security bug #91736; edirectory support (#90171); udpfromto support

(Portage version: 2.0.51.19)

5 files changed, 238 insertions, 12 deletions

diff --git a/net-dialup/freeradius/ChangeLog b/net-dialup/freeradius/ChangeLog
index 4277e2ebe565..293e5f29b458 100644
--- a/net-dialup/freeradius/ChangeLog
+++ b/net-dialup/freeradius/ChangeLog
@@ -1,6 +1,13 @@
 # ChangeLog for net-dialup/freeradius
 # Copyright 2002-2005 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/net-dialup/freeradius/ChangeLog,v 1.30 2005/04/14 20:48:21 mrness Exp $
+# $Header: /var/cvsroot/gentoo-x86/net-dialup/freeradius/ChangeLog,v 1.31 2005/05/07 16:59:46 mrness Exp $
+
+*freeradius-1.0.2-r3 (07 May 2005)
+
+  07 May 2005; Alin Nastac <mrness@gentoo.org>
+  +files/freeradius-1.0.2-sql-escape.patch, +freeradius-1.0.2-r3.ebuild:
+  Fixed SQL injection & buffer overflow vulnerabilities(#91736). Add support
+  for Novell eDirectory through edirectory USE flag (#90171). Add udpfromto USE flag.
 
   14 Apr 2005; Alin Nastac <mrness@gentoo.org> freeradius-1.0.1.ebuild,
   -freeradius-1.0.2-r1.ebuild, freeradius-1.0.2-r2.ebuild:
diff --git a/net-dialup/freeradius/Manifest b/net-dialup/freeradius/Manifest
index 15ff0dcece73..693a38fa70c6 100644
--- a/net-dialup/freeradius/Manifest
+++ b/net-dialup/freeradius/Manifest
@@ -1,20 +1,13 @@
------BEGIN PGP SIGNED MESSAGE-----
-Hash: SHA1
-
+MD5 e084ded1410673ed1b18f7f3611b8c96 freeradius-1.0.2-r3.ebuild 3254
 MD5 6b9232a327e596bba17869f2557b5c36 freeradius-1.0.1.ebuild 2799
 MD5 95a47b2087d7293bb941d6e886446a13 freeradius-1.0.2-r2.ebuild 3015
-MD5 d3e5fea484ce19a67182201e22901f85 ChangeLog 4293
+MD5 faed253a17551c949e42ae7b0fdec6b1 ChangeLog 4613
 MD5 1542bf76e28581e9d6bcfdc75e46f33d metadata.xml 252
 MD5 fc6693f3df5a0694610110287a28568a files/radius.conf 129
 MD5 50b0d44ee0e5313901606e2749dfdd34 files/radius.init 1006
 MD5 5a26f9881af51aed070957e5fc4ed808 files/digest-freeradius-1.0.2-r2 69
+MD5 5a26f9881af51aed070957e5fc4ed808 files/digest-freeradius-1.0.2-r3 69
 MD5 9f0188ba482e825cf2a89584f8caa813 files/digest-freeradius-1.0.1 69
 MD5 3c2119ec1d8d807fe5ed14944747f0f8 files/freeradius-1.0.1-gcc34.patch 715
 MD5 6b0efd384f551fab6b82794e91dbb4d5 files/freeradius-1.0.2-whole-archive-gentoo.patch 1728
------BEGIN PGP SIGNATURE-----
-Version: GnuPG v1.4.1 (GNU/Linux)
-
-iD8DBQFCXtcxjiC39V7gKu0RAl7cAKCFkDwrvxP3iptVyufdho4KLWNjwwCfRmZw
-YXCGOuhy8Ssr/bCCKVavdPg=
-=JM1p
------END PGP SIGNATURE-----
+MD5 503ac5a922de5a21fde5487e339220f7 files/freeradius-1.0.2-sql-escape.patch 3157
diff --git a/net-dialup/freeradius/files/digest-freeradius-1.0.2-r3 b/net-dialup/freeradius/files/digest-freeradius-1.0.2-r3
new file mode 100644
index 000000000000..54745a2d6470
--- /dev/null
+++ b/net-dialup/freeradius/files/digest-freeradius-1.0.2-r3
@@ -0,0 +1 @@
+MD5 f5dfce4efbb03bbc47ceae08270a875e freeradius-1.0.2.tar.gz 2208884
diff --git a/net-dialup/freeradius/files/freeradius-1.0.2-sql-escape.patch b/net-dialup/freeradius/files/freeradius-1.0.2-sql-escape.patch
new file mode 100644
index 000000000000..ae2b0211cf56
--- /dev/null
+++ b/net-dialup/freeradius/files/freeradius-1.0.2-sql-escape.patch
@@ -0,0 +1,96 @@
+diff -Nru freeradius-1.0.2.orig/src/modules/rlm_sql/rlm_sql.c freeradius-1.0.2/src/modules/rlm_sql/rlm_sql.c
+--- freeradius-1.0.2.orig/src/modules/rlm_sql/rlm_sql.c	2004-09-30 17:54:22.000000000 +0300
++++ freeradius-1.0.2/src/modules/rlm_sql/rlm_sql.c	2005-05-07 18:54:43.314085504 +0300
+@@ -158,6 +158,7 @@
+  */
+ static int sql_set_user(SQL_INST *inst, REQUEST *request, char *sqlusername, const char *username);
+ static int generate_sql_clients(SQL_INST *inst);
++static int sql_escape_func(char *out, int outlen, const char *in);
+ 
+ /*
+  *	sql xlat function. Right now only SELECTs are supported. Only
+@@ -184,7 +185,7 @@
+ 	/*
+ 	 * Do an xlat on the provided string (nice recursive operation).
+ 	 */
+-	if (!radius_xlat(querystr, sizeof(querystr), fmt, request, func)) {
++	if (!radius_xlat(querystr, sizeof(querystr), fmt, request, sql_escape_func)) {
+ 		radlog(L_ERR, "rlm_sql (%s): xlat failed.",
+ 		       inst->config->xlat_name);
+ 		return 0;
+@@ -409,18 +410,18 @@
+ 
+ 	while (in[0]) {
+ 		/*
+-		 *  Only one byte left.
+-		 */
+-		if (outlen <= 1) {
+-			break;
+-		}
+-
+-		/*
+ 		 *	Non-printable characters get replaced with their
+ 		 *	mime-encoded equivalents.
+ 		 */
+ 		if ((in[0] < 32) ||
+ 		    strchr(allowed_chars, *in) == NULL) {
++			/*
++			 *  Less than 3 bytes left.
++			 */
++			if (outlen <= 3) {
++				break;
++			}
++
+ 			snprintf(out, outlen, "=%02X", (unsigned char) in[0]);
+ 			in++;
+ 			out += 3;
+@@ -430,6 +431,13 @@
+ 		}
+ 
+ 		/*
++		 *  Only one byte left.
++		 */
++		if (outlen <= 1) {
++			break;
++		}
++
++		/*
+ 		 *	Else it's a nice character.
+ 		 */
+ 		*out = *in;
+@@ -459,7 +467,7 @@
+ 	if (username != NULL) {
+ 		strNcpy(tmpuser, username, MAX_STRING_LEN);
+ 	} else if (strlen(inst->config->query_user)) {
+-		radius_xlat(tmpuser, sizeof(tmpuser), inst->config->query_user, request, NULL);
++		radius_xlat(tmpuser, sizeof(tmpuser), inst->config->query_user, request, sql_escape_func);
+ 	} else {
+ 		return 0;
+ 	}
+@@ -517,7 +525,7 @@
+ 	 */
+ 	if (sql_set_user(inst, req, sqlusername, 0) < 0)
+ 		return 1;
+-	if (!radius_xlat(querystr, sizeof(querystr), inst->config->groupmemb_query, req, NULL)){
++	if (!radius_xlat(querystr, sizeof(querystr), inst->config->groupmemb_query, req, sql_escape_func)){
+ 		radlog(L_ERR, "rlm_sql (%s): xlat failed.",
+ 		       inst->config->xlat_name);
+ 		/* Remove the username we (maybe) added above */
+@@ -1149,7 +1157,7 @@
+ 	if(sql_set_user(inst, request, sqlusername, 0) <0)
+ 		return RLM_MODULE_FAIL;
+ 
+-	radius_xlat(querystr, sizeof(querystr), inst->config->simul_count_query, request, NULL);
++	radius_xlat(querystr, sizeof(querystr), inst->config->simul_count_query, request, sql_escape_func);
+ 
+ 	/* initialize the sql socket */
+ 	sqlsocket = sql_get_socket(inst);
+@@ -1193,7 +1201,7 @@
+ 		return RLM_MODULE_OK;
+ 	}
+ 
+-	radius_xlat(querystr, sizeof(querystr), inst->config->simul_verify_query, request, NULL);
++	radius_xlat(querystr, sizeof(querystr), inst->config->simul_verify_query, request, sql_escape_func);
+ 	if(rlm_sql_select_query(sqlsocket, inst, querystr)) {
+ 		radlog(L_ERR, "rlm_sql (%s): sql_checksimul: Database query error", inst->config->xlat_name);
+ 		sql_release_socket(inst, sqlsocket);
diff --git a/net-dialup/freeradius/freeradius-1.0.2-r3.ebuild b/net-dialup/freeradius/freeradius-1.0.2-r3.ebuild
new file mode 100644
index 000000000000..15bb46120ddb
--- /dev/null
+++ b/net-dialup/freeradius/freeradius-1.0.2-r3.ebuild
@@ -0,0 +1,129 @@
+# Copyright 1999-2005 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/net-dialup/freeradius/freeradius-1.0.2-r3.ebuild,v 1.1 2005/05/07 16:59:46 mrness Exp $
+
+inherit eutils
+
+DESCRIPTION="highly configurable free RADIUS server"
+SRC_URI="ftp://ftp.freeradius.org/pub/radius/${P}.tar.gz"
+HOMEPAGE="http://www.freeradius.org/"
+
+KEYWORDS="~x86 ~amd64 ~ppc ~sparc"
+LICENSE="GPL-2"
+SLOT="0"
+IUSE="edirectory frascend frnothreads frxp kerberos ldap mysql pam postgres snmp ssl udpfromto"
+
+DEPEND="!net-dialup/cistronradius
+	!net-dialup/gnuradius
+	virtual/libc
+	>=sys-libs/db-3.2
+	sys-libs/gdbm
+	snmp? ( net-analyzer/net-snmp )
+	mysql? ( dev-db/mysql )
+	postgres? ( dev-db/postgresql )
+	pam? ( sys-libs/pam )
+	ssl? ( dev-libs/openssl )
+	ldap? ( net-nds/openldap )
+	kerberos? ( virtual/krb5 )
+	frxp? ( dev-lang/python
+		dev-lang/perl )"
+
+pkg_setup() {
+	if use edirectory && ! use ldap ; then
+		eerror "Cannot add integration with Novell's eDirectory without having LDAP support!"
+		eerror "Either you select ldap USE flag or remove edirectory"
+		die
+	fi
+}
+
+src_unpack() {
+	unpack ${P}.tar.gz
+	cd ${S}
+
+	epatch ${FILESDIR}/${P}-whole-archive-gentoo.patch
+	epatch ${FILESDIR}/${P}-sql-escape.patch
+
+	export WANT_AUTOCONF=2.1
+	autoconf
+}
+
+src_compile() {
+	local myconf=" \
+		`use_with snmp` \
+		`use_with frascent ascend-binary` \
+		`use_with frxp experimental-modules` \
+		`use_with udpfromto` \
+		`use_with edirectory edir` "
+
+	if useq frnothreads; then
+		myconf="${myconf} --without-threads"
+	fi
+	#fix bug #77613
+	if has_version app-crypt/heimdal; then
+		myconf="${myconf} --enable-heimdal-krb5"
+	fi
+
+	# kill modules we don't use
+	if ! use ssl; then
+		einfo "removing rlm_eap_tls and rlm_x99_token (no use ssl)"
+		rm -rf src/modules/rlm_eap/types/rlm_eap_tls src/modules/rlm_x99_token
+	fi
+	if ! use ldap; then
+		einfo "removing rlm_ldap (no use ldap)"
+		rm -rf src/modules/rlm_ldap
+	fi
+	if ! use kerberos; then
+		einfo "removing rlm_krb5 (no use kerberos)"
+		rm -rf src/modules/rlm_krb5
+	fi
+	if ! use pam; then
+		einfo "removing rlm_pam (no use pam)"
+		rm -rf src/modules/rlm_pam
+	fi
+
+	./configure --prefix=/usr --sysconfdir=/etc --localstatedir=/var \
+		--mandir=/usr/share/man \
+		--with-large-files --disable-ltdl-install --disable-static \
+		${myconf} || die
+
+	make || die
+}
+
+pkg_preinst() {
+	enewgroup radiusd
+	enewuser radiusd -1 /bin/false /var/log/radius radiusd
+}
+
+src_install() {
+	dodir /etc
+	dodir /var/log
+	dodir /var/run
+	pkg_preinst
+	diropts -m0750 -o root -g radiusd
+	dodir /etc/raddb
+	diropts -m0750 -o radiusd -g radiusd
+	dodir /var/log/radius
+	dodir /var/log/radius/radacct
+	dodir /var/run/radiusd
+	diropts
+
+	make R=${D} install || die
+	dosed 's:^#user *= *nobody:user = radiusd:;s:^#group *= *nobody:group = radiusd:' \
+	    /etc/raddb/radiusd.conf
+
+	[ -z "${PR}" ] || mv ${D}/usr/share/doc/${P} ${D}/usr/share/doc/${PF}
+	gzip -f -9 ${D}/usr/share/doc/${PF}/{rfc/*.txt,*}
+	dodoc COPYRIGHT CREDITS INSTALL LICENSE
+	#Copy SQL schemas to doc dir
+	docinto sql.schemas
+	dodoc src/modules/rlm_sql/drivers/rlm_sql_*/*.sql
+
+	rm ${D}/usr/sbin/rc.radiusd
+
+	exeinto /etc/init.d
+	newexe ${FILESDIR}/radius.init radiusd
+
+	insinto /etc/conf.d
+	newins ${FILESDIR}/radius.conf radiusd
+}
+