--- radiusd-livingston-2.1.orig/README.security.patch +++ radiusd-livingston-2.1/README.security.patch @@ -0,0 +1,27 @@ + +5th July 2001 +Horms (Simon Horman) , +VA Linux Systems, Pty., Ltd. + +Mark Dowd + +This package includes patches in response to a vulnerability published by +Internet Security Systems, Inc. (http://www.iss.net) on the 5th July 2001, +relating to buffer overflows. + +This patch addresses immediate risks raised by this vulnerability and +is intended as a minimal set of changes to secure systems. + +This patch and a more comprehensive patch is available from: + +ftp://ftp.vergenet.net/pub/lucent_radius/ + + +This patch has been prepared with the assistance of: + +Wichert Akkerman , +VA Linux Systems, BV + +Andrew Tridgell , +VA Linux Systems, Pty., Ltd. + --- radiusd-livingston-2.1.orig/raddb/dictionary +++ radiusd-livingston-2.1/raddb/dictionary @@ -144,6 +144,10 @@ ATTRIBUTE NAS-Port-Id 87 string ATTRIBUTE Framed-Pool 88 string +ATTRIBUTE Tunnel-Client-Auth-ID 90 string +ATTRIBUTE Tunnel-Server-Auth-ID 91 string + + # # Integer Translations # @@ -396,3 +400,10 @@ VALUE Server-Config Password-Warning 5 +# Local extensions + +ATTRIBUTE Anonymous-Caller 2000 integer + +VALUE Anonymous-Caller no 0 +VALUE Anonymous-Caller yes 1 + --- radiusd-livingston-2.1.orig/src/users.h +++ radiusd-livingston-2.1/src/users.h @@ -52,7 +52,12 @@ # ifdef NDBM # include +# if BERKELEY_DB +# define DB_DBM_HSEARCH 1 +# include +# else # include +# endif # else /* not NDBM */ # include # endif /* NDBM */ --- radiusd-livingston-2.1.orig/src/builddbm.c +++ radiusd-livingston-2.1/src/builddbm.c @@ -61,12 +61,18 @@ #include #include #include +#include #include "radius.h" #if defined(NDBM) -# include # include +# if defined(BERKELEY_DB) +# define DB_DBM_HSEARCH 1 +# include +# else +# include +# endif #else /* not NDBM */ # include #endif /* NDBM */ @@ -190,14 +196,14 @@ errno = 0; if (chdir(radius_dir) < 0) { - fprintf(stderr, "%s: unable to change to directory %s - %s\n",progname,radius_dir,sys_errlist[errno]); + fprintf(stderr, "%s: unable to change to directory %s - %s\n",progname,radius_dir,strerror(errno)); exit(-1); } #ifdef NDBM errno = 0; if((db = dbm_open("users", O_RDWR | O_CREAT | O_TRUNC, 0600)) == (DBM *)NULL) { - fprintf(stderr, "%s: dbm_open failed - %s\n", progname, sys_errlist[errno]); + fprintf(stderr, "%s: dbm_open failed - %s\n", progname, strerror(errno)); exit(-1); } @@ -205,21 +211,21 @@ errno = 0; if((fd = open("users.pag", O_WRONLY | O_CREAT | O_TRUNC, 0600)) < 0) { - fprintf(stderr,"%s: Couldn't open users.pag for writing - %s\n",progname,sys_errlist[errno]); + fprintf(stderr,"%s: Couldn't open users.pag for writing - %s\n",progname,strerror(errno)); exit(-1); } close(fd); errno = 0; if((fd = open("users.dir", O_WRONLY | O_CREAT | O_TRUNC, 0600)) < 0) { - fprintf(stderr,"%s: Couldn't open users.dir for writing - %s\n",progname,sys_errlist[errno]); + fprintf(stderr,"%s: Couldn't open users.dir for writing - %s\n",progname,strerror(errno)); exit(-1); } close(fd); errno = 0; if(dbminit("users") != 0) { - fprintf(stderr, "%s: dbminit failed - %s\n",progname, sys_errlist[errno]); + fprintf(stderr, "%s: dbminit failed - %s\n",progname, strerror(errno)); exit(-1); } --- radiusd-livingston-2.1.orig/src/menu.c +++ radiusd-livingston-2.1/src/menu.c @@ -65,6 +65,7 @@ #include #include #include +#include #include "radius.h" @@ -72,6 +73,47 @@ extern char *radacct_dir; extern char *progname; +/************************************************************************* + * + * Function: validfilename + * + * Purpose: Check to make sure a filename is valid + * I.e. weed out nasties + * + *************************************************************************/ + +/* Valid characters in a filename */ +static char *validfilname_chars = +"ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz01234567890#-+ \t/"; + +int +validfilename(filename) +char *filename; +{ + /* Not a valid filename if it is NULL or zero length */ + if(filename==NULL || *filename=='\0'){ + return(0); + } + + /* Check each character in the filename to make sure + * it is valid as per validfilname_chars + */ + while(*filename!='\0'){ + if(strchr(validfilname_chars, *filename)==NULL){ + return(0); + } + filename++; + } + + /* Not a filename if it ends with a '/' */ + if(*filename=='/'){ + return(0); + } + + return(1); +} + + void process_menu(authreq, activefd, pw_digest) AUTH_REQ *authreq; @@ -84,10 +126,10 @@ VALUE_PAIR *get_attribute(); VALUE_PAIR *menu_pairs(); VALUE_PAIR *pairalloc(); - char menu_name[128]; + char menu_name[256]; char menu_input[32]; int i; - char state_value[128]; + char state_value[256]; void send_accept(); void send_reject(); void pairfree(); @@ -96,7 +138,8 @@ if((attr = get_attribute(authreq->request, PW_STATE)) != (VALUE_PAIR *)NULL && strncmp(attr->strvalue, "MENU=", 5) == 0){ - strcpy(menu_name, &attr->strvalue[5]); + strncpy(menu_name, &attr->strvalue[5], sizeof(menu_name)-1); + menu_name[sizeof(menu_name)-1] = '\0'; /* The menu input is in the Password Field */ attr = get_attribute(authreq->request, PW_PASSWORD); @@ -121,7 +164,8 @@ (VALUE_PAIR *)NULL) { /* Change this to a menu state */ - sprintf(state_value, "MENU=%s", term_attr->strvalue); + snprintf(state_value, sizeof(state_value), "MENU=%s", + term_attr->strvalue); term_attr->attribute = PW_STATE; strcpy(term_attr->strvalue, state_value); strcpy(term_attr->name, "Challenge-State"); @@ -168,7 +212,8 @@ int len; sprintf(menu_buffer, "%s/menus/%s", radius_dir, menu_name); - if((fd = fopen(menu_buffer, "r")) == (FILE *)NULL) { + if(!validfilename(menu_buffer) || + (fd = fopen(menu_buffer, "r")) == (FILE *)NULL) { return("\r\n*** User Menu is Not Available ***\r\n"); } @@ -176,7 +221,7 @@ nread = 0; ptr = menu_buffer; *ptr = '\0'; - while(fgets(ptr, 4096 - nread, fd) != NULL && nread < 4096) { + while(fgets(ptr, 4096 - nread - 4, fd) != NULL && nread < 4096) { if(mode == 0) { if(strncmp(ptr, "menu", 4) == 0) { @@ -221,14 +266,16 @@ int fclose(); sprintf(buffer, "%s/menus/%s", radius_dir, menu_name); - if((fd = fopen(buffer, "r")) == (FILE *)NULL) { + if(!validfilename(buffer) || + (fd = fopen(buffer, "r")) == (FILE *)NULL) { return((VALUE_PAIR *)NULL); } /* Skip past the menu */ mode = 0; nread = 0; - while(fgets(buffer, sizeof(buffer), fd) != NULL) { + while(fgets(buffer, sizeof(buffer) - 1, fd) != NULL) { + buffer[sizeof(buffer)-1]='\0'; if(mode == 0) { if(strncmp(buffer, "menu", 4) == 0) { mode = 1; @@ -251,7 +298,8 @@ reply_first = (VALUE_PAIR *)NULL; /* Look for a matching menu entry */ - while(fgets(buffer, sizeof(buffer), fd) != NULL) { + while(fgets(buffer, sizeof(buffer)-1, fd) != NULL) { + buffer[sizeof(buffer)-1]='\0'; /* Terminate the buffer */ ptr = buffer; @@ -265,7 +313,7 @@ if(strcmp(selection, buffer) == 0 || strcmp("DEFAULT", buffer) == 0) { /* We have a match */ - while(fgets(buffer, sizeof(buffer), fd) != NULL) { + while(fgets(buffer, sizeof(buffer)-1, fd) != NULL) { if(*buffer == ' ' || *buffer == '\t') { /* * Parse the reply values --- radiusd-livingston-2.1.orig/src/radiusd.c +++ radiusd-livingston-2.1/src/radiusd.c @@ -68,6 +68,7 @@ #include #include #include +#include #include "radius.h" #include "users.h" @@ -134,6 +135,7 @@ int argc; char **argv; { + FILE *pid_file; UINT4 get_ipaddr(); UINT4 then; char argval; @@ -172,6 +174,7 @@ spawn_flag = 1; radius_dbm = 0; accept_zero = 0; + radius_port = 0; max_requests = MAX_REQUESTS; max_request_time = MAX_REQUEST_TIME; max_proxy_time = MAX_PROXY_TIME; @@ -382,6 +385,18 @@ } } + /* Save the PID in /var/run/radiusd-livingston.pid + Code added 22 SEP 1996 by Chris Fearnley + Code stolen from http_log.c in the apache 1.1.1 distribution */ + if(!(pid_file = fopen("/var/run/radiusd-livingston.pid","w"))) { + perror("fopen"); + fprintf(stderr,"radiusd: could not log pid to file %s\n", + "/var/run/radiusd-livingston.pid"); + exit(1); + } + fprintf(pid_file,"%ld\n",(long)getpid()); + fclose(pid_file); + /* * Disconnect from tty */ @@ -486,7 +501,7 @@ if(status == -1) { if (errno == EINTR) continue; - log_err("exiting after select returned error %d, %s\n",errno,sys_errlist[errno]); + log_err("exiting after select returned error %d, %s\n",errno,strerror(errno)); sig_fatal(101); } @@ -549,7 +564,7 @@ void rad_exit(); u_short lport; - if (*port>5) { + if (*port>6) { lport = htons(*port); } else { svp = getservbyname(service, "udp"); @@ -564,7 +579,7 @@ fd = socket (AF_INET, SOCK_DGRAM, 0); if (fd < 0) { - log_err("%s socket error %s\n", service, sys_errlist[errno]); + log_err("%s socket error %s\n", service, strerror(errno)); rad_exit(-1); } @@ -580,7 +595,7 @@ result = bind (fd, (struct sockaddr *)&salocal, sizeof (*sin)); if (result < 0) { - log_err("%s bind error %s\n", service, sys_errlist[errno]); + log_err("%s bind error %s\n", service, strerror(errno)); rad_exit(-1); } @@ -605,7 +620,6 @@ int length; { AUTH_HDR *auth; - int sendto(); struct sockaddr_in saremote; struct sockaddr_in *sin; void hexdump(); @@ -651,8 +665,7 @@ int result; int find_client(); int handle_proxy(); - int recvfrom(); - size_t salen; + socklen_t salen; struct sockaddr_in *sin; u_short port; void radrespond(); @@ -673,7 +686,8 @@ sin = (struct sockaddr_in *) & rad_saremote; result = recvfrom (fd, (char *) recv_buffer, (int) sizeof(recv_buffer), - (int) 0, (struct sockaddr *)&rad_saremote, &salen); + (int) 0, (struct sockaddr *)&rad_saremote, + &salen); addr = ntohl(sin->sin_addr.s_addr); port = ntohs(sin->sin_port); @@ -1460,17 +1474,17 @@ } #ifdef SMARTCARD if ((msg_id = msgget(msg_key, IPC_CREAT | 0600)) == -1) { - log_err("child_authenticate: msgget for key %x for id %d returned error: %s\n", msg_key, msg_id, sys_errlist[errno]); + log_err("child_authenticate: msgget for key %x for id %d returned error: %s\n", msg_key, msg_id, strerror(errno)); break; } if ((length = msgrcv(msg_id, recv_buffer, sizeof recv_buffer - sizeof(long), 0, 0)) == -1) { - log_err("child_authenticate: msgrcv for msgid %d returned error: %s\n", msg_id, sys_errlist[errno]); + log_err("child_authenticate: msgrcv for msgid %d returned error: %s\n", msg_id, strerror(errno)); break; } if (msgctl(msg_id, IPC_RMID, 0) == -1) { - log_err("child_authenticate: msgctl for msgid %d returned error: %s\n", msg_id, sys_errlist[errno]); + log_err("child_authenticate: msgctl for msgid %d returned error: %s\n", msg_id, strerror(errno)); } sin = (struct sockaddr_in *) &rad_saremote; authreq = radrecv( @@ -1507,7 +1521,7 @@ VALUE_PAIR *user_check; VALUE_PAIR *user_reply; char auth_name[AUTH_STRING_LEN + 2]; - char callfrom[32]; + char callfrom[32],callingnum[16]; char pw_digest[16]; char string[AUTH_STRING_LEN + 20 + 2]; char umsg[AUTH_STRING_LEN + 2]; @@ -1586,9 +1600,11 @@ callpair = get_attribute(authreq->request, PW_CALLING); if (callpair == (VALUE_PAIR *)NULL || callpair->lvalue > 20) { - callfrom[0] = '\0'; + callfrom[0] = callingnum[0] = '\0'; } else { - sprintf(callfrom," at %s",callpair->strvalue); + snprintf(callfrom, sizeof(callfrom), " at %s", + callpair->strvalue); + strncpy(callingnum,callpair->strvalue,sizeof(callingnum)); } /* @@ -1692,6 +1708,17 @@ } break; + case PW_ANONYMOUS: + if (check_item->lvalue == 0) { + if ((callingnum[0]<'0') || + (callingnum[0]>'9')) { + sprintf(umsg, + "Anonymous calling not allowed\r\n"); + user_msg = umsg; + result = -1; + } + } + break; default: if(auth_item == (VALUE_PAIR *)NULL) { result = -1; @@ -1902,12 +1929,12 @@ code = PW_PASSWORD_REJECT; } else { -#endif PASSCHANGE +#endif /* PASSCHANGE */ code = PW_AUTHENTICATION_REJECT; report[RR_REJECT]++; #ifdef PASSCHANGE } -#endif PASSCHANGE +#endif /* PASSCHANGE */ DEBUG("sending reject to %s\n", req2strp(authreq)); total_length = build_packet(authreq,(VALUE_PAIR *)NULL,msg,code,FW_REPLY,send_buffer); @@ -2044,7 +2071,8 @@ /* Check to see if the response is a menu */ if((menu_attr = get_attribute(reply, PW_MENU)) != (VALUE_PAIR *)NULL) { msg = get_menu(menu_attr->strvalue); - sprintf(state_value, "MENU=%s", menu_attr->strvalue); + snprintf(state_value, sizeof(state_value), "MENU=%s", + menu_attr->strvalue); send_challenge(authreq, msg, state_value, activefd); return; } @@ -2385,19 +2413,31 @@ AUTH_REQ *authreq; u_char *secret; { - u_char buffer[128]; - int secretlen; + u_char *buffer; + size_t secretlen; + size_t len; - /* Use the secret to setup the decryption digest */ - memset(buffer, 0, sizeof(buffer)); secretlen = strlen((char *)secret); - memcpy((char *)buffer, (char *)secret,secretlen); + len = secretlen + AUTH_VECTOR_LEN; + + memset(digest, 0, sizeof(digest)); + + buffer = (u_char *)malloc(len+1); + if(buffer == NULL) + return; + + /* Use the secret to setup the decryption digest */ + memset(buffer, 0, len+1); + memcpy((char *)buffer, (char *)secret, secretlen); memcpy(buffer + secretlen, authreq->vector, AUTH_VECTOR_LEN); - md5_calc(digest, buffer, secretlen + AUTH_VECTOR_LEN); - memset(buffer, 0, secretlen+AUTH_VECTOR_LEN); + md5_calc(digest, buffer, len); + memset(buffer, 0, len); + + free(buffer); return; } + /************************************************************************* * * Function: calc_next_digest @@ -2566,7 +2606,7 @@ /* Check last modified time of clients file */ sprintf((char *)buffer, "%s/%s", radius_dir, RADIUS_CLIENTS); - if(stat(buffer, &statbuf) != 0) { + if(stat((char *)buffer, &statbuf) != 0) { log_err("Error: clients file %s not found\n", buffer); return(-1); } @@ -2586,7 +2626,7 @@ sprintf((char *)oldcache, "%s/%s", radius_dir, RADIUS_CLIENT_CACHE); sprintf((char *)newcache, "%s.lock", oldcache); #if defined(NDBM) - if((db = dbm_open(newcache, O_RDWR | O_CREAT | O_TRUNC, 0600)) + if((db = dbm_open((char *)newcache, O_RDWR | O_CREAT | O_TRUNC, 0600)) == (DBM *)NULL) { #else if(dbminit(newcache) != 0) { @@ -2608,7 +2648,7 @@ named.dptr = ip_str; named.dsize = strlen(ip_str); contentd.dptr = (char *)buffer; - contentd.dsize = strlen(buffer); + contentd.dsize = strlen((char *)buffer); #if defined(NDBM) if(dbm_store(db, named, contentd, DBM_INSERT) != 0) { #else /* not NDBM */ @@ -2624,11 +2664,11 @@ } dbm_close(db); fclose(clientfd); - s1 = strlen(newcache); - strcat(newcache,".db"); - if (stat(newcache,&statbuf2) == 0) { - strcat(oldcache,".db"); - if (rename(newcache,oldcache) != 0) { + s1 = strlen((char *)newcache); + strcat((char *)newcache,".db"); + if (stat((char *)newcache,&statbuf2) == 0) { + strcat((char *)oldcache,".db"); + if (rename((char *)newcache,(char *)oldcache) != 0) { log_err("Error: could not move client cache file %s to %s, error %d\n",newcache,oldcache,errno); return(-1); } else { @@ -2636,18 +2676,18 @@ } } else { newcache[s1] = '\0'; - s2 = strlen(oldcache); - strcat(newcache,".pag"); - strcat(oldcache,".pag"); - if (rename(newcache,oldcache) != 0) { + s2 = strlen((char *)oldcache); + strcat((char *)newcache,".pag"); + strcat((char *)oldcache,".pag"); + if (rename((char *)newcache,(char *)oldcache) != 0) { log_err("Error: could not move client cache file %s to %s, error %d\n",newcache,oldcache,errno); return(-1); } newcache[s1] = '\0'; oldcache[s2] = '\0'; - strcat(newcache,".dir"); - strcat(oldcache,".dir"); - if (rename(newcache,oldcache) != 0) { + strcat((char *)newcache,".dir"); + strcat((char *)oldcache,".dir"); + if (rename((char *)newcache,(char *)oldcache) != 0) { log_err("Error: could not move client cache file %s to %s, error %d\n",newcache,oldcache,errno); rcode = -1; } else { --- radiusd-livingston-2.1.orig/src/dbmrec.c +++ radiusd-livingston-2.1/src/dbmrec.c @@ -51,11 +51,18 @@ #include #include +#include +#include #include "radius.h" #ifdef NDBM -# include +# ifdef BERKELEY_DB +# define DB_DBM_HSEARCH 1 +# include +# else +# include +# endif #else /* not NDBM */ # include #endif /* NDBM */ @@ -70,7 +77,6 @@ int debug_mem = 0; extern int errno; -extern char * sys_errlist[]; int main(argc, argv) @@ -113,7 +119,7 @@ #endif /* NDBM */ { printf("Couldn't open DBM file error<%s>\n", - sys_errlist[errno]); + strerror(errno)); exit(errno); } --- radiusd-livingston-2.1.orig/src/dbmkeys.c +++ radiusd-livingston-2.1/src/dbmkeys.c @@ -51,19 +51,25 @@ #include #include +#include +#include #include "radius.h" #ifdef NDBM -# include +# ifdef BERKELEY_DB +# define DB_DBM_HSEARCH 1 +# include +# else +# include +# endif #else /* not NDBM */ # include #endif /* not NDBM */ extern int errno; -extern char *sys_errlist[]; -main(argc, argv) +int main(argc, argv) int argc; char * argv[]; { @@ -80,7 +86,7 @@ #endif /* not NDBM */ { printf("Couldn't open DBM file error<%s>\n", - sys_errlist[errno]); + strerror(errno)); exit(errno); } --- radiusd-livingston-2.1.orig/src/dict.c +++ radiusd-livingston-2.1/src/dict.c @@ -52,6 +52,7 @@ #include #include #include +#include #include "radius.h" --- radiusd-livingston-2.1.orig/src/version.c +++ radiusd-livingston-2.1/src/version.c @@ -52,6 +52,7 @@ #include #include #include +#include #include "radius.h" extern char *progname; @@ -87,20 +88,21 @@ { char buffer[1024]; void build_version(); - void log_msg(); + void log_info(); - build_version(buffer); - log_msg(LOG_INFO, buffer); + build_version(buffer, sizeof(buffer)); + log_info("%s", buffer); } void -build_version(bp) +build_version(bp, bp_len) char * bp; +const size_t bp_len; { extern int accept_zero; extern int radius_dbm; - sprintf(bp, "%s: %s ", progname, VERSION); + snprintf(bp, bp_len-48, "%s: %s ", progname, VERSION); /* here are all the conditional feature flags */ --- radiusd-livingston-2.1.orig/src/proxy.c +++ radiusd-livingston-2.1/src/proxy.c @@ -69,6 +69,7 @@ #include #include #include +#include #include "radius.h" #include "users.h" @@ -136,11 +137,10 @@ char *ip_hostname(); char digest[AUTH_VECTOR_LEN]; char hold_digest[AUTH_VECTOR_LEN]; - char *sentreqauth; - int recvfrom(); + char *sentreqauth = NULL; int result; int secretlen; - size_t salen; + socklen_t salen; struct sockaddr_in *sin; struct sockaddr_in rad_saremote; u_short port; @@ -156,7 +156,8 @@ result = recvfrom (fd, (char *) recv_buffer, (int) sizeof(recv_buffer), - (int) 0, (struct sockaddr *)&rad_saremote, &salen); + (int) 0, (struct sockaddr *)&rad_saremote, + &salen); host = ntohl(sin->sin_addr.s_addr); port = ntohs(sin->sin_port); @@ -483,7 +484,7 @@ static int first = 0; static time_t last_update_time; FILE *fd; - PEER *curserv; + PEER *curserv = NULL; PEER *peeralloc(); PEER *server; UINT4 get_ipaddr(); @@ -499,7 +500,7 @@ int nproxy; struct stat statbuf; u_char buffer[256]; - u_short rport; + int rport; void peerfree(); int fclose(); @@ -507,7 +508,7 @@ /* Check last modified time of proxy file */ sprintf((char *)buffer, "%s/%s", radius_dir, RADIUS_PROXY); - if(stat(buffer, &statbuf) != 0) { + if(stat((char *)buffer, &statbuf) != 0) { if (first == 0) { log_err("proxy file %s not found; not using proxy\n", buffer); first++; @@ -526,7 +527,7 @@ errno = 0; if (gethostname(ourname, 128) != 0) { log_err("update_proxy: unable to get own hostname; %s\n", - sys_errlist[errno]); + strerror(errno)); } ouraddress = get_ipaddr(ourname); if (ouraddress == 0) { @@ -544,7 +545,7 @@ /* Open the proxy file */ if((fd = fopen((const char *)buffer, "r")) == (FILE *)NULL) { log_err("Error: could not read proxy file %s; %s\n", buffer, - sys_errlist[errno]); + strerror(errno)); return(-1); } @@ -567,7 +568,7 @@ || *buffer == '\n') { continue; } - hostnm = strtok(buffer, " \t\n"); + hostnm = strtok((char *)buffer, " \t\n"); secret = strtok((char *)NULL, " \t\n"); realm = strtok((char *)NULL, " \t\n"); if (realm == (char *)NULL) { @@ -705,7 +706,7 @@ char *number; char *ptr; char *realm; - char *strchr(); +/* char *strchr(); */ int rad_forw_ipass(); int ret; void push_proxy(); @@ -1051,7 +1052,7 @@ AUTH_REQ *qp; AUTH_REQ *prevqp; static char inuse[256]; - u_char newid; + int newid; static u_char curid = 0; static int flushcount = 0; extern int max_proxy_time; --- radiusd-livingston-2.1.orig/src/md5test.c +++ radiusd-livingston-2.1/src/md5test.c @@ -67,7 +67,11 @@ #include #include +#include +void md5_calc(void *, void *, unsigned int); + +int main(argc,argv) int argc; char **argv; @@ -76,13 +80,12 @@ int h; int i,n = 0,len; - *argv++; while (scanf("%2x",&h) != EOF) { buf[n++] = h & 0xff; } - printf("%d %s\n",n,*argv); + printf("%d %s\n",n,argv[1]); len=strlen(*argv); - memcpy(&buf[n],*argv,len); + memcpy(&buf[n],argv[1],len); md5_calc(pw_digest, buf, n+len); for (i=0;i #include #include +#include #include "radius.h" @@ -106,7 +107,7 @@ int recfrom(); int retsig; int result; - size_t salen; + socklen_t salen; struct sockaddr_in *sin; u_short port; time_t time(); @@ -119,7 +120,8 @@ sin = (struct sockaddr_in *) & rad_saremote; result = recvfrom (fd, (char *) recv_buffer, (int) sizeof(recv_buffer), - (int) 0, (struct sockaddr *)&rad_saremote, &salen); + (int) 0, (struct sockaddr *)&rad_saremote, + &salen); if (result < AUTH_HDR_LEN) { log_err("accounting: runt packet of %d bytes\n",result); --- radiusd-livingston-2.1.orig/src/radius.h +++ radiusd-livingston-2.1/src/radius.h @@ -146,6 +146,8 @@ #define PW_CRYPT_PASSWORD 1006 #define PW_CONNECT_RATE 1007 +#define PW_ANONYMOUS 2000 + /* * INTEGER TRANSLATIONS */ @@ -247,8 +249,8 @@ /* Default Database File Names */ -#define RADIUS_DIR "/etc/raddb" -#define RADACCT_DIR "/usr/adm/radacct" +#define RADIUS_DIR "/etc/radiusd-livingston" +#define RADACCT_DIR "/var/log/radiusd-livingston" #define RADIUS_DICTIONARY "dictionary" #define RADIUS_CLIENTS "clients" --- radiusd-livingston-2.1.orig/src/users.c +++ radiusd-livingston-2.1/src/users.c @@ -60,6 +60,7 @@ #include #include #include +#include int db_index; @@ -376,7 +377,7 @@ int atoi(); char attrstr[64]; char valstr[256]; - DICT_ATTR *attr; + DICT_ATTR *attr = NULL; DICT_ATTR *dict_attrfind(); DICT_VALUE *dval; DICT_VALUE *dict_valfind(); @@ -407,7 +408,7 @@ case PARSE_MODE_NAME: /* Attribute Name */ - fieldcpy(attrstr, &buffer); + fieldcpy(attrstr, &buffer, sizeof(attrstr)-1); if((attr = dict_attrfind(attrstr)) == (DICT_ATTR *)NULL) { return(-1); @@ -428,7 +429,7 @@ case PARSE_MODE_VALUE: /* Value */ - fieldcpy(valstr, &buffer); + fieldcpy(valstr, &buffer, sizeof(valstr)-1); pair = pairalloc("userparse"); @@ -514,17 +515,19 @@ *************************************************************************/ static void -fieldcpy(string, uptr) +fieldcpy(string, uptr, len) char *string; char **uptr; +int len; { char *ptr; ptr = *uptr; if(*ptr == '"') { ptr++; - while(*ptr != '"' && *ptr != '\0' && *ptr != '\n') { + while(*ptr != '"' && *ptr != '\0' && *ptr != '\n' && len > 0) { *string++ = *ptr++; + len--; } *string = '\0'; if(*ptr == '"') { @@ -535,8 +538,9 @@ } while(*ptr != ' ' && *ptr != '\t' && *ptr != '\0' && *ptr != '\n' && - *ptr != '=' && *ptr != ',') { + *ptr != '=' && *ptr != ',' && len > 0) { *string++ = *ptr++; + len--; } *string = '\0'; *uptr = ptr; --- radiusd-livingston-2.1.orig/src/pass.c +++ radiusd-livingston-2.1/src/pass.c @@ -57,6 +57,7 @@ #include #include #include +#include #include "radius.h" #include "users.h" --- radiusd-livingston-2.1.orig/src/testuser.c +++ radiusd-livingston-2.1/src/testuser.c @@ -57,7 +57,7 @@ #include #include "radius.h" #include "users.h" -#include +/* #include */ char *progname; int debug_flag; --- radiusd-livingston-2.1.orig/src/radtest.c +++ radiusd-livingston-2.1/src/radtest.c @@ -80,18 +80,28 @@ static char sccsid[] = "$Id: radtest.c,v 1.1 1999/06/23 23:40:43 cdr Exp $ Copyright 1992-1999 Lucent Technologies Inc"; - -#include "stdio.h" -#include "stdlib.h" -#include "errno.h" -#include "sys/types.h" -#include "sys/socket.h" -#include "sys/param.h" -#include "sys/time.h" -#include "netdb.h" -#include "netinet/in.h" +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include #include "radius.h" +int dict_init(); +void md5_calc(void *, void *, unsigned int); +char * req2strp(AUTH_REQ *); +char * ipaddr2strp(UINT4); +void fprint_attr_val(FILE *, VALUE_PAIR *); + + int fd; char * host_name; struct sockaddr_in addr; @@ -115,7 +125,7 @@ char *radius_log = "/dev/tty"; UINT4 now = 0; -main(argc, argv) +int main(argc, argv) char * argv[]; { AUTH_HDR *ah; @@ -134,7 +144,7 @@ int i; int len; int rc; - int sa_len; + socklen_t sa_len; int service_type; int val; int verbose_flag; @@ -492,7 +502,7 @@ rad_exit(errno); } if (FD_ISSET(fd, &fdset)) { - sa_len = sizeof sa_ihd; + sa_len = sizeof(sa_ihd); if ((rc = recvfrom(fd, r_buf, sizeof r_buf, 0, (struct sockaddr *)&sa_ihd, &sa_len)) < 0) { perror("recvfrom: "); @@ -528,7 +538,7 @@ ah->code, ah->id, ah->length); - return; + return 1; break; } @@ -545,6 +555,7 @@ } close(fd); + exit(0); } --- radiusd-livingston-2.1.orig/src/util.c +++ radiusd-livingston-2.1/src/util.c @@ -59,6 +59,7 @@ #include #include #include +#include #include "radius.h" @@ -363,7 +364,7 @@ hmembuf = nmembuf; } if (debug_mem) { - log_err("called bufalloc(%d,%s) = %x %d\n",size,where,(int)buf,nmembuf); + log_err("called bufalloc(%d,%s) = %p %d\n",size,where,buf,nmembuf); } return buf; @@ -389,7 +390,7 @@ extern int debug_mem; if (debug_mem) { - log_err("called buffree(%x,%s) = %d\n",(int)buf,where,nmembuf); + log_err("called buffree(%p,%s) = %d\n",buf,where,nmembuf); } if (buf == (char *)NULL) { log_err("%s called buffree with NULL pointer\n",where); @@ -571,7 +572,7 @@ hmemreq = nmemreq; } if (debug_mem) { - log_err("called reqalloc(%s) = %x %d\n",where,(int)authreq,nmemreq); + log_err("called reqalloc(%s) = %p %d\n",where,authreq,nmemreq); } return authreq; @@ -597,7 +598,7 @@ extern int debug_mem; if (debug_mem) { - log_err("called reqfree(%x,%s) = %d\n",(int)authreq,where,nmemreq); + log_err("called reqfree(%p,%s) = %d\n",authreq,where,nmemreq); } if (authreq == (AUTH_REQ *)NULL) { log_err("%s called reqfree with NULL pointer\n",where); @@ -730,7 +731,7 @@ int n; { int i; - int j; + int j = 0; char s[64]; if (n > 200) { --- radiusd-livingston-2.1.orig/src/log.c +++ radiusd-livingston-2.1/src/log.c @@ -98,6 +98,24 @@ /************************************************************************* * + * Function: log_info + * + * Purpose: Log the debug message + * + *************************************************************************/ + +void +log_info(char * fmt, ...) +{ + va_list args; + + va_start(args, fmt); + log_msg(LOG_INFO, fmt, args); + va_end(args); +} + +/************************************************************************* + * * Function: log_msg * * Purpose: Log the priority message @@ -145,8 +163,8 @@ */ openlog("radius", LOG_PID | LOG_CONS | LOG_NOWAIT, LOG_AUTH); #ifdef VSYSLOG - vsprintf(buffer, fmt, args); - syslog(priority, buffer); + vsnprintf(buffer, sizeof(buffer), fmt, args); + syslog(priority, "%s", buffer); #else /* not VSYSLOG */ vsyslog(priority, fmt, args); #endif /* not VSYSLOG */ @@ -154,3 +172,5 @@ } return; } + + --- radiusd-livingston-2.1.orig/src/vports.c +++ radiusd-livingston-2.1/src/vports.c @@ -64,6 +64,7 @@ #include #include #include +#include #include "radius.h" #ifdef VPORTS @@ -145,7 +146,7 @@ cidcur = cidfirst; while(cidcur != NULL) { - if (!strcmp(cidcur->num, num)) { + if (!strcmp((char *)cidcur->num, (char *)num)) { return (VP_CALLED *)cidcur; } cidcur = cidcur->next; @@ -166,7 +167,7 @@ return; } cidcur = new_cidlist(); - strcpy(cidcur->num, num); + strcpy((char *)cidcur->num, (char *)num); cidcur->max = max; return; } @@ -440,7 +441,7 @@ return (VP_ACCTID *)NULL; acctid_cur = nasip_cur->acctid_first; while(acctid_cur != NULL) { - if (!strcmp(acctid_cur->acctid, acctid)) + if (!strcmp((char *)acctid_cur->acctid, (char *)acctid)) return (VP_ACCTID *)acctid_cur; acctid_cur = acctid_cur->next; } @@ -460,7 +461,7 @@ } if (nasip_cur->acctidinit != VP_LIST_INIT) { acctid_cur = begin_acctidlist(nasip_cur); - strcpy(acctid_cur->acctid, acctid); + strcpy(acctid_cur->acctid, (char *)acctid); return (VP_ACCTID *)acctid_cur; } if ((acctid_cur = malloc(sizeof(VP_ACCTID))) == NULL) { @@ -469,7 +470,7 @@ } acctid_cur->next = NULL; acctid_cur->prev = nasip_cur->acctid_last; - strcpy(acctid_cur->acctid, acctid); + strcpy(acctid_cur->acctid, (char *)acctid); if (nasip_cur->acctid_last != NULL) nasip_cur->acctid_last->next = acctid_cur; nasip_cur->acctid_last = acctid_cur; @@ -486,7 +487,7 @@ u_char called_sid[16]; int required; int in_use; - int service_type; + int service_type = 0; required = 0; @@ -505,7 +506,7 @@ case PW_CALLED: required++; - strcpy(called_sid, vp->strvalue); + strcpy((char *)called_sid, vp->strvalue); break; } vp = vp->next; @@ -544,13 +545,13 @@ VP_CALLED *cidcur; VP_NAS *nasip_cur; VP_ACCTID *acctid_cur; - UINT4 addr; + UINT4 addr = 0; char *ipaddr2strp(); u_char called_sid[16]; u_char acct_id[16]; u_char reboot_req; u_char required; - u_int record_type; + u_int record_type = 0; reboot_req = 0; required = 0; @@ -577,12 +578,12 @@ case PW_ACCT_SESSION_ID: required++; - strcpy(acct_id, vp->strvalue); + strcpy((char *)acct_id, vp->strvalue); break; case PW_CALLED: required++; - strcpy(called_sid, vp->strvalue); + strcpy((char *)called_sid, vp->strvalue); break; } vp = vp->next; --- radiusd-livingston-2.1.orig/src/conf/Linux_Deb +++ radiusd-livingston-2.1/src/conf/Linux_Deb @@ -0,0 +1,11 @@ +# Debian Linux +# +RADLIBS = -lcrypt -ldb +CPPFLAGS = -DBERKELEY_DB # -DNOSHADOW +COPT = -g -Wall + +ifneq (,$(findstring noopt,$(DEB_BUILD_OPTIONS))) +COPT += -O0 +else +COPT += -O2 +endif --- radiusd-livingston-2.1.orig/debian/docs +++ radiusd-livingston-2.1/debian/docs @@ -0,0 +1,2 @@ +README +README.security.patch --- radiusd-livingston-2.1.orig/debian/preinst +++ radiusd-livingston-2.1/debian/preinst @@ -0,0 +1,37 @@ +#! /bin/sh +# preinst script for radiusd-livingston +# +# see: dh_installdeb(1) + +set -e + +# summary of how this script can be called: +# * `install' +# * `install' +# * `upgrade' +# * `abort-upgrade' + +case "$1" in + install|upgrade) + if [ "$1" = "upgrade" ] + then + # Cleanup. Previous version did not stop the daemon in prerm. + invoke-rc.d radiusd-livingston stop || true + fi + ;; + + abort-upgrade) + ;; + + *) + echo "preinst called with unknown argument \`$1'" >&2 + exit 0 + ;; +esac + +# dh_installdeb will replace this with shell code automatically +# generated by other debhelper scripts. + +#DEBHELPER# + +exit 0 --- radiusd-livingston-2.1.orig/debian/compat +++ radiusd-livingston-2.1/debian/compat @@ -0,0 +1 @@ +5 --- radiusd-livingston-2.1.orig/debian/init.d +++ radiusd-livingston-2.1/debian/init.d @@ -0,0 +1,75 @@ +#! /bin/sh + +### BEGIN INIT INFO +# Provides: radiusd-livingston +# Required-Start: $syslog,$network +# Required-Stop: $syslog,$network +# Should-Start: $local_fs,$time +# Should-Stop: $local_fs +# Default-Start: 2 3 4 5 +# Default-Stop: 0 1 6 +# Short-Description: radiusd-livingston server +# Description: radiusd-livingston is a RADIUS server +### END INIT INFO + +PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin +DAEMON=/usr/sbin/radiusd +NAME=radiusd +DESC="RADIUS authentication server" +PKGN=radiusd-livingston +ARGS="-b -p 1645" + +test -f $DAEMON || exit 0 + +set -e + +case "$1" in + start) + echo -n "Starting $DESC: " + start-stop-daemon --start --pidfile /var/run/$NAME.pid \ + --exec $DAEMON -- $ARGS + echo "$NAME." + ;; + stop) + echo -n "Stopping $DESC: " + start-stop-daemon --stop --exec $DAEMON --name $NAME + rm -f /var/run/radiusd-livingston.pid || true + echo "$NAME." + ;; + #reload) + # + # If the daemon can reload its config files on the fly + # for example by sending it SIGHUP, do it here. + # + # If the daemon responds to changes in its config file + # directly anyway, make this a do-nothing entry. + # + # echo "Reloading $DESC configuration files." + # start-stop-daemon --stop --signal 1 --quiet --pidfile \ + # /var/run/$NAME.pid --exec $DAEMON + #;; + restart|force-reload) + # + # If the "reload" option is implemented, move the "force-reload" + # option to the "reload" entry above. If not, "force-reload" is + # just the same as "restart". + # + echo -n "Restarting $DESC: " + start-stop-daemon --stop --quiet --pidfile \ + /var/run/$NAME.pid --exec $DAEMON --name $NAME + rm -f /var/run/radiusd-livingston.pid || true + sleep 1 + start-stop-daemon --start --quiet --pidfile \ + /var/run/$NAME.pid --exec $DAEMON -- $ARGS + echo "$NAME." + ;; + *) + N=/etc/init.d/$PKGN + # echo "Usage: $N {start|stop|restart|reload|force-reload}" >&2 + echo "Usage: $N {start|stop|restart|force-reload}" >&2 + #echo "Usage: $N {start|stop}" >&2 + exit 1 + ;; +esac + +exit 0 --- radiusd-livingston-2.1.orig/debian/radtest.1 +++ radiusd-livingston-2.1/debian/radtest.1 @@ -0,0 +1,79 @@ +.TH RADTEST 1 +.\" NAME should be all caps, SECTION should be 1-8, maybe w/ subsection +.\" other parms are allowed: see man(7), man(1) +.SH NAME +radtest \- example RADIUS client program +.SH SYNOPSIS +.B radtest +.RB [ \-d\ ] +.RB [ \-f ] +.RB [ \-g\ ] +.RB [ \-h ] +.RB [ \-i\ ] +.RB [ \-p\ ] +.RB [ \-s\ ] +.RB [ \-t\ ] +.RB [ \-v ] +.RB [ \-x\ [\ \ ]\ ] +.B -u +.SH DESCRIPTION +.B radtest +sends a RADIUS packet to a server running on the same host as +.I radtest, +and prints out the attributes returned. +.SH OPTIONS +.TP +.B \-h +Show summary of options. +.TP +.B \-u +Specifies +.I username +and +.I password +(notice that this takes two arguments). +.TP +.B \-d +Sets Called Station Id. +.TP +.B \-f +Send framed dialin hint. (-t overrides this.) +.TP +.B \-g +Sets Calling Station Id. +.TP +.B \-i +Use +.I id +as the packet identifier. +.TP +.B \-p +Use port as the port to connect to (defaults to definition in +.I /etc/services, +or 1645). +.TP +.B \-s +Specifies the RADIUS shared secret (defaults to "localkey"). +.TP +.B \-t +Send +.I type +as the service type (overrides -f). This is a number. +.TP +.B \-v +Prints out the version. +.TP +.B \-x [ ] +Sets the "verbose level" to +.I level +or without an argument, increments it. (Not used.) +.SH SEE ALSO +radiusd(8) +.SH BUGS +It doesn't support accounting packets. It always fills in the +NAS-IP-Address as 127.0.0.1 and the NAS-Port as 1. Passwords longer +than 16 characters are not supported. It looks for its dictionary in +the same directory its run from. +.SH AUTHOR +This manual page was written by Paul Martin , +for the Debian GNU/Linux system (but may be used by others). --- radiusd-livingston-2.1.orig/debian/control +++ radiusd-livingston-2.1/debian/control @@ -0,0 +1,30 @@ +Source: radiusd-livingston +Section: net +Priority: optional +Maintainer: Ubuntu MOTU Developers +XSBC-Original-Maintainer: Paul Martin +Build-Depends: debhelper (>>5), libdb-dev +Standards-Version: 3.8.1 + +Package: radiusd-livingston +Architecture: any +Depends: ${shlibs:Depends} +Conflicts: radius-server +Replaces: radius-server +Provides: radius-server +Description: Remote Authentication Dial-In User Service (RADIUS) server + RADIUS is an AAA (authentication, authorization and accounting) protocol for + managing client access to network services, and is described by RFCs 2865 to + 2869. This version of the RADIUS server is from Lucent Technologies Inc., + formerly known as Livingston Enterprises Inc. + . + Some Internet Service Providers (ISPs) require a username and password to be + given on connection. Before access to the network is granted, this + information is passed to a Network Access Server (NAS) device over the + link-layer protocol and then to a RADIUS server over the RADIUS protocol. The + RADIUS server checks that the information is correct using authentication + schemes like PAP, CHAP or EAP. If accepted, the server will then authorize + access to the ISP's system and select an IP address, L2TP parameters, etc. + . + RADIUS is also commonly used for accounting purposes so that the users can be + billed accordingly. --- radiusd-livingston-2.1.orig/debian/templates +++ radiusd-livingston-2.1/debian/templates @@ -0,0 +1,14 @@ + +Template: radiusd-livingston/configure_clients +Type: note +_Description: Mandatory configuration of clients for the RADIUS server + Please copy the example file /usr/share/doc/radiusd-livingston/examples/clients + to /etc/radiusd-livingston/clients and edit it, adding an entry for each client + system. + +Template: radiusd-livingston/configure_users +Type: note +_Description: Mandatory configuration of users for the RADIUS server + Please copy the example file /usr/share/doc/radiusd-livingston/examples/users + to /etc/radiusd-livingston/users and edit it, adding an entry for each user + account. --- radiusd-livingston-2.1.orig/debian/radiusd.8 +++ radiusd-livingston-2.1/debian/radiusd.8 @@ -0,0 +1,180 @@ +.TH RADIUSD 8 +.\" NAME should be all caps, SECTION should be 1-8, maybe w/ subsection +.\" other parms are allowed: see man(7), man(1) +.SH NAME +radiusd \- RADIUS authentication/accounting server +.SH SYNOPSIS +.ad l +.HP +.B radiusd +.RB [ \-a\ DIR ] +.RB [ \-b ] +.RB [ \-d\ DIR ] +.RB [ \-h ] +.RB [ \-f\ FILE ] +.RB [ \-i\ IP_ADDRESS ] +.RB [ \-l\ FILE ] +.RB [ \-o ] +.RB [ \-p\ NUM ] +.RB [ \-q\ NUM ] +.RB [ \-s ] +.RB [ \-t\ NUM ] +.RB [ \-v ] +.RB [ \-w\ NUM ] +.RB [ \-x ] +.ad b +.SH DESCRIPTION +.B radiusd +is the RADIUS authentication and accounting server. +.SH OPTIONS +.TP +.B \-a DIR +Set the directory for RADIUS accounting logs to +.I DIR\fR. +The default location is +.I /var/log/radiusd-livingston\fR. +.TP +.B \-b +Use users DB database file +.I /etc/radiusd-livingston/users.db +rather than the flat text file +.I /etc/radiusd-livingston/users\fR. +.I builddbm(8) +may be used to create this database file. +.TP +.B \-d DIR +Set the database directory to DIR, rather than the default +.I /etc/radiusd-livingston\fR. +.TP +.B \-f FILE +Use FILE as a password file instead of using +.I getpwnam(3) +calls for "System" type authentication. +.TP +.B \-h +Show summary of options. +.TP +.B \-i IP_ADDR +Bind the RADIUS server to +.I IP_ADDR +address, rather than accepting for all IP addresses on the local machine. +.TP +.B \-l FILE +Log to +.I FILE +rather than the default behaviour of logging through syslog. + +If debugging is set, the default behaviour is to log to +.I /dev/tty +and setting +.I \-l syslog +in this case only will log through syslog. +.TP +.B \-p NUM +Sets the listening port of +.I radiusd +to +.I NUM +for access requests, +.I NUM+1 +for accounting requests, +.I NUM+5 +and +.I NUM+6 +for handling proxy requests. The default is to use the entries +.I radius\fR, +.I radacct\fR, +.I radius-proxy\fR, +and +.I radacct-proxy\fR +in +.I /etc/services +or 1645, 1646, 1815 and 1816 respectively. (Debian's /etc/services has +radius as 1812 and radacct as 1813 in accordance with the RFCs, but has +no entries for proxy services.) Most RADIUS clients default to 1645 and +1646, even though that is at variance with the RFCs. +.TP +.B \-o +Accept all-zero accounting request authenticators. + +The +.I \-o +flag is provided for backwards compatibility with non-compliant +RADIUS clients. If +.I radiusd +is run with the +.I \-o +flag, it logs unsigned accounting records, and flags them with +"Request-Authenticator = None". If +.I radiusd +is run without the +.I \-o +flag, it does not log unsigned accounting records. +.TP +.B \-q NUM +Set the maximum number of outstanding requests (default 100), setting a +limit on the number of child processes +.I radiusd +will spawn off to handle authentication. +.TP +.B \-s +Single process mode. When set +.I radiusd +does not fork off a separate accounting server, and does not fork off +separate authentication responders for each authentication request. +This mode is needed if you wish to use the Virtual Ports feature. +.TP +.B \-t NUM +Set the maximum time in seconds for a child authentication responder to +live to NUM. This catches responders that have become unresponsive. The +default is 30 seconds. +.TP +.B \-v +Print version number of +.I radiusd +on standard error. +.TP +.B \-w NUM +Sets the maximum time in seconds for the proxy server to wait for a +response before discarding the request to NUM. The default is 30 seconds. +.TP +.B \-x +Debug mode. +.SH SIGNALS +.TP +.B SIGUSR1 +Increment debugging level. +.TP +.B SIGUSR2 +Disables debugging. +.TP +.B SIGHUP +is ignored. Changes to the clients and proxy files are automatically +noticed and acted upon. There is no need to tell +.I radiusd +to reread them. +.SH FILES +.TP +.B /etc/radiusd-livingston/dictionary +RADIUS dictionary. +.B /etc/radiusd-livingston/clients +List of RADIUS clients and their shared secrets. +.TP +.B /etc/radiusd-livingston/proxy +Proxy configuration. +.TP +.B /etc/radiusd-livingston/users +RADIUS users database (plain ASCII format) +.TP +.B /etc/radiusd-livingston/users.db +RADIUS users database (Berkeley DB 2.x format), made by builddbm +.TP +.B /var/log/radiusd-livingston/CLIENT/details +RADIUS accounting logs for CLIENT. +.SH AUTHOR +radiusd is copyright 1999 Lucent Technologies Inc. All rights reserved. +.PP +This manual page was written by Paul Martin , +for the Debian GNU/Linux system (but may be used by others). +.SH SEE ALSO +builddbm(8), db_intro(3) --- radiusd-livingston-2.1.orig/debian/README.Debian +++ radiusd-livingston-2.1/debian/README.Debian @@ -0,0 +1,47 @@ +radiusd-livingston for Debian +----------------------------- + +This is the Livingston/Lucent radiusd 2.1 with the following additions +and changes: + + * Logging goes to /var/log/radiusd-livingston rather than + /usr/adm/radacct. Configuration files in /etc/radiusd-livingston + rather than /etc/raddb. (Debian Standards compliance) + + * Addition of an "Anonymous-Caller" attribute, which when set to "no" + rejects incoming calls that present no caller-id. + + * It's compiled to use Berkeley DB 2.x, not 1.8x, for its database + files, using the DB1 compatibility interface. + + * Fixed a bug in the default UDP port setting for radacct-proxy. + + * For backwards compatibility, the server's init.d script will cause + it to use 1645/udp and 1646/udp for RADIUS authentication and + accounting respectively. This can be changed by editing the ARGS= + line in /etc/init.d/radiusd-livingston + + * Cleaned up some compiler warnings. + + * Incorporated the following patches from + http://www.vergenet.net/linux/radius/ + + radius-2.1-overflow.patch + Security fix for buffer overflow problem. This fixes the problem + reported by ISS on the 5th of July 2001. + + radius-2.1.digest.patch + Security fix for buffer overflow in message digest problem. This + patch fixes VU#589523 published by CERT the 4th of March 2002. + Note that this implementation of radius is not vulnerable to + VU#936683. + +Notes: + + * If you use the system passwords for authentication, the passwd/shadow + any passwords in the MD5 format will not work. Only crypt() passwords + work. Patches to fix this are welcome. + + * You can't use system passwords for CHAP authentication. + + -- Paul Martin , Thu, 22 Aug 2002 14:32:29 +0100 --- radiusd-livingston-2.1.orig/debian/builddbm.8 +++ radiusd-livingston-2.1/debian/builddbm.8 @@ -0,0 +1,43 @@ +.TH BUILDDBM 8 +.\" NAME should be all caps, SECTION should be 1-8, maybe w/ subsection +.\" other parms are allowed: see man(7), man(1) +.SH NAME +builddbm \- build radius user database +.SH SYNOPSIS +.B builddbm +.RB [ \-d\ ] +.RB [ \-h ] +.RB [ \-v ] +.RB [ \-x ] +.SH DESCRIPTION +.B builddbm +rebuilds the +.I /etc/radiusd-livingston/users.db +file from the file +.I users +in the current directory, or the directory specified in the +.I \-d +option. +.SH OPTIONS +.TP +.B \-h +Show summary of options. +.TP +.B \-v +Print version number of +.I builddbm +to standard error. +.TP +.B \-d +Write users database to directory . +.TP +.B \-x +Turn debugging on. +.SH SEE ALSO +radiusd(8), db_intro(3) +.SH FILES +.IP /etc/radiusd-livingston/users.db +Radius users database (Berkeley DB 2.x format) +.SH AUTHOR +This manual page was written by Paul Martin , +for the Debian GNU/Linux system (but may be used by others). --- radiusd-livingston-2.1.orig/debian/postinst +++ radiusd-livingston-2.1/debian/postinst @@ -0,0 +1,54 @@ +#! /bin/sh +# postinst script for radiusd-livingston +# +# see: dh_installdeb(1) + +set -e + +# summary of how this script can be called: +# * `configure' +# * `abort-upgrade' +# * `abort-remove' `in-favour' +# +# * `abort-deconfigure' `in-favour' +# `removing' +# +# for details, see /usr/doc/packaging-manual/ +# +# quoting from the policy: +# Any necessary prompting should almost always be confined to the +# post-installation script, and should be protected with a conditional +# so that unnecessary prompting doesn't happen if a package's +# installation fails and the `postinst' is called with `abort-upgrade', +# `abort-remove' or `abort-deconfigure'. + +case "$1" in + configure) + if [ -f /etc/radiusd-livingston/users.dir ]; then + rm /etc/radiusd-livingston/users.dir || true + rm /etc/radiusd-livingston/users.pag || true + echo + echo "The RADIUS users database format has changed. Attempting to" + echo "rebuild in new Berkeley db format." + (cd /etc/radiusd-livingston; /usr/sbin/builddbm) || true + fi + ;; + + abort-upgrade|abort-remove|abort-deconfigure) + + ;; + + *) + echo "postinst called with unknown argument \`$1'" >&2 + exit 0 + ;; +esac + +# dh_installdeb will replace this with shell code automatically +# generated by other debhelper scripts. + +#DEBHELPER# + +exit 0 + + --- radiusd-livingston-2.1.orig/debian/dirs +++ radiusd-livingston-2.1/debian/dirs @@ -0,0 +1,4 @@ +usr/bin +usr/sbin +etc/radiusd-livingston +var/log/radiusd-livingston --- radiusd-livingston-2.1.orig/debian/cron.daily +++ radiusd-livingston-2.1/debian/cron.daily @@ -0,0 +1,16 @@ +#! /bin/sh +# radiusd-livingston Cron script to rotate radiusd log files daily. +# +# Keep 32 days worth... they compress very well. + +test -d /var/log/radiusd-livingston || exit 0 + +cd /var/log/radiusd-livingston +for LOG in */detail +do + if [ -f $LOG ]; then + savelog -g adm -m 640 -u root -c 32 $LOG >/dev/null + fi +done + +# No need to restart radiusd --- radiusd-livingston-2.1.orig/debian/rules +++ radiusd-livingston-2.1/debian/rules @@ -0,0 +1,98 @@ +#!/usr/bin/make -f +# Sample debian/rules that uses debhelper. +# GNU copyright 1997 to 1999 by Joey Hess. + +# Uncomment this to turn on verbose mode. +#export DH_VERBOSE=1 + +INSTALL = install +INSTALL_FILE = $(INSTALL) -p -o root -g root -m 644 +INSTALL_PROGRAM = $(INSTALL) -p -o root -g root -m 755 +INSTALL_SCRIPT = $(INSTALL) -p -o root -g root -m 755 +INSTALL_DIR = $(INSTALL) -p -d -o root -g root -m 755 +ifeq (,$(findstring nostrip,$(DEB_BUILD_OPTIONS))) +INSTALL_PROGRAM += -s +endif + + +package = `dh_listpackages` +instdir = `pwd`/debian/$(package) + +build: build-stamp +build-stamp: + dh_testdir + + + # Add here commands to compile the package. + cd src; $(MAKE) EXT=Linux_Deb all + + touch build-stamp + +clean: + dh_testdir + dh_testroot + rm -f build-stamp install-stamp + + # Add here commands to clean up after the build process. + -cd src; $(MAKE) EXT=Linux_Deb clean + + dh_clean + +install: build + dh_testdir + dh_testroot + dh_clean -k + dh_installdirs + + # Add here commands to install the package into debian/packagename + $(INSTALL_PROGRAM) src/Linux_Deb/radiusd $(instdir)/usr/sbin/ + $(INSTALL_PROGRAM) src/Linux_Deb/builddbm $(instdir)/usr/sbin/ + $(INSTALL_PROGRAM) src/Linux_Deb/radtest $(instdir)/usr/bin/ + cp -a raddb/dictionary $(instdir)/etc/radiusd-livingston/ + #cp -a raddb/clients \ + # $(instdir)/etc/radiusd-livingston/clients.example + #cp -a raddb/proxy \ + # $(instdir)/etc/radiusd-livingston/proxy.example + #cp -a raddb/users \ + # $(instdir)/etc/radiusd-livingston/users.example + chmod 750 $(instdir)/etc/radiusd-livingston + chmod 640 $(instdir)/etc/radiusd-livingston/* + + touch install-stamp + +# Build architecture-independent files here. +binary-indep: build install +# We have nothing to do by default. + +# Build architecture-dependent files here. +binary-arch: build install + dh_testdir + dh_testroot +# dh_installdebconf + dh_installdocs + dh_installexamples raddb/* +# dh_installmenu +# dh_installlogrotate +# dh_installemacsen +# dh_installpam +# dh_installmime + dh_installinit + dh_installcron + dh_installman debian/radiusd.8 debian/radtest.1 debian/builddbm.8 +# dh_installinfo +# dh_undocumented + dh_installchangelogs + dh_link + dh_strip + dh_compress + dh_fixperms +# dh_makeshlibs + dh_installdeb +# dh_perl + dh_shlibdeps + dh_gencontrol + dh_md5sums + dh_builddeb + +binary: binary-indep binary-arch +.PHONY: build clean binary-indep binary-arch binary install --- radiusd-livingston-2.1.orig/debian/changelog +++ radiusd-livingston-2.1/debian/changelog @@ -0,0 +1,222 @@ +radiusd-livingston (2.1-17ubuntu1) karmic; urgency=low + + [ Ubuntu Merge-o-Matic ] + * Merge from debian unstable, remaining changes: + - debian/control: do not depend on versioned libdb*-dev packages but on libdb-dev + + -- Stephan Hermann Tue, 12 May 2009 11:36:17 +0000 + +radiusd-livingston (2.1-17) unstable; urgency=low + + * Build-dep on libdb4.7-dev. (Closes: #524296) + * Bump standards version (no changes). + + -- Paul Martin Thu, 16 Apr 2009 11:35:33 +0100 + +radiusd-livingston (2.1-16.1ubuntu2) jaunty; urgency=low + + * debian/control: do not depend on versioned libdb*-dev packages but on lkibdb-dev + + -- Stephan Hermann Wed, 12 Nov 2008 12:51:16 +0000 + +radiusd-livingston (2.1-16.1ubuntu1) jaunty; urgency=low + + * debian/control: bumbed libdb4.5-dev to libdb4.6-dev + * Modify Maintainer value to match the DebianMaintainerField + specification. + + -- Stephan Hermann Tue, 11 Nov 2008 15:40:12 +0000 + +radiusd-livingston (2.1-16.1) unstable; urgency=low + + * Non-maintainer upload. + * Drop debconf templates that are not used. Closes: #422325 + * Translations are dropped as well which + Closes: #450987, #459905, #460312, #470475, #485005 + + -- Christian Perrier Sun, 01 Jun 2008 18:05:58 +0200 + +radiusd-livingston (2.1-16) unstable; urgency=low + + [ debian-i18n ] + * Debconf templates and debian/control reviewed by the debian-l10n- + english team as part of the Smith review project. Closes: #425858 + * Debconf translation updates: + Arabic (ar.po) Closes: #427111 + Czech (cz.po) Closes: #427891 + French (fr.po) Closes: #427342 + Galician (gl.po) Closes: #426430 + German (de.po) Closes: #427540 + Italian (it.po) Closes: #427227 + Portuguese (pt.po) Closes: #427063 + Swedish (sv.po) Closes: #426593 + + [ Paul Martin ] + * Thanks to Christian Perrier for coordinating the above. + + -- Paul Martin Fri, 07 Mar 2008 09:07:42 +0000 + +radiusd-livingston (2.1-15) unstable; urgency=low + + * Patch for logic error which gcc gives a warning for. + Thanks to Ian Brabham. + * Switch to using invoke-rc.d instead of calling script in /etc/init.d + directly. + * Build against libdb4.5. (Closes: #421952) + * Fix all gcc warnings. (Closes: #371140) + * Fix lintian warnings: + debian-rules-sets-DH_COMPAT, init.d-script-missing-lsb-section, + out-of-date-standards-version, read-in-maintainer-script. + * Uses debconf for printing notes. (Closes: #328329) + + -- Paul Martin Wed, 02 May 2007 22:24:16 +0100 + +radiusd-livingston (2.1-14) unstable; urgency=low + + * Fix bash-ism in debian/rules. (Closes: #376357) + + -- Paul Martin Sun, 2 Jul 2006 16:09:29 +0100 + +radiusd-livingston (2.1-13) unstable; urgency=low + + * Added errno.h include to src/dbmrec.c and src/dbmkey.c. Fixes build + on amd64. (Closes: #273629) + + -- Paul Martin Tue, 26 Apr 2005 18:42:03 +0100 + +radiusd-livingston (2.1-12) unstable; urgency=low + + * Now build against libdb4.2-dev. (Closes: #248519) + * Newer standards version. + * Switch from dh_installmanpages to dh_installman + + -- Paul Martin Wed, 18 Aug 2004 21:49:48 +0100 + +radiusd-livingston (2.1-11) unstable; urgency=low + + * Added Tunnel-Client-Auth-ID and Tunnel-Server-Auth-ID attributes + to dictionary. + + -- Paul Martin Thu, 13 Nov 2003 03:17:05 +0000 + +radiusd-livingston (2.1-10) unstable; urgency=low + + * Implement restart and force-reload in init.d script + (Closes: #197038) + * Fix postinst to point at correct location of example clients and + users files. (Closes: #203615) + + -- Paul Martin Tue, 19 Aug 2003 15:32:36 +0100 + +radiusd-livingston (2.1-9) unstable; urgency=low + + * Removed #include of varargs.h from src/testuser.c. It doesn't + use it, and GCC 3.3 has deprecated varargs.h. (Closes: #195497) + * Fixed radiusd.8 and builddbm.8 NAME section heading. + * Fix debian/copyright to stop lintian moaning. + * Written a manpage for radtest.1. + * Cleaned up compiler warnings: + + added #include to md5test.c, dbmrec.c, dbmkeys.c + + changed sys_errlist[] reference to strerror() call in + builddbm.c, dbmkeys.c, dbmrec.c, radiusd.c, proxy.c + + commented out extra stuff after #endif in radiusd.c + * Standards-Version: 3.5.10 + + -- Paul Martin Sat, 31 May 2003 15:04:12 +0100 + +radiusd-livingston (2.1-8) unstable; urgency=low + + * Added Build-Depends on libdb2-dev. (Closes: #159256) + + -- Paul Martin Tue, 3 Sep 2002 01:03:33 +0100 + +radiusd-livingston (2.1-7) unstable; urgency=low + + * Included radtest program in the package at the suggestion of + Todd Charron . + * Use debhelper v4. + * Standards-Version: 3.5.6 + * Updated to use db2 includes, as the db1-compat header files are no + longer supported by libc6. + * Allow use of shadow passwords. (Closes: #157754) + * Additions to README.Debian, and "debian/rules clean" now cleans up + install-stamp. + + -- Paul Martin Thu, 22 Aug 2002 14:36:39 +0100 + +radiusd-livingston (2.1-6) unstable; urgency=high + + * Applied security fix radius-2.1.digest.patch from + http://www.vergenet.net/linux/radius/ which fixes remote overflow + vulnerability from CERT VU#589523. + + -- Paul Martin Tue, 5 Mar 2002 18:47:47 +0000 + +radiusd-livingston (2.1-5) unstable; urgency=low + + * Conflicts,Depends,Replaces new virtual package "radius-server". + + -- Paul Martin Mon, 19 Nov 2001 22:50:16 +0000 + +radiusd-livingston (2.1-4) unstable; urgency=low + + * Applied the patch from John R. Daily to fix + several portability errors. (Closes: #105416) + + -- Paul Martin Mon, 6 Aug 2001 12:05:32 +0100 + +radiusd-livingston (2.1-3) unstable; urgency=low + + * Applied Simon Horman & Mark Dowd's overflow vulnerability fix. + See /usr/share/doc/radiusd-livingston/README.security.patch for + details. + + -- Paul Martin Fri, 13 Jul 2001 14:56:48 +0100 + +radiusd-livingston (2.1-2) unstable; urgency=low + + * Fixed control file to clean up lintian errors. + * Updated debian/rules to debhelper 3. + + -- Paul Martin Wed, 6 Jun 2001 23:23:52 +0100 + +radiusd-livingston (2.1-1) unstable; urgency=low + + * New upstream release. (closes: #10847, #12230, #20781) + * New maintainer. + * Updated package description. (closes: #18995) + + -- Paul Martin Tue, 7 Nov 2000 02:52:56 +0000 + +radiusd-livingston (1.16.1-0.1) unstable; urgency=low + + * New upstream release. + * Compiled for Libc6. + * Non-maintainer release. + + -- Jay Kominek Sun, 28 Dec 1997 21:38:28 -0500 + +radiusd-livingston (1.16-2) unstable; urgency=low + + * conflicts radiusd-merit + * Changed configuration directory from /etc/raddb -> /etc/radiusd-livingston + * Changed accounting logs from /var/log/raddacct -> /var/log/radiusd-livingston + * Changed build directory name so dpkg-source -x works + * i386 development environment: gcc-2.7.2.1-1, libc5-5.2.18-11, + libc5-dev-5.2.18-11, libgdbm1-1.7.3-11, binutils-2.6-2, and make-3.74-12 + + -- Chris Fearnley Thu, 26 Sep 1996 14:33:12 -0400 + +radiusd-livingston (1.16-1) unstable; urgency=low + + * initial release + * added Debian GNU/Linux packaging files Standards-Version 2.1.1.0 + * i386 development environment: gcc-2.7.2.1-1, libc5-5.2.18-11, + libc5-dev-5.2.18-11, libgdbm1-1.7.3-11, binutils-2.6-2, and make-3.74-12 + + -- Chris Fearnley Mon, 23 Sep 1996 19:40:05 -0400 + +Local variables: +mode: debian-changelog +End: + --- radiusd-livingston-2.1.orig/debian/copyright +++ radiusd-livingston-2.1/debian/copyright @@ -0,0 +1,90 @@ +This is the Debian GNU/Linux prepackaged version of radiusd, +an implementation of RADIUS (Remote Authentication Dial-In User +Service). Radiusd was written by Livingston Enterprises Inc. +, now part of Lucent Technologies Inc. + +It was constructed from sources downloaded from +ftp://ftp.livingston.com/pub/le/radius/radius21.tar.Z + +Modifications for Debian GNU/Linux Copyright (C) 1995-96 Chris Fearnley +and Copyright (C) 1999-2002 Paul Martin. + + +Upstream Author: Lucent Technologies Inc + +Copyright: + +From LICENSE: + +/*********************************************************************** + +RADIUS +Remote Authentication Dial In User Service + +Lucent Technologies Remote Access +4464 Willow Road +Pleasanton, CA 94588 + +Copyright 1992-1999 Lucent Technologies Inc. All rights reserved. + +Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are +met: + + * Redistributions of source code must retain the above copyright + notice, this list of conditions and the following disclaimer. + + * Redistributions in binary form must reproduce the above + copyright notice, this list of conditions and the following + disclaimer in the documentation and/or other materials provided + with the distribution. + + * All advertising materials mentioning features or use of this + software must display the following acknowledgement: + + This product includes software developed by Lucent + Technologies and its contributors. + + * Neither the name of the copyright holder nor the names of its + contributors may be used to endorse or promote products derived + from this software without specific prior written permission. + +This software is provided by the copyright holders and contributors +``as is'' and any express or implied warranties, including, but not +limited to, the implied warranties of merchantability and fitness for a +particular purpose are disclaimed. In no event shall the copyright +holder or contributors be liable for any direct, indirect, incidental, +special, exemplary, or consequential damages (including, but not +limited to, procurement of substitute goods or services; loss of use, +data, or profits; or business interruption) however caused and on any +theory of liability, whether in contract, strict liability, or tort +(including negligence or otherwise) arising in any way out of the use +of this software, even if advised of the possibility of such damage. + +************************************************************************/ + + + +From md5.c,md5.h: + +/* Copyright (C) 1991-2, RSA Data Security, Inc. Created 1991. All +rights reserved. + +License to copy and use this software is granted provided that it +is identified as the "RSA Data Security, Inc. MD5 Message-Digest +Algorithm" in all material mentioning or referencing this software +or this function. + +License is also granted to make and use derivative works provided +that such works are identified as "derived from the RSA Data +Security, Inc. MD5 Message-Digest Algorithm" in all material +mentioning or referencing the derived work. + +RSA Data Security, Inc. makes no representations concerning either +the merchantability of this software or the suitability of this +software for any particular purpose. It is provided "as is" +without express or implied warranty of any kind. + +These notices must be retained in any copies of any part of this +documentation and/or software. + */ --- radiusd-livingston-2.1.orig/debian/config +++ radiusd-livingston-2.1/debian/config @@ -0,0 +1,13 @@ +#!/bin/sh -e +# Source debconf library. +. /usr/share/debconf/confmodule + +if [ ! -f /etc/radiusd-livingston/clients ]; then + db_set medium radiusd-livingston/configure_clients || true + db_go +fi +if [ ! -f /etc/radiusd-livingston/users ]; then + db_set medium radiusd-livingston/configure_clients || true + db_go +fi + --- radiusd-livingston-2.1.orig/debian/po/templates.pot +++ radiusd-livingston-2.1/debian/po/templates.pot @@ -0,0 +1,47 @@ +# SOME DESCRIPTIVE TITLE. +# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER +# This file is distributed under the same license as the PACKAGE package. +# FIRST AUTHOR , YEAR. +# +#, fuzzy +msgid "" +msgstr "" +"Project-Id-Version: PACKAGE VERSION\n" +"Report-Msgid-Bugs-To: pm@debian.org\n" +"POT-Creation-Date: 2007-06-17 15:40-0400\n" +"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" +"Last-Translator: FULL NAME \n" +"Language-Team: LANGUAGE \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=CHARSET\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: note +#. Description +#: ../templates:1001 +msgid "Mandatory configuration of clients for the RADIUS server" +msgstr "" + +#. Type: note +#. Description +#: ../templates:1001 +msgid "" +"Please copy the example file /usr/share/doc/radiusd-livingston/examples/" +"clients to /etc/radiusd-livingston/clients and edit it, adding an entry for " +"each client system." +msgstr "" + +#. Type: note +#. Description +#: ../templates:2001 +msgid "Mandatory configuration of users for the RADIUS server" +msgstr "" + +#. Type: note +#. Description +#: ../templates:2001 +msgid "" +"Please copy the example file /usr/share/doc/radiusd-livingston/examples/" +"users to /etc/radiusd-livingston/users and edit it, adding an entry for each " +"user account." +msgstr "" --- radiusd-livingston-2.1.orig/debian/po/cs.po +++ radiusd-livingston-2.1/debian/po/cs.po @@ -0,0 +1,52 @@ +# SOME DESCRIPTIVE TITLE. +# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER +# This file is distributed under the same license as the PACKAGE package. +# FIRST AUTHOR , YEAR. +# +msgid "" +msgstr "" +"Project-Id-Version: radiusd-livingston\n" +"Report-Msgid-Bugs-To: pm@debian.org\n" +"POT-Creation-Date: 2007-06-17 15:40-0400\n" +"PO-Revision-Date: 2007-06-07 09:49+0200\n" +"Last-Translator: Miroslav Kure \n" +"Language-Team: Czech \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: note +#. Description +#: ../templates:1001 +msgid "Mandatory configuration of clients for the RADIUS server" +msgstr "Povinné nastavení klientů RADIUS serveru" + +#. Type: note +#. Description +#: ../templates:1001 +msgid "" +"Please copy the example file /usr/share/doc/radiusd-livingston/examples/" +"clients to /etc/radiusd-livingston/clients and edit it, adding an entry for " +"each client system." +msgstr "" +"Zkopírujete prosím ukázkový soubor /usr/share/doc/radiusd-livingston/" +"examples/clients jako /etc/radiusd-livingston/clients a přidejte do něj " +"záznam pro každý klientský systém." + +#. Type: note +#. Description +#: ../templates:2001 +msgid "Mandatory configuration of users for the RADIUS server" +msgstr "Povinné nastavení uživatelů RADIUS serveru" + +#. Type: note +#. Description +#: ../templates:2001 +msgid "" +"Please copy the example file /usr/share/doc/radiusd-livingston/examples/" +"users to /etc/radiusd-livingston/users and edit it, adding an entry for each " +"user account." +msgstr "" +"Zkopírujete prosím ukázkový soubor /usr/share/doc/radiusd-livingston/" +"examples/users jako /etc/radiusd-livingston/users a přidejte do něj záznam " +"pro každý uživatelský účet." --- radiusd-livingston-2.1.orig/debian/po/sv.po +++ radiusd-livingston-2.1/debian/po/sv.po @@ -0,0 +1,52 @@ +# Swedish translation for radiusd-livingston debconf. +# Copyright (C) 2007 Free Software Foundation, Inc. +# This file is distributed under the same license as the radiusd-livingston package. +# Daniel Nylander , 2007. +# +msgid "" +msgstr "" +"Project-Id-Version: radiusd-livingston\n" +"Report-Msgid-Bugs-To: pm@debian.org\n" +"POT-Creation-Date: 2007-06-17 15:40-0400\n" +"PO-Revision-Date: 2007-05-29 21:39+0100\n" +"Last-Translator: Daniel Nylander \n" +"Language-Team: Swedish \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=utf-8\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: note +#. Description +#: ../templates:1001 +msgid "Mandatory configuration of clients for the RADIUS server" +msgstr "Obligatorisk konfiguration av klienter för RADIUS-servern" + +#. Type: note +#. Description +#: ../templates:1001 +msgid "" +"Please copy the example file /usr/share/doc/radiusd-livingston/examples/" +"clients to /etc/radiusd-livingston/clients and edit it, adding an entry for " +"each client system." +msgstr "" +"Kopiera exempelfilen /usr/share/doc/radiusd-livingston/examples/clients " +"till /etc/radiusd-livingston/clients och redigera den. Lägg till en post för " +"varje klientsystem." + +#. Type: note +#. Description +#: ../templates:2001 +msgid "Mandatory configuration of users for the RADIUS server" +msgstr "Obligatorisk konfiguration av användare för RADIUS-servern" + +#. Type: note +#. Description +#: ../templates:2001 +msgid "" +"Please copy the example file /usr/share/doc/radiusd-livingston/examples/" +"users to /etc/radiusd-livingston/users and edit it, adding an entry for each " +"user account." +msgstr "" +"Kopiera exempelfilen /usr/share/doc/radiusd-livingston/examples/users till /" +"etc/radiusd-livingston/users och redigera den. Lägg till en post för varje " +"användarkonto." --- radiusd-livingston-2.1.orig/debian/po/de.po +++ radiusd-livingston-2.1/debian/po/de.po @@ -0,0 +1,52 @@ +# German translation of radiusd-livingston templates +# Helge Kreutzmann , 2007. +# This file is distributed under the same license as the radiusd-livingston package. +# +msgid "" +msgstr "" +"Project-Id-Version: radiusd-livingston\n" +"Report-Msgid-Bugs-To: pm@debian.org\n" +"POT-Creation-Date: 2007-06-17 15:40-0400\n" +"PO-Revision-Date: 2007-05-28 20:46+0200\n" +"Last-Translator: Helge Kreutzmann \n" +"Language-Team: German \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=ISO-8859-15\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: note +#. Description +#: ../templates:1001 +msgid "Mandatory configuration of clients for the RADIUS server" +msgstr "Zwingend erforderliche Konfiguration von Clients fr den RADIUS-Server" + +#. Type: note +#. Description +#: ../templates:1001 +msgid "" +"Please copy the example file /usr/share/doc/radiusd-livingston/examples/" +"clients to /etc/radiusd-livingston/clients and edit it, adding an entry for " +"each client system." +msgstr "" +"Bitte kopieren Sie die Beispieldatei /usr/share/doc/radiusd-livingston/" +"examples/clients nach /etc/radiusd-livingston/clients und fgen Sie darin " +"einen Eintrag fr jedes Client-System hinzu." + +#. Type: note +#. Description +#: ../templates:2001 +msgid "Mandatory configuration of users for the RADIUS server" +msgstr "" +"Zwingend erforderliche Konfiguration von Benutzern fr den RADIUS-Server" + +#. Type: note +#. Description +#: ../templates:2001 +msgid "" +"Please copy the example file /usr/share/doc/radiusd-livingston/examples/" +"users to /etc/radiusd-livingston/users and edit it, adding an entry for each " +"user account." +msgstr "" +"Bitte kopieren Sie die Beispieldatei /usr/share/doc/radiusd-livingston/" +"examples/users nach /etc/radiusd-livingston/users und fgen Sie darin einen " +"Eintrag fr jedes Benutzerkonto hinzu." --- radiusd-livingston-2.1.orig/debian/po/ar.po +++ radiusd-livingston-2.1/debian/po/ar.po @@ -0,0 +1,51 @@ +# translation of ar.po to Arabic +# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER +# This file is distributed under the same license as the PACKAGE package. +# +# Ossama M. Khayat , 2007. +msgid "" +msgstr "" +"Project-Id-Version: ar\n" +"Report-Msgid-Bugs-To: pm@debian.org\n" +"POT-Creation-Date: 2007-06-17 15:40-0400\n" +"PO-Revision-Date: 2007-06-02 01:40+0300\n" +"Last-Translator: Ossama M. Khayat \n" +"Language-Team: Arabic \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"X-Generator: KBabel 1.11.4\n" + +#. Type: note +#. Description +#: ../templates:1001 +msgid "Mandatory configuration of clients for the RADIUS server" +msgstr "التهيئة الإلزامية لعملاء خادم RADIUS" + +#. Type: note +#. Description +#: ../templates:1001 +msgid "" +"Please copy the example file /usr/share/doc/radiusd-livingston/examples/" +"clients to /etc/radiusd-livingston/clients and edit it, adding an entry for " +"each client system." +msgstr "" +"الرجاء نسخ الملف المثال /usr/share/doc/radiusd-livingston/examples/clients " +"إلى /etc/radiusd-livingston/clients وتحريره، وإضافة مُدخل لكل نظام عميل." + +#. Type: note +#. Description +#: ../templates:2001 +msgid "Mandatory configuration of users for the RADIUS server" +msgstr "التهيئة الإلزامية لمستخدمي خادم RADIUS" + +#. Type: note +#. Description +#: ../templates:2001 +msgid "" +"Please copy the example file /usr/share/doc/radiusd-livingston/examples/" +"users to /etc/radiusd-livingston/users and edit it, adding an entry for each " +"user account." +msgstr "" +"الرجاء نسخ الملف المثال /usr/share/doc/radiusd-livingston/examples/usersإلى /" +"etc/radiusd-livingston/users وتحريره، وإضافة مُدخل لكل حساب مستخدم." --- radiusd-livingston-2.1.orig/debian/po/it.po +++ radiusd-livingston-2.1/debian/po/it.po @@ -0,0 +1,52 @@ +# Italian (it) translation of debconf templates for radiusd-livingston +# Copyright (C) 2007 Free Software Foundation, Inc. +# This file is distributed under the same license as the radiusd-livingston package. +# Luca Monducci , 2007. +# +msgid "" +msgstr "" +"Project-Id-Version: radiusd-livingston italian debconf templates\n" +"Report-Msgid-Bugs-To: pm@debian.org\n" +"POT-Creation-Date: 2007-06-17 15:40-0400\n" +"PO-Revision-Date: 2007-06-02 15:15+0200\n" +"Last-Translator: Luca Monducci \n" +"Language-Team: Italian \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: note +#. Description +#: ../templates:1001 +msgid "Mandatory configuration of clients for the RADIUS server" +msgstr "Configurazione obbligatoria dei client del server RADIUS" + +#. Type: note +#. Description +#: ../templates:1001 +msgid "" +"Please copy the example file /usr/share/doc/radiusd-livingston/examples/" +"clients to /etc/radiusd-livingston/clients and edit it, adding an entry for " +"each client system." +msgstr "" +"Copiare il file di esempio /usr/share/doc/radiusd-livingston/examples/" +"clients in /etc/radiusd-livingston/clients e modificarlo, aggiungendo una " +"voce per ciascun client." + +#. Type: note +#. Description +#: ../templates:2001 +msgid "Mandatory configuration of users for the RADIUS server" +msgstr "Configurazione obbligatoria degli utenti del server RADIUS" + +#. Type: note +#. Description +#: ../templates:2001 +msgid "" +"Please copy the example file /usr/share/doc/radiusd-livingston/examples/" +"users to /etc/radiusd-livingston/users and edit it, adding an entry for each " +"user account." +msgstr "" +"Copiare il file di esempio /usr/share/doc/radiusd-livingston/examples/users " +"in /etc/radiusd-livingston/users e modificarlo, aggiungendo una voce per " +"ciascun account utente." --- radiusd-livingston-2.1.orig/debian/po/gl.po +++ radiusd-livingston-2.1/debian/po/gl.po @@ -0,0 +1,51 @@ +# Galician translation of radiusd-livingston's debconf templates +# This file is distributed under the same license as the radiusd-livingston package. +# Jacobo Tarrio , 2007. +# +msgid "" +msgstr "" +"Project-Id-Version: radiusd-livingston\n" +"Report-Msgid-Bugs-To: pm@debian.org\n" +"POT-Creation-Date: 2007-06-17 15:40-0400\n" +"PO-Revision-Date: 2007-05-28 20:31+0200\n" +"Last-Translator: Jacobo Tarrio \n" +"Language-Team: Galician \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: note +#. Description +#: ../templates:1001 +msgid "Mandatory configuration of clients for the RADIUS server" +msgstr "Configuración obrigatoria dos clientes do servidor RADIUS" + +#. Type: note +#. Description +#: ../templates:1001 +msgid "" +"Please copy the example file /usr/share/doc/radiusd-livingston/examples/" +"clients to /etc/radiusd-livingston/clients and edit it, adding an entry for " +"each client system." +msgstr "" +"Copie o ficheiro /usr/share/doc/radiusd-livingston/examples/clients de " +"exemplo a /etc/radiusd-livingston/clients e edíteo para engadir unha entrada " +"para cada sistema cliente." + +#. Type: note +#. Description +#: ../templates:2001 +msgid "Mandatory configuration of users for the RADIUS server" +msgstr "Configuración obrigatoria dos usuarios do servidor RADIUS" + +#. Type: note +#. Description +#: ../templates:2001 +msgid "" +"Please copy the example file /usr/share/doc/radiusd-livingston/examples/" +"users to /etc/radiusd-livingston/users and edit it, adding an entry for each " +"user account." +msgstr "" +"Copie o ficheiro /usr/share/doc/radiusd-livingston/examples/users de exemplo " +"a /etc/radiusd-livingston/users e edíteo para engadir unha entrada para cada " +"conta de usuario." --- radiusd-livingston-2.1.orig/debian/po/POTFILES.in +++ radiusd-livingston-2.1/debian/po/POTFILES.in @@ -0,0 +1 @@ +[type: gettext/rfc822deb] templates --- radiusd-livingston-2.1.orig/debian/po/pt.po +++ radiusd-livingston-2.1/debian/po/pt.po @@ -0,0 +1,53 @@ +# Portuguese translations for radiusd-livingston package. +# Copyright (C) 2007 Miguel Figueiredo +# This file is distributed under the same license as the radiusd-livingston package. +# Miguel Figueiredo , 2007. +# +msgid "" +msgstr "" +"Project-Id-Version: radiusd-livingston\n" +"Report-Msgid-Bugs-To: pm@debian.org\n" +"POT-Creation-Date: 2007-06-17 15:40-0400\n" +"PO-Revision-Date: 2007-05-30 19:33+0100\n" +"Last-Translator: Miguel Figueiredo \n" +"Language-Team: Portuguese \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" +"Plural-Forms: nplurals=2; plural=(n != 1);\n" + +#. Type: note +#. Description +#: ../templates:1001 +msgid "Mandatory configuration of clients for the RADIUS server" +msgstr "Configuração mandatória de clientes para o servidor RADIUS" + +#. Type: note +#. Description +#: ../templates:1001 +msgid "" +"Please copy the example file /usr/share/doc/radiusd-livingston/examples/" +"clients to /etc/radiusd-livingston/clients and edit it, adding an entry for " +"each client system." +msgstr "" +"Por favor copie o ficheiro de exemplo /usr/share/doc/radiusd-livingston/" +"examples/clients para /etc/radiusd-livingston/clients e edite-o, " +"acrescentando uma entrada para cada cliente do sistema." + +#. Type: note +#. Description +#: ../templates:2001 +msgid "Mandatory configuration of users for the RADIUS server" +msgstr "Configuração mandatória de utilizadores do servidor RADIUS" + +#. Type: note +#. Description +#: ../templates:2001 +msgid "" +"Please copy the example file /usr/share/doc/radiusd-livingston/examples/" +"users to /etc/radiusd-livingston/users and edit it, adding an entry for each " +"user account." +msgstr "" +"Por favor copie o ficheiro de exemplo /usr/share/doc/radiusd-livingston/" +"examples/users para /etc/radiusd-livingston/users e edite-o, acrescentando " +"uma entrada para cada conta de utilizador." --- radiusd-livingston-2.1.orig/debian/po/fr.po +++ radiusd-livingston-2.1/debian/po/fr.po @@ -0,0 +1,53 @@ +# French translation of radiusd-livingston's debconf screens +# Copyright (C) 2007 Paul Martin +# This file is distributed under the same license as the radiusd-livingston package. +# FIRST AUTHOR: cyrille.bollu@scarlet.be, 2007. +# +msgid "" +msgstr "" +"Project-Id-Version: radiusd-livingston\n" +"Report-Msgid-Bugs-To: pm@debian.org\n" +"POT-Creation-Date: 2007-06-17 15:40-0400\n" +"PO-Revision-Date: 2007-05-28 21:47+0100\n" +"Last-Translator: Cyrille Bollu \n" +"Language-Team: French \n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=utf-8\n" +"Content-Transfer-Encoding: 8bit\n" +"bollu@scarlet.be>\n" + +#. Type: note +#. Description +#: ../templates:1001 +msgid "Mandatory configuration of clients for the RADIUS server" +msgstr "Configuration obligatoire des clients RADIUS" + +#. Type: note +#. Description +#: ../templates:1001 +msgid "" +"Please copy the example file /usr/share/doc/radiusd-livingston/examples/" +"clients to /etc/radiusd-livingston/clients and edit it, adding an entry for " +"each client system." +msgstr "" +"Veuillez copier le fichier d'exemple /usr/share/doc/radiusd-livingston/" +"examples/clients vers /etc/radiusd-livingston/clients et modifiez-le en " +"ajoutant une entrée pour chaque système client." + +#. Type: note +#. Description +#: ../templates:2001 +msgid "Mandatory configuration of users for the RADIUS server" +msgstr "Configuration obligatoire des utilisateurs RADIUS" + +#. Type: note +#. Description +#: ../templates:2001 +msgid "" +"Please copy the example file /usr/share/doc/radiusd-livingston/examples/" +"users to /etc/radiusd-livingston/users and edit it, adding an entry for each " +"user account." +msgstr "" +"Veuillez copier le fichier d'exemple /usr/share/doc/radiusd-livingston/" +"examples/users vers /etc/radiusd-livingston/users et modifiez-le en ajoutant " +"une entrée pour chaque compte utilisateur."