From owner-freebsd-ports  Mon Nov  1 21: 0: 6 1999
Delivered-To: freebsd-ports@freebsd.org
Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.21])
	by hub.freebsd.org (Postfix) with ESMTP id 9AF9114F1E
	for <freebsd-ports@FreeBSD.org>; Mon,  1 Nov 1999 21:00:01 -0800 (PST)
	(envelope-from gnats@FreeBSD.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.9.3/8.9.2) id VAA67753;
	Mon, 1 Nov 1999 21:00:01 -0800 (PST)
	(envelope-from gnats@FreeBSD.org)
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id 8CCD314EC7; Mon,  1 Nov 1999 20:50:44 -0800 (PST)
Message-Id: <19991102045044.8CCD314EC7@hub.freebsd.org>
Date: Mon,  1 Nov 1999 20:50:44 -0800 (PST)
From: mike@sentex.net
To: freebsd-gnats-submit@freebsd.org
X-Send-Pr-Version: www-1.0
Subject: ports/14654: Bug and Security fix update for the Cistron RADIUS port 
Sender: owner-freebsd-ports@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org


>Number:         14654
>Category:       ports
>Synopsis:       Bug and Security fix update for the Cistron RADIUS port
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-ports
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Mon Nov  1 21:00:01 PST 1999
>Closed-Date:
>Last-Modified:
>Originator:     Mike Tancsa
>Release:        3.3-STABLE
>Organization:
Sentex Communications
>Environment:
FreeBSD 3.3-STABLE #0: Wed Oct 27 12:53:24 EDT 1999
>Description:
Their is a new version of the Cistron RADIUS that has a number of bug and security fixes. I would also like to suggest a small change as to how the port gets installed.  When newer versions of the program get installed, the working configuration files are overwritten with the default sample files.  Like would be easier if the defaults were installed as .sample files, as in the patch below which also contains the patch to the newer/current version. 
To quote from the changelog
-------------begin quote--------------
radiusd-cistron (1.6.1) cistron; urgency=high

  * Fix all strcpy(), strcat(), sprintf() and sccanf() calls
    for buffer overflows.
------------end quote------------

>How-To-Repeat:

>Fix:
--- Makefile.orig       Mon Nov  1 23:22:13 1999
+++ Makefile    Mon Nov  1 23:37:08 1999
@@ -6,7 +6,7 @@
 # $FreeBSD: ports/net/radiusd-cistron/Makefile,v 1.8 1999/08/30 14:23:57 peter Exp $
 #
 
-DISTNAME=      radiusd-cistron-1.5.4.3
+DISTNAME=      radiusd-cistron-1.6.1-stable
 CATEGORIES=    net
 MASTER_SITES=  ftp://ftp.cistron.nl/pub/people/miquels/radius/
 
@@ -27,8 +27,8 @@
        cd ${WRKSRC}/src && ${SETENV} ${MAKE_ENV} ${MAKE} -f ${MAKEFILE} install
        @${MKDIR} -m 700 ${PREFIX}/etc/raddb
        @${MKDIR} -m 700 /var/log/radacct
-       ${INSTALL_DATA} ${WRKSRC}/raddb/clients ${PREFIX}/etc/raddb
-       ${INSTALL_DATA} ${WRKSRC}/raddb/dictionary ${PREFIX}/etc/raddb
+       ${INSTALL_DATA} ${WRKSRC}/raddb/clients ${PREFIX}/etc/raddb/clients.sample
+       ${INSTALL_DATA} ${WRKSRC}/raddb/dictionary ${PREFIX}/etc/raddb/dictionary.sample
        ${INSTALL_DATA} ${WRKSRC}/raddb/dictionary.ascend ${PREFIX}/etc/raddb
        ${INSTALL_DATA} ${WRKSRC}/raddb/dictionary.cisco ${PREFIX}/etc/raddb
        ${INSTALL_DATA} ${WRKSRC}/raddb/dictionary.compat ${PREFIX}/etc/raddb
@@ -37,12 +37,12 @@
        ${INSTALL_DATA} ${WRKSRC}/raddb/dictionary.tunnel ${PREFIX}/etc/raddb
        ${INSTALL_DATA} ${WRKSRC}/raddb/dictionary.usr ${PREFIX}/etc/raddb
        ${INSTALL_DATA} ${WRKSRC}/raddb/dictionary.versanet ${PREFIX}/etc/raddb
-       ${INSTALL_DATA} ${WRKSRC}/raddb/hints ${PREFIX}/etc/raddb
-       ${INSTALL_DATA} ${WRKSRC}/raddb/huntgroups ${PREFIX}/etc/raddb
-       ${INSTALL_DATA} ${WRKSRC}/raddb/naslist ${PREFIX}/etc/raddb
-       ${INSTALL_DATA} ${WRKSRC}/raddb/naspasswd ${PREFIX}/etc/raddb
-       ${INSTALL_DATA} ${WRKSRC}/raddb/realms ${PREFIX}/etc/raddb
-       ${INSTALL_DATA} ${WRKSRC}/raddb/users ${PREFIX}/etc/raddb
+       ${INSTALL_DATA} ${WRKSRC}/raddb/hints ${PREFIX}/etc/raddb/hints.sample
+       ${INSTALL_DATA} ${WRKSRC}/raddb/huntgroups ${PREFIX}/etc/raddb/huntgroups.sample
+       ${INSTALL_DATA} ${WRKSRC}/raddb/naslist ${PREFIX}/etc/raddb/naslist.sample
+       ${INSTALL_DATA} ${WRKSRC}/raddb/naspasswd ${PREFIX}/etc/raddb/naspasswd.sample
+       ${INSTALL_DATA} ${WRKSRC}/raddb/realms ${PREFIX}/etc/raddb/realms.sample
+       ${INSTALL_DATA} ${WRKSRC}/raddb/users ${PREFIX}/etc/raddb/users.sample
 .if !defined(NOPORTDOCS)
        @${MKDIR} ${PREFIX}/share/doc/radiusd-cistron
        ${INSTALL_DATA} ${WRKSRC}/COPYRIGHT.Cistron ${PREFIX}/share/doc/radiusd-cistron

>Release-Note:
>Audit-Trail:
>Unformatted:


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-ports" in the body of the message