/files/freeradius-3.0.20-py3-fixes.patch deleted file mode 100644 index 83dc200..0000000 --- a/net-dialup/freeradius/files/freeradius-3.0.20-py3-fixes.patch +++ /dev/null @@ -1,472 +0,0 @@ -diff --git a/raddb/mods-available/python3 b/raddb/mods-available/python3 -index 246dfd74ce..0593c69f1a 100644 ---- a/raddb/mods-available/python3 -+++ b/raddb/mods-available/python3 -@@ -13,7 +13,7 @@ python3 { - # item is GLOBAL TO THE SERVER. That is, you cannot have two - # instances of the python module, each with a different path. - # --# python_path="/path/to/python/files:/another_path/to/python_files/" -+# python_path="${modconfdir}/${.:name}:/another_path/to/python_files" - - module = example - -diff --git a/src/modules/rlm_python3/configure.ac b/src/modules/rlm_python3/configure.ac -index a00320fda4..295a2486d2 100644 ---- a/src/modules/rlm_python3/configure.ac -+++ b/src/modules/rlm_python3/configure.ac -@@ -8,128 +8,75 @@ if test x$with_[]modname != xno; then - AC_PROG_CC - AC_PROG_CPP - -- dnl extra argument: --with-rlm-python3-bin -- PYTHON3_BIN= -- AC_ARG_WITH(rlm-python3-bin, -- [ --with-rlm-python3-bin=PATH Path to python3 binary []], -+ dnl extra argument: --with-rlm-python3-config-bin -+ PYTHON3_CONFIG_BIN= -+ AC_ARG_WITH(rlm-python3-config-bin, -+ [ --with-rlm-python3-config-bin=PATH Path to python-config3 binary []], - [ case "$withval" in - no) -- AC_MSG_ERROR(Need rlm-python3-bin) -+ AC_MSG_ERROR(Need rlm-python3-config-bin) - ;; - yes) - ;; - *) -- PYTHON3_BIN="$withval" -+ PYTHON3_CONFIG_BIN="$withval" - ;; - esac ] - ) - -- if test "x$PYTHON3_BIN" = x; then -- AC_CHECK_PROGS(PYTHON3_BIN, [ python3 ], not-found, [${PATH}:/usr/bin:/usr/local/bin]) -+ if test "x$PYTHON3_CONFIG_BIN" = x; then -+ AC_CHECK_PROGS(PYTHON3_CONFIG_BIN, [ python3-config ], not-found, [${PATH}:/usr/bin:/usr/local/bin]) - fi - -- if test "x$PYTHON3_BIN" = "xnot-found"; then -- fail="python-binary" -- fi -- -- dnl extra argument: --with-rlm-python3-lib-dir -- PY_LIB_DIR= -- AC_ARG_WITH(rlm-python3-lib-dir, -- [ --with-rlm-python3-lib-dir=DIR Directory for Python library files []], -- [ case "$withval" in -- no) -- AC_MSG_ERROR(Need rlm-python3-lib-dir) -- ;; -- yes) -- ;; -- *) -- PY_LIB_DIR="$withval" -- ;; -- esac ] -- ) -- -- dnl extra argument: --with-rlm-python3-include-dir -- PY_INC_DIR= -- AC_ARG_WITH(rlm-python3-include-dir, -- [ --with-rlm-python3-include-dir=DIR Directory for Python include files []], -- [ case "$withval" in -- no) -- AC_MSG_ERROR(Need rlm-python3-include-dir) -- ;; -- yes) -- ;; -- *) -- PY_INC_DIR="$withval" -- ;; -- esac ] -- ) -- -- if test x$fail = x; then -- PY_PREFIX=`${PYTHON3_BIN} -c 'import sys ; print(sys.prefix)'` -- AC_MSG_NOTICE([Python sys.prefix \"${PY_PREFIX}\"]) -- -- PY_EXEC_PREFIX=`${PYTHON3_BIN} -c 'import sys ; print(sys.exec_prefix)'` -- AC_MSG_NOTICE([Python sys.exec_prefix \"${PY_EXEC_PREFIX}\"]) -- -- PY_SYS_VERSION=`${PYTHON3_BIN} -c 'import sys ; print(sys.version[[0:3]])'` -- AC_MSG_NOTICE([Python sys.version \"${PY_SYS_VERSION}\"]) -- -- if test "x$PY_LIB_DIR" = "x"; then -- PY_LIB_DIR="$PY_EXEC_PREFIX/lib/python${PY_SYS_VERSION}/config" -- PY_LIB_LOC="-L$PY_EXEC_PREFIX/lib/python${PY_SYS_VERSION}/config" -- fi -- -- PY_MAKEFILE="$PY_EXEC_PREFIX/lib/python${PY_SYS_VERSION}/config/Makefile" -- if test -f ${PY_MAKEFILE}; then -- PY_LOCAL_MOD_LIBS=`sed -n -e 's/^LOCALMODLIBS=\(.*\)/\1/p' $PY_MAKEFILE | sed -e 's/[[[:blank:]]]/ /g;s/^ *//;s/ *$//'` -- AC_MSG_NOTICE([Python local_mod_libs \"${PY_LOCAL_MOD_LIBS}\"]) -- -- PY_BASE_MOD_LIBS=`sed -n -e 's/^BASEMODLIBS=\(.*\)/\1/p' $PY_MAKEFILE | sed -e 's/[[[:blank:]]]/ /g;s/^ *//;s/ *$//'` -- AC_MSG_NOTICE([Python base_mod_libs \"${PY_BASE_MOD_LIBS}\"]) -- -- PY_OTHER_LIBS=`sed -n -e 's/^LIBS=\(.*\)/\1/p' $PY_MAKEFILE | sed -e 's/[[[:blank:]]]/ /g;s/ / /g;s/^ *//;s/ *$//'` -- PY_OTHER_LDFLAGS=`sed -n -e 's/^LINKFORSHARED=\(.*\)/\1/p' $PY_MAKEFILE | sed -e 's/[[[:blank:]]]/ /g;s/ / /g;s/^ *//;s/ *$//'` -- AC_MSG_NOTICE([Python other_libs \"${PY_OTHER_LDFLAGS} ${PY_OTHER_LIBS}\"]) -- fi -- PY_EXTRA_LIBS="$PY_LOCALMODLIBS $PY_BASE_MOD_LIBS $PY_OTHER_LIBS" -+ if test "x$PYTHON3_CONFIG_BIN" = xnot-found; then -+ fail="$fail python3-config" -+ else -+ dnl # -+ dnl # It is necessary due to a weird behavior with 'python3-config' -+ dnl # -+ old_CFLAGS="$CFLAGS" -+ unset CFLAGS -+ -+ python3_cflags=`${PYTHON3_CONFIG_BIN} --cflags` -+ AC_MSG_NOTICE([${PYTHON3_CONFIG_BIN}'s cflags were \"${python3_cflags}\"]) -+ -+ dnl # Convert -I to -isystem to get rid of warnings about issues in Python headers -+ dnl # Strip -systemroot -+ dnl # Strip optimisation flags (-O[0-9]?). We decide our optimisation level, not python. -+ dnl # -D_FORTIFY_SOURCE needs -O. -+ dnl # Strip debug symbol flags (-g[0-9]?). We decide on debugging symbols, not python -+ dnl # Strip -W*, we decide what warnings are important -+ dnl # Strip -DNDEBUG -+ mod_cflags=`echo $python3_cflags | sed -e '\ -+ s/-I/-isystem/g;\ -+ s/-isysroot[[ =]]\{0,1\}[[^-]]*//g;\ -+ s/-O[[^[[:blank:]]]]*//g;\ -+ s/-Wp,-D_FORTIFY_SOURCE=[[[:digit:]]]//g;\ -+ s/-g[[^ ]]*//g;\ -+ s/-W[[^ ]]*//g;\ -+ s/-DNDEBUG[[[:blank:]]]*//g; -+ '` -+ AC_MSG_NOTICE([Sanitized cflags were \"${mod_cflags}\"]) -+ -+ python3_ldflags=`${PYTHON3_CONFIG_BIN} --ldflags` -+ AC_MSG_NOTICE([${PYTHON3_CONFIG_BIN}'s ldflags were \"$python3_ldflags}\"]) -+ -+ dnl # Strip -Wl,-O1... Is -O even a valid linker flag?? -+ dnl # Strip -Wl,-Bsymbolic-functions as thats not always supported or required -+ dnl # Strip -Xlinker -export-dynamic as it causes weird linking issues on Linux -+ dnl # See: https://bugs.python.org/issue36508 -+ mod_ldflags=`echo $python3_ldflags | sed -e '\ -+ s/-Wl,-O[[[:digit:]]][[[:blank:]]]*//g;\ -+ s/-Wl,-Bsymbolic-functions[[[:blank:]]]*//g;\ -+ s/-Xlinker -export-dynamic//g;\ -+ s/-Wl,-stack_size,[[[:digit:]]]*[[[:blank:]]]//g; -+ '` -+ AC_MSG_NOTICE([Sanitized ldflags were \"${mod_ldflags}\"]) - -- old_CFLAGS=$CFLAGS -- CFLAGS="$CFLAGS $PY_CFLAGS" -- smart_try_dir="$PY_PREFIX/include/python$PY_SYS_VERSION" -- FR_SMART_CHECK_INCLUDE(Python.h) - CFLAGS=$old_CFLAGS - -- if test "x$ac_cv_header_Python_h" = "xyes"; then -- mod_cflags="$SMART_CPPFLAGS" -- else -- fail="$fail Python.h" -- targetname= -- fi -- -- old_LIBS=$LIBS -- LIBS="$LIBS $PY_LIB_LOC $PY_EXTRA_LIBS -lm" -- smart_try_dir=$PY_LIB_DIR -- FR_SMART_CHECK_LIB(python${PY_SYS_VERSION}, Py_Initialize) -- LIBS=$old_LIBS -- -- eval t=\${ac_cv_lib_${sm_lib_safe}_${sm_func_safe}} -- if test "x$t" = "xyes"; then -- mod_ldflags="$PY_LIB_LOC $PY_EXTRA_LIBS $SMART_LIBS -lm" -- targetname=modname -- else -- FR_SMART_CHECK_LIB(python${PY_SYS_VERSION}m, Py_Initialize) -- eval t=\${ac_cv_lib_${sm_lib_safe}_${sm_func_safe}} -- if test "x$t" = "xyes"; then -- mod_ldflags="$PY_LIB_LOC $PY_EXTRA_LIBS $SMART_LIBS -lm" -- targetname=modname -- else -- targetname= -- fail="$fail libpython$PY_SYS_VERSION" -- fi -- fi -+ targetname="rlm_python3" - fi -- -- AC_CHECK_FUNCS([dl_iterate_phdr]) - else - targetname= - echo \*\*\* module modname is disabled. -diff --git a/src/modules/rlm_python3/rlm_python3.c b/src/modules/rlm_python3/rlm_python3.c -index 06187e4ffa..8e893a0eaa 100644 ---- a/src/modules/rlm_python3/rlm_python3.c -+++ b/src/modules/rlm_python3/rlm_python3.c -@@ -67,8 +67,10 @@ static CONF_PARSER module_config[] = { - A(preacct) - A(accounting) - A(checksimul) -+#ifdef WITH_PROXY - A(pre_proxy) - A(post_proxy) -+#endif - A(post_auth) - #ifdef WITH_COA - A(recv_coa) -@@ -98,7 +100,9 @@ static struct { - A(L_AUTH) - A(L_INFO) - A(L_ERR) -+#ifdef WITH_PROXY - A(L_PROXY) -+#endif - A(L_ACCT) - A(L_DBG_WARN) - A(L_DBG_ERR) -@@ -510,6 +514,7 @@ static rlm_rcode_t do_python_single(REQUEST *request, PyObject *pFunc, char cons - goto finish; - } - -+#ifdef WITH_PROXY - /* fill proxy vps */ - if (request->proxy) { - if (!mod_populate_vps(pArgs, 4, request->proxy->vps)) { -@@ -517,10 +522,13 @@ static rlm_rcode_t do_python_single(REQUEST *request, PyObject *pFunc, char cons - ret = RLM_MODULE_FAIL; - goto finish; - } -- } else { -+ } else -+#endif -+ { - mod_populate_vps(pArgs, 4, NULL); - } - -+#ifdef WITH_PROXY - /* fill proxy_reply vps */ - if (request->proxy_reply) { - if (!mod_populate_vps(pArgs, 5, request->proxy_reply->vps)) { -@@ -528,7 +536,9 @@ static rlm_rcode_t do_python_single(REQUEST *request, PyObject *pFunc, char cons - ret = RLM_MODULE_FAIL; - goto finish; - } -- } else { -+ } else -+#endif -+ { - mod_populate_vps(pArgs, 5, NULL); - } - -@@ -550,9 +560,14 @@ static rlm_rcode_t do_python_single(REQUEST *request, PyObject *pFunc, char cons - PyDict_SetItemString(pDictInput, "request", PyTuple_GET_ITEM(pArgs, 0)) || - PyDict_SetItemString(pDictInput, "reply", PyTuple_GET_ITEM(pArgs, 1)) || - PyDict_SetItemString(pDictInput, "config", PyTuple_GET_ITEM(pArgs, 2)) || -- PyDict_SetItemString(pDictInput, "session-state", PyTuple_GET_ITEM(pArgs, 3)) || -+ PyDict_SetItemString(pDictInput, "session-state", PyTuple_GET_ITEM(pArgs, 3)) -+#ifdef WITH_PROXY -+ || - PyDict_SetItemString(pDictInput, "proxy-request", PyTuple_GET_ITEM(pArgs, 4)) || -- PyDict_SetItemString(pDictInput, "proxy-reply", PyTuple_GET_ITEM(pArgs, 5))) { -+ PyDict_SetItemString(pDictInput, "proxy-reply", PyTuple_GET_ITEM(pArgs, 5)) -+#endif -+ ) { -+ - ERROR("%s:%d, %s - PyDict_SetItemString failed", __func__, __LINE__, funcname); - ret = RLM_MODULE_FAIL; - goto finish; -@@ -819,8 +834,10 @@ MOD_FUNC(authorize) - MOD_FUNC(preacct) - MOD_FUNC(accounting) - MOD_FUNC(checksimul) -+#ifdef WITH_PROXY - MOD_FUNC(pre_proxy) - MOD_FUNC(post_proxy) -+#endif - MOD_FUNC(post_auth) - #ifdef WITH_COA - MOD_FUNC(recv_coa) -@@ -1102,7 +1119,7 @@ static int python_interpreter_init(rlm_python_t *inst, CONF_SECTION *conf) - python_dlhandle = dlopen_libpython(RTLD_NOW | RTLD_GLOBAL); - if (!python_dlhandle) WARN("Failed loading libpython symbols into global symbol table"); - --#if PY_VERSION_HEX > 0x03050000 -+#if PY_VERSION_HEX >= 0x03050000 - { - wchar_t *name; - -@@ -1110,13 +1127,6 @@ static int python_interpreter_init(rlm_python_t *inst, CONF_SECTION *conf) - Py_SetProgramName(name); /* The value of argv[0] as a wide char string */ - PyMem_RawFree(name); - } --#elif PY_VERSION_HEX > 0x0300000 -- { -- wchar_t *name; -- -- MEM(name = _Py_char2wchar(main_config.name, NULL)); -- Py_SetProgramName(inst->wide_name); /* The value of argv[0] as a wide char string */ -- } - #else - { - char *name; -@@ -1163,37 +1173,34 @@ static int python_interpreter_init(rlm_python_t *inst, CONF_SECTION *conf) - * the lifetime of the module. - */ - if (inst->python_path) { -+ char *p, *path; -+ PyObject *sys = PyImport_ImportModule("sys"); -+ PyObject *sys_path = PyObject_GetAttrString(sys, "path"); -+ -+ memcpy(&p, &inst->python_path, sizeof(path)); -+ -+ for (path = strtok(p, ":"); path != NULL; path = strtok(NULL, ":")) { - #if PY_VERSION_HEX > 0x03050000 -- { -- wchar_t *path; -- PyObject* sys = PyImport_ImportModule("sys"); -- PyObject* sys_path = PyObject_GetAttrString(sys,"path"); -- -- MEM(path = Py_DecodeLocale(inst->python_path, NULL)); -- PyList_Append(sys_path, PyUnicode_FromWideChar(path,-1)); -- PyObject_SetAttrString(sys,"path",sys_path); -- PyMem_RawFree(path); -- } -+ wchar_t *py_path; -+ -+ MEM(py_path = Py_DecodeLocale(path, NULL)); -+ PyList_Append(sys_path, PyUnicode_FromWideChar(py_path, -1)); -+ PyMem_RawFree(py_path); - #elif PY_VERSION_HEX > 0x03000000 -- { -- wchar_t *path; -- PyObject* sys = PyImport_ImportModule("sys"); -- PyObject* sys_path = PyObject_GetAttrString(sys,"path"); -- -- MEM(path = _Py_char2wchar(inst->python_path, NULL)); -- PyList_Append(sys_path, PyUnicode_FromWideChar(path,-1)); -- PyObject_SetAttrString(sys,"path",sys_path); -- } --#else -- { -- char *path; -+ wchar_t *py_path; - -- memcpy(&path, &inst->python_path, sizeof(path)); -- Py_SetPath(path); -- } -+ MEM(py_path = _Py_char2wchar(path, NULL)); -+ PyList_Append(sys_path, PyUnicode_FromWideChar(py_path, -1)); -+ PyMem_RawFree(py_path); -+#else -+ PyList_Append(sys_path, PyLong_FromString(path)); - #endif -- } -+ } - -+ PyObject_SetAttrString(sys, "path", sys_path); -+ Py_DecRef(sys); -+ Py_DecRef(sys_path); -+ } - } else { - inst->module = main_module; - Py_IncRef(inst->module); -@@ -1220,7 +1227,7 @@ static int python_interpreter_init(rlm_python_t *inst, CONF_SECTION *conf) - static int mod_instantiate(CONF_SECTION *conf, void *instance) - { - rlm_python_t *inst = instance; -- int code = 0; -+ int code = RLM_MODULE_OK; - - inst->name = cf_section_name2(conf); - if (!inst->name) inst->name = cf_section_name1(conf); -@@ -1245,8 +1252,10 @@ static int mod_instantiate(CONF_SECTION *conf, void *instance) - PYTHON_FUNC_LOAD(preacct); - PYTHON_FUNC_LOAD(accounting); - PYTHON_FUNC_LOAD(checksimul); -+#ifdef WITH_PROXY - PYTHON_FUNC_LOAD(pre_proxy); - PYTHON_FUNC_LOAD(post_proxy); -+#endif - PYTHON_FUNC_LOAD(post_auth); - #ifdef WITH_COA - PYTHON_FUNC_LOAD(recv_coa); -@@ -1257,12 +1266,14 @@ static int mod_instantiate(CONF_SECTION *conf, void *instance) - /* - * Call the instantiate function. - */ -- code = do_python_single(NULL, inst->instantiate.function, "instantiate", inst->pass_all_vps, inst->pass_all_vps_dict); -- if (code < 0) { -- error: -- python_error_log(); /* Needs valid thread with GIL */ -- PyEval_SaveThread(); -- return -1; -+ if (inst->instantiate.function) { -+ code = do_python_single(NULL, inst->instantiate.function, "instantiate", inst->pass_all_vps, inst->pass_all_vps_dict); -+ if (code < 0) { -+ error: -+ python_error_log(); /* Needs valid thread with GIL */ -+ PyEval_SaveThread(); -+ return -1; -+ } - } - PyEval_SaveThread(); - -@@ -1272,22 +1283,31 @@ static int mod_instantiate(CONF_SECTION *conf, void *instance) - static int mod_detach(void *instance) - { - rlm_python_t *inst = instance; -- int ret; -+ int ret = RLM_MODULE_OK; - - /* - * Call module destructor - */ - PyEval_RestoreThread(inst->sub_interpreter); - -- ret = do_python_single(NULL, inst->detach.function, "detach", inst->pass_all_vps, inst->pass_all_vps_dict); -+ if (inst->detach.function) ret = do_python_single(NULL, inst->detach.function, "detach", inst->pass_all_vps, inst->pass_all_vps_dict); - - #define PYTHON_FUNC_DESTROY(_x) python_function_destroy(&inst->_x) - PYTHON_FUNC_DESTROY(instantiate); -- PYTHON_FUNC_DESTROY(authorize); - PYTHON_FUNC_DESTROY(authenticate); -+ PYTHON_FUNC_DESTROY(authorize); - PYTHON_FUNC_DESTROY(preacct); - PYTHON_FUNC_DESTROY(accounting); - PYTHON_FUNC_DESTROY(checksimul); -+#ifdef WITH_PROXY -+ PYTHON_FUNC_DESTROY(pre_proxy); -+ PYTHON_FUNC_DESTROY(post_proxy); -+#endif -+ PYTHON_FUNC_DESTROY(post_auth); -+#ifdef WITH_COA -+ PYTHON_FUNC_DESTROY(recv_coa); -+ PYTHON_FUNC_DESTROY(send_coa); -+#endif - PYTHON_FUNC_DESTROY(detach); - - Py_DecRef(inst->pythonconf_dict); -@@ -1313,14 +1333,8 @@ static int mod_detach(void *instance) - PyThreadState_Swap(main_interpreter); /* Swap to the main thread */ - Py_Finalize(); - dlclose(python_dlhandle); -- --#if PY_VERSION_HEX > 0x03050000 -- //if (inst->wide_name) PyMem_RawFree(inst->wide_name); -- //if (inst->wide_path) PyMem_RawFree(inst->wide_path); --#endif - } - -- - return ret; - } - -@@ -1348,8 +1362,10 @@ module_t rlm_python3 = { - [MOD_PREACCT] = mod_preacct, - [MOD_ACCOUNTING] = mod_accounting, - [MOD_SESSION] = mod_checksimul, -+#ifdef WITH_PROXY - [MOD_PRE_PROXY] = mod_pre_proxy, - [MOD_POST_PROXY] = mod_post_proxy, -+#endif - [MOD_POST_AUTH] = mod_post_auth, - #ifdef WITH_COA - [MOD_RECV_COA] = mod_recv_coa, diff --git a/net-dialup/freeradius/files/radius.conf-r4 b/net-dialup/freeradius/files/radius.conf-r4 deleted file mode 100644 index a5760d2..0000000 --- a/net-dialup/freeradius/files/radius.conf-r4 +++ /dev/null @@ -1,16 +0,0 @@ -# Config file for /etc/init.d/radiusd - -# see man pages for radiusd run `radiusd -h` -# for valid cmdline options -#RADIUSD_OPTS="" - -# Change this value if you change it in /etc/raddb/radiusd.conf -pidfile=/var/run/radiusd/radiusd.pid - -# Change these values if you change them in /etc/raddb/radiusd.conf -RADIUSD_USER=radius -RADIUSD_GROUP=radius - -# If you set up logging to syslog in /etc/raddb/radiusd.conf, you want -# to uncomment the following line. -#rc_use="logger" diff --git a/net-dialup/freeradius/files/radius.init-r3 b/net-dialup/freeradius/files/radius.init-r3 deleted file mode 100644 index b4d7c38..0000000 --- a/net-dialup/freeradius/files/radius.init-r3 +++ /dev/null @@ -1,31 +0,0 @@ -#!/sbin/openrc-run -# Copyright 1999-2021 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -command=/usr/sbin/radiusd -command_args="${RADIUSD_OPTS}" -pidfile="${pidfile:-/run/radiusd/radiusd.pid}" -extra_started_commands="reload" - -depend() { - need localmount - use dns -} - -start_pre() { - if [ ! -f /etc/raddb/radiusd.conf ] ; then - eerror "No /etc/raddb/radiusd.conf file exists!" - return 1 - fi - - checkpath -m0750 -o "${RADIUSD_USER:-root}:${RADIUSD_GROUP:-root}" -d \ - $(dirname ${pidfile}) /var/log/radius - checkpath -m0750 -o "${RADIUSD_USER:-root}:${RADIUSD_GROUP:-root}" -d \ - $(dirname ${pidfile}) /run/radiusd -} - -reload() { - ebegin "Reloading radiusd" - kill -HUP $(cat ${pidfile}) - eend $? -} diff --git a/net-dialup/freeradius/freeradius-3.0.20-r1.ebuild b/net-dialup/freeradius/freeradius-3.0.20-r1.ebuild deleted file mode 100644 index 7a83429..0000000 --- a/net-dialup/freeradius/freeradius-3.0.20-r1.ebuild +++ /dev/null @@ -1,267 +0,0 @@ -# Copyright 1999-2021 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 - -PYTHON_COMPAT=( python3_{6,7,8} ) -inherit autotools pam python-single-r1 systemd - -MY_P="${PN}-server-${PV}" - -DESCRIPTION="Highly configurable free RADIUS server" -SRC_URI=" - ftp://ftp.freeradius.org/pub/radius/${MY_P}.tar.gz - ftp://ftp.freeradius.org/pub/radius/old/${MY_P}.tar.gz -" -HOMEPAGE="http://www.freeradius.org/" - -KEYWORDS="amd64 ~arm arm64 ~ppc ~ppc64 ~sparc x86" -LICENSE="GPL-2" -SLOT="0" - -IUSE=" - debug firebird iodbc kerberos ldap memcached mysql mongodb odbc oracle pam - pcap postgres python readline redis rest samba sqlite ssl systemd -" -RESTRICT="test firebird? ( bindist )" - -# NOTE: Temporary freeradius doesn't support linking with mariadb client -# libs also if code is compliant, will be available in the next release. -# (http://lists.freeradius.org/pipermail/freeradius-devel/2018-October/013228.html)a - -# TODO: rlm_mschap works with both samba library or without. I need to avoid -# linking of samba library if -samba is used. -RDEPEND="acct-group/radius - acct-user/radius - !net-dialup/cistronradius - dev-lang/perl:= - sys-libs/gdbm:= - sys-libs/talloc - firebird? ( dev-db/firebird ) - iodbc? ( dev-db/libiodbc ) - kerberos? ( virtual/krb5 ) - ldap? ( net-nds/openldap ) - memcached? ( dev-libs/libmemcached ) - mysql? ( dev-db/mysql-connector-c ) - mongodb? ( >=dev-libs/mongo-c-driver-1.13.0-r1 ) - odbc? ( dev-db/unixODBC ) - oracle? ( dev-db/oracle-instantclient-basic ) - pam? ( sys-libs/pam ) - pcap? ( net-libs/libpcap ) - postgres? ( dev-db/postgresql:= ) - python? ( ${PYTHON_DEPS} ) - readline? ( sys-libs/readline:0= ) - redis? ( dev-libs/hiredis:= ) - rest? ( dev-libs/json-c:= ) - samba? ( net-fs/samba ) - sqlite? ( dev-db/sqlite:3 ) - ssl? ( dev-libs/openssl:0=[-bindist] ) - systemd? ( sys-apps/systemd )" -DEPEND="${RDEPEND}" - -REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )" - -S="${WORKDIR}/${MY_P}" - -PATCHES=( - "${FILESDIR}"/${PN}-3.0.18-libressl.patch - "${FILESDIR}"/${P}-systemd-service.patch - # Fix rlm_python3 build - # Backport from rlm_python changes to rlm_python3 - "${FILESDIR}"/${P}-py3-fixes.patch -) - -pkg_setup() { - if use python ; then - python-single-r1_pkg_setup - export PYTHONBIN="${EPYTHON}" - fi -} - -src_prepare() { - # most of the configuration options do not appear as ./configure - # switches. Instead it identifies the directories that are available - # and run through them. These might check for the presence of - # various libraries, in which case they are not built. To avoid - # automagic dependencies, we just remove all the modules that we're - # not interested in using. - - eapply_user - default - - use ssl || { rm -r src/modules/rlm_eap/types/rlm_eap_{tls,ttls,peap} || die ; } - use ldap || { rm -r src/modules/rlm_ldap || die ; } - use kerberos || { rm -r src/modules/rlm_krb5 || die ; } - use memcached || { rm -r src/modules/rlm_cache/drivers/rlm_cache_memcached || die ; } - use pam || { rm -r src/modules/rlm_pam || die ; } - # Drop support of python2 - rm -r src/modules/rlm_python || die - use python || { rm -r src/modules/rlm_python3 || die ; } - use rest || { rm -r src/modules/rlm_rest || die ; } - use redis || { rm -r src/modules/rlm_redis{,who} || die ; } - # Do not install ruby rlm module, bug #483108 - rm -r src/modules/rlm_ruby || die - - # these are all things we don't have in portage/I don't want to deal - # with myself - rm -r src/modules/rlm_eap/types/rlm_eap_tnc || die # requires TNCS library - rm -r src/modules/rlm_eap/types/rlm_eap_ikev2 || die # requires libeap-ikev2 - rm -r src/modules/rlm_opendirectory || die # requires some membership.h - rm -r src/modules/rlm_sql/drivers/rlm_sql_{db2,freetds} || die - - # sql drivers that are not part of experimental are loaded from a - # file, so we have to remove them from the file itself when we - # remove them. - usesqldriver() { - local flag=$1 - local driver=rlm_sql_${2:-${flag}} - - if ! use ${flag}; then - rm -r src/modules/rlm_sql/drivers/${driver} || die - sed -i -e /${driver}/d src/modules/rlm_sql/stable || die - fi - } - - sed -i \ - -e 's:^#\tuser = :\tuser = :g' \ - -e 's:^#\tgroup = :\tgroup = :g' \ - -e 's:/var/run/radiusd:/run/radiusd:g' \ - -e '/^run_dir/s:${localstatedir}::g' \ - raddb/radiusd.conf.in || die - - # verbosity - # build shared libraries using jlibtool --shared - sed -i \ - -e '/$(LIBTOOL)/s|--quiet ||g' \ - -e 's:--mode=\(compile\|link\):& --shared:g' \ - Make.inc.in || die - - sed -i \ - -e 's|--silent ||g' \ - -e 's:--mode=\(compile\|link\):& --shared:g' \ - scripts/libtool.mk || die - - # crude measure to stop jlibtool from running ranlib and ar - sed -i \ - -e '/LIBRARIAN/s|".*"|"true"|g' \ - -e '/RANLIB/s|".*"|"true"|g' \ - scripts/jlibtool.c || die - - usesqldriver mysql - usesqldriver postgres postgresql - usesqldriver firebird - usesqldriver iodbc - usesqldriver odbc unixodbc - usesqldriver oracle - usesqldriver sqlite - usesqldriver mongodb mongo - - eautoreconf -} - -src_configure() { - # do not try to enable static with static-libs; upstream is a - # massacre of libtool best practices so you also have to make sure - # to --enable-shared explicitly. - local myeconfargs=( - --enable-shared - --disable-static - --disable-ltdl-install - --with-system-libtool - --with-system-libltdl - --with-ascend-binary - --with-udpfromto - --with-dhcp - --with-iodbc-include-dir=/usr/include/iodbc - --with-experimental-modules - --with-docdir=/usr/share/doc/${PF} - --with-logdir=/var/log/radius - $(use_enable debug developer) - $(use_with ldap edir) - $(use_with ssl openssl) - $(use_with systemd systemd) - ) - # fix bug #77613 - if has_version app-crypt/heimdal; then - myeconfargs+=( --enable-heimdal-krb5 ) - fi - - if use python ; then - myeconfargs+=( - --with-rlm-python3-bin=${EPYTHON} - --with-rlm-python3-config-bin=${EPYTHON}-config - ) - fi - - use readline || export ac_cv_lib_readline=no - use pcap || export ac_cv_lib_pcap_pcap_open_live=no - - econf "${myeconfargs[@]}" -} - -src_compile() { - # verbose, do not generate certificates - emake \ - Q='' ECHO=true \ - LOCAL_CERT_PRODUCTS='' -} - -src_install() { - dodir /etc - diropts -m0750 -o root -g radius - dodir /etc/raddb - diropts -m0750 -o radius -g radius - dodir /var/log/radius - keepdir /var/log/radius/radacct - diropts - - # verbose, do not install certificates - # Parallel install fails (#509498) - emake -j1 \ - Q='' ECHO=true \ - LOCAL_CERT_PRODUCTS='' \ - R="${D}" \ - install - - pamd_mimic_system radiusd auth account password session - - # fix #711756 - fowners -R radius:radius /etc/raddb - fowners -R radius:radius /var/log/radius - - dodoc CREDITS - - rm "${ED}/usr/sbin/rc.radiusd" || die - - newinitd "${FILESDIR}/radius.init-r3" radiusd - newconfd "${FILESDIR}/radius.conf-r4" radiusd - - if ! use systemd ; then - # If systemd builtin is not enabled we need use Type=Simple - # as systemd .service - sed -i -e 's:^Type=.*::g' \ - -e 's:^WatchdogSec=.*::g' -e 's:^NotifyAccess=all.*::g' \ - "${S}"/debian/freeradius.service - fi - systemd_dounit "${S}"/debian/freeradius.service - - find "${ED}" \( -name "*.a" -o -name "*.la" \) -delete || die - -} - -pkg_config() { - if use ssl; then - cd "${ROOT}"/etc/raddb/certs || die - ./bootstrap || die "Error while running ./bootstrap script." - fowners root:radius "${ROOT}"/etc/raddb/certs - fowners root:radius "${ROOT}"/etc/raddb/certs/ca.pem - fowners root:radius "${ROOT}"/etc/raddb/certs/server.{key,crt,pem} - fi -} - -pkg_preinst() { - if ! has_version ${CATEGORY}/${PN} && use ssl; then - elog "You have to run \`emerge --config =${CATEGORY}/${PF}\` to be able" - elog "to start the radiusd service." - fi -}