Update radsecproxy to version 1.8.0. trunk
authorhe <he@pkgsrc.org>
Wed, 11 Sep 2019 11:51:22 +0000
branchtrunk
changeset 339339 473e138f1960
parent 339338 3c4d0e99c81c
child 339340 4484a08c99e4
Update radsecproxy to version 1.8.0. Pkgsrc changes: * The hosting of radsecproxy has changed to github.com. * Add dependency on nettle. * Update LICENSE, now only modified-bsd. * Use gmake to build to avoid a couple of warnings. * Relinquish exclusive maintainership. Upstream changes: 20190704 1.8.0 New features: - Rewrite: supplement attribute (add attribute if not present) (#19) - Rewrite: modify vendor attribute - Rewrite whitelist mode - Autodetect status-server capability of servers - Minimalistic status-server - Explicit SubjectAltName:DNS and :IP match on certificates Misc: - No longer require docbook2x tools, but include plain manpages - Fail on startup if overlapping clients with different tls blocks Compile fixes: - Fix compile issues on bsd Bug fixes: - Handle %00 in config correctly (#31) - Fix server selection when udp were unreachable for long periods 2018-09-03 1.7.2 Misc: - Always copy proxy-state attributes in own responses - Authenticate own access-reject responses - Retry outstanding requests after connection reset Compile fixes: - Fix compile issues on some platforms (#14) - Fix compile issue when dtls disabled (#16) - Fix compile issue on Cygwin (#18) - Fix radsecproxy.conf manpage not installed when docbook2x not available Bug fixes: - Fix request might be dropped if udp client uses multiple source ports - Fix tls output might drop requests under high load - Check for IP literals in Certificate SubjectAltName:DNS records - Fix tls connection might hang during SSL_connect and SSL_accept 2018-07-05 1.7.1 License and copyright changes: - Copyright SWITCH - 3-clause BSD license only, no GPL. Enhancements: - Support the use of OpenSSL version 1.1 and 1.0 series (RADSECPROXY-66, RADSECPROXY-74). - Reload TLS certificate CRLs on SIGHUP (RADSECPROXY-78). - Make use of SO_KEEPALIVE for tcp sockets (RADSECPROXY-12). - Optionally include the thread-id in log messages - Allow hashing MAC addresses in the log (same as for F-Ticks) - Log certificate subject if rejected - Log own responses (RADSECPROXY-61) - Allow f-ticks prefix to be configured - radsecproxy-hash: allow MAC addresses to be passed on command line Misc: - libnettle is now an unconditional dependency. - FTicks support is now on by default and not optional. - Experimental code for dynamic discovery has been removed. - Replace several server status bits with a single state enum. (RADSECPROXY-71) - Use poll instead of select to allow > 1000 concurrent connections. - Implement locking for all SSL objects (openssl states it is not thread-safe) - Rework DTLS code. Bug fixes: - Detect the presence of docbook2x-man correctly. - Make clang less unhappy. - Don't use a smaller pthread stack size than what's allowed. - Avoid a deadlock situation with dynamic servers (RADSECPROXY-73). - Don't forget about good dynamically discovered (TLS) connections (RADSECPROXY-69). - Fix refcounting in error cases when loading configuration (RADSECPROXY-42) - Fix potential crash when rewriting malformed vendor attributes. - Properly cleanup expired requests from server output-queue. - Fix crash when dynamic discovered server doesn't resolve.
net/radsecproxy/Makefile
net/radsecproxy/PLIST
net/radsecproxy/distinfo
--- a/net/radsecproxy/Makefile	Wed Sep 11 11:41:53 2019 +0000
+++ b/net/radsecproxy/Makefile	Wed Sep 11 11:51:22 2019 +0000
@@ -1,14 +1,17 @@
-# $NetBSD: Makefile,v 1.5 2017/08/03 11:30:45 he Exp $
+# $NetBSD: Makefile,v 1.6 2019/09/11 11:51:22 he Exp $
 
-DISTNAME=	radsecproxy-1.6.9
+VERSION=	1.8.0
+DISTNAME=	radsecproxy-${VERSION}
 CATEGORIES=	net
-MASTER_SITES=	https://software.nordu.net/radsecproxy/
+MASTER_SITES=	${MASTER_SITE_GITHUB:=radsecproxy/}
 
-MAINTAINER=	he@NetBSD.org
+MAINTAINER=	pkgsrc-users@NetBSD.org
 COMMENT=	Secure radius proxy
-HOMEPAGE=	https://software.nordu.net/radsecproxy/download/
-EXTRACT_SUFX=	.tar.xz
-LICENSE=	gnu-gpl-v2 OR modified-bsd
+HOMEPAGE=	https://radsecproxy.github.io/
+GITHUB_RELEASE=	${VERSION}
+LICENSE=	modified-bsd
+
+USE_TOOLS+=	gmake
 
 GNU_CONFIGURE=	YES
 CONFIGURE_ARGS+=	--sysconfdir=${PKG_SYSCONFBASEDIR:Q}
@@ -25,4 +28,5 @@
 		${DESTDIR}${EGDIR}/${CONF}
 
 .include "../../security/openssl/buildlink3.mk"
+.include "../../security/nettle/buildlink3.mk"
 .include "../../mk/bsd.pkg.mk"
--- a/net/radsecproxy/PLIST	Wed Sep 11 11:41:53 2019 +0000
+++ b/net/radsecproxy/PLIST	Wed Sep 11 11:51:22 2019 +0000
@@ -1,5 +1,6 @@
-@comment $NetBSD: PLIST,v 1.1 2015/01/20 08:17:09 he Exp $
+@comment $NetBSD: PLIST,v 1.2 2019/09/11 11:51:22 he Exp $
 bin/radsecproxy-conf
+bin/radsecproxy-hash
 man/man1/radsecproxy-hash.1
 man/man1/radsecproxy.1
 man/man5/radsecproxy.conf.5
--- a/net/radsecproxy/distinfo	Wed Sep 11 11:41:53 2019 +0000
+++ b/net/radsecproxy/distinfo	Wed Sep 11 11:51:22 2019 +0000
@@ -1,6 +1,6 @@
-$NetBSD: distinfo,v 1.3 2017/08/03 11:30:45 he Exp $
+$NetBSD: distinfo,v 1.4 2019/09/11 11:51:22 he Exp $
 
-SHA1 (radsecproxy-1.6.9.tar.xz) = 4b61c446a3dfc7220ad379cd1919dddb33a61a2a
-RMD160 (radsecproxy-1.6.9.tar.xz) = 4a855970bbeb9262175c9d7a09be00b8da403761
-SHA512 (radsecproxy-1.6.9.tar.xz) = 89bb8d4903aa6525bc7e652809f9022643a58f9ca40277982c3cb2a08051f0ba9290432ca1e1fa4550b859913347ba6c45a256620cdce9869faa3cf5bd175951
-Size (radsecproxy-1.6.9.tar.xz) = 160336 bytes
+SHA1 (radsecproxy-1.8.0.tar.gz) = c460e4f59d78264a364ca3810df0c0441f319de2
+RMD160 (radsecproxy-1.8.0.tar.gz) = 2cdfcf06a28362155c6ac4562f7bc004fbba907e
+SHA512 (radsecproxy-1.8.0.tar.gz) = 91a3bb60cb3d03fac4a789eca9d4e87512ae36f44c7eeee35a3766b60d57b0425ecabade56db52696727d864986f88a9d8fa26ca0ea2ac699abecda53a1e6a1a
+Size (radsecproxy-1.8.0.tar.gz) = 326176 bytes