--- xtradius-1.2.1-beta2.orig/doc/clients.5rad +++ xtradius-1.2.1-beta2/doc/clients.5rad @@ -9,7 +9,7 @@ is treated as comment and ignored. .PP Each line of the file contains two white-space delimited fields. -.IP client hostname +.IP "client hostname" The RADIUS clients hostname This may be a plain hostname, or a dotted-quad IP address. .IP secret --- xtradius-1.2.1-beta2.orig/doc/radclient.1 +++ xtradius-1.2.1-beta2/doc/radclient.1 @@ -33,7 +33,7 @@ File to read the attribute/value pairs from. If this is not specified, they are read from stdin. -.IP \-i \fIsource_ip\fP" +.IP "\-i \fIsource_ip\fP" The source IP address to use for sending radius packets. .IP "server[:port]" --- xtradius-1.2.1-beta2.orig/doc/naslist.5rad +++ xtradius-1.2.1-beta2/doc/naslist.5rad @@ -10,7 +10,7 @@ is treated as comment and ignored. .PP Each line of the file contains three white-space delimited fields. -.IP client hostname +.IP "client hostname" The NAS hostname. This may be a plain hostname, or a dotted-quad IP address. An entry called "DEFAULT" does exactly what you would expect it to do. --- xtradius-1.2.1-beta2.orig/src/Make.inc +++ xtradius-1.2.1-beta2/src/Make.inc @@ -4,7 +4,7 @@ # # -RADIUS_DIR = /etc/raddb +RADIUS_DIR = $(DESTDIR)/etc/raddb SERVER_OBJS = radiusd.o files.o acct.o pam.o version.o proxy.o \ exec.o auth.o timestr.o cache.o readusers.o @@ -132,16 +132,16 @@ $(INSTALL) -m 755 radlast $(BINDIR) $(INSTALL) -m 755 radtest $(BINDIR) # Install the man pages - @for section in 1 5 8; do \ - $(DINSTALL) $(MANDIR)/man$$section; \ - for manfile in ../doc/*.$$section*; do \ - echo $(INSTALL) -m 644 $$manfile $(MANDIR)/man$$section; \ - $(INSTALL) -m 644 $$manfile $(MANDIR)/man$$section; \ - done ; \ - done - test -n "$(DBM)" || rm -f $(MANDIR)/man8/builddbm.8rad - @if [ -d /etc/pam.d/ ] && [ ! -f /etc/pam.d/radius ]; then \ - $(INSTALL) -m 644 ../redhat/radiusd-pam /etc/pam.d/radius;\ + #@for section in 1 5 8; do \ + # $(DINSTALL) $(MANDIR)/man$$section; \ + # for manfile in ../doc/*.$$section*; do \ + # echo $(INSTALL) -m 644 $$manfile $(MANDIR)/man$$section; \ + # $(INSTALL) -m 644 $$manfile $(MANDIR)/man$$section; \ + # done ; \ + #done + #test -n "$(DBM)" || rm -f $(MANDIR)/man8/builddbm.8rad + @if [ -d $(DESTDIR)/etc/pam.d/ ] && [ ! -f $(DESTDIR)/etc/pam.d/radius ]; then \ + $(INSTALL) -m 644 ../scripts/radiusd-pam $(DESTDIR)/etc/pam.d/radius;\ fi # Install the config files @echo; echo "Creating/updating files in $(RADIUS_DIR)"; \ --- xtradius-1.2.1-beta2.orig/src/Makefile +++ xtradius-1.2.1-beta2/src/Makefile @@ -31,8 +31,8 @@ INSTALL = install DINSTALL = install -d -BINDIR = /usr/local/bin -SBINDIR = /usr/local/sbin -MANDIR = /usr/local/man +BINDIR = $(DESTDIR)/usr/bin +SBINDIR = $(DESTDIR)/usr/sbin +MANDIR = $(DESTDIR)/usr/share/man include Make.inc --- xtradius-1.2.1-beta2.orig/src/radiusd.h +++ xtradius-1.2.1-beta2/src/radiusd.h @@ -202,7 +202,6 @@ extern char *radwtmp_path; extern UINT4 expiration_seconds; extern UINT4 warning_seconds; -extern int radius_pid; extern int use_dbm; extern int use_dns; extern int use_wtmp; --- xtradius-1.2.1-beta2.orig/contrib/authmysql/authmysql.c +++ xtradius-1.2.1-beta2/contrib/authmysql/authmysql.c @@ -34,6 +34,8 @@ char *salt; char *pw_string; +char *username; + int rc; int command_length; @@ -55,15 +57,25 @@ /* +Escape username +for SQL usage + +*/ + + username = (char *) malloc((strlen(argv[1])*2 + 1)*sizeof(char)); + mysql_real_escape_string(&mysql, username, argv[1], strlen(argv[1])); + +/* + Lets construct the SQL query along memory allocation */ - command_length = strlen(SQL_SELECT) + strlen(argv[1]) + strlen(argv[2]); + command_length = strlen(SQL_SELECT) + strlen(username) + 1; command = (char *) malloc(command_length*sizeof(char)); - sprintf(command,SQL_SELECT,argv[1]); + sprintf(command,SQL_SELECT,username); /* @@ -82,7 +94,7 @@ if ( !row ) { - fprintf(stdout, "User '%s' does not exist\n", argv[1]); + fprintf(stdout, "User '%s' does not exist\n", username); exit(1); } /* --- xtradius-1.2.1-beta2.orig/scripts/rc.radiusd +++ xtradius-1.2.1-beta2/scripts/rc.radiusd @@ -48,12 +48,34 @@ if [ -x "$RADRELAY" ] &&[ -n "$RADRELAY_ARGS" ] then [ -z "$2" ] && echo -n " radrelay" - start-stop-daemon --stop --quiet \ - --pidfile /var/run/$NAME2.pid --exec $RADRELAY + pid=$(cat /var/run/$NAME2.pid 2> /dev/null) + if [ "$pid" -gt 0 ]; then + count=10 + while [ $count -gt 0 ] && kill -0 "$pid" 2> /dev/null ; do + start-stop-daemon --stop --quiet \ + --pidfile /var/run/$NAME2.pid --exec $RADRELAY + count=$(( $count - 1 )) + sleep 1 + done + if kill -0 "$pid" 2> /dev/null; then + kill -9 "$pid" + fi + fi fi [ -z "$2" ] && echo -n " radiusd" - start-stop-daemon --stop --quiet \ - --pidfile /var/run/$NAME1.pid --exec $RADIUSD + pid=$(cat /var/run/$NAME1.pid 2> /dev/null) + if [ "$pid" -gt 0 ]; then + count=10 + while [ $count -gt 0 ] && kill -0 "$pid" 2> /dev/null ; do + start-stop-daemon --stop --quiet \ + --pidfile /var/run/$NAME1.pid --exec $RADIUSD + count=$(( $count - 1 )) + sleep 1 + done + if kill -0 "$pid" 2> /dev/null; then + kill -9 "$pid" + fi + fi [ -z "$2" ] && echo "." ;; reload|force-reload) --- xtradius-1.2.1-beta2.orig/scripts/radiusd.cron.daily +++ xtradius-1.2.1-beta2/scripts/radiusd.cron.daily @@ -14,6 +14,12 @@ savelog -g adm -m 640 -c 3 radius.log > /dev/null fi +if [ -f radwatch.log ] +then + savelog -g adm -m 640 -c 3 radwatch.log > /dev/null + /etc/init.d/radiusd restart > /dev/null +fi + # Rotate "details" files. if [ ! -d radacct/. ] then --- xtradius-1.2.1-beta2.orig/debian/control +++ xtradius-1.2.1-beta2/debian/control @@ -0,0 +1,25 @@ +Source: xtradius +Section: net +Priority: optional +Maintainer: Marco Nenciarini +Build-Depends: debhelper (>> 5.0.0) +Standards-Version: 3.6.2.0 + +Package: xtradius +Architecture: any +Depends: ${shlibs:Depends} +Replaces: radius-server +Provides: radius-server +Conflicts: radius-server +Suggests: snmp, rusers +Description: Free radius server implementation + XtRadius is a free radius server implementation. The main feature is that + it can handle user accounting and authentication information via external + fully configurable scripts. + . + The Radius server is based on Cistron Radius 1.6.6. You can write script to + make you own auth and/or accounting routines without having to patch the + main server. + . + Communication between XtRadius server and external scripts can be made + using command line parameters or via environment variables. --- xtradius-1.2.1-beta2.orig/debian/rules +++ xtradius-1.2.1-beta2/debian/rules @@ -0,0 +1,73 @@ +#!/usr/bin/make -f + +# Uncomment this to turn on verbose mode. +#export DH_VERBOSE=1 + +configure: configure-stamp +configure-stamp: + dh_testdir + + touch configure-stamp + +build: configure-stamp build-stamp +build-stamp: + dh_testdir + + ( cd src && $(MAKE) ) + + touch build-stamp + +clean: + dh_testdir + dh_testroot + rm -f build-stamp configure-stamp + + -( cd src && $(MAKE) clean ) + + dh_clean + +install: build + dh_testdir + dh_testroot + dh_clean -k + dh_installdirs + + (cd src && $(MAKE) install DESTDIR=$(CURDIR)/debian/xtradius ) + install -m 755 scripts/rc.radiusd $(CURDIR)/debian/xtradius/etc/init.d/radiusd + install -m 755 scripts/radwatch $(CURDIR)/debian/xtradius/usr/sbin/radwatch + install -m 755 scripts/radiusd.cron.daily \ + $(CURDIR)/debian/xtradius/etc/cron.daily/radiusd + install -m 755 scripts/radiusd.cron.monthly \ + $(CURDIR)/debian/xtradius/etc/cron.monthly/radiusd + perl -pi -e 's#/usr/local/sbin#/usr/sbin#' \ + $(CURDIR)/debian/xtradius/usr/sbin/radwatch $(CURDIR)/debian/xtradius/etc/init.d/radiusd + perl -pi -e 's#Cistron radius server#Advanced radius server#' \ + $(CURDIR)/debian/xtradius/etc/init.d/radiusd + + mv $(CURDIR)/debian/xtradius/etc/raddb/users.xtr $(CURDIR)/debian/xtradius/usr/share/doc/xtradius/examples + +# Build architecture-independent files here. +binary-indep: build install + +# Build architecture-dependent files here. +binary-arch: build install + dh_testdir + dh_testroot + dh_installdocs + dh_installexamples + dh_installmenu + dh_installinit -o --name=radiusd + dh_installman + dh_installchangelogs doc/ChangeLog + dh_link + dh_strip + dh_compress + dh_fixperms + dh_installdeb + dh_shlibdeps + dh_gencontrol + dh_md5sums + dh_builddeb + +binary: binary-indep binary-arch +.PHONY: build clean binary-indep binary-arch binary install configure --- xtradius-1.2.1-beta2.orig/debian/watch +++ xtradius-1.2.1-beta2/debian/watch @@ -0,0 +1,3 @@ +version=3 +opts=dversionmangle=s/-beta/beta/ \ +http://sf.net/xtradius/xtradius-(.*)\.tgz --- xtradius-1.2.1-beta2.orig/debian/changelog +++ xtradius-1.2.1-beta2/debian/changelog @@ -0,0 +1,57 @@ +xtradius (1.2.1-beta2-5) unstable; urgency=low + + * Switch to dh_installinit to install /etc/init.d/radiusd + (Closes: #359939) + * Bump debhelper compatibility level to 5. + No changes required. + + -- Marco Nenciarini Thu, 30 Mar 2006 00:34:17 +0200 + +xtradius (1.2.1-beta2-4) unstable; urgency=low + + * Updated watch file to use the qa.debian.org redirector + + -- Marco Nenciarini Mon, 23 Jan 2006 13:37:56 +0100 + +xtradius (1.2.1-beta2-3) unstable; urgency=low + + * Updated FSF address in the copyright files + * Corrected some manpages to avoid warnings and make lintian happier + * Added manpage for checkrad(1) + + -- Marco Nenciarini Sat, 14 Jan 2006 12:29:54 +0100 + +xtradius (1.2.1-beta2-2) unstable; urgency=low + + * Bumped Standards Version to 3.6.2 + * Added username escape code in /contrib/authmysql/authmysql.c + Closes: #307796: sql injection in authmysql + * Applied patch from Andreas Jochens + Closes: #297294: FTBFS (amd64/gcc-4.0): static declaration of + 'radius_pid' follows non-static declaration + * Added termination check to /etc/init.d/radiusd + Closes: #155104: xtradius falls into death/restart cycle every 10 + seconds (possibly under log rotation) + * Added watch file + + -- Marco Nenciarini Wed, 22 Jun 2005 15:45:00 +0200 + +xtradius (1.2.1-beta2-1) unstable; urgency=low + + * New upstream release + * Now provides, conflicts and replaces radius-server + (Closes: #148324,#153981,#153986) + * PAM: now install debian configuration instead of red-hat one + * Moved /etc/raddb/users.xtr in examples directory + + -- Marco Nenciarini Wed, 24 Jul 2002 18:50:45 +0200 + +xtradius (1.1-pre2-1) unstable; urgency=low + + * Initial Release. (Closes: #114536) + + -- Marco Nenciarini Thu, 4 Oct 2001 14:36:55 +0000 + +Local variables: +mode: debian-changelog +End: --- xtradius-1.2.1-beta2.orig/debian/xtradius.postinst +++ xtradius-1.2.1-beta2/debian/xtradius.postinst @@ -0,0 +1,34 @@ +#!/bin/sh + +case "$1" in + configure) + if [ ! -f /var/log/radius.log ] + then + touch /var/log/radius.log + chmod 640 /var/log/radius.log + chown root:adm /var/log/radius.log + fi + if [ ! -f /var/log/radwatch.log ] + then + touch /var/log/radwatch.log + chmod 640 /var/log/radwatch.log + chown root:adm /var/log/radwatch.log + fi + if [ ! -f /var/log/radwtmp ] + then + touch /var/log/radwtmp + chmod 644 /var/log/radwtmp + chown root:adm /var/log/radius.log + fi + ;; + abort-upgrade) + ;; + abort-remove) + ;; + abort-deconfigure) + ;; +esac + +#DEBHELPER# + +exit 0 --- xtradius-1.2.1-beta2.orig/debian/xtradius.manpages +++ xtradius-1.2.1-beta2/debian/xtradius.manpages @@ -0,0 +1,12 @@ +doc/clients.5rad +doc/naslist.5rad +doc/radclient.1 +doc/radiusd.8 +doc/radlast.1 +doc/radrelay.8 +doc/radtest.1 +doc/raduse.1 +doc/radwatch.8 +doc/radwho.1 +doc/radzap.1 +debian/checkrad.1 --- xtradius-1.2.1-beta2.orig/debian/compat +++ xtradius-1.2.1-beta2/debian/compat @@ -0,0 +1 @@ +5 --- xtradius-1.2.1-beta2.orig/debian/xtradius.dirs +++ xtradius-1.2.1-beta2/debian/xtradius.dirs @@ -0,0 +1,7 @@ +etc/init.d +etc/pam.d +var/log/radacct +etc/cron.daily +etc/cron.monthly +usr/share/doc/xtradius +usr/share/doc/xtradius/examples --- xtradius-1.2.1-beta2.orig/debian/xtradius.docs +++ xtradius-1.2.1-beta2/debian/xtradius.docs @@ -0,0 +1,13 @@ +doc/README +doc/README.cisco +doc/README.CVX +doc/README.makefile +doc/README.pam +doc/README.proxy +doc/README.radrelay +doc/README.simul +doc/README.tunnel +doc/README.usersfile +doc/README.xtradius +doc/README.Y2K +doc/FAQ.txt --- xtradius-1.2.1-beta2.orig/debian/checkrad.1 +++ xtradius-1.2.1-beta2/debian/checkrad.1 @@ -0,0 +1,45 @@ +.TH CHECKRAD 5 "13 January 2006" +.SH NAME +checkrad -- See if a user is (still) logged in on a certain port. +.SH SYNOPSIS +.B checkrad +.RB [ -d ] +.I nas-type nas-ip nas-port login session-id +.SH DESCRIPTION +\fBCheckrad\fP is used by the radius server to check if its idea of a user logged in +on a certain port/NAS is correct if a double login is detected. + +Returns: 0 = no duplicate, 1 = duplicate, >1 = error. + +.SH OPTIONS + +.IP -d +Enable printing of debugging informations. + +.IP nas-type +Type of port/NAS. Can be one of livingston, cisco cvx, multitech, computone, +max40xx, ascend, max40xx_snmp, portslave, tc, pathras, pr3000, pr4000, +patton, digitro, usrhiper, netserver, versanet, bay, other. + +The "other" type cause \fBcheckrad\fP to skip any check and always returns 1. + +.IP nas-ip +IP address of the NAS to check. + +.IP nas-port +The NAS port to check (may be ignored by some nas-type). + +.IP login +The login name to check. + +.IP session-id +Session to check. (actually ignored by all nas-type) + +.SH SEE ALSO +naslist(5) + +.SH AUTHOR +Written by Miquel van Smoorenburg, miquels@cistron.nl. + +This manual page was written by Marco Nenciarini for +the Debian project (but may be used by others). --- xtradius-1.2.1-beta2.orig/debian/xtradius.postrm +++ xtradius-1.2.1-beta2/debian/xtradius.postrm @@ -0,0 +1,19 @@ +#!/bin/sh + +case "$1" in + purge) + rm -fr /etc/raddb 2>/dev/null + cd /var/log + rm -f radius.log radius.log.0 radius.log.*.gz + rm -f radwatch.log radwatch.log.0 radwatch.log.*.gz + rm -f radwtmp radwtmp.0 radwtmp.*.gz + rm -f radutmp radwatch.log + [ -d radacct ] && rm -rf radacct + ;; + *) + ;; +esac + +#DEBHELPER# + +exit 0 --- xtradius-1.2.1-beta2.orig/debian/copyright +++ xtradius-1.2.1-beta2/debian/copyright @@ -0,0 +1,30 @@ +This package was debianized by Marco Nenciarini on +Sat, 12 May 2001 09:19:17 +0000. + +It was downloaded from http://www.xtradius.com/ + +Upstream Authors for XtRadius code are Natalino Picone , +Matteo Colombo , Michael J. Maravillo + +The original Cistron Radius code was written by Miquel Van Smoorenburg + +License: + + This package is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 dated June, 1991. + + This package is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this package; if not, write to the Free Software + Free Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, + MA 02110-1301, USA. + +On Debian GNU/Linux systems, the complete text of the GNU General +Public License can be found in `/usr/share/common-licenses/GPL'. + +