diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-08-26 10:42:36 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-08-26 10:42:36 +0000 |
commit | 470ddeffc29d81b2049994ecc7930ac70855fb9a (patch) | |
tree | 3f1ef54e62a4a9641625213deb4c024738f6104e | |
parent | Adding debian version 3.2.5+dfsg-2. (diff) | |
download | freeradius-470ddeffc29d81b2049994ecc7930ac70855fb9a.tar.xz freeradius-470ddeffc29d81b2049994ecc7930ac70855fb9a.zip |
Adding debian version 3.2.5+dfsg-3.debian/3.2.5+dfsg-3debian
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
-rw-r--r-- | debian/changelog | 8 | ||||
-rw-r--r-- | debian/control | 2 | ||||
-rw-r--r-- | debian/patches/replace-radsecret.patch | 38 | ||||
-rw-r--r-- | debian/patches/series | 1 |
4 files changed, 47 insertions, 2 deletions
diff --git a/debian/changelog b/debian/changelog index c2b555a..e64e8c0 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,11 @@ +freeradius (3.2.5+dfsg-3) unstable; urgency=medium + + [ Andreas Hasenack ] + * Cherry-Pick from upstream: Replace radsecret with shell script to avoid + dependency on extra perl modules (Closes: #1076458) + + -- Bernhard Schmidt <berni@debian.org> Wed, 17 Jul 2024 22:44:55 +0200 + freeradius (3.2.5+dfsg-2) unstable; urgency=medium * Fix parallel builds diff --git a/debian/control b/debian/control index 7e6523d..fb1ad6e 100644 --- a/debian/control +++ b/debian/control @@ -98,8 +98,6 @@ Conflicts: radiusd-livingston, yardradius Depends: freeradius-common, freeradius-config, libfreeradius3 (= ${binary:Version}), - libconvert-base32-perl, - libcrypt-urandom-perl, ${dist:Depends}, ${misc:Depends}, ${perl:Depends}, diff --git a/debian/patches/replace-radsecret.patch b/debian/patches/replace-radsecret.patch new file mode 100644 index 0000000..616f6ea --- /dev/null +++ b/debian/patches/replace-radsecret.patch @@ -0,0 +1,38 @@ +Description: replace radsecret with a Bash variant + This avoids adding two perl dependencies which are in Universe, and trigger a + component mismatch in Ubuntu. + . + This patch is 3 changes put together: + https://github.com/FreeRADIUS/freeradius-server/commit/b77c4e295a55451efea4ff44029a2551c855386c + https://github.com/FreeRADIUS/freeradius-server/commit/3d568a74ed566089062ecca635bf0e89a1895346 + And replacing random with urandom as commented in https://github.com/FreeRADIUS/freeradius-server/pull/5375#issuecomment-2233818142 + . + Discussion in https://github.com/FreeRADIUS/freeradius-server/pull/5375 +Origin: upstream, https://github.com/FreeRADIUS/freeradius-server/commit/b77c4e295a55451efea4ff44029a2551c855386c and others, see description +Bug-Debian: https://bugs.debian.org/1076458 +Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/freeradius/+bug/2073269 +Last-Update: 2024-07-17 + +Index: freeradius/src/main/radsecret +=================================================================== +--- freeradius.orig/src/main/radsecret 2024-07-17 14:41:42.151818906 -0300 ++++ freeradius/src/main/radsecret 2024-07-17 14:42:04.490103653 -0300 +@@ -1,7 +1,14 @@ +-#!/usr/bin/env perl ++#!/bin/sh + # + # A tool which generates strong shared secrets. + # +-use Convert::Base32; +-use Crypt::URandom(); +-print join('-', unpack("(A4)*", lc encode_base32(Crypt::URandom::urandom(12)))), "\n"; ++openssl rand -base64 12 2>/dev/null && exit 0 ++ ++(dd if=/dev/urandom bs=1 count=12 2>/dev/null | base64 2>/dev/null) && exit 0 ++ ++(dd if=/dev/urandom bs=1 count=12 2>/dev/null | base32 2>/dev/null) && exit 0 ++ ++(dd if=/dev/urandom bs=1 count=12 2>/dev/null | hexdump -ve '/1 "%02x"';echo) && exit 0 ++ ++echo "Failed finding 'openssl', 'base64', 'base32', or 'hexdump' tools". ++exit 1 diff --git a/debian/patches/series b/debian/patches/series index 5dfbaa2..b367578 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -6,3 +6,4 @@ debian-local/0010-version.c-disable-openssl-version-check.patch dont-install-tests.diff snakeoil-certs.diff fix-parallel-build.patch +replace-radsecret.patch |