Adding upstream version 3.2.1+dfsg.upstream/3.2.1+dfsgupstream

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>

1 files changed, 332 insertions, 0 deletions

diff --git a/.github/workflows/ci-rpm.yml b/.github/workflows/ci-rpm.yml
new file mode 100644
index 0000000..a82432a
--- /dev/null
+++ b/.github/workflows/ci-rpm.yml
@@ -0,0 +1,332 @@
+name: CI RPM
+
+on:
+  push:
+    branches-ignore:
+      - coverity_scan
+  pull_request:
+
+env:
+  CC: gcc
+
+jobs:
+  rpm-build:
+
+    strategy:
+      matrix:
+        env:
+          - { NAME: "centos-7",  OS: "centos:7" }
+          - { NAME: "centos-8",  OS: "centos:8" }
+          - { NAME: "rocky-8",   OS: "rockylinux/rockylinux:8" }
+          - { NAME: "rocky-9",   OS: "rockylinux/rockylinux:9" }
+      fail-fast: false
+
+    runs-on: ubuntu-latest
+
+    container:
+      image: ${{ matrix.env.OS }}
+
+    env:
+      HOSTAPD_BUILD_DIR: /tmp/eapol_test.ci
+      HOSTAPD_GIT_TAG: hostapd_2_8
+
+    name: "RPM build"
+
+    steps:
+
+    #
+    # Centos9 is EOL, so we need the below tricks to get it to work.
+    #
+    # Converting from CentOS Linux 8 to CentOS Stream 8 is the "official" process
+    # (see centos.org/centos-stream/#centos-stream-8):
+    #
+    - name: Some hacks for CentOS 8 (EOL) to work again.
+      if: ${{ matrix.env.NAME == 'centos-8' }}
+      run: |
+        sed -i 's/mirrorlist/#mirrorlist/g' /etc/yum.repos.d/CentOS-Linux-*
+        sed -i 's|#baseurl=http://mirror.centos.org|baseurl=http://vault.centos.org|g' /etc/yum.repos.d/CentOS-Linux-*
+        yum upgrade -y
+        yum -y --disablerepo '*' --enablerepo extras swap centos-linux-repos centos-stream-repos
+        yum clean all && yum makecache
+        yum distro-sync -y --allowerasing
+
+    # Required so that the checkout action uses git protocol rather than the GitHub REST API.
+    # make rpm requires the FR directory to be a git repository.
+    - name: Install recent git for CentOS 7
+      if: ${{ matrix.env.NAME == 'centos-7' }}
+      run: |
+        yum install -y https://packages.endpointdev.com/rhel/7/os/x86_64/git-core-2.30.1-1.ep7.x86_64.rpm
+
+    - name: Install distro git for Rocky and CentOS 8.
+      if: ${{ startsWith(matrix.env.NAME, 'rocky-') || matrix.env.NAME == 'centos-8' }}
+      run: |
+        yum install -y git-core
+
+    - uses: actions/checkout@v2
+      with:
+        path: freeradius
+
+    - name: Prepare filesystem
+      run: |
+        pwd
+        ls -la
+        mkdir rpms
+        ls -la
+
+    - name: LTB repo for CentOS and Rocky Linux 8
+      if: ${{ startsWith(matrix.env.NAME, 'centos-') || matrix.env.NAME == 'rocky-8' }}
+      run: |
+        echo '[ltb-project]'                                              >  /etc/yum.repos.d/ltb-project.repo
+        echo 'name=LTB project packages'                                  >> /etc/yum.repos.d/ltb-project.repo
+        echo 'baseurl=https://ltb-project.org/rpm/$releasever/$basearch'  >> /etc/yum.repos.d/ltb-project.repo
+        echo 'enabled=1'                                                  >> /etc/yum.repos.d/ltb-project.repo
+        echo 'gpgcheck=1'                                                 >> /etc/yum.repos.d/ltb-project.repo
+        echo 'gpgkey=https://www.ltb-project.org/documentation/_static/RPM-GPG-KEY-LTB-project' >> /etc/yum.repos.d/ltb-project.repo
+        rpm --import https://www.ltb-project.org/documentation/_static/RPM-GPG-KEY-LTB-project
+
+    - name: Enable EPEL for CentOS and Rocky Linux
+      if: ${{ startsWith(matrix.env.NAME, 'centos-') || startsWith(matrix.env.NAME, 'rocky-') }}
+      run: |
+        yum install -y epel-release
+
+    - name: Enable PowerTools on Rocky 8 and CentOS 8.
+      if: ${{ matrix.env.NAME == 'rocky-8' || matrix.env.NAME == 'centos-8' }}
+      run: |
+        yum install -y yum-utils
+        yum config-manager --enable PowerTools || :
+        yum config-manager --enable powertools || :
+
+    - name: Enable Code Ready Builer on Rocky 9.
+      if: ${{ matrix.env.NAME == 'rocky-9' }}
+      run: |
+        yum install -y yum-utils
+        yum config-manager --enable crb
+
+    - name: Install common tools
+      run: |
+        yum install -y \
+          bzip2 \
+          gcc \
+          make \
+          perl \
+          rpm-build \
+          yum-utils
+
+    #
+    #  We just patch the SPEC file for Fedora since we want to use the standard
+    #  make rpm target which wants to build with LDAP.
+    #
+    - name: Disable rlm_ldap on Fedora (no LTB packages)
+      if: ${{ startsWith(matrix.env.NAME, 'fedora-') }}
+      run: |
+        sed -ie 's/%bcond_without ldap/%global _without_ldap: 1/' freeradius/redhat/freeradius.spec
+
+    - name: Install build dependencies
+      run: |
+        yum-builddep -y freeradius/redhat/freeradius.spec
+
+    #
+    #  It has been observed that sometimes not all the dependencies are
+    #  installed on the first go.  Give it a second chance.
+    #
+    - name: Second run of install build dependencies
+      run: |
+        yum-builddep -y redhat/freeradius.spec
+      working-directory: freeradius
+
+    - name: Show versions
+      run: |
+        $CC --version
+        make --version
+        krb5-config --all || :
+        openssl version
+
+    # For pkill and ps
+    - name: Enable procps-ng on Centos and Rocky
+      if: ${{ startsWith(matrix.env.NAME, 'centos-8') || startsWith(matrix.env.NAME, 'rocky-') }}
+      run: |
+        yum install -y procps-ng
+
+    - name: Build RPMs
+      run: |
+        [ -r /opt/rh/devtoolset-8/enable ] && source /opt/rh/devtoolset-8/enable || :
+        ./configure
+        make rpm
+      working-directory: freeradius
+
+    - name: Collect RPMs
+      run: |
+        mv freeradius/rpmbuild/RPMS/x86_64/*.rpm rpms/
+
+    - name: Restore eapol_test build directory from cache
+      uses: actions/cache@v2
+      id: hostapd-cache
+      with:
+        path: ${{ env.HOSTAPD_BUILD_DIR }}
+        key: hostapd-${{ matrix.env.NAME }}-${{ env.HOSTAPD_GIT_TAG }}-v1
+
+    - name: Build eapol_test
+      run: |
+        yum install -y libnl3-devel which
+        [ -r /opt/rh/devtoolset-8/enable ] && source /opt/rh/devtoolset-8/enable || :
+        scripts/ci/eapol_test-build.sh
+        mv scripts/ci/eapol_test/eapol_test ../rpms/
+      working-directory: freeradius
+
+    - name: Store RPMs
+      uses: actions/upload-artifact@v2
+      with:
+        name: rpms-${{ matrix.env.NAME }}
+        path: rpms
+
+    #
+    #  If the CI has failed and the branch is ci-debug then start a tmate
+    #  session. SSH rendezvous point is emited continuously in the job output.
+    #
+    - name: "Debug: Package dependancies for tmate"
+      run: |
+        yum install -y xz
+        ln -s /bin/true /bin/apt-get
+      if: ${{ github.ref == 'refs/heads/ci-debug' && failure() }}
+
+    - name: "Debug: Start tmate"
+      uses: mxschmitt/action-tmate@v3
+      with:
+        limit-access-to-actor: true
+        sudo: false
+      if: ${{ github.ref == 'refs/heads/ci-debug' && failure() }}
+
+
+  rpm-test:
+
+    needs:
+      - rpm-build
+
+    strategy:
+      matrix:
+        env:
+          - { NAME: "centos-7", OS: "centos:7" }
+          - { NAME: "centos-8", OS: "centos:8" }
+          - { NAME: "rocky-8", OS: "rockylinux/rockylinux:8" }
+          - { NAME: "rocky-9", OS: "rockylinux/rockylinux:9" }
+      fail-fast: false
+
+    runs-on: ubuntu-latest
+
+    container:
+      image: ${{ matrix.env.OS }}
+
+    name: "RPM install test"
+
+    steps:
+
+    #
+    # Centos9 is EOL, so we need the below tricks to get it to work.
+    #
+    # Converting from CentOS Linux 8 to CentOS Stream 8 is the "official" process
+    # (see centos.org/centos-stream/#centos-stream-8):
+    #
+    - name: Some hacks for CentOS 8 (EOL) to work again.
+      if: ${{ matrix.env.NAME == 'centos-8' }}
+      run: |
+        sed -i 's/mirrorlist/#mirrorlist/g' /etc/yum.repos.d/CentOS-Linux-*
+        sed -i 's|#baseurl=http://mirror.centos.org|baseurl=http://vault.centos.org|g' /etc/yum.repos.d/CentOS-Linux-*
+        yum upgrade -y
+        yum -y --disablerepo '*' --enablerepo extras swap centos-linux-repos centos-stream-repos
+        yum clean all && yum makecache
+        yum distro-sync -y --allowerasing
+
+    - name: LTB repo for CentOS and Rocky 8
+      if: ${{ startsWith(matrix.env.NAME, 'centos-') || matrix.env.NAME == 'rocky-8' }}
+      run: |
+        echo '[ltb-project]'                                              >  /etc/yum.repos.d/ltb-project.repo
+        echo 'name=LTB project packages'                                  >> /etc/yum.repos.d/ltb-project.repo
+        echo 'baseurl=https://ltb-project.org/rpm/$releasever/$basearch'  >> /etc/yum.repos.d/ltb-project.repo
+        echo 'enabled=1'                                                  >> /etc/yum.repos.d/ltb-project.repo
+        echo 'gpgcheck=1'                                                 >> /etc/yum.repos.d/ltb-project.repo
+        echo 'gpgkey=https://www.ltb-project.org/documentation/_static/RPM-GPG-KEY-LTB-project' >> /etc/yum.repos.d/ltb-project.repo
+        rpm --import https://www.ltb-project.org/documentation/_static/RPM-GPG-KEY-LTB-project
+
+    - name: Enable EPEL for CentOS and Rocky Linux
+      if: ${{ startsWith(matrix.env.NAME, 'centos-') || startsWith(matrix.env.NAME, 'rocky-') }}
+      run: |
+        yum install -y epel-release
+
+    - name: Enable PowerTools on Centos 8 and Rocky 8
+      if: ${{ matrix.env.NAME == 'centos-8' || matrix.env.NAME == 'rocky-8' }}
+      run: |
+        yum install -y yum-utils
+        yum config-manager --enable PowerTools || :
+        yum config-manager --enable powertools || :
+
+    - name: Enable Code Ready Builer on Rocky 9.
+      if: ${{ matrix.env.NAME == 'rocky-9' }}
+      run: |
+        yum install -y yum-utils
+        yum config-manager --enable crb
+
+    # For pkill
+    - name: Enable procps-ng on Centos and Rocky
+      if: ${{ startsWith(matrix.env.NAME, 'centos-') || startsWith(matrix.env.NAME, 'rocky-') }}
+      run: |
+        yum install -y procps-ng
+
+    - name: Load RPMs
+      uses: actions/download-artifact@v2
+      with:
+        name: rpms-${{ matrix.env.NAME }}
+
+    - name: Install RPMs
+      run: |
+        yum install -y *.rpm
+
+    - name: Config check
+      run: |
+        radiusd -XC
+
+    #
+    #  We now perform some post-install tests that depend on the availability
+    #  of the source tree
+    #
+    - name: Install pre-built eapol_test
+      run: |
+        yum install -y libnl3 make gdb which
+        mv eapol_test /usr/local/bin
+        chmod +x /usr/local/bin/eapol_test
+
+    - uses: actions/checkout@v2
+      with:
+        path: freeradius
+
+    - name: Run the post-install test target
+      run: |
+        echo "top_builddir := $(pwd)" > Make.inc
+        make -C src/tests/ OPENSSL_LIBS=1 EAPOL_TEST_BIN="$(which eapol_test)" $(pwd)/build/tests/eapol_test/eapol_test.mk
+        make -f scripts/ci/package-test.mk package-test
+      working-directory: freeradius
+
+    - name: Upload radius logs on failure
+      if: ${{ failure() }}
+      uses: actions/upload-artifact@v2
+      with:
+        name: radius-logs-${{ matrix.env.NAME }}.tgz
+        path: |
+          /var/log/radius
+          freeradius/build/tests/eapol_test
+
+    #
+    #  See above comments for tmate
+    #
+    - name: "Debug: Package dependancies for tmate"
+      run: |
+        yum install -y xz
+        ln -s /bin/true /bin/apt-get
+      if: ${{ github.ref == 'refs/heads/ci-debug' && failure() }}
+
+    - name: "Debug: Start tmate"
+      uses: mxschmitt/action-tmate@v3
+      with:
+        limit-access-to-actor: true
+        sudo: false
+      if: ${{ github.ref == 'refs/heads/ci-debug' && failure() }}
+