aboutsummaryrefslogtreecommitdiffstats
path: root/main/freeradius
diff options
context:
space:
mode:
authorLeonardo Arena <rnalrd@alpinelinux.org>2015-10-16 14:12:31 +0000
committerLeonardo Arena <rnalrd@alpinelinux.org>2015-10-16 14:13:19 +0000
commit86b7a9ed542ecd1d3d6d030a080af20d8c6d1dcd (patch)
tree827966dcc2af274b5ef30d10e630b19d12bed079 /main/freeradius
parent41dd189f59da7ad463ccb31a402e1b7ac95a18bb (diff)
downloadaports-86b7a9ed542ecd1d3d6d030a080af20d8c6d1dcd.tar.bz2
aports-86b7a9ed542ecd1d3d6d030a080af20d8c6d1dcd.tar.xz
main/freeradius: fix EAP-TLS with OpenSSL 1.0.2
http://lists.freeradius.org/pipermail/freeradius-users/2015-October/080276.html
Diffstat (limited to 'main/freeradius')
-rw-r--r--main/freeradius/APKBUILD12
-rw-r--r--main/freeradius/freeradius-310-ignore-callbacks-for-pseudo-content-types.patch42
2 files changed, 50 insertions, 4 deletions
diff --git a/main/freeradius/APKBUILD b/main/freeradius/APKBUILD
index aa81554ba0..52adc2782b 100644
--- a/main/freeradius/APKBUILD
+++ b/main/freeradius/APKBUILD
@@ -5,7 +5,7 @@
pkgname=freeradius
_realname=freeradius
pkgver=3.0.10
-pkgrel=0
+pkgrel=1
pkgdesc="RADIUS (Remote Authentication Dial-In User Service) server"
url="http://freeradius.org/"
arch="all"
@@ -32,6 +32,7 @@ source="ftp://ftp.freeradius.org/pub/freeradius/$_realname-server-$pkgver.tar.gz
disable-cert-generation.patch
freeradius-305-default-config.patch
fix-scopeid.patch
+ freeradius-310-ignore-callbacks-for-pseudo-content-types.patch
"
_builddir="$srcdir"/$_realname-server-$pkgver
@@ -298,18 +299,21 @@ e27f11a11fa167b5185d3e11de79d3bc freeradius.initd
d86558365a1deea4914ed139797805b0 musl-fix-headers.patch
ecd9ecfba4cf86a203de6faf8398c44a disable-cert-generation.patch
f8a7b00835f2108acc06af212cede16e freeradius-305-default-config.patch
-5171fca6629baeb274a9b17e02683163 fix-scopeid.patch"
+5171fca6629baeb274a9b17e02683163 fix-scopeid.patch
+33381b3a80d2e091a0f0250edb66223e freeradius-310-ignore-callbacks-for-pseudo-content-types.patch"
sha256sums="e8825518bde1d9787f7f9ea1e9fec7ae5282af9c3362d2fa360f60c4db6f77ec freeradius-server-3.0.10.tar.gz
2d5b3e1af1299373182f2c8021bdf45c29db5d82b0a077b965a16ded32cb6292 freeradius.confd
a5208f13420c28446b85dfc48cb9193a4651c994d15cc2c9b0bc43734c66e8f0 freeradius.initd
872aaebf86a663f819460d98924a9dc1f3e428facac6930dc98d1e442df1633f musl-fix-headers.patch
008fa3a4da7b3c01df238bf492a8ccda4077289c02c553a60ad8f4439ec136a2 disable-cert-generation.patch
02cad546ffaf3f9be531cb45b96c7fb31f83c717e40ece4ff28a73c86f921f33 freeradius-305-default-config.patch
-aad4796f06a5891b3d48d6ded926ffeb7b9fa84cc1c4a1f1be76bced02694023 fix-scopeid.patch"
+aad4796f06a5891b3d48d6ded926ffeb7b9fa84cc1c4a1f1be76bced02694023 fix-scopeid.patch
+c9797672a1aa5b67206239d34aea9fb0d550af892fc848515b0f48647fa033aa freeradius-310-ignore-callbacks-for-pseudo-content-types.patch"
sha512sums="7546d54ca9ae1189f17fa97a8c6f6e15486d61dda8819b15f883ba48fbd6629f4728ba41490b51cb08eb1399090c16eca1b559c22ee19f3a770f1ce7ce23a8d5 freeradius-server-3.0.10.tar.gz
e248159c0a44f722e405c51c8015d9ad672e42ad0d38ca28f8a051ff911aa4d3e630b9bd4543e9d610940bc4ae50c022594e219ce341b36abe85c572acad418b freeradius.confd
ba3c424d4eabb147c7aa3e31575a87ddb26b6a792d2a8714e73d8763e07854326a03a83991a7420246ca06bf0b93d0a6f23ec198f5e48647f9d25b40067e852a freeradius.initd
c49e5eec7497fccde5fd09dba1ea9b846e57bc88015bd81640aa531fb5c9b449f37136f42c85fe1d7940c5963aed664b85da28442b388c9fb8cc27873df03b2d musl-fix-headers.patch
09b78c6baa992f82ab81c43aad6792536a4708d460170f0a373e242a5fafe8db10662dc7fcef99a966b828ed91fa7fe38567c961c938de9a447f1ee03aebb142 disable-cert-generation.patch
b69b899da6f80dbdb7422847536e37461315ba587a07fedc1eee28b96be7d16993b758ccd34e3a271ce2937d72c6ddff878aec61a3a4c0750deaaa959d10ed5e freeradius-305-default-config.patch
-41d478c0e40ff82fc36232964037c1ab8ffca9fdbb7dca02ed49319906e751c133b5d7bc7773c645cec6d9d39d1de69cba25e8d59afa8d6662563dd17f35f234 fix-scopeid.patch"
+41d478c0e40ff82fc36232964037c1ab8ffca9fdbb7dca02ed49319906e751c133b5d7bc7773c645cec6d9d39d1de69cba25e8d59afa8d6662563dd17f35f234 fix-scopeid.patch
+35533488015d5f4b829c2a6c962a437ca50c7d86bb0d650fc621770cddb3108e92e9fe5f88b3b9d7657fcc9b91e5b00162aa125ed9a4374229b930d62cc0d847 freeradius-310-ignore-callbacks-for-pseudo-content-types.patch"
diff --git a/main/freeradius/freeradius-310-ignore-callbacks-for-pseudo-content-types.patch b/main/freeradius/freeradius-310-ignore-callbacks-for-pseudo-content-types.patch
new file mode 100644
index 0000000000..68beb272c5
--- /dev/null
+++ b/main/freeradius/freeradius-310-ignore-callbacks-for-pseudo-content-types.patch
@@ -0,0 +1,42 @@
+From b7b5493c61aeb4e5cb9ba218d8c5553f580ceee6 Mon Sep 17 00:00:00 2001
+From: Arran Cudbard-Bell <a.cudbardb@freeradius.org>
+Date: Fri, 9 Oct 2015 16:32:45 -0400
+Subject: [PATCH] Ignore callbacks for pseudo content types. Fixes EAP-TTLS
+ MSCHAPv2 (and possibly others) with OpenSSL 1.0.2
+
+---
+ src/main/cb.c | 15 +++++++++++++++
+ 1 file changed, 15 insertions(+)
+
+diff --git a/src/main/cb.c b/src/main/cb.c
+index 2f38f77..f6880a2 100644
+--- a/src/main/cb.c
++++ b/src/main/cb.c
+@@ -83,11 +83,26 @@ void cbtls_msg(int write_p, int msg_version, int content_type,
+ tls_session_t *state = (tls_session_t *)arg;
+
+ /*
++ * OpenSSL 1.0.2 calls this function with 'pseudo'
++ * content types. Which breaks our tracking of
++ * the SSL Session state.
++ */
++ if ((msg_version == 0) && (content_type > UINT8_MAX)) {
++ DEBUG4("Ignoring cbtls_msg call with pseudo content type %i, version %i",
++ content_type, msg_version);
++ return;
++ }
++
++ /*
+ * Work around bug #298, where we may be called with a NULL
+ * argument. We should really log a serious error
+ */
+ if (!state) return;
+
++ /*
++ * 0 - received (from peer)
++ * 1 - sending (to peer)
++ */
+ state->info.origin = write_p;
+ state->info.content_type = content_type;
+ state->info.record_len = len;
+
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-27 18:54:16 +0000