pkgsrc/net/radiusd-cistron/Makefile

# $NetBSD: Makefile,v 1.32 2016/07/09 06:38:45 wiz Exp $

DISTNAME=	radiusd-cistron-1.6.8
PKGREVISION=	5
CATEGORIES=	net
MASTER_SITES=	ftp://ftp.cistron.nl/pub/people/miquels/radius/

MAINTAINER=	pkgsrc-users@NetBSD.org
HOMEPAGE=	http://www.radius.cistron.nl/
COMMENT=	RADIUS-compliant remote authentication and accounting server

CONFLICTS+=	freeradius-[0-9]*

USE_TOOLS+=	perl:run

REPLACE_PERL=	src/checkrad.pl

MAKE_FILE=	Makefile.BSD
BUILD_DIRS=	src
INSTALL_DIRS=	src
INSTALLATION_DIRS=	bin ${PKGMANDIR}/man1 ${PKGMANDIR}/man5 \
			${PKGMANDIR}/man8 sbin share/examples/raddb \
			share/doc/radiusd-cistron

RCD_SCRIPTS=	radiusd

OWN_DIRS_PERMS=	/var/log/radacct ${REAL_ROOT_USER} ${REAL_ROOT_GROUP} 700

PKG_SYSCONFSUBDIR=	raddb
EGDIR=		${PREFIX}/share/examples/raddb
CONF_FILES=
.for cfile in	clients.sample dictionary dictionary.ascend dictionary.bay \
		dictionary.cisco dictionary.cistron dictionary.compat \
		dictionary.erx dictionary.livingston dictionary.redback \
		dictionary.shiva dictionary.tunnel dictionary.usr \
		dictionary.versanet hints.sample huntgroups.sample \
		naslist.sample naspasswd.sample realms.sample users.sample
CONF_FILES+=	${EGDIR}/${cfile} ${PKG_SYSCONFDIR}/${cfile:S/.sample//}
.endfor

post-install:
	${INSTALL_DATA} ${WRKSRC}/COPYRIGHT ${DESTDIR}${PREFIX}/share/doc/radiusd-cistron/
.for i in	ChangeLog README README.CVX README.Y2K README.cisco	\
		README.pam README.proxy README.radrelay README.simul	\
		README.tunnel README.usersfile
	${INSTALL_DATA} ${WRKSRC}/doc/${i} ${DESTDIR}${PREFIX}/share/doc/radiusd-cistron/
.endfor
.for i in	radclient.1 radlast.1 radtest.1 radwho.1 radzap.1
	${INSTALL_MAN} ${WRKSRC}/doc/${i} ${DESTDIR}${PREFIX}/${PKGMANDIR}/man1/
.endfor
.for i in	clients.5rad naslist.5rad
	${INSTALL_MAN} ${WRKSRC}/doc/${i} ${DESTDIR}${PREFIX}/${PKGMANDIR}/man5/
.endfor
.for i in	radiusd.8 radrelay.8 radwatch.8
	${INSTALL_MAN} ${WRKSRC}/doc/${i} ${DESTDIR}${PREFIX}/${PKGMANDIR}/man8/
.endfor

.include "../../mk/bsd.pkg.mk"
Bump PKGREVISION for perl-5.24.0 for everything mentioning perl. 2016-07-09 08:38:30 +02:00			`# $NetBSD: Makefile,v 1.32 2016/07/09 06:38:45 wiz Exp $`
Added radiusd-cistron which was submitted in pkg/13274. 2001-10-11 11:57:20 +02:00
Update radiusd-cistron to 1.6.8. pkgsrc changes: * add a patch to fix build problem with gcc4. Changes: radiusd-cistron (1.6.8) cistron; urgency=low * Allow Tunnel attributes to be proxied. * Change log() -> log_msg() everywhere to shut up GCC 3.x * free() authreq after receiving packet from unknow client * Add wildcard flag to realms file * Use wildmat for Realm = compares in users file * Fix an endianness bug in rad_check_multi (Simon Byrnand <simon@igrin.co.nz>) 2007-12-22 13:39:57 +01:00			`DISTNAME= radiusd-cistron-1.6.8`
Bump PKGREVISION for perl-5.24.0 for everything mentioning perl. 2016-07-09 08:38:30 +02:00			`PKGREVISION= 5`
Added radiusd-cistron which was submitted in pkg/13274. 2001-10-11 11:57:20 +02:00			`CATEGORIES= net`
Remove Ex-MASTER_SITE. From Zafer Aydogan. 2007-12-02 12:30:04 +01:00			`MASTER_SITES= ftp://ftp.cistron.nl/pub/people/miquels/radius/`
Added radiusd-cistron which was submitted in pkg/13274. 2001-10-11 11:57:20 +02:00
Point MAINTAINER to pkgsrc-users@NetBSD.org in the case where no developer is officially maintaining the package. The rationale for changing this from "tech-pkg" to "pkgsrc-users" is that it implies that any user can try to maintain the package (by submitting patches to the mailing list). Since the folks most likely to care about the package are the folks that want to use it or are already using it, this would leverage the energy of users who aren't developers. 2006-03-04 22:28:51 +01:00			`MAINTAINER= pkgsrc-users@NetBSD.org`
Added radiusd-cistron which was submitted in pkg/13274. 2001-10-11 11:57:20 +02:00			`HOMEPAGE= http://www.radius.cistron.nl/`
s/accouting/accounting/ 2004-02-21 08:31:05 +01:00			`COMMENT= RADIUS-compliant remote authentication and accounting server`
Added radiusd-cistron which was submitted in pkg/13274. 2001-10-11 11:57:20 +02:00
radiusd-cistron (1.6.7) cistron; urgency=medium * Fix checkrad.pl::cisco_snmp and usrhiper_snmp so that communities other than "public" can be used too. * Error out on superflous command line args (optind >= argc) * Encrypt CHAP-Password in radclient so that CHAP can be tested too * Add "wildcard" option to realms - if you set this option, you can match on the entire username using shell wildcards in the realms file. * If the nastype in /etc/raddb/naslist is set to 'none' for a nas, logins on that nas will have no simultaneous use restrictions imposed and those logins will not count towards the total amount of logins. * Removed 'raduse' and manpage. * Can disable radutmp with "-u none" (likewise radwtmp with "-W none", though we already had "-w" for that). * Call checkrad with an extra argument, the framed IP address. * Fix bug where $INCLUDEing a file without any records would cause the rest of the original file to be ignored * Support for 64-bit wide integers (integer8 type). If compiled with gcc, users file can contain both hex and decimal 64-bit values, and 64-bit values are printed in decimal. With other compilers (no "long long" support) only hex 64-bit values are supported. * Change "_" to "-" in dictionary.redback and change the 64 bits values to integer8. * Moved the dictionary files to /usr/local/share/radius. Now only /etc/raddb/dictionary remains that $INCLUDES all the others. For new installs only; existing installations won't be changed * Make integer in the format string of sprintf(buf, "%03d:%.20s", ..) in make_wtmp() unsigned (%u), otherwise the sprintf could in some cases (negative NAS-Port, very long NAS-name) overrun the buffer by one byte, overwriting the least significant byte of the return address on the stack with a \0. Not sure if this is exploitable or not, but it could be a security problem. * Make sure ut.login (struct radutmp member) is treated everywhere as a NON-zero terminated string. * Make sure unsigned integers are used in all places using lvalues (32 bits radius values), especially nas_port. * radrelay: update id of packet when retransmitting. * Print an error and free the request struct if we receive an unknown packet type. * rad_check_multi: if username/NAS/port match, don't count as dup. 2003-12-16 20:19:41 +01:00			`CONFLICTS+= freeradius-[0-9]*`
Added radiusd-cistron which was submitted in pkg/13274. 2001-10-11 11:57:20 +02:00
Remove malloc.h hack, which was replaced by a single patch. Depend on and fix path to Perl in installed script. Bump revision. 2007-08-11 18:51:27 +02:00			`USE_TOOLS+= perl:run`

			`REPLACE_PERL= src/checkrad.pl`
Now that Freeradius is in the tree this one has a conflict. 2003-02-27 21:36:28 +01:00
Rename variable MAKEFILE to MAKE_FILE. 2006-09-09 04:41:53 +02:00			`MAKE_FILE= Makefile.BSD`
Update radiusd-cistron to 1.6.8. pkgsrc changes: * add a patch to fix build problem with gcc4. Changes: radiusd-cistron (1.6.8) cistron; urgency=low * Allow Tunnel attributes to be proxied. * Change log() -> log_msg() everywhere to shut up GCC 3.x * free() authreq after receiving packet from unknow client * Add wildcard flag to realms file * Use wildmat for Realm = compares in users file * Fix an endianness bug in rad_check_multi (Simon Byrnand <simon@igrin.co.nz>) 2007-12-22 13:39:57 +01:00			`BUILD_DIRS= src`
			`INSTALL_DIRS= src`
Prepare for switching to NO_MTREE=yes. 2007-03-24 20:21:18 +01:00			`INSTALLATION_DIRS= bin ${PKGMANDIR}/man1 ${PKGMANDIR}/man5 \`
			`${PKGMANDIR}/man8 sbin share/examples/raddb \`
			`share/doc/radiusd-cistron`
Added radiusd-cistron which was submitted in pkg/13274. 2001-10-11 11:57:20 +02:00
Convert to use bsd.pkg.install.mk: - Honour PKG_SYSCONFDIR. - Use OWN_DIRS_PERMS to handle the /var/log/radacct directory. - Use RCD_SCRIPTS to install a NetBSD rc.d compatible script. Bump PKGREVISION to 1. 2003-05-01 20:35:46 +02:00			`RCD_SCRIPTS= radiusd`

DESTDIR support 2010-02-11 23:35:09 +01:00			`OWN_DIRS_PERMS= /var/log/radacct ${REAL_ROOT_USER} ${REAL_ROOT_GROUP} 700`
Convert to use bsd.pkg.install.mk: - Honour PKG_SYSCONFDIR. - Use OWN_DIRS_PERMS to handle the /var/log/radacct directory. - Use RCD_SCRIPTS to install a NetBSD rc.d compatible script. Bump PKGREVISION to 1. 2003-05-01 20:35:46 +02:00
			`PKG_SYSCONFSUBDIR= raddb`
			`EGDIR= ${PREFIX}/share/examples/raddb`
			`CONF_FILES=`
			`.for cfile in clients.sample dictionary dictionary.ascend dictionary.bay \`
			`dictionary.cisco dictionary.cistron dictionary.compat \`
			`dictionary.erx dictionary.livingston dictionary.redback \`
			`dictionary.shiva dictionary.tunnel dictionary.usr \`
			`dictionary.versanet hints.sample huntgroups.sample \`
			`naslist.sample naspasswd.sample realms.sample users.sample`
			`CONF_FILES+= ${EGDIR}/${cfile} ${PKG_SYSCONFDIR}/${cfile:S/.sample//}`
			`.endfor`

Avoid defining specific do-build and do-install targets. Use buildlink2. 2003-05-01 20:05:26 +02:00			`post-install:`
DESTDIR support 2010-02-11 23:35:09 +01:00			`${INSTALL_DATA} ${WRKSRC}/COPYRIGHT ${DESTDIR}${PREFIX}/share/doc/radiusd-cistron/`
radiusd-cistron (1.6.7) cistron; urgency=medium * Fix checkrad.pl::cisco_snmp and usrhiper_snmp so that communities other than "public" can be used too. * Error out on superflous command line args (optind >= argc) * Encrypt CHAP-Password in radclient so that CHAP can be tested too * Add "wildcard" option to realms - if you set this option, you can match on the entire username using shell wildcards in the realms file. * If the nastype in /etc/raddb/naslist is set to 'none' for a nas, logins on that nas will have no simultaneous use restrictions imposed and those logins will not count towards the total amount of logins. * Removed 'raduse' and manpage. * Can disable radutmp with "-u none" (likewise radwtmp with "-W none", though we already had "-w" for that). * Call checkrad with an extra argument, the framed IP address. * Fix bug where $INCLUDEing a file without any records would cause the rest of the original file to be ignored * Support for 64-bit wide integers (integer8 type). If compiled with gcc, users file can contain both hex and decimal 64-bit values, and 64-bit values are printed in decimal. With other compilers (no "long long" support) only hex 64-bit values are supported. * Change "_" to "-" in dictionary.redback and change the 64 bits values to integer8. * Moved the dictionary files to /usr/local/share/radius. Now only /etc/raddb/dictionary remains that $INCLUDES all the others. For new installs only; existing installations won't be changed * Make integer in the format string of sprintf(buf, "%03d:%.20s", ..) in make_wtmp() unsigned (%u), otherwise the sprintf could in some cases (negative NAS-Port, very long NAS-name) overrun the buffer by one byte, overwriting the least significant byte of the return address on the stack with a \0. Not sure if this is exploitable or not, but it could be a security problem. * Make sure ut.login (struct radutmp member) is treated everywhere as a NON-zero terminated string. * Make sure unsigned integers are used in all places using lvalues (32 bits radius values), especially nas_port. * radrelay: update id of packet when retransmitting. * Print an error and free the request struct if we receive an unknown packet type. * rad_check_multi: if username/NAS/port match, don't count as dup. 2003-12-16 20:19:41 +01:00			`.for i in ChangeLog README README.CVX README.Y2K README.cisco \`
			`README.pam README.proxy README.radrelay README.simul \`
			`README.tunnel README.usersfile`
DESTDIR support 2010-02-11 23:35:09 +01:00			`${INSTALL_DATA} ${WRKSRC}/doc/${i} ${DESTDIR}${PREFIX}/share/doc/radiusd-cistron/`
radiusd-cistron (1.6.7) cistron; urgency=medium * Fix checkrad.pl::cisco_snmp and usrhiper_snmp so that communities other than "public" can be used too. * Error out on superflous command line args (optind >= argc) * Encrypt CHAP-Password in radclient so that CHAP can be tested too * Add "wildcard" option to realms - if you set this option, you can match on the entire username using shell wildcards in the realms file. * If the nastype in /etc/raddb/naslist is set to 'none' for a nas, logins on that nas will have no simultaneous use restrictions imposed and those logins will not count towards the total amount of logins. * Removed 'raduse' and manpage. * Can disable radutmp with "-u none" (likewise radwtmp with "-W none", though we already had "-w" for that). * Call checkrad with an extra argument, the framed IP address. * Fix bug where $INCLUDEing a file without any records would cause the rest of the original file to be ignored * Support for 64-bit wide integers (integer8 type). If compiled with gcc, users file can contain both hex and decimal 64-bit values, and 64-bit values are printed in decimal. With other compilers (no "long long" support) only hex 64-bit values are supported. * Change "_" to "-" in dictionary.redback and change the 64 bits values to integer8. * Moved the dictionary files to /usr/local/share/radius. Now only /etc/raddb/dictionary remains that $INCLUDES all the others. For new installs only; existing installations won't be changed * Make integer in the format string of sprintf(buf, "%03d:%.20s", ..) in make_wtmp() unsigned (%u), otherwise the sprintf could in some cases (negative NAS-Port, very long NAS-name) overrun the buffer by one byte, overwriting the least significant byte of the return address on the stack with a \0. Not sure if this is exploitable or not, but it could be a security problem. * Make sure ut.login (struct radutmp member) is treated everywhere as a NON-zero terminated string. * Make sure unsigned integers are used in all places using lvalues (32 bits radius values), especially nas_port. * radrelay: update id of packet when retransmitting. * Print an error and free the request struct if we receive an unknown packet type. * rad_check_multi: if username/NAS/port match, don't count as dup. 2003-12-16 20:19:41 +01:00			`.endfor`
			`.for i in radclient.1 radlast.1 radtest.1 radwho.1 radzap.1`
DESTDIR support 2010-02-11 23:35:09 +01:00			`${INSTALL_MAN} ${WRKSRC}/doc/${i} ${DESTDIR}${PREFIX}/${PKGMANDIR}/man1/`
radiusd-cistron (1.6.7) cistron; urgency=medium * Fix checkrad.pl::cisco_snmp and usrhiper_snmp so that communities other than "public" can be used too. * Error out on superflous command line args (optind >= argc) * Encrypt CHAP-Password in radclient so that CHAP can be tested too * Add "wildcard" option to realms - if you set this option, you can match on the entire username using shell wildcards in the realms file. * If the nastype in /etc/raddb/naslist is set to 'none' for a nas, logins on that nas will have no simultaneous use restrictions imposed and those logins will not count towards the total amount of logins. * Removed 'raduse' and manpage. * Can disable radutmp with "-u none" (likewise radwtmp with "-W none", though we already had "-w" for that). * Call checkrad with an extra argument, the framed IP address. * Fix bug where $INCLUDEing a file without any records would cause the rest of the original file to be ignored * Support for 64-bit wide integers (integer8 type). If compiled with gcc, users file can contain both hex and decimal 64-bit values, and 64-bit values are printed in decimal. With other compilers (no "long long" support) only hex 64-bit values are supported. * Change "_" to "-" in dictionary.redback and change the 64 bits values to integer8. * Moved the dictionary files to /usr/local/share/radius. Now only /etc/raddb/dictionary remains that $INCLUDES all the others. For new installs only; existing installations won't be changed * Make integer in the format string of sprintf(buf, "%03d:%.20s", ..) in make_wtmp() unsigned (%u), otherwise the sprintf could in some cases (negative NAS-Port, very long NAS-name) overrun the buffer by one byte, overwriting the least significant byte of the return address on the stack with a \0. Not sure if this is exploitable or not, but it could be a security problem. * Make sure ut.login (struct radutmp member) is treated everywhere as a NON-zero terminated string. * Make sure unsigned integers are used in all places using lvalues (32 bits radius values), especially nas_port. * radrelay: update id of packet when retransmitting. * Print an error and free the request struct if we receive an unknown packet type. * rad_check_multi: if username/NAS/port match, don't count as dup. 2003-12-16 20:19:41 +01:00			`.endfor`
			`.for i in clients.5rad naslist.5rad`
DESTDIR support 2010-02-11 23:35:09 +01:00			`${INSTALL_MAN} ${WRKSRC}/doc/${i} ${DESTDIR}${PREFIX}/${PKGMANDIR}/man5/`
radiusd-cistron (1.6.7) cistron; urgency=medium * Fix checkrad.pl::cisco_snmp and usrhiper_snmp so that communities other than "public" can be used too. * Error out on superflous command line args (optind >= argc) * Encrypt CHAP-Password in radclient so that CHAP can be tested too * Add "wildcard" option to realms - if you set this option, you can match on the entire username using shell wildcards in the realms file. * If the nastype in /etc/raddb/naslist is set to 'none' for a nas, logins on that nas will have no simultaneous use restrictions imposed and those logins will not count towards the total amount of logins. * Removed 'raduse' and manpage. * Can disable radutmp with "-u none" (likewise radwtmp with "-W none", though we already had "-w" for that). * Call checkrad with an extra argument, the framed IP address. * Fix bug where $INCLUDEing a file without any records would cause the rest of the original file to be ignored * Support for 64-bit wide integers (integer8 type). If compiled with gcc, users file can contain both hex and decimal 64-bit values, and 64-bit values are printed in decimal. With other compilers (no "long long" support) only hex 64-bit values are supported. * Change "_" to "-" in dictionary.redback and change the 64 bits values to integer8. * Moved the dictionary files to /usr/local/share/radius. Now only /etc/raddb/dictionary remains that $INCLUDES all the others. For new installs only; existing installations won't be changed * Make integer in the format string of sprintf(buf, "%03d:%.20s", ..) in make_wtmp() unsigned (%u), otherwise the sprintf could in some cases (negative NAS-Port, very long NAS-name) overrun the buffer by one byte, overwriting the least significant byte of the return address on the stack with a \0. Not sure if this is exploitable or not, but it could be a security problem. * Make sure ut.login (struct radutmp member) is treated everywhere as a NON-zero terminated string. * Make sure unsigned integers are used in all places using lvalues (32 bits radius values), especially nas_port. * radrelay: update id of packet when retransmitting. * Print an error and free the request struct if we receive an unknown packet type. * rad_check_multi: if username/NAS/port match, don't count as dup. 2003-12-16 20:19:41 +01:00			`.endfor`
			`.for i in radiusd.8 radrelay.8 radwatch.8`
DESTDIR support 2010-02-11 23:35:09 +01:00			`${INSTALL_MAN} ${WRKSRC}/doc/${i} ${DESTDIR}${PREFIX}/${PKGMANDIR}/man8/`
radiusd-cistron (1.6.7) cistron; urgency=medium * Fix checkrad.pl::cisco_snmp and usrhiper_snmp so that communities other than "public" can be used too. * Error out on superflous command line args (optind >= argc) * Encrypt CHAP-Password in radclient so that CHAP can be tested too * Add "wildcard" option to realms - if you set this option, you can match on the entire username using shell wildcards in the realms file. * If the nastype in /etc/raddb/naslist is set to 'none' for a nas, logins on that nas will have no simultaneous use restrictions imposed and those logins will not count towards the total amount of logins. * Removed 'raduse' and manpage. * Can disable radutmp with "-u none" (likewise radwtmp with "-W none", though we already had "-w" for that). * Call checkrad with an extra argument, the framed IP address. * Fix bug where $INCLUDEing a file without any records would cause the rest of the original file to be ignored * Support for 64-bit wide integers (integer8 type). If compiled with gcc, users file can contain both hex and decimal 64-bit values, and 64-bit values are printed in decimal. With other compilers (no "long long" support) only hex 64-bit values are supported. * Change "_" to "-" in dictionary.redback and change the 64 bits values to integer8. * Moved the dictionary files to /usr/local/share/radius. Now only /etc/raddb/dictionary remains that $INCLUDES all the others. For new installs only; existing installations won't be changed * Make integer in the format string of sprintf(buf, "%03d:%.20s", ..) in make_wtmp() unsigned (%u), otherwise the sprintf could in some cases (negative NAS-Port, very long NAS-name) overrun the buffer by one byte, overwriting the least significant byte of the return address on the stack with a \0. Not sure if this is exploitable or not, but it could be a security problem. * Make sure ut.login (struct radutmp member) is treated everywhere as a NON-zero terminated string. * Make sure unsigned integers are used in all places using lvalues (32 bits radius values), especially nas_port. * radrelay: update id of packet when retransmitting. * Print an error and free the request struct if we receive an unknown packet type. * rad_check_multi: if username/NAS/port match, don't count as dup. 2003-12-16 20:19:41 +01:00			`.endfor`
Added radiusd-cistron which was submitted in pkg/13274. 2001-10-11 11:57:20 +02:00
			`.include "../../mk/bsd.pkg.mk"`