diff options
-rw-r--r-- | debian/patches/debian-changes | 128 |
1 files changed, 123 insertions, 5 deletions
diff --git a/debian/patches/debian-changes b/debian/patches/debian-changes index 3f8c68f..742a293 100644 --- a/debian/patches/debian-changes +++ b/debian/patches/debian-changes @@ -5,12 +5,16 @@ Description: <short summary of the patch> information below has been extracted from the changelog. Adjust it or drop it. . - libradsec (0.0.5-3) unstable; urgency=medium + libradsec (0.0.5-4) unstable; urgency=medium . - * Build depend on openssl 1.0, Closes: #828410 - * Update standards version to 3.9.8 (no changes) + * Fix problems detected by better warnings in gcc 7, Closes: #853506 + * We were building against some horrible combination of openssl 1.0 + directly and openssl 1.1 via libevent. That works surprisingly + better than you might think sort of, but can't be any good at all, so + finish moving all the way to openssl 1.1, Closes: #848681 Author: Sam Hartman <hartmans@debian.org> -Bug-Debian: https://bugs.debian.org/828410 +Bug-Debian: https://bugs.debian.org/848681 +Bug-Debian: https://bugs.debian.org/853506 --- The information above should follow the Patch Tagging Guidelines, please @@ -23,9 +27,29 @@ Bug-Debian: https://bugs.debian.org/<bugnumber> Bug-Ubuntu: https://launchpad.net/bugs/<bugnumber> Forwarded: <no|not-needed|url proving that it has been forwarded> Reviewed-By: <name and email of someone who approved the patch> -Last-Update: <YYYY-MM-DD> +Last-Update: 2017-08-12 --- /dev/null ++++ libradsec-0.0.5/.gitignore +@@ -0,0 +1,17 @@ ++*.*~* ++TAGS ++*.o ++.deps ++.libs ++autom4te.cache ++config.log ++config.h* ++config.status ++configure ++aclocal.m4 ++*.lo ++*.la ++Makefile.in ++Makefile ++stamp-h1 ++libtool +--- /dev/null +++ libradsec-0.0.5/Doxyfile @@ -0,0 +1,1630 @@ +# Doxyfile 1.7.1 @@ -1804,6 +1828,10 @@ Last-Update: <YYYY-MM-DD> + secret = "sikrit" + } +} +--- /dev/null ++++ libradsec-0.0.5/include/radsec/.gitignore +@@ -0,0 +1 @@ ++radius.h --- libradsec-0.0.5.orig/libradsec.spec.in +++ libradsec-0.0.5/libradsec.spec.in @@ -41,7 +41,7 @@ developing applications that use %{name} @@ -1816,6 +1844,10 @@ Last-Update: <YYYY-MM-DD> --- /dev/null ++++ libradsec-0.0.5/radius/.gitignore +@@ -0,0 +1 @@ ++dictionaries.c +--- /dev/null +++ libradsec-0.0.5/radius/LICENSE @@ -0,0 +1,24 @@ +Copyright (c) 2011, Network RADIUS SARL @@ -1860,6 +1892,28 @@ Last-Update: <YYYY-MM-DD> id.c \ parse.c \ print.c \ +--- libradsec-0.0.5.orig/radius/client.h ++++ libradsec-0.0.5/radius/client.h +@@ -654,7 +654,7 @@ extern const int nr_dict_num_names; + * \attention This variable should only be accessed by internal RADIUS library + * functions. + */ +-extern const DICT_ATTR const *nr_dict_attr_names[]; ++extern const DICT_ATTR * const nr_dict_attr_names[]; + + /** Static array containing names the RADIUS_PACKET::code field. \ingroup dict + * +--- libradsec-0.0.5.orig/radius/convert.pl ++++ libradsec-0.0.5/radius/convert.pl +@@ -139,7 +139,7 @@ print DICT "const int nr_dict_num_attrs + print DICT "const int nr_dict_num_names = ", $num_names - 1, ";\n\n"; + + my $offset = 0; +-print DICT "const DICT_ATTR *nr_dict_attr_names[] = {\n"; ++print DICT "const DICT_ATTR * const nr_dict_attr_names[] = {\n"; + foreach $attr_val (sort {lc($attributes{$a}{'name'}) cmp lc($attributes{$b}{'name'})} keys %attributes) { + next if (defined $attributes{$attr_val}{'raw'}); + --- /dev/null +++ libradsec-0.0.5/radius/doc.txt @@ -0,0 +1,41 @@ @@ -4877,6 +4931,49 @@ Last-Update: <YYYY-MM-DD> +secret testing123 +sign 05 06 00 00 00 0a +data 62 63 f1 db 80 70 a6 64 37 31 63 e4 aa 95 5a 68 +--- libradsec-0.0.5.orig/radius/valuepair.c ++++ libradsec-0.0.5/radius/valuepair.c +@@ -38,7 +38,7 @@ void nr_vp_free(VALUE_PAIR **head) + for (vp = *head; vp != NULL; vp = next) { + next = vp->next; + if (vp->da->flags.encrypt) { +- memset(vp, 0, sizeof(vp)); ++ memset(vp, 0, sizeof(*vp)); + } + free(vp); + } +--- libradsec-0.0.5.orig/radsecproxy/Makefile.am ++++ libradsec-0.0.5/radsecproxy/Makefile.am +@@ -21,3 +21,4 @@ if RS_ENABLE_TLS + libradsec_radsecproxy_la_SOURCES += \ + tlscommon.c tlscommon.h + endif ++libradsec_radsecproxy_la_CFLAGS = -Wno-error=deprecated +--- libradsec-0.0.5.orig/radsecproxy/tlscommon.c ++++ libradsec-0.0.5/radsecproxy/tlscommon.c +@@ -202,12 +202,12 @@ static SSL_CTX *tlscreatectx(uint8_t typ + switch (type) { + #ifdef RADPROT_TLS + case RAD_TLS: +- ctx = SSL_CTX_new(TLSv1_method()); ++ ctx = SSL_CTX_new(TLS_method()); + break; + #endif + #ifdef RADPROT_DTLS + case RAD_DTLS: +- ctx = SSL_CTX_new(DTLSv1_method()); ++ ctx = SSL_CTX_new(DTLS_method()); + SSL_CTX_set_read_ahead(ctx, 1); + break; + #endif +@@ -218,6 +218,7 @@ static SSL_CTX *tlscreatectx(uint8_t typ + debug(DBG_ERR, "SSL: %s", ERR_error_string(error, NULL)); + return NULL; + } ++ SSL_CTX_set_options(ctx, SSL_OP_NO_TLSv1|SSL_OP_NO_SSLv3); + #ifdef DEBUG + SSL_CTX_set_info_callback(ctx, ssl_info_callback); + #endif --- /dev/null +++ libradsec-0.0.5/tests/demoCA/index.txt @@ -0,0 +1,3 @@ @@ -5113,3 +5210,24 @@ Last-Update: <YYYY-MM-DD> + secret = "sikrit" + } +} +--- libradsec-0.0.5.orig/tls.c ++++ libradsec-0.0.5/tls.c +@@ -7,6 +7,7 @@ + + #include <stdlib.h> + #include <unistd.h> ++#include <string.h> + #include <assert.h> + #include <fcntl.h> + #include <limits.h> +@@ -194,8 +195,8 @@ static pthread_mutex_t *s_openssl_mutexe + static int s_openssl_mutexes_count = 0; + + /** Callback for OpenSSL when a lock is to be held or released. */ +-static void +-openssl_locking_cb_ (int mode, int i, const char *file, int line) ++__attribute__((unused)) static void ++openssl_locking_cb_ (int mode, int i, const char *file, int line) + { + if (s_openssl_mutexes == NULL || i >= s_openssl_mutexes_count) + return; |