- Update to freeradius 1.0.4
- The security issues mentioned in this update were incorporated into patch-ak previously and a security advisory was already made in regards to this. > FreeRADIUS 1.0.4 ; Date: 2005/06/11 22:46:52, urgency=medium > > * Fix installation problem. > * Increase a buffer size, so radrelay doesn't truncate values. > * Updates in the documentation. Patches from Thor Spruyt. > > FreeRADIUS 1.0.3 ; Date: 2005/06/03 17:15:11, urgency=high > Security Fixes > * Always escape the strings in the SQL module. > * Check buffer bound when input character needs escaping in > the SQL module. Bug found by Primoz Bratanic. > > Bug fixes > * Return EAP-Fail in Access-Reject, rather than an empty Access-Reject > * Don't send Proxy-State from home server in TTLS. > * Fixes for forking external programs, so the server doesn't > suddenly stop processing requests, or stop forking programs. > * radzap now works, but it's command-line options have changed > completely, and it's a shell script. > * radwho has updated command-line options, and no longer reads > Unix "utmp" files. > * Fix bug in calling checkrad script with NAS port > 9999999 > * Fix long-standing bug when both crypt and pthreads are in use > * Don't SEGV when rlm_sql gets 'NULL' value from request. > * Re-arrange code in radrelay to not duplicate accounting packets. > * In rlm_attr_rewrite, change the value when the attribute type > is different from string.
This commit is contained in:
adrianp
parent
8ed0922204
commit
491f4fd604
4 changed files with 8 additions and 100 deletions
|
|
@ -1,7 +1,6 @@
|
|||
# $NetBSD: Makefile,v 1.29 2005/05/22 20:08:23 jlam Exp $
|
||||
# $NetBSD: Makefile,v 1.30 2005/07/09 17:25:00 adrianp Exp $
|
||||
|
||||
DISTNAME= freeradius-1.0.2
|
||||
PKGREVISION= 2
|
||||
DISTNAME= freeradius-1.0.4
|
||||
CATEGORIES= net
|
||||
MASTER_SITES= ftp://ftp.freeradius.org/pub/radius/ \
|
||||
ftp://ftp.Awfulhak.org/pub/radius/
|
||||
|
|
@ -122,7 +121,6 @@ post-install:
|
|||
. for f in ${EGFILES}
|
||||
${INSTALL_DATA} ${WRKSRC}/raddb/${f} ${EGDIR}/${f}
|
||||
. endfor
|
||||
. undef f
|
||||
|
||||
@${MKDIR} ${PKG_SYSCONFDIR}/certs
|
||||
@${MKDIR} ${PKG_SYSCONFDIR}/certs/demoCA
|
||||
|
|
|
|||
|
|
@ -1,4 +1,4 @@
|
|||
@comment $NetBSD: PLIST,v 1.8 2005/05/02 20:34:02 reed Exp $
|
||||
@comment $NetBSD: PLIST,v 1.9 2005/07/09 17:25:00 adrianp Exp $
|
||||
bin/radclient
|
||||
bin/radeapclient
|
||||
bin/radlast
|
||||
|
|
@ -369,6 +369,7 @@ share/freeradius/dictionary.foundry
|
|||
share/freeradius/dictionary.freeradius
|
||||
share/freeradius/dictionary.gandalf
|
||||
share/freeradius/dictionary.garderos
|
||||
share/freeradius/dictionary.gemtek
|
||||
share/freeradius/dictionary.itk
|
||||
share/freeradius/dictionary.juniper
|
||||
share/freeradius/dictionary.karlnet
|
||||
|
|
|
|||
|
|
@ -1,9 +1,8 @@
|
|||
$NetBSD: distinfo,v 1.14 2005/05/18 21:58:45 adrianp Exp $
|
||||
$NetBSD: distinfo,v 1.15 2005/07/09 17:25:00 adrianp Exp $
|
||||
|
||||
SHA1 (freeradius-1.0.2.tar.gz) = 5703fd8abb4f28c15d716bd1ec1e9cfe2e1e6c90
|
||||
RMD160 (freeradius-1.0.2.tar.gz) = 796da74e64da189d7d7520201c7c4139f9f478c4
|
||||
Size (freeradius-1.0.2.tar.gz) = 2208884 bytes
|
||||
SHA1 (freeradius-1.0.4.tar.gz) = f0c877ae80592609ada4875cf1b472c7742720fb
|
||||
RMD160 (freeradius-1.0.4.tar.gz) = b75a872ced9a461f3063f19d49546fc9ef86a225
|
||||
Size (freeradius-1.0.4.tar.gz) = 2209057 bytes
|
||||
SHA1 (patch-ae) = 0c1b6c79329f41c35e3a783e61cc205cb78a4773
|
||||
SHA1 (patch-ai) = bb4dafd3f6b961403caa955c9a09c271468ada36
|
||||
SHA1 (patch-aj) = 422c9dfbde08c26acf41a040c57508ab9725004e
|
||||
SHA1 (patch-ak) = ad272be635d6b27e5b986c3e9a06ef85484c1230
|
||||
|
|
|
|||
|
|
@ -1,90 +0,0 @@
|
|||
$NetBSD: patch-ak,v 1.3 2005/05/18 21:58:45 adrianp Exp $
|
||||
|
||||
--- src/modules/rlm_sql/rlm_sql.c.orig 2004-09-30 15:54:22.000000000 +0100
|
||||
+++ src/modules/rlm_sql/rlm_sql.c
|
||||
@@ -158,6 +158,7 @@ static int rlm_sql_init(void) {
|
||||
*/
|
||||
static int sql_set_user(SQL_INST *inst, REQUEST *request, char *sqlusername, const char *username);
|
||||
static int generate_sql_clients(SQL_INST *inst);
|
||||
+static int sql_escape_func(char *out, int outlen, const char *in);
|
||||
|
||||
/*
|
||||
* sql xlat function. Right now only SELECTs are supported. Only
|
||||
@@ -184,7 +185,7 @@ static int sql_xlat(void *instance, REQU
|
||||
/*
|
||||
* Do an xlat on the provided string (nice recursive operation).
|
||||
*/
|
||||
- if (!radius_xlat(querystr, sizeof(querystr), fmt, request, func)) {
|
||||
+ if (!radius_xlat(querystr, sizeof(querystr), fmt, request, sql_escape_func)) {
|
||||
radlog(L_ERR, "rlm_sql (%s): xlat failed.",
|
||||
inst->config->xlat_name);
|
||||
return 0;
|
||||
@@ -409,18 +410,18 @@ static int sql_escape_func(char *out, in
|
||||
|
||||
while (in[0]) {
|
||||
/*
|
||||
- * Only one byte left.
|
||||
- */
|
||||
- if (outlen <= 1) {
|
||||
- break;
|
||||
- }
|
||||
-
|
||||
- /*
|
||||
* Non-printable characters get replaced with their
|
||||
* mime-encoded equivalents.
|
||||
*/
|
||||
if ((in[0] < 32) ||
|
||||
strchr(allowed_chars, *in) == NULL) {
|
||||
+ /*
|
||||
+ * Only 3 or less bytes available.
|
||||
+ */
|
||||
+ if (outlen <= 3) {
|
||||
+ break;
|
||||
+ }
|
||||
+
|
||||
snprintf(out, outlen, "=%02X", (unsigned char) in[0]);
|
||||
in++;
|
||||
out += 3;
|
||||
@@ -430,7 +431,14 @@ static int sql_escape_func(char *out, in
|
||||
}
|
||||
|
||||
/*
|
||||
- * Else it's a nice character.
|
||||
+ * Only one byte left.
|
||||
+ */
|
||||
+ if (outlen <= 1) {
|
||||
+ break;
|
||||
+ }
|
||||
+
|
||||
+ /*
|
||||
+ * Allowed character.
|
||||
*/
|
||||
*out = *in;
|
||||
out++;
|
||||
@@ -517,7 +525,7 @@ static int sql_groupcmp(void *instance,
|
||||
*/
|
||||
if (sql_set_user(inst, req, sqlusername, 0) < 0)
|
||||
return 1;
|
||||
- if (!radius_xlat(querystr, sizeof(querystr), inst->config->groupmemb_query, req, NULL)){
|
||||
+ if (!radius_xlat(querystr, sizeof(querystr), inst->config->groupmemb_query, req, sql_escape_func)){
|
||||
radlog(L_ERR, "rlm_sql (%s): xlat failed.",
|
||||
inst->config->xlat_name);
|
||||
/* Remove the username we (maybe) added above */
|
||||
@@ -1149,7 +1157,7 @@ static int rlm_sql_checksimul(void *inst
|
||||
if(sql_set_user(inst, request, sqlusername, 0) <0)
|
||||
return RLM_MODULE_FAIL;
|
||||
|
||||
- radius_xlat(querystr, sizeof(querystr), inst->config->simul_count_query, request, NULL);
|
||||
+ radius_xlat(querystr, sizeof(querystr), inst->config->simul_count_query, request, sql_escape_func);
|
||||
|
||||
/* initialize the sql socket */
|
||||
sqlsocket = sql_get_socket(inst);
|
||||
@@ -1193,7 +1201,7 @@ static int rlm_sql_checksimul(void *inst
|
||||
return RLM_MODULE_OK;
|
||||
}
|
||||
|
||||
- radius_xlat(querystr, sizeof(querystr), inst->config->simul_verify_query, request, NULL);
|
||||
+ radius_xlat(querystr, sizeof(querystr), inst->config->simul_verify_query, request, sql_escape_func);
|
||||
if(rlm_sql_select_query(sqlsocket, inst, querystr)) {
|
||||
radlog(L_ERR, "rlm_sql (%s): sql_checksimul: Database query error", inst->config->xlat_name);
|
||||
sql_release_socket(inst, sqlsocket);
|
||||
Loading…
Reference in a new issue