From mboxrd@z Thu Jan 1 00:00:00 1970
From: Adolf Belka <adolf.belka@ipfire.org>
To: development@lists.ipfire.org
Subject: [PATCH] freeradius: Update to version 3.2.6
Date: Mon, 13 Jan 2025 22:41:05 +0100
Message-ID: <20250113214108.2221728-4-adolf.belka@ipfire.org>
In-Reply-To: <20250113214108.2221728-1-adolf.belka@ipfire.org>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============4815985985853958447=="
List-Id: <development.lists.ipfire.org>
--===============4815985985853958447==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
- Update from version 3.2.5 to 3.2.6
- Update of rootfile
- Changelog
3.2.6
Configuration changes
* require_message_authenticator=3Dauto and limit_proxy_state=3Dauto
are not applied for wildcard clients. This likely will
leave your network in an insecure state. Upgrade all clients!
Feature improvements
* Allow for "auth+acct" dynamic home servers.
* Allow for setting "Home-Server-Pool", etc. for proxying
accounting packets, just like authentication packets.
* Fix spelling in starent SN[1]-Subscriber-Acct-Mode attribute
value. Patch from John Thacker.
* Update dictionary.iea. Patch from John Thacker.
* Add warning for secrets that are too short.
* More debugging for SSL ciphers. Patch from Nick Porter.
* Update 3GPP dictionary. Patch from Nick Porter.
* Fix ZTE dictionary.
* Make radsecret more portable and avoid extra dependencies.
* Add timestamp for Client-Lost so we don't think it's 1970. Patch
from Alexander Clouter. #5353
Bug fixes
* Dynamic clients now inherit require_message_authenticator
and limit_proxy_state from dynamic client {...} definition.
* Fix radsecret build rules to better support parallel builds.
* Checkpoint systems should be reconfigured for the BlastRADIUS
attack: https://support.checkpoint.com/results/sk/sk182516
The Checkpoint systems drop packets containing Message-Authenticator,
which violates the RFCs and is completely ridiculous.
* Fix duplicate CoA packet issue. #5397
* Several fixes in the event code
* Don't leak memory in rlm_sql_sqlite. #5392
* Don't stop processing RadSec data too early.
Signed-off-by: Adolf Belka <adolf.belka(a)ipfire.org>
---
config/rootfiles/packages/freeradius | 1 +
lfs/freeradius | 8 ++++----
2 files changed, 5 insertions(+), 4 deletions(-)
diff --git a/config/rootfiles/packages/freeradius b/config/rootfiles/packages=
/freeradius
index 7e02a46df..3a82e7d9c 100644
--- a/config/rootfiles/packages/freeradius
+++ b/config/rootfiles/packages/freeradius
@@ -627,6 +627,7 @@ usr/sbin/radmin
#usr/share/doc/freeradius/antora/modules/ROOT/pages
#usr/share/doc/freeradius/antora/modules/ROOT/pages/directories.adoc
#usr/share/doc/freeradius/antora/modules/ROOT/pages/index.adoc
+#usr/share/doc/freeradius/antora/modules/ROOT/pages/radiusd_x.adoc
#usr/share/doc/freeradius/antora/modules/concepts
#usr/share/doc/freeradius/antora/modules/concepts/nav.adoc
#usr/share/doc/freeradius/antora/modules/concepts/pages
diff --git a/lfs/freeradius b/lfs/freeradius
index 228515400..e45e41aa4 100644
--- a/lfs/freeradius
+++ b/lfs/freeradius
@@ -1,7 +1,7 @@
############################################################################=
###
# =
#
# IPFire.org - A linux based firewall =
#
-# Copyright (C) 2007-2024 IPFire Team <info(a)ipfire.org> =
#
+# Copyright (C) 2007-2025 IPFire Team <info(a)ipfire.org> =
#
# =
#
# This program is free software: you can redistribute it and/or modify =
#
# it under the terms of the GNU General Public License as published by =
#
@@ -26,7 +26,7 @@ include Config
=20
SUMMARY =3D RADIUS Server
=20
-VER =3D 3.2.5
+VER =3D 3.2.6
=20
THISAPP =3D freeradius-server-$(VER)
DL_FILE =3D $(THISAPP).tar.bz2
@@ -34,7 +34,7 @@ DL_FROM =3D $(URL_IPFIRE)
DIR_APP =3D $(DIR_SRC)/$(THISAPP)
TARGET =3D $(DIR_INFO)/$(THISAPP)
PROG =3D freeradius
-PAK_VER =3D 22
+PAK_VER =3D 23
=20
DEPS =3D libtalloc samba
=20
@@ -48,7 +48,7 @@ objects =3D $(DL_FILE)
=20
$(DL_FILE) =3D $(DL_FROM)/$(DL_FILE)
=20
-$(DL_FILE)_BLAKE2 =3D 169dccd6f04b4503869912dec9423279cc18fc22fa3babf324747b=
df0d80d3b4fa5460ac07f89f8d845bf664283a9772b483b8fcec990364fcaf71b673b6917c
+$(DL_FILE)_BLAKE2 =3D 0af7cdf7fb784f2d5019f3bcb06d1d44dca046c9a4513d780ab032=
367001b6a67e9ea17a3a5b4609b9d7b936647e60c96e35188ba9644c4360071ac8d021bd58
=20
install : $(TARGET)
=20
--=20
2.47.1
--===============4815985985853958447==--