From a6fa7bfe705ba89b1b2e57f5d1fd358a53934050 Mon Sep 17 00:00:00 2001
From: Leonardo Arena <rnalrd@alpinelinux.org>
Date: Wed, 13 Aug 2014 08:21:28 +0000
Subject: main/freeradius3: fix openssl version check

---
 main/freeradius3/APKBUILD                          | 12 ++++--
 .../fix-potential-crash-with-SSHA-and-salts.patch  | 48 ----------------------
 .../freeradius-fix-openssl-version-check.patch     | 11 +++++
 3 files changed, 19 insertions(+), 52 deletions(-)
 delete mode 100644 main/freeradius3/fix-potential-crash-with-SSHA-and-salts.patch
 create mode 100644 main/freeradius3/freeradius-fix-openssl-version-check.patch

diff --git a/main/freeradius3/APKBUILD b/main/freeradius3/APKBUILD
index 0f13fb180..1806f4e91 100644
--- a/main/freeradius3/APKBUILD
+++ b/main/freeradius3/APKBUILD
@@ -3,7 +3,7 @@
 pkgname=freeradius3
 _realname=freeradius
 pkgver=3.0.3
-pkgrel=5
+pkgrel=6
 pkgdesc="RADIUS (Remote Authentication Dial-In User Service) server"
 url="http://freeradius.org/"
 arch="all"
@@ -26,6 +26,7 @@ source="ftp://ftp.freeradius.org/pub/freeradius/$_realname-server-$pkgver.tar.gz
 	musl-fix-headers.patch
 	disable-cert-generation.patch
 	freeradius3-303-main-log-include.patch
+	freeradius-fix-openssl-version-check.patch
 	"
 conflict="freeradius freeradius-lib freeradius-radclient"
 
@@ -236,18 +237,21 @@ fc6693f3df5a0694610110287a28568a  freeradius3.confd
 d332a0c1fcbab07f50461ae887279df2  freeradius3-301-default-config.patch
 d86558365a1deea4914ed139797805b0  musl-fix-headers.patch
 7097584dba2b344caf5c32475bf8da16  disable-cert-generation.patch
-b3f62ccbba7aab3e7c009767372d71ed  freeradius3-303-main-log-include.patch"
+b3f62ccbba7aab3e7c009767372d71ed  freeradius3-303-main-log-include.patch
+2d3b4abed4010105d734d51de3123db0  freeradius-fix-openssl-version-check.patch"
 sha256sums="57e9932e5401670d0f0000080b942aee2cd6ca80422f76acd21f13a4be46335e  freeradius-server-3.0.3.tar.gz
 2d5b3e1af1299373182f2c8021bdf45c29db5d82b0a077b965a16ded32cb6292  freeradius3.confd
 e173cce3b8a4c2ed4d1fdd58fff8ec21e9166f011ec052f5f4c01712493e72b3  freeradius3.initd
 edde20a808ad4c589d456ccf9e693a8ee9922e75366b1187994f0b982e856021  freeradius3-301-default-config.patch
 872aaebf86a663f819460d98924a9dc1f3e428facac6930dc98d1e442df1633f  musl-fix-headers.patch
 a72a0454f047bbbf258ffa90bd496e48cdfd95bc03a3863ab01750382ce566e3  disable-cert-generation.patch
-37b3a67a9fe5a34d82fd6274b95732298561f19a0e7c81faf5ad0bf9a8f7874a  freeradius3-303-main-log-include.patch"
+37b3a67a9fe5a34d82fd6274b95732298561f19a0e7c81faf5ad0bf9a8f7874a  freeradius3-303-main-log-include.patch
+4f4bbe57f77cd16c5451dc6f29070508e665285ad889fc1bbfdf6146e4f19ede  freeradius-fix-openssl-version-check.patch"
 sha512sums="a4fbb0a19f5946182c0cac6d62270db378674e48350c7c3b8f7d8a2a1b16c95c9b205af8d7ed22009b6392d4ab7cb251694d2593a39d9e4efc8eec9ff736bd01  freeradius-server-3.0.3.tar.gz
 e248159c0a44f722e405c51c8015d9ad672e42ad0d38ca28f8a051ff911aa4d3e630b9bd4543e9d610940bc4ae50c022594e219ce341b36abe85c572acad418b  freeradius3.confd
 b29bf9090a2be7af77a3e104346a23024baf78a343e7f2fd6f6ddb02c223ac66d9b77c80d02b2cb26cbef2e64cb59c46462bb54b063b862e5a3a61c72653a63d  freeradius3.initd
 f32ca8fbd0d082f962c5e42c78742f7b099d2e518ee246003a7860c6d69bad745dcad974b2fb98f8e51ddecb78222f88bc778dd2f33efdb02b3f8e4298ea3e79  freeradius3-301-default-config.patch
 c49e5eec7497fccde5fd09dba1ea9b846e57bc88015bd81640aa531fb5c9b449f37136f42c85fe1d7940c5963aed664b85da28442b388c9fb8cc27873df03b2d  musl-fix-headers.patch
 d027627ac302c39de9342f5f97d2b44752e33d0def311aa5e140e9365b6a501cd5e4f311b1751d5efa3aa63666f07fc58bc222f95bba0a478a7828c6aea07770  disable-cert-generation.patch
-1bf8587bfbf6109cfe8b34ffb4e3100d1d06be24678d9358c0cccc84e84e277822c01117bd4a038b11da35fcb86110588f5bd54177cbd632036977db3a53376d  freeradius3-303-main-log-include.patch"
+1bf8587bfbf6109cfe8b34ffb4e3100d1d06be24678d9358c0cccc84e84e277822c01117bd4a038b11da35fcb86110588f5bd54177cbd632036977db3a53376d  freeradius3-303-main-log-include.patch
+4b6c7d55ef4a404a8cdc4117caa5f5ec9ba3079b2be1c69b4cc5500ea81f2f09fa7cce45d0bf52f262242a6519a722212628384d8c82af244bac1a381fce6c52  freeradius-fix-openssl-version-check.patch"
diff --git a/main/freeradius3/fix-potential-crash-with-SSHA-and-salts.patch b/main/freeradius3/fix-potential-crash-with-SSHA-and-salts.patch
deleted file mode 100644
index 29c1a27f2..000000000
--- a/main/freeradius3/fix-potential-crash-with-SSHA-and-salts.patch
+++ /dev/null
@@ -1,48 +0,0 @@
-From ff5147c9e5088c7cf5c0b6ec6bfdd3a9d2042a28 Mon Sep 17 00:00:00 2001
-From: Arran Cudbard-Bell <a.cudbardb@freeradius.org>
-Date: Thu, 13 Feb 2014 13:49:54 +0000
-Subject: [PATCH] Fix potential crash with SSHA and salts > 44bytes
-
----
- src/modules/rlm_pap/rlm_pap.c | 10 ++++++----
- 1 file changed, 6 insertions(+), 4 deletions(-)
-
-diff --git a/src/modules/rlm_pap/rlm_pap.c b/src/modules/rlm_pap/rlm_pap.c
-index 689acf0..1bf6d4e 100644
---- a/src/modules/rlm_pap/rlm_pap.c
-+++ b/src/modules/rlm_pap/rlm_pap.c
-@@ -123,7 +123,7 @@ static int mod_instantiate(CONF_SECTION *conf, void *instance)
- static void normify(REQUEST *request, VALUE_PAIR *vp, size_t min_length)
- {
- 
--	uint8_t buffer[64];
-+	uint8_t buffer[256];
- 
- 	if (min_length >= sizeof(buffer)) return; /* paranoia */
- 
-@@ -132,9 +132,10 @@ static void normify(REQUEST *request, VALUE_PAIR *vp, size_t min_length)
- 	 */
- 	if (vp->length >= (2 * min_length)) {
- 		size_t decoded;
--		decoded = fr_hex2bin(buffer, vp->vp_strvalue, vp->length >> 1);
-+		decoded = fr_hex2bin(buffer, vp->vp_strvalue, sizeof(buffer));
- 		if (decoded == (vp->length >> 1)) {
--			RDEBUG2("Normalizing %s from hex encoding", vp->da->name);
-+			RDEBUG2("Normalizing %s from hex encoding, %zu bytes -> %zu bytes",
-+				vp->da->name, vp->length, decoded);
- 			pairmemcpy(vp, buffer, decoded);
- 			return;
- 		}
-@@ -150,7 +151,8 @@ static void normify(REQUEST *request, VALUE_PAIR *vp, size_t min_length)
- 					   sizeof(buffer));
- 		if (decoded < 0) return;
- 		if (decoded >= (ssize_t) min_length) {
--			RDEBUG2("Normalizing %s from base64 encoding", vp->da->name);
-+			RDEBUG2("Normalizing %s from base64 encoding, %zu bytes -> %zu bytes",
-+				vp->da->name, vp->length, decoded);
- 			pairmemcpy(vp, buffer, decoded);
- 			return;
- 		}
--- 
-1.8.5.5
-
diff --git a/main/freeradius3/freeradius-fix-openssl-version-check.patch b/main/freeradius3/freeradius-fix-openssl-version-check.patch
new file mode 100644
index 000000000..e694c5180
--- /dev/null
+++ b/main/freeradius3/freeradius-fix-openssl-version-check.patch
@@ -0,0 +1,11 @@
+--- a/src/main/version.c
++++ b/src/main/version.c
+@@ -48,7 +48,7 @@
+ 
+ 	ssl_linked = SSLeay();
+ 
+-	if (ssl_linked != ssl_built) {
++	if (((ssl_linked >> 8) != (ssl_built >> 8)) || (ssl_linked < ssl_built)) {
+ 		ERROR("libssl version mismatch.  built: %lx linked: %lx",
+ 		       (unsigned long) ssl_built,
+ 		       (unsigned long) ssl_linked);
-- 
cgit v1.2.3