diff --git a/.cvsignore b/.cvsignore index e69de29..f683c13 100644 --- a/.cvsignore +++ b/.cvsignore @@ -0,0 +1 @@ +pam_radius-1.3.17.tar.gz diff --git a/INSTALL-doc.patch b/INSTALL-doc.patch new file mode 100644 index 0000000..c420ed7 --- /dev/null +++ b/INSTALL-doc.patch @@ -0,0 +1,25 @@ +*** INSTALL 2010-02-21 20:43:14.000000000 -0500 +--- INSTALL-2 2010-02-21 20:53:15.000000000 -0500 +*************** +*** 103,113 **** + + You will need a server configuration file. An example is given in + the file pam_radius_auth.conf. You will need to copy this file to +! /etc/raddb/server. The file MUST be secure! i.e. + +! chown root /etc/raddb +! chmod go-rwx /etc/raddb +! chmod go-rwx /etc/raddb/server + + See 'USAGE' for details of the configuration file. + +--- 103,111 ---- + + You will need a server configuration file. An example is given in + the file pam_radius_auth.conf. You will need to copy this file to +! /etc/pam_radius.conf. The file MUST be secure! i.e. + +! chmod go-rwx /etc/pam_radius.conf + + See 'USAGE' for details of the configuration file. + diff --git a/Makefile-build-shared-library.patch b/Makefile-build-shared-library.patch new file mode 100644 index 0000000..0336330 --- /dev/null +++ b/Makefile-build-shared-library.patch @@ -0,0 +1,19 @@ +*** Makefile 2010-01-13 16:34:01.000000000 -0500 +--- Makefile2 2010-01-13 16:34:58.000000000 -0500 +*************** +*** 55,61 **** + # gcc -shared pam_radius_auth.o md5.o -lpam -lc -o pam_radius_auth.so + # + pam_radius_auth.so: pam_radius_auth.o md5.o +! ld -Bshareable pam_radius_auth.o md5.o -lpam -o pam_radius_auth.so + + ###################################################################### + # +--- 55,61 ---- + # gcc -shared pam_radius_auth.o md5.o -lpam -lc -o pam_radius_auth.so + # + pam_radius_auth.so: pam_radius_auth.o md5.o +! $(CC) -shared pam_radius_auth.o md5.o -lpam -lc -o pam_radius_auth.so + + ###################################################################### + # diff --git a/import.log b/import.log new file mode 100644 index 0000000..5356fb9 --- /dev/null +++ b/import.log @@ -0,0 +1 @@ +pam_radius-1_3_17-2_fc12:F-12:pam_radius-1.3.17-2.fc12.src.rpm:1266888504 diff --git a/pam_radius-md5-ppc-fix.patch b/pam_radius-md5-ppc-fix.patch new file mode 100644 index 0000000..c360159 --- /dev/null +++ b/pam_radius-md5-ppc-fix.patch @@ -0,0 +1,19 @@ +*** md5.c 2010-01-14 16:34:39.000000000 -0500 +--- md5-2.c 2010-01-14 16:35:16.000000000 -0500 +*************** +*** 42,48 **** + #include + #include "md5.h" + +! #if defined(__sparc) || defined(__mips) + #define HIGHFIRST + #endif + +--- 42,48 ---- + #include + #include "md5.h" + +! #if defined(__sparc) || defined(__mips) || defined(__PPC__) + #define HIGHFIRST + #endif + diff --git a/pam_radius.spec b/pam_radius.spec new file mode 100644 index 0000000..f0802d5 --- /dev/null +++ b/pam_radius.spec @@ -0,0 +1,76 @@ +Name: pam_radius +Summary: PAM Module for RADIUS Authentication +Version: 1.3.17 +Release: 2%{?dist} +Source: ftp://ftp.freeradius.org/pub/radius/pam_radius-%{version}.tar.gz +URL: http://www.freeradius.org/pam_radius_auth/ +Group: System Environment/Libraries +BuildRoot: (mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}) +License: GPLv2+ +Requires: pam +BuildRequires: pam-devel +# patches inconsistencies in debug output +# Sent upstream via email 20100106 +Patch1: pam_radius_auth-debug-consistency.patch +# patches Makefile to ensure shared library builds properly in Fedora +# Sent upstream via email 20100114 +Patch2: Makefile-build-shared-library.patch +# patch adds ability to accommodate high-order bit first for Power PC +# Sent upstream via email 20100114 +Patch3: pam_radius-md5-ppc-fix.patch +# patches default location of configuration file in pam_radius_auth.h +# Sent upstream via email 20100114 +Patch4: pam_radius_auth-conffile-location.patch +# patches default location of configuration file in radius.h +# Sent upstream via email 20100114 +Patch5: radius-conffile-location.patch +# patches default location of configuration file in pam_radius.conf +# Sent upstream via email 20100221 +Patch6: pam_radius_auth-conf-inlinedoc.patch +# patches default location of configuration file in INSTALL documentation file +# Sent upstream via email 20100221 +Patch7: INSTALL-doc.patch + +%description +pam_radius is a PAM module which allows user authentication using +a radius server. + +%prep +%setup -q +%patch1 +%patch2 +%patch3 +%patch4 +%patch5 +%patch6 +%patch7 + +%build +make %{?_smp_mflags} CFLAGS="%{optflags} -Wall -fPIC" + +%install +rm -rf %{buildroot} +mkdir -p %{buildroot}/%{_lib}/security +install -p pam_radius_auth.so %{buildroot}/%{_lib}/security +mkdir -p %{buildroot}%{_sysconfdir} +install -p pam_radius_auth.conf %{buildroot}%{_sysconfdir}/pam_radius.conf + +%clean +rm -rf %{buildroot} + +%files +%defattr(-,root,root,-) +%doc README INSTALL USAGE LICENSE Changelog +%config(noreplace) %attr(0600, root, root) %{_sysconfdir}/pam_radius.conf +/%{_lib}/security/pam_radius_auth.so + +%changelog +* Tue Feb 21 2010 Tim Lank 1.3.17-2 +- everything it takes to get this accepted for Fedora + +* Mon Oct 26 2009 Richard Monk 1.3.17-0 +- Bump for new version +- spec fixes for x86_64 builds + +* Mon Jun 03 2002 Richie Laager 1.3.15-0 +- Inital RPM Version diff --git a/pam_radius_auth-conf-inlinedoc.patch b/pam_radius_auth-conf-inlinedoc.patch new file mode 100644 index 0000000..6d39bb4 --- /dev/null +++ b/pam_radius_auth-conf-inlinedoc.patch @@ -0,0 +1,13 @@ +*** pam_radius_auth.conf 2010-02-21 20:43:21.000000000 -0500 +--- pam_radius_auth-2.conf 2010-02-21 20:45:12.000000000 -0500 +*************** +*** 1,4 **** +! # pam_radius_auth configuration file. Copy to: /etc/raddb/server + # + # For proper security, this file SHOULD have permissions 0600, + # that is readable by root, and NO ONE else. If anyone other than +--- 1,4 ---- +! # pam_radius_auth configuration file. Copy to: /etc/pam_radius.conf + # + # For proper security, this file SHOULD have permissions 0600, + # that is readable by root, and NO ONE else. If anyone other than diff --git a/pam_radius_auth-conffile-location.patch b/pam_radius_auth-conffile-location.patch new file mode 100644 index 0000000..1881342 --- /dev/null +++ b/pam_radius_auth-conffile-location.patch @@ -0,0 +1,19 @@ +*** pam_radius_auth.h 2010-01-14 16:50:29.000000000 -0500 +--- pam_radius_auth-2.h 2010-01-14 16:51:59.000000000 -0500 +*************** +*** 97,103 **** + * compiled in. This is the default. + */ + #ifndef CONF_FILE /* the configuration file holding the server secret */ +! #define CONF_FILE "/etc/raddb/server" + #endif /* CONF_FILE */ + + #ifndef FALSE +--- 97,103 ---- + * compiled in. This is the default. + */ + #ifndef CONF_FILE /* the configuration file holding the server secret */ +! #define CONF_FILE "/etc/pam_radius.conf" + #endif /* CONF_FILE */ + + #ifndef FALSE diff --git a/pam_radius_auth-debug-consistency.patch b/pam_radius_auth-debug-consistency.patch new file mode 100644 index 0000000..173f111 --- /dev/null +++ b/pam_radius_auth-debug-consistency.patch @@ -0,0 +1,77 @@ +--- pam_radius_auth.c.orig 2010-01-06 08:56:14.000000000 -0500 ++++ pam_radius_auth.c 2010-01-06 09:33:03.000000000 -0500 +@@ -256,10 +256,9 @@ + * take server->hostname, and convert it to server->ip and server->port + */ + static int +-host2server(radius_server_t *server) ++host2server(radius_server_t *server, int ctrl) + { + char *p; +- int ctrl = 1; /* for DPRINT */ + + if ((p = strchr(server->hostname, ':')) != NULL) { + *(p++) = '\0'; /* split the port off from the host name */ +@@ -764,7 +763,7 @@ + */ + static int + talk_radius(radius_conf_t *conf, AUTH_HDR *request, AUTH_HDR *response, +- char *password, char *old_password, int tries) ++ char *password, char *old_password, int tries, int ctrl) + { + int salen, total_length; + fd_set set; +@@ -795,7 +794,7 @@ + while (server != NULL) { + + /* only look up IP information as necessary */ +- if ((retval = host2server(server)) != PAM_SUCCESS) { ++ if ((retval = host2server(server, ctrl)) != PAM_SUCCESS) { + _pam_log(LOG_ERR, + "Failed looking up IP address for RADIUS server %s (errcode=%d)", + server->hostname, retval); +@@ -1175,7 +1174,7 @@ + DPRINT(LOG_DEBUG, "Sending RADIUS request code %d", request->code); + + retval = talk_radius(&config, request, response, password, +- NULL, config.retries + 1); ++ NULL, config.retries + 1, ctrl); + PAM_FAIL_CHECK; + + DPRINT(LOG_DEBUG, "Got RADIUS response code %d", response->code); +@@ -1223,7 +1222,7 @@ + /* copy the state over from the servers response */ + add_attribute(request, PW_STATE, a_state->data, a_state->length - 2); + +- retval = talk_radius(&config, request, response, resp2challenge, NULL, 1); ++ retval = talk_radius(&config, request, response, resp2challenge, NULL, 1, ctrl); + PAM_FAIL_CHECK; + + DPRINT(LOG_DEBUG, "Got response to challenge code %d", response->code); +@@ -1347,7 +1346,7 @@ + add_int_attribute(request, PW_ACCT_SESSION_TIME, time(NULL) - session_time); + } + +- retval = talk_radius(&config, request, response, NULL, NULL, 1); ++ retval = talk_radius(&config, request, response, NULL, NULL, 1, ctrl); + PAM_FAIL_CHECK; + + /* oops! They don't have the right password. Complain and die. */ +@@ -1466,7 +1465,7 @@ + build_radius_packet(request, user, password, &config); + add_int_attribute(request, PW_USER_SERVICE_TYPE, PW_AUTHENTICATE_ONLY); + +- retval = talk_radius(&config, request, response, password, NULL, 1); ++ retval = talk_radius(&config, request, response, password, NULL, 1, ctrl); + PAM_FAIL_CHECK; + + /* oops! They don't have the right password. Complain and die. */ +@@ -1569,7 +1568,7 @@ + build_radius_packet(request, user, new_password, &config); + add_password(request, PW_OLD_PASSWORD, password, password); + +- retval = talk_radius(&config, request, response, new_password, password, 1); ++ retval = talk_radius(&config, request, response, new_password, password, 1, ctrl); + PAM_FAIL_CHECK; + + /* Whew! Done password changing, check for password acknowledge */ diff --git a/radius-conffile-location.patch b/radius-conffile-location.patch new file mode 100644 index 0000000..39b9038 --- /dev/null +++ b/radius-conffile-location.patch @@ -0,0 +1,19 @@ +*** radius.h 2010-01-14 16:50:34.000000000 -0500 +--- radius-2.h 2010-01-14 16:52:35.000000000 -0500 +*************** +*** 179,185 **** + + /* Default Database File Names */ + +! #define RADIUS_DIR "/etc/raddb" + #define RADACCT_DIR "/usr/adm/radacct" + + #define RADIUS_DICTIONARY "dictionary" +--- 179,185 ---- + + /* Default Database File Names */ + +! #define RADIUS_DIR "/etc" + #define RADACCT_DIR "/usr/adm/radacct" + + #define RADIUS_DICTIONARY "dictionary" diff --git a/sources b/sources index e69de29..4f943c8 100644 --- a/sources +++ b/sources @@ -0,0 +1 @@ +a5d27ccbaaad9d9fb254b01a3c12bd06 pam_radius-1.3.17.tar.gz